vpnstuff.net Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.vpnstuff.net/
Effective URL:
https://vpnstuff.net/
Submission: On February 16 via automatic, source certstream-suspicious (February 16th 2023, 6:08:47 pm UTC) — Scanned from NL

Summary HTTP 172 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 20 IPs in 9 countries across 27 domains to perform 172 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is vpnstuff.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 12th 2022. Valid for: a year.

This is the only time vpnstuff.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 28	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:400d:80e::200a	15169 (GOOGLE) (GOOGLE)
51	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
8	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
6 10	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
6 6	3.64.121.24 3.64.121.24	16509 (AMAZON-02) (AMAZON-02)
1 18	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2 2	23.203.125.189 23.203.125.189	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	2600:9000:20e... 2600:9000:20eb:7e00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:d8ac:1edd:aee1:32b6	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.5.141 37.157.5.141	198622 (ADFORM) (ADFORM)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.86.138.155 185.86.138.155	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
172	20

28 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.vpnstuff.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vpnstuff.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:400d:807::2004 (Ireland) 6 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.64.121.24 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-121-24.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.217.18.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.203.125.189 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-189.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:7e00:1b:5138:8a40:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:d8ac:1edd:aee1:32b6 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.141 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.248.245.213 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.25.185 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.21 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 137	526 KB
43	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	249 KB
28	vpnstuff.net 1 redirects www.vpnstuff.net vpnstuff.net	349 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com	276 KB
12	google.com 6 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
11	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	9 KB
6	bidswitch.net 6 redirects x.bidswitch.net — Cisco Umbrella Rank: 284	3 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	287 KB
4	3lift.com 4 redirects eb2.3lift.com — Cisco Umbrella Rank: 337	2 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 385	3 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 421	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 731	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 590	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 734 s.tribalfusion.com — Cisco Umbrella Rank: 1800	1 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 712	491 B
2	smaato.net 2 redirects s.ad.smaato.net — Cisco Umbrella Rank: 709	915 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1874	1 KB
2	google.nl adservice.google.nl — Cisco Umbrella Rank: 14363	696 B
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2673 pixel.wp.com — Cisco Umbrella Rank: 2492	3 KB
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 788	75 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 316	519 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 643	464 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 422	758 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2745	104 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1408	351 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1124	213 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 863	602 B
172	27

	Domain	Requested by
31	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
27	vpnstuff.net	vpnstuff.net
25	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
20	pagead2.googlesyndication.com	vpnstuff.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
18	cm.g.doubleclick.net	1 redirects vpnstuff.net googleads.g.doubleclick.net
11	fonts.googleapis.com	vpnstuff.net googleads.g.doubleclick.net
10	www.google.com	6 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
9	www.gstatic.com	googleads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com
6	x.bidswitch.net	6 redirects
6	www.googletagservices.com	googleads.g.doubleclick.net
4	eb2.3lift.com	4 redirects
2	secure.adnxs.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	c1.adform.net	2 redirects
2	onetag-sys.com	1 redirects vpnstuff.net
2	s.ad.smaato.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.nl	pagead2.googlesyndication.com
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	pixel.wp.com	vpnstuff.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.wp.com	vpnstuff.net
1	www.vpnstuff.net	1 redirects
172	34

This site contains links to these domains. Also see Links.

Domain
wordpress.org
www.idtheme.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-12` - `2023-07-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://vpnstuff.net/
Frame ID: C2EFF591EDCAD4660367F2951CA9E46D
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20190131/zrt_lookup.html
Frame ID: 53DDC3197AC408A92A852ED1D60F5E8D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&adk=1812271804&adf=3025194257&lmt=1676501243&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fvpnstuff.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570921883&bpp=7&bdt=1137&idt=199&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7966415896443&frm=20&pv=2&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=222
Frame ID: 0A5D9017910A1BDCEDD5AE3DCF1FF70F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=280&adk=2461418008&adf=2431340586&pi=t.aa~a.108489206~rp.4&w=1015&fwrn=4&fwrnh=100&lmt=1676501243&rafmt=1&to=qs&pwprc=5907331795&format=1015x280&url=https%3A%2F%2Fvpnstuff.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570921890&bpp=2&bdt=1144&idt=220&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=293&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AECwAysIoq&p=https%3A//vpnstuff.net&dtd=222
Frame ID: EF371003B71164A91BAB97C8D7B33B50
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=972752042&pi=t.aa~a.2691541445~rp.4&w=630&lmt=1676501243&nsk=2c9f9172&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=2&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280&nras=3&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=elwgBxkejK&p=https%3A//vpnstuff.net&dtd=21
Frame ID: 4BFC870392225ECDD05C6E0367DD9409
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=4068077400&pi=t.aa~a.8993076~rp.4&w=630&lmt=1676501243&nsk=20926e7b&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121&nras=4&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V4XbneyTCx&p=https%3A//vpnstuff.net&dtd=25
Frame ID: 0BCB3A1F418E066CD42E4333BFB8BA39
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=1307324834&pi=t.aa~a.1751628239~rp.4&w=630&lmt=1676501243&nsk=ae8678aa&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1943&idt=0&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121%2C630x121&nras=5&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5tIRWrdlYr&p=https%3A//vpnstuff.net&dtd=29
Frame ID: 475F13B851238F3C27FE6EC3FA29B8E8
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2182EBFF094B01C0BF1E886741DFF28B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5CC782EA70EF14B20C4A06FD0749E982
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D64D959040CD7546D4F247C939A695A0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 663B683FF0AF6D3C261693F9F8A2C521
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 9E300095C2D240B43008E7505976EE8C
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ppuJb3acSbwPUrk6AP0eyfY-LTznD88jtSaAQ1bhjg8.js
Frame ID: 01B24ACF55BD2442A83DA06709E0CF5B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ppuJb3acSbwPUrk6AP0eyfY-LTznD88jtSaAQ1bhjg8.js
Frame ID: B59F3560CED1F66360C31F47556EC4A5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B5F23E4F1E5E931EA473AEDF88BA3642
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ppuJb3acSbwPUrk6AP0eyfY-LTznD88jtSaAQ1bhjg8.js
Frame ID: CAF3A9992AD19713D106F2273F3EF1BB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9D176F8754E02D44F62DC18DA8F12459
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2136F3548D52B0BDAA6D70A8DCD5FE54
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 93DE54A5A51D5EE9A0ED53EF34623F3E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DA3DA0700FA046639B3FF1F15768C91E
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B2AE2F7EF278C5896503555245BF6DFB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 300D713CFF795EA9BA9D6C4BC8808610
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ppuJb3acSbwPUrk6AP0eyfY-LTznD88jtSaAQ1bhjg8.js
Frame ID: 71E604524F847C84A1125141C5BD6C2E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ppuJb3acSbwPUrk6AP0eyfY-LTznD88jtSaAQ1bhjg8.js
Frame ID: 33EEDAA859FE0E7492243911F411D6EA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ppuJb3acSbwPUrk6AP0eyfY-LTznD88jtSaAQ1bhjg8.js
Frame ID: A90D86F195E4FEB73F3652E9D72A54F1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 206D42922E89E0098F55B917E2F44AD1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 66F9DB9D9EC9C5C38F613C5FB021246A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VPNStuff.net - all about VPNs

Page URL History Show full URLs

https://www.vpnstuff.net/ HTTP 301
https://vpnstuff.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

172
Requests

91 %
HTTPS

52 %
IPv6

27
Domains

34
Subdomains

20
IPs

9
Countries

1702 kB
Transfer

4189 kB
Size

30
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

URL: https://www.idtheme.com/superfast/
Title: Theme: Superfast

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.vpnstuff.net/ HTTP 301
https://vpnstuff.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 84

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 87

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 135

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBfedRVQMdkq5Ipz_h9vFW8&google_cver=1&google_push=Aa02lx_KFK7CVt5dza_Fx0WBonoSl7e1qwvLfyhKXgIyiUovVzfBJrkpIcmEs7aW7bdH5mmsgFtJwjvJ3k452IhrmWjax5401naNP1c HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBfedRVQMdkq5Ipz_h9vFW8&google_cver=1&google_push=Aa02lx_KFK7CVt5dza_Fx0WBonoSl7e1qwvLfyhKXgIyiUovVzfBJrkpIcmEs7aW7bdH5mmsgFtJwjvJ3k452IhrmWjax5401naNP1c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_KFK7CVt5dza_Fx0WBonoSl7e1qwvLfyhKXgIyiUovVzfBJrkpIcmEs7aW7bdH5mmsgFtJwjvJ3k452IhrmWjax5401naNP1c&google_hm=GaZXSGaUTvuR92lahmVDTg==

Request Chain 136

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx8Qx3IGat68Owrg63FWM0yuuil2o0zwIdlAV8kJGj9sxsNUSozgqlLRA_KCWMCn1I4lAtWnisJ_eFqihe9F5MiqztLmNkX-LA&google_gid=CAESED8GWRPYmeX1_Rsk0iYn0ho&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx8Qx3IGat68Owrg63FWM0yuuil2o0zwIdlAV8kJGj9sxsNUSozgqlLRA_KCWMCn1I4lAtWnisJ_eFqihe9F5MiqztLmNkX-LA&google_gid=CAESED8GWRPYmeX1_Rsk0iYn0ho&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAyMTYxODA4NDQwMDA0OTUwMzM4NzEzMg%3D%3D&google_push=Aa02lx8Qx3IGat68Owrg63FWM0yuuil2o0zwIdlAV8kJGj9sxsNUSozgqlLRA_KCWMCn1I4lAtWnisJ_eFqihe9F5MiqztLmNkX-LA

Request Chain 139

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGNen0xvdLew-rLxKQydEz8&google_cver=1&google_push=Aa02lx8uIVKqmJDVODrAGb0iBG9rBoSdZZayv6EKpUFhC-GonzgFIaaS8a11a4LsjhUn97fyN2Kc8zJzBcoRhFoc6vd9BEGziZ_57Sk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8uIVKqmJDVODrAGb0iBG9rBoSdZZayv6EKpUFhC-GonzgFIaaS8a11a4LsjhUn97fyN2Kc8zJzBcoRhFoc6vd9BEGziZ_57Sk

Request Chain 140

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHmNiN8Pc2N3myVerpeS8xo&google_cver=1&google_push=Aa02lx9d8aPxQqwe2z9oZYqCVmkKNoDGjKvpG9qhjjkf6wK4lxPmr3HtLlGSS1OEk4WMJm-vqwc-qnaRE3CvhpeHYCgaCJM7mfMAXwa_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9d8aPxQqwe2z9oZYqCVmkKNoDGjKvpG9qhjjkf6wK4lxPmr3HtLlGSS1OEk4WMJm-vqwc-qnaRE3CvhpeHYCgaCJM7mfMAXwa_ HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 141

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBbD3mHVAkLcX41aX88KMAg&google_cver=1&google_push=Aa02lx9RBQNaC-569XY-ScM-GBPTPqcaLqZQVorvB9fPtx4iP05QoaKxcbX3Ls4kHcBtRNI0dqeUB94Guo0sMMsQxmEGppSbWLdxxxR- HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBbD3mHVAkLcX41aX88KMAg&google_cver=1&google_push=Aa02lx9RBQNaC-569XY-ScM-GBPTPqcaLqZQVorvB9fPtx4iP05QoaKxcbX3Ls4kHcBtRNI0dqeUB94Guo0sMMsQxmEGppSbWLdxxxR- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=19a65748-6694-4efb-91f7-695a8665434e&%%GOOGLE_PUSH_PAIR%%

Request Chain 144

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKGjR7HYfgP4FGxZt5EtniM&google_cver=1&google_push=Aa02lx-24esGfufJaNTvHPkQIR9qcrugw6aeeceSfzhodr5nVIo0UIKT45T3w2Ew_8fEwyie8wt5ceMZOn9ktUxY-jnghvPR1rHEVKKEAQERfWnlXmCqVOYyny1MulBV4w-pUDeG4FZ1ud-WTOTBTQ5L_m5Wbw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-24esGfufJaNTvHPkQIR9qcrugw6aeeceSfzhodr5nVIo0UIKT45T3w2Ew_8fEwyie8wt5ceMZOn9ktUxY-jnghvPR1rHEVKKEAQERfWnlXmCqVOYyny1MulBV4w-pUDeG4FZ1ud-WTOTBTQ5L_m5Wbw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKGjR7HYfgP4FGxZt5EtniM&google_cver=1&google_push=Aa02lx-24esGfufJaNTvHPkQIR9qcrugw6aeeceSfzhodr5nVIo0UIKT45T3w2Ew_8fEwyie8wt5ceMZOn9ktUxY-jnghvPR1rHEVKKEAQERfWnlXmCqVOYyny1MulBV4w-pUDeG4FZ1ud-WTOTBTQ5L_m5Wbw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-24esGfufJaNTvHPkQIR9qcrugw6aeeceSfzhodr5nVIo0UIKT45T3w2Ew_8fEwyie8wt5ceMZOn9ktUxY-jnghvPR1rHEVKKEAQERfWnlXmCqVOYyny1MulBV4w-pUDeG4FZ1ud-WTOTBTQ5L_m5Wbw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 145

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHtZuP3l32M5lrdcjZLhyIo&google_cver=1&google_push=Aa02lx8ROlJvqW2ad9SlwZNB_312N6AqHWs13KAmBhvnPyUUMvAmFjTq7qVpMUqKBA_qA67dIi3wsXYjEJvb2AYFyHLx5LRquSapPPbU04gktBaEVn5j1pM05gaj_-BLN_cfYYnTwRxuEXW5tgERxwjRbdAfIw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8ROlJvqW2ad9SlwZNB_312N6AqHWs13KAmBhvnPyUUMvAmFjTq7qVpMUqKBA_qA67dIi3wsXYjEJvb2AYFyHLx5LRquSapPPbU04gktBaEVn5j1pM05gaj_-BLN_cfYYnTwRxuEXW5tgERxwjRbdAfIw&google_hm=eS1WNGJPWm1wRTJwRmJDVGUueTJVeWlNUDQwcVFvbzk3d35B

Request Chain 146

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOusHouNb6BlgY8cDxgM-e4&google_cver=1&google_push=Aa02lx9cAC-Hsbvuujg6ERxZw_h4qxLGmktO11N1paK3ScEdwXSYJrIpLPr1FVqe9fxawXty1VsavBwq49WUzOPJh73d8xv5C1Yp2sYZvehK9LHtux0bcb_oYKNGtaCqGIk_64TXbyt2PXxmUPvg2NEimrnYFQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOusHouNb6BlgY8cDxgM-e4&google_cver=1&google_push=Aa02lx9cAC-Hsbvuujg6ERxZw_h4qxLGmktO11N1paK3ScEdwXSYJrIpLPr1FVqe9fxawXty1VsavBwq49WUzOPJh73d8xv5C1Yp2sYZvehK9LHtux0bcb_oYKNGtaCqGIk_64TXbyt2PXxmUPvg2NEimrnYFQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjIyNTMwODE5Mjk3OTU1MDI1NA&google_push=Aa02lx9cAC-Hsbvuujg6ERxZw_h4qxLGmktO11N1paK3ScEdwXSYJrIpLPr1FVqe9fxawXty1VsavBwq49WUzOPJh73d8xv5C1Yp2sYZvehK9LHtux0bcb_oYKNGtaCqGIk_64TXbyt2PXxmUPvg2NEimrnYFQ

Request Chain 147

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJNVoiAemAu_4i0wvFwqgBc&google_cver=1&google_push=Aa02lx8UT87wV775rzDuA4dUjqNTE1GpMyrV1lNfukRhRME3bC8s40QbhAl5cCsNA2UQrbEiTORvIa7heFdXFId4QxuU9suqkcxaIAc5DbT-qZq6MfEQ0vT8FcJI7uUV1-SHURi5wayq8jNGUFFnDUiwDBOwyg HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJNVoiAemAu_4i0wvFwqgBc&google_cver=1&google_push=Aa02lx8UT87wV775rzDuA4dUjqNTE1GpMyrV1lNfukRhRME3bC8s40QbhAl5cCsNA2UQrbEiTORvIa7heFdXFId4QxuU9suqkcxaIAc5DbT-qZq6MfEQ0vT8FcJI7uUV1-SHURi5wayq8jNGUFFnDUiwDBOwyg&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Mc6h5xU0RmuKD9WISntL7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8UT87wV775rzDuA4dUjqNTE1GpMyrV1lNfukRhRME3bC8s40QbhAl5cCsNA2UQrbEiTORvIa7heFdXFId4QxuU9suqkcxaIAc5DbT-qZq6MfEQ0vT8FcJI7uUV1-SHURi5wayq8jNGUFFnDUiwDBOwyg

Request Chain 148

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPio5pbKXHCc2y-sNWeHX-U&google_cver=1&google_push=Aa02lx9G5CDDBlUt4e5-IdwGhrvnM9F7EG7qF6hgEJjMFPfWSM8COKWDCj1n3zKfL1dymmQfCfyMQ5zyCxiO0VdGMmHDpIhOBO6Tbn9QTV9c0GWK8APpQCKM-8OWiNLEFkRLcyqDE4SmskubkpMhLQBjZG_38Q HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx9G5CDDBlUt4e5-IdwGhrvnM9F7EG7qF6hgEJjMFPfWSM8COKWDCj1n3zKfL1dymmQfCfyMQ5zyCxiO0VdGMmHDpIhOBO6Tbn9QTV9c0GWK8APpQCKM-8OWiNLEFkRLcyqDE4SmskubkpMhLQBjZG_38Q&google_gid=CAESEPio5pbKXHCc2y-sNWeHX-U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDE1Njk2NzQwODQ0NTU3NDQzMTcxMQ%3D%3D&google_push=Aa02lx9G5CDDBlUt4e5-IdwGhrvnM9F7EG7qF6hgEJjMFPfWSM8COKWDCj1n3zKfL1dymmQfCfyMQ5zyCxiO0VdGMmHDpIhOBO6Tbn9QTV9c0GWK8APpQCKM-8OWiNLEFkRLcyqDE4SmskubkpMhLQBjZG_38Q

Request Chain 149

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBbD3mHVAkLcX41aX88KMAg&google_cver=1&google_push=Aa02lx9EUtnLsLOLkVy96l6LQgkpgs_D1v9ptbUJWczCjqkTlb49Gs7JXx4tVacAvU0sS8ZVxCxT9J8ku5AgPOZWTI-yyFLKt6Wm7mtnKBRIlpy1VTz8B3BG63WOfGlMJc1Wi_qjyiVmisej0Ko_CoXDYZnx6w HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBbD3mHVAkLcX41aX88KMAg&google_cver=1&google_push=Aa02lx9EUtnLsLOLkVy96l6LQgkpgs_D1v9ptbUJWczCjqkTlb49Gs7JXx4tVacAvU0sS8ZVxCxT9J8ku5AgPOZWTI-yyFLKt6Wm7mtnKBRIlpy1VTz8B3BG63WOfGlMJc1Wi_qjyiVmisej0Ko_CoXDYZnx6w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=19a65748-6694-4efb-91f7-695a8665434e&%%GOOGLE_PUSH_PAIR%%

Request Chain 151

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 153

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 155

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI0oAlkzeWNHjyA0vuhHkn4&google_cver=1&google_push=Aa02lx8oT2eFfOy6SD_EqHt6PL1w0_VATmUDQ6C4gIvi3j_guqo3IWZlJp2IqkQ6-v0Lct-XU7G7J0iRiC4E-bl0cG8SgGIEdAv6VvmBiJuZg2v6rY-55H09lNMwwZr5z60Pl7NehpfznEzWVN4eVsMChtZFhg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU3RjFHMkstMjItQTFSTw==&google_push=Aa02lx8oT2eFfOy6SD_EqHt6PL1w0_VATmUDQ6C4gIvi3j_guqo3IWZlJp2IqkQ6-v0Lct-XU7G7J0iRiC4E-bl0cG8SgGIEdAv6VvmBiJuZg2v6rY-55H09lNMwwZr5z60Pl7NehpfznEzWVN4eVsMChtZFhg

Request Chain 156

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHuMGluMOICO69xtaPWRaeM&google_cver=1&google_push=Aa02lx-zTm5sLn56fRGF34HPyxFFs_NmfWV4jQJRnu58X-QxgoZe8pn7D13z0tPWeUBA-sNspiaaioHvf2n0Y7I1emdmeFXHDHhyjMta80jYVD9SaQbyfUBLA7pfpubLvA-b0m-EzqPY4vjDIj0y2oBfHWtLeQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHuMGluMOICO69xtaPWRaeM&google_push=Aa02lx-zTm5sLn56fRGF34HPyxFFs_NmfWV4jQJRnu58X-QxgoZe8pn7D13z0tPWeUBA-sNspiaaioHvf2n0Y7I1emdmeFXHDHhyjMta80jYVD9SaQbyfUBLA7pfpubLvA-b0m-EzqPY4vjDIj0y2oBfHWtLeQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHuMGluMOICO69xtaPWRaeM&google_hm=Y-5xK4wydjLDKtQ1lyQb3wAABFUAAAIB&google_nid=index&google_push=Aa02lx-zTm5sLn56fRGF34HPyxFFs_NmfWV4jQJRnu58X-QxgoZe8pn7D13z0tPWeUBA-sNspiaaioHvf2n0Y7I1emdmeFXHDHhyjMta80jYVD9SaQbyfUBLA7pfpubLvA-b0m-EzqPY4vjDIj0y2oBfHWtLeQ

Request Chain 157

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGNen0xvdLew-rLxKQydEz8&google_cver=1&google_push=Aa02lx9ek6LahL6hA0or3bv5aog5mRkIJHU0FGgU50mCGe99DlaBW-pfV1UBYu-goYUD-6au6-bhOYY13HHdCh2cPhpTnimup31B36fHyUdYTpsgi7eO_PGHcx_G7RIrE0JdVIYY8R_mBshcO0EHr7fTWPiNqw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9ek6LahL6hA0or3bv5aog5mRkIJHU0FGgU50mCGe99DlaBW-pfV1UBYu-goYUD-6au6-bhOYY13HHdCh2cPhpTnimup31B36fHyUdYTpsgi7eO_PGHcx_G7RIrE0JdVIYY8R_mBshcO0EHr7fTWPiNqw

Request Chain 158

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPio5pbKXHCc2y-sNWeHX-U&google_cver=1&google_push=Aa02lx9vQ1WTYF3nHXZzkBZ9-KX3SWFWNXofEonBBmjNGS9rkwPjLECWcuXzvgK540w4dXCqeSvV6J9OtS1Obzu-S0ORPV_zDyBUvV5JecuhY5fB90vPkz4v4qF_GBPmklDyJyQoJpWS6-SBkl-4SQrQ1GcgYQ HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx9vQ1WTYF3nHXZzkBZ9-KX3SWFWNXofEonBBmjNGS9rkwPjLECWcuXzvgK540w4dXCqeSvV6J9OtS1Obzu-S0ORPV_zDyBUvV5JecuhY5fB90vPkz4v4qF_GBPmklDyJyQoJpWS6-SBkl-4SQrQ1GcgYQ&google_gid=CAESEPio5pbKXHCc2y-sNWeHX-U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDE1Njk2NzQwODQ0NTU3NDQzMTcxMQ%3D%3D&google_push=Aa02lx9vQ1WTYF3nHXZzkBZ9-KX3SWFWNXofEonBBmjNGS9rkwPjLECWcuXzvgK540w4dXCqeSvV6J9OtS1Obzu-S0ORPV_zDyBUvV5JecuhY5fB90vPkz4v4qF_GBPmklDyJyQoJpWS6-SBkl-4SQrQ1GcgYQ

Request Chain 160

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEIOmnyPY9VIxxkg0ixUdynY&google_cver=1&google_push=Aa02lx9VKIXnP-Ki7Y7nqxtmvoeCXA5k8XKalc8aweJ3wmcdBQrNXvAMvLAuBsuyJg8T7Ozrwrf6sDaevm9ICaAXHstenm8JJHPdG6IidyGRj9d9cu-h_ILZ4cMNhgJaEi6B6ZXJTeSlwTuiNH4DRXEsonCtX50 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEIOmnyPY9VIxxkg0ixUdynY%26google_cver%3D1%26google_push%3DAa02lx9VKIXnP-Ki7Y7nqxtmvoeCXA5k8XKalc8aweJ3wmcdBQrNXvAMvLAuBsuyJg8T7Ozrwrf6sDaevm9ICaAXHstenm8JJHPdG6IidyGRj9d9cu-h_ILZ4cMNhgJaEi6B6ZXJTeSlwTuiNH4DRXEsonCtX50 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Mzg2NzAzNDIwMDg1MDE4ODIxOA%3D%3D&google_gid=CAESEIOmnyPY9VIxxkg0ixUdynY&google_cver=1&google_push=Aa02lx9VKIXnP-Ki7Y7nqxtmvoeCXA5k8XKalc8aweJ3wmcdBQrNXvAMvLAuBsuyJg8T7Ozrwrf6sDaevm9ICaAXHstenm8JJHPdG6IidyGRj9d9cu-h_ILZ4cMNhgJaEi6B6ZXJTeSlwTuiNH4DRXEsonCtX50

Request Chain 163

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

172 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
vpnstuff.net/
Redirect Chain

https://www.vpnstuff.net/
https://vpnstuff.net/

51 KB
9 KB

712ms
701ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpnstuff.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0497bf3a6ad658fad1d6ccbdb44098ff11ea9bacb26a7b1ebe665653314f6626

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 79a83ada4fd22be0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 Feb 2023 18:08:40 GMT
last-modified: Wed, 15 Feb 2023 22:47:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a83IRl97KpJnjC5QErlVrnXsELZ8IACVgQwy3nxMg%2FCO9HaDeygYwJMIB15jbDBqOq%2FotInOhXznmatMYpHt3MpoHQe7hP5rq2qQy5Q6NiEedTIOwedgxewesU%2FHIeAwlOMHpan6Xqu3DvE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
wpo-cache-status: cached

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 79a83ad63edd2be0-FRA
content-type: text/html; charset=UTF-8
date: Thu, 16 Feb 2023 18:08:40 GMT
location: https://vpnstuff.net/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LDO533Ig9ITs8J3IzbvE12919FunJV3%2FhjE44oF4%2BTEPkDNgSTCxNYZNQ6dZLkrhIflUEIAFNUzQwDMW6pfQfK7v6lE%2B09aiNonTbS2cWshBOjl13bMiiA8SAp9o4o0cVf5Jipj2%2FeiCtarnP7GK"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-redirect-by: WordPress

GET
H2 200 style.min.css
vpnstuff.net/wp-includes/css/dist/block-library/ 81 KB
12 KB 788ms
784ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpnstuff.net/wp-includes/css/dist/block-library/style.min.css?ver=5.9.5
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 06 Apr 2022 05:08:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bYbc%2BExgG8rVjldVXTXpxEtxp2PnIH82bmIv3R%2BRd7wRgPCpSHD5GHXsc1Sdy5%2FXRdXieWRPGe4G9OvIahTQd%2F%2F6l4EU1JbORuEuuDoN5FAQLAhaEwiqm5g6ex%2FP9rSVwqJzYjN4IIHj9Pk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 79a83adeb93b2be0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 mediaelementplayer-legacy.min.css
vpnstuff.net/wp-includes/js/mediaelement/ 11 KB
3 KB 654ms
650ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpnstuff.net/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 26 Jul 2021 04:09:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XynUTFg6Z35vP5AFeSmYyTryKn4E1mqb%2Bd9byktYRnpjH535jNT7NCuw9P1F8FRFgB%2F4nOpadSQmXPp7KUWF0LG0pCr%2BWBqSkZEL9Tns7S3GaOZCkd0xBvEsLdk291P2%2FxvUHYIy3410044%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 79a83adeb9452be0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 wp-mediaelement.min.css
vpnstuff.net/wp-includes/js/mediaelement/ 4 KB
1 KB 500ms
497ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpnstuff.net/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.9.5
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4srrYI9hRv64jeGIaFZtqUmI1EKEFm4YLrEox492JFID3K%2B5KUpVbENtv%2BIECrGuOOpeGU%2FGk0WtFAeek2LK1P5YWCYLb4LJOEw5sMRZh%2F2VsCp8fzc2CK0n2Q0Jb8JBrlXT0KP2lKfM7E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 79a83adeb9472be0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 idblog-core.css
vpnstuff.net/wp-content/plugins/idblog-core/css/ 7 KB
2 KB 501ms
498ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpnstuff.net/wp-content/plugins/idblog-core/css/idblog-core.css?ver=1.0.0
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edf28446f50d57b497e259711b3e7144cdc8d3d344b625f8f00878f877aecbd1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 02 Apr 2022 13:54:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i8Ha%2B6MMtUGkD7qiQqZkIvjPNpNkBDmAUXFaqkkAeLND3FgUelapSK4gW%2FAKu2El7k5UMoCiyjCvDzlS3BxK8rP1uktZVzjZ3c5be70oBZWyPCAXFqh0yQxwW9HBcx2rQeL1LYX2x0PgBxI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 79a83adeb9492be0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.min.css
vpnstuff.net/wp-content/plugins/easy-table-of-contents/vendor/icomoon/ 438 B
468 B 516ms
513ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpnstuff.net/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.18
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b88fca268e1352a0922f301c6b88f0499606c01faa8d0718de11a8153a5edc3a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 02 Apr 2022 13:54:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XP%2BtTpVklQeGaAHWjeiJ08X8cWtvdbZqE7EDo89uzK7Dt%2ByYaTEkgFajId7ggqCvzvt7yuyUClD06s3x1mVXViLz9UKas5Cts0fcXFt3digNxedJOC5rFYs5GTCxdkEIEk8CDxdP9CtiPSY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 79a83adeb94b2be0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 screen.min.css
vpnstuff.net/wp-content/plugins/easy-table-of-contents/assets/css/ 5 KB
2 KB 501ms
499ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpnstuff.net/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.18
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22af5d3bf749542c2d95975186991b7b8c1e0766449c3fdeab55d57eb0d1ffdc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 02 Apr 2022 13:54:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OdQsz5q55zc66O7vFHnJ72rpHPF%2F8%2FDNuCS%2BzQX41GcGj797OAkZtZSM8SIWx8UlZWiG9E8ye2p5QWLXF9ZZNCQq8z8k1triutopj9CFKn91hEvserWzTkPKc9DW69OSy88H06QkvJfHCGg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 79a83adeb94c2be0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1008 B 193ms
99ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C600%2C300%26subset%3Dlatin%2C&ver=1.0.0

Requested by

Host: vpnstuff.net
URL: https://vpnstuff.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6d6b4e3715b628457d40f2bf6e62b661d2bb36d85296d08a0bca4858dd617f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Feb 2023 18:08:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 18:08:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Feb 2023 18:08:40 GMT

GET
H2 200 style-nonamp.css
vpnstuff.net/wp-content/themes/superfast/ 65 KB
14 KB 816ms
814ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpnstuff.net/wp-content/themes/superfast/style-nonamp.css?ver=1.1.0
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55aa397e00e748cacec23809e21ed28636ebf0b82566c41ff019368c653fc426

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 18 Sep 2020 07:10:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ezi1lN6UuRdAbpFs9D1Fs%2FsZGR8pqj1K3KMPlO2w9dLdkX2wF1hCVeS2xutPwAUSltDg1%2FdFkCjzt0dtjOPWfaHgK6jJ1GIglGEQjnH3ibbItBPkEQtqsjgliYtt9IYg1AukfjcVMbHyqbw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 79a83adeb94d2be0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
vpnstuff.net/wp-content/themes/superfast/ 625 B
671 B 543ms
541ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpnstuff.net/wp-content/themes/superfast/style.css?ver=2.0.0
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15d287e632ab017c0cc1145bca13b94d3931aa1d6a27e9b63bb8f112aede0859

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 18 Sep 2020 07:10:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KT8UUgGQ%2BMYeJzrK8hRfGcL5e1i6du%2BCH2qgn7DjnEVFQiOjxU07SHkj7a8iB5Kp0YmBj0rH4OCACore%2BQmtLKCY3yWERfvOl3xdHWtYbAfK3NJP8hJjIhSLYhcxzMwP5adsVOFNj2VQ%2FpA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 79a83adeb94f2be0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jetpack.css
vpnstuff.net/wp-content/plugins/jetpack/css/ 86 KB
17 KB 874ms
872ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpnstuff.net/wp-content/plugins/jetpack/css/jetpack.css?ver=10.7
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1021efafbf9b43acf446f436556222d910e0d86d09d796b6fb16101efedffa22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 02 Apr 2022 13:54:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k8yn3yPrQtvb%2BMQKYlipFLUEqlJ2kd7Ey81cx9oeet1RtCTyIwpuVS%2FrUuXDnEYWPz%2BAA4qUnA4XFaiQb9dQGcETDNx3JHHBkvhnsRaAfV0plIDPtCYZv9RzsHMxh2f8JOQjGDdXsTNQnlg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 79a83adeb9512be0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
vpnstuff.net/wp-includes/js/jquery/ 87 KB
32 KB 932ms
930ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpnstuff.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 26 Jul 2021 04:09:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQd%2FweISged%2Ben9uoYaozjVF%2FkYK%2FkfZLHQp1MWtr1WSbh8xiCHLJlbj6RwvpsJVJ%2BHkuPQnkbYf1zO%2BlFOmLhAbAhB9CumqsimSltXkJ9soH%2FX9RbE4zdPET1F0Lq6hULCB6i1nYiTOmXY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79a83adeb9532be0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
vpnstuff.net/wp-includes/js/jquery/ 11 KB
4 KB 662ms
661ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpnstuff.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 26 Jul 2021 04:09:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7L%2FeJ59Nik8RX6o0QTntSYQh4o6PiUK3VgKhR%2FYNjz5s0q32eONFUG06reXIe69G74j5M%2B7mDt6JfI7DW85Hq7JlP9mLRjEtXUA6hgaVZoezj7kqK3lLeMQZxllaUqOKx44ithOeviDo08%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79a83aded9a92be0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
49 KB 130ms
79ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: vpnstuff.net
URL: https://vpnstuff.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f81b040c7267df313664e2e4156da6cd214c4ec3727ab140bfad36537bf36a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49990
x-xss-protection: 0
server: cafe
etag: 11064032484162565504
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 18:08:41 GMT

GET
H3 200 Screenshot_2-5-200x135.jpg
vpnstuff.net/wp-content/uploads/2021/09/ 3 KB
4 KB 513ms
512ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vpnstuff.net/wp-content/uploads/2021/09/Screenshot_2-5-200x135.jpg
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e235711fbbe0386501e4ca29766513dcf3498fa782abccf11dcbf30225e08b17

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:42 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Sep 2021 05:16:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HM1Un%2B%2Ff6ptWnxkcLXib8G52Ocpp%2FkKBSZGxs4ZQQeaPdQ8xSuqxbiVEykOTig3PexBEsWOs%2B68PuL5m3PMtgw8mLY0wnV0DghT3Mn%2BmZjedLbTOz9EjW3HlpQ30y3byiwg5807v18bPLR0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79a83ae4ba3e2bc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3434

GET
H3 200 jquery.sidr.min.js Show response
vpnstuff.net/wp-content/themes/superfast/js/ 9 KB
4 KB 627ms
626ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpnstuff.net/wp-content/themes/superfast/js/jquery.sidr.min.js?ver=2.0.0
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cfc72f87bf1597df4da24dab70a531fc8666984b1393411d845b8e3cc68638f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 18 Sep 2020 07:10:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2Bu5WsBq3mobuEQbin11OCgghUVqIzjiFdkXjxM4V1QlqMTRuX%2FONyslYP73YKP9yODEqrjSgNjluHuInwdDC%2FDHhPQUfeixG0rvh2mu3o1cgmJB1bSAwqcC7OGdH4paPVR%2Fu0ApGxS3FeY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79a83ae438f72bc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 customscript.js Show response
vpnstuff.net/wp-content/themes/superfast/js/ 3 KB
2 KB 207ms
207ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpnstuff.net/wp-content/themes/superfast/js/customscript.js?ver=2.0.0
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37813ebd6ff70bf619e9030983320bcad15704e6af35654c37e7949012a59bb5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 18 Sep 2020 07:10:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jx%2BsdOrk8gmaETjdc3%2FNrOYDNyrGhnoT2MbIasA70DALHKWLLxJrWwxCDB%2F64Pg8yGd95xAt3vqpGFRuTK5BdaHdmjqYyqKvAlndXJ%2BF4dmJ5eX6T1YfuDQd8XmVwRK2rcN8escqD7wGo74%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79a83ae49a0a2bc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 e-202307.js Show response
stats.wp.com/ 9 KB
3 KB 49ms
13ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202307.js
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-nc: HIT ams
date: Thu, 16 Feb 2023 18:08:41 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 12 Feb 2024 00:13:16 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vpnstuff.net/wp-includes/js/ 18 KB
5 KB 704ms
703ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpnstuff.net/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 26 Jul 2021 04:09:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ujTKNQwPgP0DwWeXR7RLkbMks2LpPuBU9jHt%2F6rO7vcOFQWUvDY%2B%2FF0esvHAN0JKM7jC9og3nyGUuOhh7EA3eWammGhIiLY5wggReanJ2EXXmAyN98vxiMRYXRz5Yd1%2B7QUEgrsQlM3%2FJU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79a83ae4ba402bc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 /
vpnstuff.net/ 51 KB
51 KB 662ms
662ms Image
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vpnstuff.net/
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 15 Feb 2023 22:47:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugDd2HAnIm2s%2FMXDPgsvX42cR8uZ93E3HvHLhbSladyvV%2BRutur8gXm9CYLOHjBslz34GAFeY6ArtNEzTTPu4HfrpQrxVe%2FSdXp5r5vxMKJlpnjAv9rUCZRchbK4KUFSqVb2f6zQpzRPOj8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache
wpo-cache-status: cached
cf-ray: 79a83ae4ba4c2bc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ElegantIcons.woff
vpnstuff.net/wp-content/themes/superfast/fonts/ 62 KB
63 KB 772ms
771ms Font
font/woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpnstuff.net/wp-content/themes/superfast/fonts/ElegantIcons.woff
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/wp-content/themes/superfast/style-nonamp.css?ver=1.1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae

Request headers

Referer: https://vpnstuff.net/wp-content/themes/superfast/style-nonamp.css?ver=1.1.0
Origin: https://vpnstuff.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:42 GMT
cf-cache-status: MISS
last-modified: Fri, 18 Sep 2020 07:10:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpxjmDDA6L8ESaCgGD%2BxEmfDIB6%2FOmo0%2FPmCQaxNzKHW2X%2FFXqh0JqcDKH5HP9dpOFMWWQ5D21M9G3Z1ykhi5hsB2GNX0Qax9ZcDvbKIB8OXgwqUnMAZ7Bx4yt68og30K44rqNYeK1J6MZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79a83ae4ba4f2bc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63664

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ 35 KB
36 KB 69ms
20ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C600%2C300%26subset%3Dlatin%2C&ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vpnstuff.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:02:34 GMT
x-content-type-options: nosniff
age: 367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35904
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 18:02:34 GMT

GET
H3 200 How-to-Activate-IPv6-Windows-10-200x135.png
vpnstuff.net/wp-content/uploads/2021/09/ 34 KB
34 KB 343ms
342ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vpnstuff.net/wp-content/uploads/2021/09/How-to-Activate-IPv6-Windows-10-200x135.png
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2904775cbf1c61dfe426fba2a3be06024297a61a9df43ccda472345cb79b6d16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:42 GMT
cf-cache-status: MISS
last-modified: Mon, 13 Sep 2021 01:48:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQ5B5dw2K0cg62UGaB%2Bd43okfKpVQKwWTdHlf01FPU2XZBWl%2Bm02QhLMkBrBd11XHruoeb5mWOfhOHsUpAdwSAtbovRe%2FIdYj%2FVz4EUEf1OY%2BHsOvdfsZP0KBsLzI3ZfLR1ycgsksm8r7Ac%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79a83ae4da802bc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34405

GET
H3 200 Screenshot_1-4-200x135.jpg
vpnstuff.net/wp-content/uploads/2021/09/ 6 KB
6 KB 548ms
546ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vpnstuff.net/wp-content/uploads/2021/09/Screenshot_1-4-200x135.jpg
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bdd35da441f2a6f62422c685e3909f33978b7cddaca38672bf482cf45869132

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:42 GMT
cf-cache-status: MISS
last-modified: Fri, 10 Sep 2021 00:57:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60nEg%2FjjtM6b%2B8fc7wsCv0RuseYoIyX8dLdEfOKIx6Nm8RmJsuEecP4VPdOgoJgtHiN23uhLoBfqsjHdYD1az5l3KazCeY%2BCYb1UCmx3iAuqPhXuP7YqKq6OFRAZoQLQfLcxbCrVyFrmKWM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79a83ae4da832bc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5769

GET
H3 200 How-to-Use-SSH-WS-on-Windows-200x135.jpg
vpnstuff.net/wp-content/uploads/2021/09/ 9 KB
10 KB 701ms
700ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vpnstuff.net/wp-content/uploads/2021/09/How-to-Use-SSH-WS-on-Windows-200x135.jpg
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7f2807e1ee85b95a906b460dcbde2ac37445b35ba58a5137f4e161b58b5751

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:42 GMT
cf-cache-status: MISS
last-modified: Tue, 07 Sep 2021 23:36:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUXS4bUoFUfqxKfGbJ%2Bh8rht3FoBVDVQPD4QDvaeUBKCU%2FZ7W6o9Phe%2Be4PEgLpICBu9OOQBPMphZlKfa748cQZOjAE1AXLkVJXb70S7d4ZQr6%2BKxcBHET%2BmX7iFfrLxEjLHO2XiAEwNtd4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79a83ae4da842bc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9556

GET
H3 200 How-to-Set-SSH-Websocket-in-KPNTunnel-Rev-200x135.png
vpnstuff.net/wp-content/uploads/2021/09/ 29 KB
30 KB 665ms
664ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vpnstuff.net/wp-content/uploads/2021/09/How-to-Set-SSH-Websocket-in-KPNTunnel-Rev-200x135.png
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75c771066604b1aa44e316a32a903763ffcf8f6a09e3b52192eecaf017a3fb1a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:42 GMT
cf-cache-status: MISS
last-modified: Sun, 05 Sep 2021 01:15:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ln4b5EkShdt84U0nk%2BuGMmcF9arg%2BV5GTQTm%2FWIsqJ5h6OxCGD8HQk0I8Qj1WOQrq5qQmuAs3ysYlfOc8MyZD25CkVCaafCv5xowiRw8fbp6P7TJTHfneF0kKhZbAM5VbLYo4e5oLtVvWEM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79a83ae4da852bc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29813

GET
H3 200 How-to-Use-SSH-WS-on-Android-200x135.png
vpnstuff.net/wp-content/uploads/2021/09/ 28 KB
28 KB 382ms
380ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vpnstuff.net/wp-content/uploads/2021/09/How-to-Use-SSH-WS-on-Android-200x135.png
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba2e6431e96d234cf470415c723247c4849cfdd527361b67595d26d82c716f3e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:42 GMT
cf-cache-status: MISS
last-modified: Fri, 03 Sep 2021 01:20:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibtvut4voGFeD7x1u4evsiFgN4%2FKrSKj3OtIO078Wt3orC9gOaa0F5JzNbwiht2kLls7Ai5a7kahaaswUkVOXx98rXSVUvqMcxF3ud5dPjl%2B8dZVOnI8ugqUMS78TZGrwWckxvwU9FwEUNo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79a83ae4da872bc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28491

GET
H3 200 Screenshot_4-200x135.jpg
vpnstuff.net/wp-content/uploads/2021/09/ 4 KB
4 KB 529ms
528ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vpnstuff.net/wp-content/uploads/2021/09/Screenshot_4-200x135.jpg
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abbf7840f8e7186ec857d1dd0ba170a2236daa48e28522b7795e4e53be633662

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:42 GMT
cf-cache-status: MISS
last-modified: Wed, 01 Sep 2021 00:52:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcUDy7399TqykTSKRYn3gZO97%2BdfO7gOp%2Fw535n4MK9qCf4PBWSUgrMqViiiIrZY5lr%2FvW131Ijna9q79mSj9w7W6FfH63cN4DCh4tOh9sCTZlgAJzoJZPoWZdvLx%2BM9l5oLjWvUQgesBnc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79a83ae4da892bc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3743

GET
H3 200 Screenshot_4-12-200x135.jpg
vpnstuff.net/wp-content/uploads/2021/08/ 4 KB
4 KB 530ms
529ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vpnstuff.net/wp-content/uploads/2021/08/Screenshot_4-12-200x135.jpg
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2cb7a0cfeabb2725097db9f854dd57a83caa1df3b28dc5ac1d732ddb9c41c16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:42 GMT
cf-cache-status: MISS
last-modified: Sun, 29 Aug 2021 03:06:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zn9O6StVevlSHMIBfMukDC956Z7cs%2Bq%2FeTldL%2FcZYIU4%2B58pfAf2XPr9PKF85HmOcj4sLzDoIIPBsMp0MTs%2BcxuwV7AX7oNM6k5TKTDHBKnNOT7kNkeJg%2F0QiQ8zFqzZOkyqfySkKylGG%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79a83ae4da8a2bc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3934

GET
H3 200 How-to-Use-L2TP-VPN-on-Android-200x135.jpg
vpnstuff.net/wp-content/uploads/2021/08/ 4 KB
5 KB 546ms
545ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vpnstuff.net/wp-content/uploads/2021/08/How-to-Use-L2TP-VPN-on-Android-200x135.jpg
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a13852e1bf363dbefcd8329e3b5b2c841ad3d5150899a541a1fad9959333b9d5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:42 GMT
cf-cache-status: MISS
last-modified: Fri, 27 Aug 2021 03:07:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mi3T%2FDDXNMBmN0N94FBXvmy0eoFKoUC5CBBO06ZuqzDytrYGcPQRuhfUBu2o6x1K93N%2FMUkLjn%2B4f8kCsze1MQ1K1Rj6aQE%2FNe4KyhTC9sZFw%2BxjxYRFXXm6ITNoJImr4fRf2LTTZ38bu74%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79a83ae4da8b2bc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4594

GET
H3 200 How-to-Use-WireGuard-on-Windows-200x135.jpg
vpnstuff.net/wp-content/uploads/2021/08/ 3 KB
3 KB 521ms
520ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vpnstuff.net/wp-content/uploads/2021/08/How-to-Use-WireGuard-on-Windows-200x135.jpg
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ab550a843c22436fbc85716aa622b816b482f1cc6f06818bad741db87922028

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:42 GMT
cf-cache-status: MISS
last-modified: Wed, 25 Aug 2021 00:02:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRoqsNtP7uIhO4%2Bz5itPtVibs6l24xvFm7wchz1DCAW52qzocBm1a7cTYvF62eH8dj3368dSDtkxwXPYz20Iwtb4nKdeJmeUZbsP3a7Icbv7SMDTCS0Fw%2F5En8KHdV%2FAF8P8%2FnDrD1tviv8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79a83ae4da8c2bc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3040

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/ 366 KB
120 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8979619446781272&plah=vpnstuff.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

085dd13c2471130009c8cbab6b9829c10032550fc48bf3f5af513e3ef4069cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123026
x-xss-protection: 0
server: cafe
etag: 8744360575259489990
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 18:08:41 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230213/r20190131/ Frame 53DD 10 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230213/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vpnstuff.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 37592
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 07:42:09 GMT
etag: 10353107486223812946
expires: Thu, 02 Mar 2023 07:42:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
602 B 149ms
57ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=vpnstuff.net&callback=_gfp_s_&client=ca-pub-8979619446781272

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8979619446781272&plah=vpnstuff.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1952965e2c8210f189d1aa88632ea9cb48a8d6c98d32e54e72b272af5eb9b25c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
531 B 105ms
37ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=vpnstuff.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 138ms
40ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vpnstuff.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0A5D 269 KB
67 KB 519ms
518ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&adk=1812271804&adf=3025194257&lmt=1676501243&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fvpnstuff.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570921883&bpp=7&bdt=1137&idt=199&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7966415896443&frm=20&pv=2&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=222

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

265c1a18ba7cf075e9e81048d528b59bb6bcdcb6e2cd53e0e4a6c2292fe7f788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vpnstuff.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 69002
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 18:08:42 GMT
expires: Thu, 16 Feb 2023 18:08:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EF37 93 KB
33 KB 504ms
503ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=280&adk=2461418008&adf=2431340586&pi=t.aa~a.108489206~rp.4&w=1015&fwrn=4&fwrnh=100&lmt=1676501243&rafmt=1&to=qs&pwprc=5907331795&format=1015x280&url=https%3A%2F%2Fvpnstuff.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570921890&bpp=2&bdt=1144&idt=220&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=293&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AECwAysIoq&p=https%3A//vpnstuff.net&dtd=222

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0746291f8b075144de0d7084b9dae35477bb6856c404f0eb469ee319c79a7444

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vpnstuff.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33788
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 18:08:42 GMT
expires: Thu, 16 Feb 2023 18:08:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 28ms
13ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.7&blog=183005764&post=0&tz=0&srv=vpnstuff.net&host=vpnstuff.net&ref=&fcp=2390&rand=0.5148436996088537
Requested by: Host: vpnstuff.net
URL: https://vpnstuff.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Feb 2023 18:08:42 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 7f18ca2d5e76e6394611c7986e4bc896.js Show response
www.gstatic.com/mysidia/ Frame EF37 10 KB
5 KB 75ms
21ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7f18ca2d5e76e6394611c7986e4bc896.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=280&adk=2461418008&adf=2431340586&pi=t.aa~a.108489206~rp.4&w=1015&fwrn=4&fwrnh=100&lmt=1676501243&rafmt=1&to=qs&pwprc=5907331795&format=1015x280&url=https%3A%2F%2Fvpnstuff.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570921890&bpp=2&bdt=1144&idt=220&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=293&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AECwAysIoq&p=https%3A//vpnstuff.net&dtd=222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

765d7308ebd55d0d2e9babfd37e30335be02efbbf3d3176f3e1f730cc4177045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 11:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4353
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 00:07:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 May 2023 11:17:34 GMT

GET
H2 200 bc63e283f37018142f1a6ba7254ba7c6.js Show response
www.gstatic.com/mysidia/ Frame EF37 10 KB
5 KB 75ms
22ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/bc63e283f37018142f1a6ba7254ba7c6.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c2eb4bd436a068318ae842919d15610711964b98cf65a76c3cabf176a1cf98e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 02:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4610
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 00:07:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 May 2023 02:46:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EF37 8 KB
991 B 61ms
58ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Feb 2023 18:08:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 17:37:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Feb 2023 18:08:42 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame EF37 2 KB
846 B 178ms
25ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 15:14:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 15:14:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/ Frame EF37 22 KB
9 KB 277ms
19ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e4d1d7a07ea6fddd6ab116e27bc0e074f5fe6ad6c89f719a515ae9c80436b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16636
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8846
x-xss-protection: 0
server: cafe
etag: 8106178524699001248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 13:31:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame EF37 3 KB
1 KB 178ms
25ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 13:41:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame EF37 20 KB
8 KB 280ms
22ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16636
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8316
x-xss-protection: 0
server: cafe
etag: 7067238764211672077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 13:31:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EF37 156 KB
48 KB 43ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 18:08:42 GMT

GET
H2 200 3fa5291869997d20adf47a02a7a75d04.js Show response
www.gstatic.com/mysidia/ Frame EF37 34 KB
14 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 09:41:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 00:05:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 May 2023 09:41:50 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/ 150 KB
51 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fef244c8caa28ed977c72b3d6b2dfb8c56919f979fc82c7f720d7a3deb8b7a2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52312
x-xss-protection: 0
server: cafe
etag: 4041489415599208364
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 18:08:42 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
165 B 31ms
29ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=vpnstuff.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 45ms
44ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vpnstuff.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4BFC 115 KB
44 KB 454ms
453ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=972752042&pi=t.aa~a.2691541445~rp.4&w=630&lmt=1676501243&nsk=2c9f9172&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=2&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280&nras=3&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=elwgBxkejK&p=https%3A//vpnstuff.net&dtd=21

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec241bc60ec19df1c59a9d86fdd74cb5a3e4a58df75124507d9a4ea3cea5c437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vpnstuff.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 44551
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 18:08:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0BCB 116 KB
44 KB 477ms
476ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=4068077400&pi=t.aa~a.8993076~rp.4&w=630&lmt=1676501243&nsk=20926e7b&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121&nras=4&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V4XbneyTCx&p=https%3A//vpnstuff.net&dtd=25

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6a77a159c96f0e34a1ddf72ffcb4c8dd8adf687068b921eeda5e10664ebebca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vpnstuff.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 45090
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 18:08:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 475F 115 KB
44 KB 482ms
481ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=1307324834&pi=t.aa~a.1751628239~rp.4&w=630&lmt=1676501243&nsk=ae8678aa&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1943&idt=0&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121%2C630x121&nras=5&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5tIRWrdlYr&p=https%3A//vpnstuff.net&dtd=29

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eef4b1257e491d3649e52915c29cb8c453400b03da373098321bcb9a6c0850c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vpnstuff.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 44862
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 18:08:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EF37 0
0 65ms
65ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYLh9KnHuY66sDIP6iwPitKzID4q31YRv0Jyh-LEQz6DS-pkOEAEg98GGeWCRBKAB753_2yjIAQGpAkjWDD2fIXo-qAMByAPLBKoE9wFP0ObbACP-oalOQgxa2QKfWo-7qXSp0z_KoAt0ocv4xoPqc4x673kgG62tCz3QI5MoFCVmfu31hCMHnKC5qeuThwylhcU4anJeBVKaf00fWZ-7_Z_YDzeU_eyP1ws35C10KdIYX52P9zkHHMPE60sc2DpISQxEdFw1LSSdKkH1t32MiL9yGIZ0gKl6E-oAjmkzADkm-TrjPFOprSmZzdHf8KmN9zHcL3lLZ29hbvFwkBm4oAVtM42lxvdtvnTh2fa7_R6vJIVYpjUp-zbx-p9NQEcTYRVpV_4CC66okbY6JpzCtdgZ0j0iAzZL2ntO7T7F7Vh8xEPGwASArfrlmwSSBQQIBBgBkgUECAUYBIAH_cfPuwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD0mwXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUBdAVAYAXAbIXHAoaCAASFHB1Yi04OTc5NjE5NDQ2NzgxMjcyGAA&sigh=aJ-AMRxBOK0&uach_m=[UACH]&cid=CAQSGwDUE5ympaoNf7_STfY5omlbeAMhjPjSUHt1jRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=280&adk=2461418008&adf=2431340586&pi=t.aa~a.108489206~rp.4&w=1015&fwrn=4&fwrnh=100&lmt=1676501243&rafmt=1&to=qs&pwprc=5907331795&format=1015x280&url=https%3A%2F%2Fvpnstuff.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570921890&bpp=2&bdt=1144&idt=220&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=293&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AECwAysIoq&p=https%3A//vpnstuff.net&dtd=222
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 16 Feb 2023 18:08:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 16 Feb 2023 18:08:42 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/ Frame 2182 10 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vpnstuff.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 49583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 04:22:19 GMT
etag: 10353107486223812946
expires: Thu, 02 Mar 2023 04:22:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/ Frame 5CC7 10 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vpnstuff.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 49583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 04:22:19 GMT
etag: 10353107486223812946
expires: Thu, 02 Mar 2023 04:22:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 2182 4 KB
636 B 57ms
57ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Feb 2023 18:08:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 17:56:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Feb 2023 18:08:42 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2182 205 B
229 B 20ms
20ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 17:11:24 GMT
x-content-type-options: nosniff
age: 3438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 16 Feb 2024 17:11:24 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2182 604 B
628 B 21ms
21ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 11:29:38 GMT
x-content-type-options: nosniff
age: 23944
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 16 Feb 2024 11:29:38 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/elements/html/ Frame 2182 19 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61cfe1e4bad8332eaf07240b9a18cd9c20f55c526e9c0b9ad9bf3255265c695d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 11:41:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8280
x-xss-protection: 0
server: cafe
etag: 4522959314154213365
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 11:41:23 GMT

GET
H3 200 7f18ca2d5e76e6394611c7986e4bc896.js Show response
www.gstatic.com/mysidia/ Frame 5CC7 10 KB
4 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7f18ca2d5e76e6394611c7986e4bc896.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

765d7308ebd55d0d2e9babfd37e30335be02efbbf3d3176f3e1f730cc4177045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 11:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4353
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 00:07:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 May 2023 11:17:34 GMT

GET
H3 200 a1380fa1dbb478cac31aa0fcfff4f762.js Show response
www.gstatic.com/mysidia/ Frame 5CC7 11 KB
5 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a1380fa1dbb478cac31aa0fcfff4f762.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b52c106741e95185aabd3207ecd15686e066ae9f516ebd45e87936829c14ca2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 14:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4765
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 00:07:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 May 2023 14:21:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5CC7 8 KB
895 B 58ms
58ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Feb 2023 18:08:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:38:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Feb 2023 18:08:42 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 5CC7 2 KB
799 B 28ms
27ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 15:14:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 15:14:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/ Frame 5CC7 22 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e4d1d7a07ea6fddd6ab116e27bc0e074f5fe6ad6c89f719a515ae9c80436b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16636
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8846
x-xss-protection: 0
server: cafe
etag: 8106178524699001248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 13:31:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 5CC7 3 KB
1 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 13:41:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 5CC7 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16636
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8316
x-xss-protection: 0
server: cafe
etag: 7067238764211672077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 13:31:26 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5CC7 156 KB
48 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 18:08:42 GMT

GET
H3 200 3fa5291869997d20adf47a02a7a75d04.js Show response
www.gstatic.com/mysidia/ Frame 5CC7 34 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 09:41:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 00:05:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 May 2023 09:41:50 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D64D 143 B
166 B 21ms
20ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=280&adk=2461418008&adf=2431340586&pi=t.aa~a.108489206~rp.4&w=1015&fwrn=4&fwrnh=100&lmt=1676501243&rafmt=1&to=qs&pwprc=5907331795&format=1015x280&url=https%3A%2F%2Fvpnstuff.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570921890&bpp=2&bdt=1144&idt=220&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=293&ady=204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AECwAysIoq&p=https%3A//vpnstuff.net&dtd=222
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1304
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 17:46:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5CC7 0
0 64ms
63ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CK24xKnHuY86QDIqHngXmoYLABMrWmYNv8IiZlqURy9jI47sPEAEg98GGeWCRBKAB_9uKyAPIAQGoAwHIA8sEqgT3AU_QyVSoo34cwj52M9T2Pns_HhKBAUC-owi47g1j8E9lJmr4fkp5a7EoblomelSOovODoVkBkB5vGHfggkOpq5AYPc2DMPwUdmLS6yK221bO-ZCq1ysQuUQqHPXYmpiIyPKFcEB3NBWcxuEdSpYoFxe5QxsmL2APZ5Xza0Vq8p4iOUUH0JzjJ1crk-QsTU7ThRE-aYj4tDM7mopVyYDas-o2SajsytGshOfx464oO0pNvo8zSTO3imZ8REdWG5SoGy03HvRKxa0BM6dgkCvq2-tpL1d5zN6vJ_7nyVru3dTfITG_46tkueBeAwzKALsrEFQj_u9FcG_ABKHtpaKbBJIFBAgEGAGSBQQIBRgEgAeWhq2iAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDENJm0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItODk3OTYxOTQ0Njc4MTI3MhgA&sigh=WT6ovVt-TcM&uach_m=[UACH]&cid=CAQSGwDUE5ymkw8k_eXZ-Iqzvx7Pn8YH7Fl_omFjNxgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 16 Feb 2023 18:08:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 663B 143 B
166 B 20ms
20ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1305
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 17:46:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EF37 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b15bb1e4a15eb09225e7a3c6800da0f7f5f0f110f5cee9e11d5574a7e923083

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5CC7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b58a0989d6131e9b31d5ae48ee68afc125563c0ed1b656ac1b5205924640cf1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame EF37 28 KB
28 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 18:11:51 GMT
x-content-type-options: nosniff
age: 172612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 18:11:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9E30 8 KB
895 B 58ms
58ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Feb 2023 18:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 17:11:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Feb 2023 18:08:43 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 9E30 2 KB
765 B 31ms
31ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 15:14:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 15:14:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/ Frame 9E30 22 KB
9 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e4d1d7a07ea6fddd6ab116e27bc0e074f5fe6ad6c89f719a515ae9c80436b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16636
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8846
x-xss-protection: 0
server: cafe
etag: 8106178524699001248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 13:31:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 9E30 3 KB
1 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 13:41:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 9E30 20 KB
8 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16636
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8316
x-xss-protection: 0
server: cafe
etag: 7067238764211672077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 13:31:26 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9E30 156 KB
48 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 18:08:43 GMT

GET
H3 200 3fa5291869997d20adf47a02a7a75d04.js Show response
www.gstatic.com/mysidia/ Frame 9E30 34 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 09:41:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 00:05:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 May 2023 09:41:50 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D64D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

32ms
32ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 18:08:43 GMT
expires: Thu, 16 Feb 2023 18:08:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 18:08:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ppuJb3acSbwPUrk6AP0eyfY-LTznD88jtSaAQ1bhjg8.js Show response
pagead2.googlesyndication.com/bg/ Frame 01B2 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppuJb3acSbwPUrk6AP0eyfY-LTznD88jtSaAQ1bhjg8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a69b896f769c49bc0f52b93a00fd1ec9f63e2d3ce70fcf23b526804356e18e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 17:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14239
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 17:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 17:33:11 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 663B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

35ms
35ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 18:08:43 GMT
expires: Thu, 16 Feb 2023 18:08:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 18:08:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ppuJb3acSbwPUrk6AP0eyfY-LTznD88jtSaAQ1bhjg8.js Show response
pagead2.googlesyndication.com/bg/ Frame B59F 36 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppuJb3acSbwPUrk6AP0eyfY-LTznD88jtSaAQ1bhjg8.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a69b896f769c49bc0f52b93a00fd1ec9f63e2d3ce70fcf23b526804356e18e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 17:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14239
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 17:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 17:33:11 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B5F2 143 B
166 B 20ms
20ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1305
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 17:46:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B5F2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

43ms
42ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 18:08:43 GMT
expires: Thu, 16 Feb 2023 18:08:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 18:08:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ppuJb3acSbwPUrk6AP0eyfY-LTznD88jtSaAQ1bhjg8.js Show response
pagead2.googlesyndication.com/bg/ Frame CAF3 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppuJb3acSbwPUrk6AP0eyfY-LTznD88jtSaAQ1bhjg8.js

Requested by

Host: vpnstuff.net
URL: https://vpnstuff.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a69b896f769c49bc0f52b93a00fd1ec9f63e2d3ce70fcf23b526804356e18e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 17:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14239
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 17:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 17:33:11 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4BFC 9 KB
774 B 58ms
57ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:300,400|Roboto:300,400,500&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=972752042&pi=t.aa~a.2691541445~rp.4&w=630&lmt=1676501243&nsk=2c9f9172&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=2&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280&nras=3&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=elwgBxkejK&p=https%3A//vpnstuff.net&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

992f8c2d291366ab7310e20ae8b8b970b1ce77622220a5d20fc84cf25d0030f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Feb 2023 18:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 18:08:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Feb 2023 18:08:43 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4BFC 9 KB
774 B 60ms
59ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:300,400|Roboto:300,400,500&text=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

992f8c2d291366ab7310e20ae8b8b970b1ce77622220a5d20fc84cf25d0030f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Feb 2023 18:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 18:08:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Feb 2023 18:08:43 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 4BFC 35 KB
14 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5481534bfa877f092089a267737ce064f75292afce0acb18956e0e2bd2dffa82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 18:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14095
x-xss-protection: 0
server: cafe
etag: 4132495698818969146
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 18:54:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4BFC 156 KB
48 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 18:08:43 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/ Frame 4BFC 22 KB
9 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e4d1d7a07ea6fddd6ab116e27bc0e074f5fe6ad6c89f719a515ae9c80436b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16637
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8846
x-xss-protection: 0
server: cafe
etag: 8106178524699001248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 13:31:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 4BFC 3 KB
1 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 13:41:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 4BFC 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16637
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8316
x-xss-protection: 0
server: cafe
etag: 7067238764211672077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 13:31:26 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4BFC 0
0 57ms
56ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSWK54kwNzO2XbiSTkV52Q4iFVW52sZ2Fkgnfrp2D-kzF77xfTnK1HF0PXZWyOhwccsbQQGEBCBRtBq-Ifo5irxrIz0SQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=972752042&pi=t.aa~a.2691541445~rp.4&w=630&lmt=1676501243&nsk=2c9f9172&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=2&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280&nras=3&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=elwgBxkejK&p=https%3A//vpnstuff.net&dtd=21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 200 css
fonts.googleapis.com/ Frame 0BCB 9 KB
774 B 59ms
59ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:300,400|Roboto:300,400,500&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=4068077400&pi=t.aa~a.8993076~rp.4&w=630&lmt=1676501243&nsk=20926e7b&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121&nras=4&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V4XbneyTCx&p=https%3A//vpnstuff.net&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

992f8c2d291366ab7310e20ae8b8b970b1ce77622220a5d20fc84cf25d0030f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Feb 2023 18:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 18:08:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Feb 2023 18:08:43 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0BCB 9 KB
774 B 61ms
59ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:300,400|Roboto:300,400,500&text=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=4068077400&pi=t.aa~a.8993076~rp.4&w=630&lmt=1676501243&nsk=20926e7b&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121&nras=4&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V4XbneyTCx&p=https%3A//vpnstuff.net&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

992f8c2d291366ab7310e20ae8b8b970b1ce77622220a5d20fc84cf25d0030f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Feb 2023 18:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 18:08:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Feb 2023 18:08:43 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 0BCB 35 KB
14 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=4068077400&pi=t.aa~a.8993076~rp.4&w=630&lmt=1676501243&nsk=20926e7b&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121&nras=4&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V4XbneyTCx&p=https%3A//vpnstuff.net&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5481534bfa877f092089a267737ce064f75292afce0acb18956e0e2bd2dffa82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 18:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14095
x-xss-protection: 0
server: cafe
etag: 4132495698818969146
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 18:54:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0BCB 156 KB
48 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=4068077400&pi=t.aa~a.8993076~rp.4&w=630&lmt=1676501243&nsk=20926e7b&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121&nras=4&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V4XbneyTCx&p=https%3A//vpnstuff.net&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 18:08:43 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 475F 9 KB
774 B 59ms
58ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:300,400|Roboto:300,400,500&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=1307324834&pi=t.aa~a.1751628239~rp.4&w=630&lmt=1676501243&nsk=ae8678aa&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1943&idt=0&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121%2C630x121&nras=5&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5tIRWrdlYr&p=https%3A//vpnstuff.net&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

992f8c2d291366ab7310e20ae8b8b970b1ce77622220a5d20fc84cf25d0030f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Feb 2023 18:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 18:08:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Feb 2023 18:08:43 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 475F 9 KB
774 B 60ms
59ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:300,400|Roboto:300,400,500&text=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=1307324834&pi=t.aa~a.1751628239~rp.4&w=630&lmt=1676501243&nsk=ae8678aa&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1943&idt=0&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121%2C630x121&nras=5&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5tIRWrdlYr&p=https%3A//vpnstuff.net&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

992f8c2d291366ab7310e20ae8b8b970b1ce77622220a5d20fc84cf25d0030f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Feb 2023 18:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 18:08:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Feb 2023 18:08:43 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 475F 35 KB
14 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=1307324834&pi=t.aa~a.1751628239~rp.4&w=630&lmt=1676501243&nsk=ae8678aa&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1943&idt=0&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121%2C630x121&nras=5&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5tIRWrdlYr&p=https%3A//vpnstuff.net&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5481534bfa877f092089a267737ce064f75292afce0acb18956e0e2bd2dffa82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 18:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14095
x-xss-protection: 0
server: cafe
etag: 4132495698818969146
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 18:54:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 475F 156 KB
48 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=1307324834&pi=t.aa~a.1751628239~rp.4&w=630&lmt=1676501243&nsk=ae8678aa&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1943&idt=0&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121%2C630x121&nras=5&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5tIRWrdlYr&p=https%3A//vpnstuff.net&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 18:08:43 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/ Frame 475F 22 KB
9 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=1307324834&pi=t.aa~a.1751628239~rp.4&w=630&lmt=1676501243&nsk=ae8678aa&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1943&idt=0&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121%2C630x121&nras=5&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5tIRWrdlYr&p=https%3A//vpnstuff.net&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e4d1d7a07ea6fddd6ab116e27bc0e074f5fe6ad6c89f719a515ae9c80436b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16637
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8846
x-xss-protection: 0
server: cafe
etag: 8106178524699001248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 13:31:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 475F 3 KB
1 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=1307324834&pi=t.aa~a.1751628239~rp.4&w=630&lmt=1676501243&nsk=ae8678aa&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1943&idt=0&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121%2C630x121&nras=5&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5tIRWrdlYr&p=https%3A//vpnstuff.net&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 13:41:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 475F 20 KB
8 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=1307324834&pi=t.aa~a.1751628239~rp.4&w=630&lmt=1676501243&nsk=ae8678aa&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1943&idt=0&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121%2C630x121&nras=5&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5tIRWrdlYr&p=https%3A//vpnstuff.net&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16637
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8316
x-xss-protection: 0
server: cafe
etag: 7067238764211672077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 13:31:26 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 475F 0
0 57ms
56ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQA0T3C695YPN5KnwoTZVC39BzEqtqmaHAE-L4AgR_wKqjHbBP8avyG8sX9Ud0xQ0WInmui7yfzMper6MU4rykqMd6TvQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=1307324834&pi=t.aa~a.1751628239~rp.4&w=630&lmt=1676501243&nsk=ae8678aa&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1943&idt=0&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121%2C630x121&nras=5&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5tIRWrdlYr&p=https%3A//vpnstuff.net&dtd=29
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/ Frame 0BCB 22 KB
9 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=4068077400&pi=t.aa~a.8993076~rp.4&w=630&lmt=1676501243&nsk=20926e7b&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121&nras=4&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V4XbneyTCx&p=https%3A//vpnstuff.net&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e4d1d7a07ea6fddd6ab116e27bc0e074f5fe6ad6c89f719a515ae9c80436b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16637
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8846
x-xss-protection: 0
server: cafe
etag: 8106178524699001248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 13:31:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 0BCB 3 KB
1 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=4068077400&pi=t.aa~a.8993076~rp.4&w=630&lmt=1676501243&nsk=20926e7b&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121&nras=4&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V4XbneyTCx&p=https%3A//vpnstuff.net&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 13:41:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 0BCB 20 KB
8 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=4068077400&pi=t.aa~a.8993076~rp.4&w=630&lmt=1676501243&nsk=20926e7b&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121&nras=4&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V4XbneyTCx&p=https%3A//vpnstuff.net&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16637
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8316
x-xss-protection: 0
server: cafe
etag: 7067238764211672077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 13:31:26 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0BCB 0
0 60ms
58ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQPWMU5Vfr8WIPDxY9lVnzoWi1vt3kQNCEBNVYEQ2CKW70PR7nibv1GiP4WBrpiDJFJeRigCSwX19LUJKdTuu_f6XKfcA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=4068077400&pi=t.aa~a.8993076~rp.4&w=630&lmt=1676501243&nsk=20926e7b&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121&nras=4&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V4XbneyTCx&p=https%3A//vpnstuff.net&dtd=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4342469808852200983/ Frame 4BFC 7 KB
8 KB 31ms
31ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4342469808852200983/14763004658117789537?sqp=4sqPyQSUAUKRAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhgIxwEQaBgBIAEtAAAAPzDIAThoRQAAgD8&rs=AOga4qmuoE5CL134dXHQUDPmkEa7NMSqNg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09378701accdd1ba2c603e8b67e01e40101803acbdcd0a1c20ba8dd800b32dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 01:15:59 GMT
x-content-type-options: nosniff
age: 60764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7673
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 04:29:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 16 Feb 2024 01:15:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4BFC 0
0 68ms
67ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cb0q2KnHuY8OvO4e4iwOLwa-wBq3216xug7eataAO_ePmwLslEAEg98GGeWCRBKABjezk2QLIAQapAtjz8S8t_6g-qAMByAPLBKoE9AFP0Np9b_Fy337uYiQ2RAZlJbCxPFqy79OG0UYKulIw5hkcVWYAmreqGiEeEUhtXrZo3yCMic1pgNHc7aTLPBH42eK-ci02fd01iJG9XOQ_VzQEpJqdIcd4o61k513G1fvzNo9x5UaZ88taxqaMQmrmyPqz8FxE5YkirIKqIhrI5heb7r4YhExQPgVuvSPvYNpUTkUXOvGsjWFWC4PraunnnND16VwsVwDmkxCMry765vPmY_uqqMpY8Ep38rpeYIvcZP2Dv0bd2jdovAx_PsnQo3O5mx30c6grgEu9RShMHQQ4Eyz3w0DutTHHzfD_neN0dq81wATgwp3M5gOSBQQIBBgBkgUECAUYBKAGN4AH25ObpgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCqmwLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUCtAVAYAXAbIXHAoaCAASFHB1Yi04OTc5NjE5NDQ2NzgxMjcyGAA&sigh=YmPOPYdRVww&uach_m=[UACH]&cid=CAQSOwDUE5ymH-wBG7UD6Pcf7JlhYSLWlouDDEC-ABzFaNWLHMU8PTluVomR_F3epMxJlJ8UuB4o8nNmDze8GAE&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=972752042&pi=t.aa~a.2691541445~rp.4&w=630&lmt=1676501243&nsk=2c9f9172&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=2&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280&nras=3&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=elwgBxkejK&p=https%3A//vpnstuff.net&dtd=21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 16 Feb 2023 18:08:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9D17 143 B
166 B 20ms
20ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=972752042&pi=t.aa~a.2691541445~rp.4&w=630&lmt=1676501243&nsk=2c9f9172&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=2&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280&nras=3&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=elwgBxkejK&p=https%3A//vpnstuff.net&dtd=21
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1305
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 17:46:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2136 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 12326
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 14:43:17 GMT
etag: 48472445140208031
expires: Fri, 17 Feb 2023 14:43:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4BFC 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86d35ac82dbd88d25ba613b73ac156fd953a8b8afa3ce925aefe3f964fa8c242

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4BFC 16 KB
16 KB 34ms
33ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:300,400|Roboto:300,400,500&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 05:21:08 GMT
x-content-type-options: nosniff
age: 46055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 05:21:08 GMT

GET
H3 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ Frame 4BFC 35 KB
35 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:300,400|Roboto:300,400,500&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:02:34 GMT
x-content-type-options: nosniff
age: 369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35904
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 18:02:34 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4342469808852200983/ Frame 0BCB 7 KB
8 KB 30ms
30ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=4068077400&pi=t.aa~a.8993076~rp.4&w=630&lmt=1676501243&nsk=20926e7b&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121&nras=4&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V4XbneyTCx&p=https%3A//vpnstuff.net&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09378701accdd1ba2c603e8b67e01e40101803acbdcd0a1c20ba8dd800b32dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 01:15:59 GMT
x-content-type-options: nosniff
age: 60764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7673
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 04:29:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 16 Feb 2024 01:15:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0BCB 0
0 64ms
64ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cc6P4KnHuY_TDO4ScngXPt5DgBa3216xug7eataAO_ePmwLslEAEg98GGeWCRBKABjezk2QLIAQapAtjz8S8t_6g-qAMByAPLBKoE9AFP0IHF4lxFaLPLQXRNIoaJxexOjVeODDSPk69Jd2D9zrq2DKUY7vURSpKgjklVGjZzLDXs4WZhhWeUyvQHDLQCgrESz-KPwIRUhAnEWcxalUZxnLpIsJQE5B4SgEKBEsJt9lMxAfSruuECgjn0xSyB3QLLlyO0RRXMMIarw7c9LWUtDzqIKPGKZYntOwo5MdotrD1Y3xW3b1D1FM3QyrGHXmsTUZahKNXvT-8rZUdearfa4MkLYJ-MP2f-fbIgXfyqq0ACwm5xBHaHee9BnLz90FWQNhuOr_ESDGFwgTl9fZt97lSVUssqQu-Zui4IKlsg63-9wATgwp3M5gOSBQQIBBgBkgUECAUYBKAGN4AH25ObpgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC4pgHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUCtAVAYAXAbIXHAoaCAASFHB1Yi04OTc5NjE5NDQ2NzgxMjcyGAA&sigh=LCgvVJlsnWU&uach_m=[UACH]&cid=CAQSOwDUE5ymXdgEfAluRineB9POSumQwkYPoOL0bU--Dkjb1Z_Ov4_NtTjtjuBD_f3-IPfIQVZJ9PHetuhdGAE&template_id=492

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=4068077400&pi=t.aa~a.8993076~rp.4&w=630&lmt=1676501243&nsk=20926e7b&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121&nras=4&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V4XbneyTCx&p=https%3A//vpnstuff.net&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=4068077400&pi=t.aa~a.8993076~rp.4&w=630&lmt=1676501243&nsk=20926e7b&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121&nras=4&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V4XbneyTCx&p=https%3A//vpnstuff.net&dtd=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 16 Feb 2023 18:08:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 93DE 143 B
166 B 20ms
19ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=4068077400&pi=t.aa~a.8993076~rp.4&w=630&lmt=1676501243&nsk=20926e7b&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121&nras=4&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V4XbneyTCx&p=https%3A//vpnstuff.net&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=4068077400&pi=t.aa~a.8993076~rp.4&w=630&lmt=1676501243&nsk=20926e7b&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121&nras=4&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V4XbneyTCx&p=https%3A//vpnstuff.net&dtd=25
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1305
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 17:46:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DA3D 1 KB
643 B 20ms
19ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=4068077400&pi=t.aa~a.8993076~rp.4&w=630&lmt=1676501243&nsk=20926e7b&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121&nras=4&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V4XbneyTCx&p=https%3A//vpnstuff.net&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 12326
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 14:43:17 GMT
etag: 48472445140208031
expires: Fri, 17 Feb 2023 14:43:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4342469808852200983/ Frame 475F 7 KB
8 KB 31ms
30ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=1307324834&pi=t.aa~a.1751628239~rp.4&w=630&lmt=1676501243&nsk=ae8678aa&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1943&idt=0&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121%2C630x121&nras=5&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5tIRWrdlYr&p=https%3A//vpnstuff.net&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09378701accdd1ba2c603e8b67e01e40101803acbdcd0a1c20ba8dd800b32dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 01:15:59 GMT
x-content-type-options: nosniff
age: 60764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7673
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 04:29:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 16 Feb 2024 01:15:59 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 475F 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=glaurung&r=0&d=3&gqid=KnHuY-3TNqaemLAP3L26wAQ&qqid=CKz1t7LRmv0CFW-DfwQdbXYKmw&com=bridge

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=1307324834&pi=t.aa~a.1751628239~rp.4&w=630&lmt=1676501243&nsk=ae8678aa&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1943&idt=0&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121%2C630x121&nras=5&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5tIRWrdlYr&p=https%3A//vpnstuff.net&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0BCB 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24faf77d5a17580beb5fc90fdf3f7aecf5336fd0b3c1fb32e8a76e9170fcfc05

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0BCB 16 KB
16 KB 31ms
31ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:300,400|Roboto:300,400,500&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 05:21:08 GMT
x-content-type-options: nosniff
age: 46055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 05:21:08 GMT

GET
H3 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ Frame 0BCB 35 KB
35 KB 35ms
35ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:300,400|Roboto:300,400,500&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:02:34 GMT
x-content-type-options: nosniff
age: 369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35904
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 18:02:34 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 475F 16 KB
16 KB 34ms
34ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:300,400|Roboto:300,400,500&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 05:21:08 GMT
x-content-type-options: nosniff
age: 46055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 05:21:08 GMT

GET
H3 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ Frame 475F 35 KB
35 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:300,400|Roboto:300,400,500&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:02:34 GMT
x-content-type-options: nosniff
age: 369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35904
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 18:02:34 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 475F 0
0 64ms
63ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgOi3KnHuY6y4O--G_tMP7eyp2Amt9tesboO3mrWgDv3j5sC7JRABIPfBhnlgkQSgAY3s5NkCyAEGqQLY8_EvLf-oPqgDAcgDywSqBPQBT9D3C8InBL3n9r-mT28mg66QlaCjWCQJTJ4ynHSibV6WvAmhIixxQ1ONYU_7SPnzTLQBB-M5vX78iNgi_8RpjPtqWjPilhLmQABT01ffVMh3kwYY1vW8AYBwMHg2UsVfD1Esa1xDN0O9lJNbDf2ycac5xCBVkyMRXv0mcD5_2fAsJPrAkkwtAMdQkSYQeGVAOYXHi518xMrhi_hz9xzgW24F9q4iCS54YvaPLXoQCHfnWHCPyyKqlkxXqllTZ7-aMlROKG5Su6VkGnmUIHzmnLR4iYkbVbkemF8oeu8uck3xW0UnPsMLnt_HD2Tp6DP7VZHQ68AE4MKdzOYDkgUECAQYAZIFBAgFGASgBjeAB9uTm6YBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQyaYB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFArQFQGAFwGyFxwKGggAEhRwdWItODk3OTYxOTQ0Njc4MTI3MhgA&sigh=lMjr2HWCS_k&uach_m=[UACH]&cid=CAQSOwDUE5ym9XUpEOVjtBKtwusKUWzDgbcuZqC5cO8_yqd-surshaWtQrlOMkcm7HIUQI4HE2U4o7FLYIqAGAE&template_id=492&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=1307324834&pi=t.aa~a.1751628239~rp.4&w=630&lmt=1676501243&nsk=ae8678aa&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1943&idt=0&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121%2C630x121&nras=5&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5tIRWrdlYr&p=https%3A//vpnstuff.net&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=1307324834&pi=t.aa~a.1751628239~rp.4&w=630&lmt=1676501243&nsk=ae8678aa&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1943&idt=0&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121%2C630x121&nras=5&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5tIRWrdlYr&p=https%3A//vpnstuff.net&dtd=29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 16 Feb 2023 18:08:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B2AE 143 B
166 B 22ms
22ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=1307324834&pi=t.aa~a.1751628239~rp.4&w=630&lmt=1676501243&nsk=ae8678aa&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1943&idt=0&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121%2C630x121&nras=5&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5tIRWrdlYr&p=https%3A//vpnstuff.net&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=1307324834&pi=t.aa~a.1751628239~rp.4&w=630&lmt=1676501243&nsk=ae8678aa&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1943&idt=0&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121%2C630x121&nras=5&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5tIRWrdlYr&p=https%3A//vpnstuff.net&dtd=29
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1305
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 17:46:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 300D 1 KB
643 B 23ms
22ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=1307324834&pi=t.aa~a.1751628239~rp.4&w=630&lmt=1676501243&nsk=ae8678aa&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1943&idt=0&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121%2C630x121&nras=5&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5tIRWrdlYr&p=https%3A//vpnstuff.net&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 12326
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 14:43:17 GMT
etag: 48472445140208031
expires: Fri, 17 Feb 2023 14:43:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 475F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7af41e42ed4135409186d6a3c877bc23605cdc2295333f351a3f9c76a8204fae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2136
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBfedRVQMdkq5Ipz_h9vFW8&google_cver=1&google_push=Aa02lx_KFK7CVt5dza_Fx0WBonoSl7e1qwvLfyhKXgIyiUovVzfBJrkpIcmEs7aW7bdH5mmsgFtJwjvJ3k452IhrmWja...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBfedRVQMdkq5Ipz_h9vFW8&google_cver=1&google_push=Aa02lx_KFK7CVt5dza_Fx0WBonoSl7e1qwvLfyhKXgIyiUovVzfBJrkpIcmEs7aW7bdH5mmsgFtJwjvJ3k452I...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_KFK7CVt5dza_Fx0WBonoSl7e1qwvLfyhKXgIyiUovVzfBJrkpIcmEs7aW7bdH5mmsgFtJwjvJ3k452IhrmWjax5401naNP1c&google_hm=GaZXSGaUTvuR92lahmVD...

170 B
188 B

49ms
48ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_KFK7CVt5dza_Fx0WBonoSl7e1qwvLfyhKXgIyiUovVzfBJrkpIcmEs7aW7bdH5mmsgFtJwjvJ3k452IhrmWjax5401naNP1c&google_hm=GaZXSGaUTvuR92lahmVDTg==

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_KFK7CVt5dza_Fx0WBonoSl7e1qwvLfyhKXgIyiUovVzfBJrkpIcmEs7aW7bdH5mmsgFtJwjvJ3k452IhrmWjax5401naNP1c&google_hm=GaZXSGaUTvuR92lahmVDTg==
date: Thu, 16 Feb 2023 18:08:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2136
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx8Qx3IG...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx8Qx3IG...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAyMTYxODA4NDQwMDA0OTUwMzM4NzEzMg%3D%3D&google_push=Aa02lx8Qx3IGat68Owrg63FWM0yuuil2o0zwIdlAV8kJGj9sxsNUSozgqlLRA_KCWMCn1I...

170 B
188 B

30ms
30ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAyMTYxODA4NDQwMDA0OTUwMzM4NzEzMg%3D%3D&google_push=Aa02lx8Qx3IGat68Owrg63FWM0yuuil2o0zwIdlAV8kJGj9sxsNUSozgqlLRA_KCWMCn1I4lAtWnisJ_eFqihe9F5MiqztLmNkX-LA

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAyMTYxODA4NDQwMDA0OTUwMzM4NzEzMg%3D%3D&google_push=Aa02lx8Qx3IGat68Owrg63FWM0yuuil2o0zwIdlAV8kJGj9sxsNUSozgqlLRA_KCWMCn1I4lAtWnisJ_eFqihe9F5MiqztLmNkX-LA
pragma: no-cache
date: Thu, 16 Feb 2023 18:08:44 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Thu, 16 Feb 2023 18:08:44 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 2136 42 B
213 B 105ms
20ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEKngVj61yo1101UsM3HoTYc&google_push=Aa02lx9LFziYrNPKOLnjvlL5L59HpfjUIKnR_tf55WJRPb7oaMcLvRcAIQ9UMdsORf21Jc89xp5_iL24qjXgETyXuyskva1arjnicg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=972752042&pi=t.aa~a.2691541445~rp.4&w=630&lmt=1676501243&nsk=2c9f9172&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=2&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280&nras=3&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=elwgBxkejK&p=https%3A//vpnstuff.net&dtd=21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:43 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 dds
rtb.openx.net/sync/ Frame 2136 43 B
351 B 90ms
22ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEOMv2iqLb9Ss2bzi2Sxhsz8&google_cver=1&google_push=Aa02lx94CpTew0v8a0o9-wEOu8GhKAmD3LmCc3ORI6oYc_n1msBBViG1_g3COQtO2j3GJydunPkbk9zldBoJzSZr6BdGIgvXQodKG4E
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=972752042&pi=t.aa~a.2691541445~rp.4&w=630&lmt=1676501243&nsk=2c9f9172&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=2&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280&nras=3&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=elwgBxkejK&p=https%3A//vpnstuff.net&dtd=21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:43 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 7or3rert1slk41g9mgjka3qie5kklfm7

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2136
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGNen0xvdLew-rLxKQydEz8&google_cver=1&google_push=Aa02lx8uIVKqmJDVODrAGb0iBG9rBoSdZZayv6EKpUFhC-GonzgFIaaS8a11a4LsjhUn97fyN2Kc8zJzBcoRhFoc...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8uIVKqmJDVODrAGb0iBG9rBoSdZZayv6EKpUFhC-GonzgFIaaS8a11a4LsjhUn97fyN2Kc8zJzBcoRhFoc6vd9BEGziZ_57Sk

170 B
329 B

31ms
30ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8uIVKqmJDVODrAGb0iBG9rBoSdZZayv6EKpUFhC-GonzgFIaaS8a11a4LsjhUn97fyN2Kc8zJzBcoRhFoc6vd9BEGziZ_57Sk

Requested by

Host: vpnstuff.net
URL: https://vpnstuff.net/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 16 Feb 2023 18:08:43 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C1
x-cache: GeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8uIVKqmJDVODrAGb0iBG9rBoSdZZayv6EKpUFhC-GonzgFIaaS8a11a4LsjhUn97fyN2Kc8zJzBcoRhFoc6vd9BEGziZ_57Sk
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: ZrgONJLirj41VV5iG3xgZUMr0VXRV5AqurfHhGDmY5Q-GEs6UkQoAA==

GET
H2

200

/
onetag-sys.com/match/ Frame 2136
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHmNiN8Pc2N3myVerpeS8xo&google_cver=1&google_push=Aa02lx9d8aPxQqwe2z9oZYqCVmkKNoDGjKvpG9qhjjkf6wK4lxPmr3HtLlGSS1OEk4WMJm-vqwc-qnaRE3C...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9d8aPxQqwe2z9oZYqCVmkKNoDGjKvpG9qhjjkf6wK4lxPmr3HtLlGSS1OEk4WMJm-vqwc-qnaRE3CvhpeHYCgaCJM7mfMAXwa_
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

25ms
22ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: vpnstuff.net
URL: https://vpnstuff.net/

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2136
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBbD3mHVA...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBb...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=19a65748-6694-4efb-91f7-695a8665434e&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

32ms
31ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=19a65748-6694-4efb-91f7-695a8665434e&%%GOOGLE_PUSH_PAIR%%

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=19a65748-6694-4efb-91f7-695a8665434e&%%GOOGLE_PUSH_PAIR%%
date: Thu, 16 Feb 2023 18:08:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2136 0
139 B 94ms
28ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LBS2GDQlX2ctDnHkmHjYXyZhmF3iq4xx_hpbCgeINztnORHtfZUK1rQsKsrRyEbEl_gZgg2dI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame DA3D 0
104 B 145ms
25ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEK4pTRdXByx_zdMA1YI6IaY&google_cver=1&google_push=Aa02lx_vQZpoQwQZ3-nGYtQb5jfH-W6akrP-74bs0Xz_Ij_saY7sW93LZaS6LfWZhc1Vevd1L7SkKVK1uESspDZj67rReO0Si2Qn-wWG9ciFCPGTc7JYGmIyQwx1fyysqj2TnbkF-2UsgaW5lBHC9PvucHqW
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=4068077400&pi=t.aa~a.8993076~rp.4&w=630&lmt=1676501243&nsk=20926e7b&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121&nras=4&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V4XbneyTCx&p=https%3A//vpnstuff.net&dtd=25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:43 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame DA3D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKGjR7HYfgP4FGxZt5EtniM&google_cver=1&google_push=Aa02lx-24esGfufJaNTvHPkQIR9qcrugw6aeeceSfzhodr5nVIo0UIKT45T3w2Ew_8fEwyie8wt5ceMZOn9ktUxY-jnghvPR1rHEV...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKGjR7HYfgP4FGxZt5EtniM&google_cver=1&google_push=Aa02lx-24esGfufJaNTvHPkQIR9qcrugw6aeeceSfzhodr5nVIo0UIKT45T3w2Ew_8fEwyie8wt5ceMZOn9ktUxY-jnghvPR1rH...

43 B
439 B

267ms
252ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKGjR7HYfgP4FGxZt5EtniM&google_cver=1&google_push=Aa02lx-24esGfufJaNTvHPkQIR9qcrugw6aeeceSfzhodr5nVIo0UIKT45T3w2Ew_8fEwyie8wt5ceMZOn9ktUxY-jnghvPR1rHEVKKEAQERfWnlXmCqVOYyny1MulBV4w-pUDeG4FZ1ud-WTOTBTQ5L_m5Wbw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-24esGfufJaNTvHPkQIR9qcrugw6aeeceSfzhodr5nVIo0UIKT45T3w2Ew_8fEwyie8wt5ceMZOn9ktUxY-jnghvPR1rHEVKKEAQERfWnlXmCqVOYyny1MulBV4w-pUDeG4FZ1ud-WTOTBTQ5L_m5Wbw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:44 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79a83af20e823624-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:43 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 647
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKGjR7HYfgP4FGxZt5EtniM&google_cver=1&google_push=Aa02lx-24esGfufJaNTvHPkQIR9qcrugw6aeeceSfzhodr5nVIo0UIKT45T3w2Ew_8fEwyie8wt5ceMZOn9ktUxY-jnghvPR1rHEVKKEAQERfWnlXmCqVOYyny1MulBV4w-pUDeG4FZ1ud-WTOTBTQ5L_m5Wbw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-24esGfufJaNTvHPkQIR9qcrugw6aeeceSfzhodr5nVIo0UIKT45T3w2Ew_8fEwyie8wt5ceMZOn9ktUxY-jnghvPR1rHEVKKEAQERfWnlXmCqVOYyny1MulBV4w-pUDeG4FZ1ud-WTOTBTQ5L_m5Wbw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79a83af0ab7e3624-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DA3D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHtZuP3l32M5lrdcjZLhyIo&google_cver=1&google_push=Aa02lx8ROlJvqW2ad9SlwZNB_312N6AqHWs13KAmBhvnPyUUMvAmFjTq7qVpMUqKBA_qA67dIi3wsXYjEJvb2AYFyHLx5LR...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8ROlJvqW2ad9SlwZNB_312N6AqHWs13KAmBhvnPyUUMvAmFjTq7qVpMUqKBA_qA67dIi3wsXYjEJvb2AYFyHLx5LRquSapPPbU04gktBaEVn5j1pM05gaj_-BLN_cfY...

170 B
188 B

33ms
30ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8ROlJvqW2ad9SlwZNB_312N6AqHWs13KAmBhvnPyUUMvAmFjTq7qVpMUqKBA_qA67dIi3wsXYjEJvb2AYFyHLx5LRquSapPPbU04gktBaEVn5j1pM05gaj_-BLN_cfYYnTwRxuEXW5tgERxwjRbdAfIw&google_hm=eS1WNGJPWm1wRTJwRmJDVGUueTJVeWlNUDQwcVFvbzk3d35B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=4068077400&pi=t.aa~a.8993076~rp.4&w=630&lmt=1676501243&nsk=20926e7b&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121&nras=4&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V4XbneyTCx&p=https%3A//vpnstuff.net&dtd=25

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 16 Feb 2023 18:08:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8ROlJvqW2ad9SlwZNB_312N6AqHWs13KAmBhvnPyUUMvAmFjTq7qVpMUqKBA_qA67dIi3wsXYjEJvb2AYFyHLx5LRquSapPPbU04gktBaEVn5j1pM05gaj_-BLN_cfYYnTwRxuEXW5tgERxwjRbdAfIw&google_hm=eS1WNGJPWm1wRTJwRmJDVGUueTJVeWlNUDQwcVFvbzk3d35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DA3D
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOusHouNb6BlgY8cDxgM-e4&google_cver=1&google_push=Aa02lx9cAC-Hsbvuujg6ERxZw_h4qxLGmktO11N1paK3ScEdwXSYJrIpLPr1FVqe9fxawXty1VsavBwq...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOusHouNb6BlgY8cDxgM-e4&google_cver=1&google_push=Aa02lx9cAC-Hsbvuujg6ERxZw_h4qxLGmktO11N1paK3ScEdwXSYJrIpLPr1FVqe9fxawXty1Vs...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjIyNTMwODE5Mjk3OTU1MDI1NA&google_push=Aa02lx9cAC-Hsbvuujg6ERxZw_h4qxLGmktO11N1paK3ScEdwXSYJrIpLPr1FVqe9fxawXty1VsavB...

170 B
188 B

32ms
30ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjIyNTMwODE5Mjk3OTU1MDI1NA&google_push=Aa02lx9cAC-Hsbvuujg6ERxZw_h4qxLGmktO11N1paK3ScEdwXSYJrIpLPr1FVqe9fxawXty1VsavBwq49WUzOPJh73d8xv5C1Yp2sYZvehK9LHtux0bcb_oYKNGtaCqGIk_64TXbyt2PXxmUPvg2NEimrnYFQ

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjIyNTMwODE5Mjk3OTU1MDI1NA&google_push=Aa02lx9cAC-Hsbvuujg6ERxZw_h4qxLGmktO11N1paK3ScEdwXSYJrIpLPr1FVqe9fxawXty1VsavBwq49WUzOPJh73d8xv5C1Yp2sYZvehK9LHtux0bcb_oYKNGtaCqGIk_64TXbyt2PXxmUPvg2NEimrnYFQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DA3D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Mc6h5xU0RmuKD9WISntL7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

30ms
30ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Mc6h5xU0RmuKD9WISntL7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8UT87wV775rzDuA4dUjqNTE1GpMyrV1lNfukRhRME3bC8s40QbhAl5cCsNA2UQrbEiTORvIa7heFdXFId4QxuU9suqkcxaIAc5DbT-qZq6MfEQ0vT8FcJI7uUV1-SHURi5wayq8jNGUFFnDUiwDBOwyg

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Mc6h5xU0RmuKD9WISntL7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8UT87wV775rzDuA4dUjqNTE1GpMyrV1lNfukRhRME3bC8s40QbhAl5cCsNA2UQrbEiTORvIa7heFdXFId4QxuU9suqkcxaIAc5DbT-qZq6MfEQ0vT8FcJI7uUV1-SHURi5wayq8jNGUFFnDUiwDBOwyg
date: Thu, 16 Feb 2023 18:08:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DA3D
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPio5pbKXHCc2y-sNWeHX-U&google_cver=1&google_push=Aa02lx9G5CDDBlUt4e5-IdwGhrvnM9F7EG7qF6hgEJjMFPfWSM8COKWDCj1n3zKfL1dymmQfCfyMQ5zyCxiO0VdGMmHDpIhOBO...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx9G5CDDBlUt4e5-IdwGhrvnM9F7EG7qF6hgEJjMFPfWSM8COKWDCj1n3zKfL1dymmQfCfyMQ5zyCxiO0VdGMmHDpIhOBO6...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDE1Njk2NzQwODQ0NTU3NDQzMTcxMQ%3D%3D&google_push=Aa02lx9G5CDDBlUt4e5-IdwGhrvnM9F7EG7qF6hgEJjMFPfWSM8COKWD...

170 B
188 B

32ms
31ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDE1Njk2NzQwODQ0NTU3NDQzMTcxMQ%3D%3D&google_push=Aa02lx9G5CDDBlUt4e5-IdwGhrvnM9F7EG7qF6hgEJjMFPfWSM8COKWDCj1n3zKfL1dymmQfCfyMQ5zyCxiO0VdGMmHDpIhOBO6Tbn9QTV9c0GWK8APpQCKM-8OWiNLEFkRLcyqDE4SmskubkpMhLQBjZG_38Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=4068077400&pi=t.aa~a.8993076~rp.4&w=630&lmt=1676501243&nsk=20926e7b&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121&nras=4&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V4XbneyTCx&p=https%3A//vpnstuff.net&dtd=25

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDE1Njk2NzQwODQ0NTU3NDQzMTcxMQ%3D%3D&google_push=Aa02lx9G5CDDBlUt4e5-IdwGhrvnM9F7EG7qF6hgEJjMFPfWSM8COKWDCj1n3zKfL1dymmQfCfyMQ5zyCxiO0VdGMmHDpIhOBO6Tbn9QTV9c0GWK8APpQCKM-8OWiNLEFkRLcyqDE4SmskubkpMhLQBjZG_38Q
date: Thu, 16 Feb 2023 18:08:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DA3D
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBbD3mHVA...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBb...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=19a65748-6694-4efb-91f7-695a8665434e&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

31ms
30ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=19a65748-6694-4efb-91f7-695a8665434e&%%GOOGLE_PUSH_PAIR%%

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=19a65748-6694-4efb-91f7-695a8665434e&%%GOOGLE_PUSH_PAIR%%
date: Thu, 16 Feb 2023 18:08:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame DA3D 0
40 B 84ms
30ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KEowr1LmVP1O7GfhGBz26eYRKhJ1TNRIVUtryI0F57kqovKjtubUOaEOZ_g1TJeMqcyiRe9Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=4068077400&pi=t.aa~a.8993076~rp.4&w=630&lmt=1676501243&nsk=20926e7b&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121&nras=4&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V4XbneyTCx&p=https%3A//vpnstuff.net&dtd=25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9D17
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

28ms
28ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 18:08:43 GMT
expires: Thu, 16 Feb 2023 18:08:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 18:08:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ppuJb3acSbwPUrk6AP0eyfY-LTznD88jtSaAQ1bhjg8.js Show response
pagead2.googlesyndication.com/bg/ Frame 71E6 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppuJb3acSbwPUrk6AP0eyfY-LTznD88jtSaAQ1bhjg8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a69b896f769c49bc0f52b93a00fd1ec9f63e2d3ce70fcf23b526804356e18e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 17:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14239
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 17:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 17:33:11 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 93DE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

40ms
39ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=4068077400&pi=t.aa~a.8993076~rp.4&w=630&lmt=1676501243&nsk=20926e7b&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121&nras=4&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V4XbneyTCx&p=https%3A//vpnstuff.net&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 18:08:43 GMT
expires: Thu, 16 Feb 2023 18:08:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 18:08:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 300D 35 B
464 B 80ms
22ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELPg51nSi4jYQtBitKx5oW8&google_cver=1&google_push=Aa02lx_4uPKLrFFPX0Ql7JmpoSJmBY4G1KwCGtfBwafJxxZnplTu4Up0DjkWa496AHJOiuW2BiQEfioj2iqdla7RUwocX0pOgXtpdufzZbOufFooP92oaShRYATKq_Fnrr3rhNz16I8koNWo07kMrtOIJaKd8A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=1307324834&pi=t.aa~a.1751628239~rp.4&w=630&lmt=1676501243&nsk=ae8678aa&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1943&idt=0&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121%2C630x121&nras=5&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5tIRWrdlYr&p=https%3A//vpnstuff.net&dtd=29

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:43 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 300D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI0oAlkzeWNHjyA0vuhHkn4&google_cver=1&google_push=Aa02lx8oT2eFfOy6SD_EqHt6PL1w0_VATmUDQ6C4gIvi3j_guqo3IWZlJp2IqkQ6-v0Lct-XU7G...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU3RjFHMkstMjItQTFSTw==&google_push=Aa02lx8oT2eFfOy6SD_EqHt6PL1w0_VATmUDQ6C4gIvi3j_guqo3IWZlJp2IqkQ6-v0Lct-XU7G7J0iRiC4E-bl0cG8SgGIEdAv6V...

170 B
188 B

33ms
30ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU3RjFHMkstMjItQTFSTw==&google_push=Aa02lx8oT2eFfOy6SD_EqHt6PL1w0_VATmUDQ6C4gIvi3j_guqo3IWZlJp2IqkQ6-v0Lct-XU7G7J0iRiC4E-bl0cG8SgGIEdAv6VvmBiJuZg2v6rY-55H09lNMwwZr5z60Pl7NehpfznEzWVN4eVsMChtZFhg

Requested by

Host: vpnstuff.net
URL: https://vpnstuff.net/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU3RjFHMkstMjItQTFSTw==&google_push=Aa02lx8oT2eFfOy6SD_EqHt6PL1w0_VATmUDQ6C4gIvi3j_guqo3IWZlJp2IqkQ6-v0Lct-XU7G7J0iRiC4E-bl0cG8SgGIEdAv6VvmBiJuZg2v6rY-55H09lNMwwZr5z60Pl7NehpfznEzWVN4eVsMChtZFhg
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 300D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHuMGluMOICO69xtaPWRaeM&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHuMGluMOICO69xtaPWRaeM&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHuMGluMOICO69xtaPWRaeM&google_hm=Y-5xK4wydjLDKtQ1lyQb3wAABFUAAAIB&google_nid=index&google_push=Aa02lx-zTm5sLn56fRGF34HPyxFFs_NmfWV4j...

170 B
188 B

36ms
36ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHuMGluMOICO69xtaPWRaeM&google_hm=Y-5xK4wydjLDKtQ1lyQb3wAABFUAAAIB&google_nid=index&google_push=Aa02lx-zTm5sLn56fRGF34HPyxFFs_NmfWV4jQJRnu58X-QxgoZe8pn7D13z0tPWeUBA-sNspiaaioHvf2n0Y7I1emdmeFXHDHhyjMta80jYVD9SaQbyfUBLA7pfpubLvA-b0m-EzqPY4vjDIj0y2oBfHWtLeQ

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9x07Yn2TqWV0BsesNZHUlkKmC08iB8hcblFjBjRYLxYdB%2B0MGC8nEYUnjUbsa%2Bc83LmktXt9j7LSr%2Bhtn8NwF4bNH0WFjX72YThJhNCzHLYhKcHPSg0yraRTWeqW%2FT%2FCo0t4oZSPL0YaiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHuMGluMOICO69xtaPWRaeM&google_hm=Y-5xK4wydjLDKtQ1lyQb3wAABFUAAAIB&google_nid=index&google_push=Aa02lx-zTm5sLn56fRGF34HPyxFFs_NmfWV4jQJRnu58X-QxgoZe8pn7D13z0tPWeUBA-sNspiaaioHvf2n0Y7I1emdmeFXHDHhyjMta80jYVD9SaQbyfUBLA7pfpubLvA-b0m-EzqPY4vjDIj0y2oBfHWtLeQ
cache-control: no-cache
cf-ray: 79a83af14b733654-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 300D
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGNen0xvdLew-rLxKQydEz8&google_cver=1&google_push=Aa02lx9ek6LahL6hA0or3bv5aog5mRkIJHU0FGgU50mCGe99DlaBW-pfV1UBYu-goYUD-6au6-bhOYY13HHdCh2c...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9ek6LahL6hA0or3bv5aog5mRkIJHU0FGgU50mCGe99DlaBW-pfV1UBYu-goYUD-6au6-bhOYY13HHdCh2cPhpTnimup31B36fHyUdYTpsgi7eO_PGHcx_G7RIrE0Jd...

170 B
232 B

31ms
31ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9ek6LahL6hA0or3bv5aog5mRkIJHU0FGgU50mCGe99DlaBW-pfV1UBYu-goYUD-6au6-bhOYY13HHdCh2cPhpTnimup31B36fHyUdYTpsgi7eO_PGHcx_G7RIrE0JdVIYY8R_mBshcO0EHr7fTWPiNqw

Requested by

Host: vpnstuff.net
URL: https://vpnstuff.net/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 16 Feb 2023 18:08:43 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C1
x-cache: GeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9ek6LahL6hA0or3bv5aog5mRkIJHU0FGgU50mCGe99DlaBW-pfV1UBYu-goYUD-6au6-bhOYY13HHdCh2cPhpTnimup31B36fHyUdYTpsgi7eO_PGHcx_G7RIrE0JdVIYY8R_mBshcO0EHr7fTWPiNqw
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: GVXogRX7MlbI2k6so0uwxQGrW31zvn-mL82oISJbYjcMh1qojY5HaA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 300D
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPio5pbKXHCc2y-sNWeHX-U&google_cver=1&google_push=Aa02lx9vQ1WTYF3nHXZzkBZ9-KX3SWFWNXofEonBBmjNGS9rkwPjLECWcuXzvgK540w4dXCqeSvV6J9OtS1Obzu-S0ORPV_zDy...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx9vQ1WTYF3nHXZzkBZ9-KX3SWFWNXofEonBBmjNGS9rkwPjLECWcuXzvgK540w4dXCqeSvV6J9OtS1Obzu-S0ORPV_zDyB...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDE1Njk2NzQwODQ0NTU3NDQzMTcxMQ%3D%3D&google_push=Aa02lx9vQ1WTYF3nHXZzkBZ9-KX3SWFWNXofEonBBmjNGS9rkwPjLECW...

170 B
188 B

32ms
30ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDE1Njk2NzQwODQ0NTU3NDQzMTcxMQ%3D%3D&google_push=Aa02lx9vQ1WTYF3nHXZzkBZ9-KX3SWFWNXofEonBBmjNGS9rkwPjLECWcuXzvgK540w4dXCqeSvV6J9OtS1Obzu-S0ORPV_zDyBUvV5JecuhY5fB90vPkz4v4qF_GBPmklDyJyQoJpWS6-SBkl-4SQrQ1GcgYQ

Requested by

Host: vpnstuff.net
URL: https://vpnstuff.net/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDE1Njk2NzQwODQ0NTU3NDQzMTcxMQ%3D%3D&google_push=Aa02lx9vQ1WTYF3nHXZzkBZ9-KX3SWFWNXofEonBBmjNGS9rkwPjLECWcuXzvgK540w4dXCqeSvV6J9OtS1Obzu-S0ORPV_zDyBUvV5JecuhY5fB90vPkz4v4qF_GBPmklDyJyQoJpWS6-SBkl-4SQrQ1GcgYQ
date: Thu, 16 Feb 2023 18:08:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 300D 0
75 B 246ms
22ms Image
text/plain 185.86.138.155
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEDJjqPPhfKhicoMryo3IY1k&google_cver=1&google_push=Aa02lx9W_sq14HgeinQGUAOBSiALMRyiYSXUAyQMpBbYqE7mmK2g5tiFClJ3rCUH4R1AzXKiGcXQ_Dd1pQSgLBAMaF0w7TzD29hASbXsP6WoS4_NMZdZeAbegByzL5vG-qdI-qdNsp3crm8zImLgjzjJMF5Guw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=1307324834&pi=t.aa~a.1751628239~rp.4&w=630&lmt=1676501243&nsk=ae8678aa&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1943&idt=0&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121%2C630x121&nras=5&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5tIRWrdlYr&p=https%3A//vpnstuff.net&dtd=29
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:43 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 300D
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEIOmnyPY9VIxxkg0ixUdynY&google_cver=1&google_push=Aa02lx9VKIXnP-Ki7...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEIOmnyPY9VIxxkg0ixUdynY%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Mzg2NzAzNDIwMDg1MDE4ODIxOA%3D%3D&google_gid=CAESEIOmnyPY9VIxxkg0ixUdynY&google_cver=1&google_push=Aa02lx9VKIXnP-Ki7Y7nqxtmvoeCXA5k8X...

170 B
188 B

31ms
31ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Mzg2NzAzNDIwMDg1MDE4ODIxOA%3D%3D&google_gid=CAESEIOmnyPY9VIxxkg0ixUdynY&google_cver=1&google_push=Aa02lx9VKIXnP-Ki7Y7nqxtmvoeCXA5k8XKalc8aweJ3wmcdBQrNXvAMvLAuBsuyJg8T7Ozrwrf6sDaevm9ICaAXHstenm8JJHPdG6IidyGRj9d9cu-h_ILZ4cMNhgJaEi6B6ZXJTeSlwTuiNH4DRXEsonCtX50

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 16 Feb 2023 18:08:43 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 212.7.210.177; 212.7.210.177; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a8723953-b290-4474-b20a-8e4374071036
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Mzg2NzAzNDIwMDg1MDE4ODIxOA%3D%3D&google_gid=CAESEIOmnyPY9VIxxkg0ixUdynY&google_cver=1&google_push=Aa02lx9VKIXnP-Ki7Y7nqxtmvoeCXA5k8XKalc8aweJ3wmcdBQrNXvAMvLAuBsuyJg8T7Ozrwrf6sDaevm9ICaAXHstenm8JJHPdG6IidyGRj9d9cu-h_ILZ4cMNhgJaEi6B6ZXJTeSlwTuiNH4DRXEsonCtX50
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 300D 0
40 B 50ms
28ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J38dXqqDTdjg5V5HpTySIbUptwsxYnYw9rrZa4ZtLXd_GzbtRqC3HFLAyte_-1kmawp_HAnA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=1307324834&pi=t.aa~a.1751628239~rp.4&w=630&lmt=1676501243&nsk=ae8678aa&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1943&idt=0&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121%2C630x121&nras=5&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5tIRWrdlYr&p=https%3A//vpnstuff.net&dtd=29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 475F 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=glaurung&w=630&h=121&nh=118&rs=2&gqid=KnHuY-3TNqaemLAP3L26wAQ&qqid=CKz1t7LRmv0CFW-DfwQdbXYKmw&com=glaurung%2Ffluid.js

Requested by

Host: vpnstuff.net
URL: https://vpnstuff.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B2AE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

29ms
29ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=1307324834&pi=t.aa~a.1751628239~rp.4&w=630&lmt=1676501243&nsk=ae8678aa&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1943&idt=0&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121%2C630x121&nras=5&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5tIRWrdlYr&p=https%3A//vpnstuff.net&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 18:08:43 GMT
expires: Thu, 16 Feb 2023 18:08:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 18:08:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ppuJb3acSbwPUrk6AP0eyfY-LTznD88jtSaAQ1bhjg8.js Show response
pagead2.googlesyndication.com/bg/ Frame 33EE 36 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppuJb3acSbwPUrk6AP0eyfY-LTznD88jtSaAQ1bhjg8.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=1307324834&pi=t.aa~a.1751628239~rp.4&w=630&lmt=1676501243&nsk=ae8678aa&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1943&idt=0&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121%2C630x121&nras=5&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5tIRWrdlYr&p=https%3A//vpnstuff.net&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a69b896f769c49bc0f52b93a00fd1ec9f63e2d3ce70fcf23b526804356e18e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 17:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14239
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 17:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 17:33:11 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 110ms
69ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230213&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ad7384d9c9b85f05c6c242a412b353a5d400705ea93573fa6a461847c256602

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11162
x-xss-protection: 0

GET
H3 200 ppuJb3acSbwPUrk6AP0eyfY-LTznD88jtSaAQ1bhjg8.js Show response
pagead2.googlesyndication.com/bg/ Frame A90D 36 KB
14 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppuJb3acSbwPUrk6AP0eyfY-LTznD88jtSaAQ1bhjg8.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8979619446781272&output=html&h=121&adk=2497438772&adf=4068077400&pi=t.aa~a.8993076~rp.4&w=630&lmt=1676501243&nsk=20926e7b&rafmt=11&pwprc=5907331795&ad_type=text_image&format=630x121&url=https%3A%2F%2Fvpnstuff.net%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676570922688&bpp=1&bdt=1942&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3d2ea6e58e800dc7-2264f07fb2dc0072%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g&gpic=UID%3D00000bb86e60b557%3AT%3D1676570922%3ART%3D1676570922%3AS%3DALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA&prev_fmts=0x0%2C1015x280%2C630x121&nras=4&correlator=7966415896443&frm=20&pv=1&ga_vid=1617500120.1676570922&ga_sid=1676570922&ga_hid=471992066&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072225%2C44779794%2C31072427&oid=2&pvsid=3995021825616269&tmod=847948855&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V4XbneyTCx&p=https%3A//vpnstuff.net&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a69b896f769c49bc0f52b93a00fd1ec9f63e2d3ce70fcf23b526804356e18e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 17:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14239
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 17:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 17:33:11 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 18:08:43 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 206D 13 KB
5 KB 32ms
31ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vpnstuff.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 6354
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 16:22:49 GMT
expires: Fri, 16 Feb 2024 16:22:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 66F9 783 B
535 B 64ms
64ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9476a04a6aef63bf36cf5ab470789b461002d80e27d610879cf54da93818e90c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Bul4Dc1rQB_ZpCyxAFwzLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vpnstuff.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Bul4Dc1rQB_ZpCyxAFwzLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 18:08:43 GMT
expires: Thu, 16 Feb 2023 18:08:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ppuJb3acSbwPUrk6AP0eyfY-LTznD88jtSaAQ1bhjg8.js Show response
pagead2.googlesyndication.com/bg/ Frame 206D 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppuJb3acSbwPUrk6AP0eyfY-LTznD88jtSaAQ1bhjg8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a69b896f769c49bc0f52b93a00fd1ec9f63e2d3ce70fcf23b526804356e18e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 17:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14239
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 17:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 17:33:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 66F9 0
0 53ms
53ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230213&jk=3995021825616269&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 206D 0
10 B 30ms
30ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?SEdIyg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:08:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EF37 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJZw6-iZxkJC_4ahTbHOEc4s_dYFZTiG6gLt9ux_mjtMCBwParSLVeJaYOeT75r9NZOdFMdJnUgQB1rG8gL2bOPR1mYeahCm21DepS4esk4EW2gzg0UAJp4vJpZRqOPdRhLZxM_A&sai=AMfl-YS6q8LVlIXS4VcprwtkWxnPUCoHlhITNpLwpvF7Ko_Cu5iUCzADrCDMonRFZ5HuPk9wOt5nKzQPKfoC&sig=Cg0ArKJSzC2qs9XL4vnGEAE&cid=CAQSGwDUE5ympaoNf7_STfY5omlbeAMhjPjSUHt1jRgB&id=lidar2&mcvt=1000&p=0,0,280,1015&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2461418008&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676570922113&rpt=985&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5CC7 42 B
64 B 60ms
59ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstO_5UkzMRg9P2OsQmB2fT_TZdDtz5xRxP5cXZ02aQdRkqlkPfDJPkH104XFs08dG1laiF0fpA24o1pprB3gY-ogfMwnYrn-j0NIinHcIqLskbdzv6eB4uya6vlXPbxlQBwb4rQEA&sai=AMfl-YTmr8grxxz8PtWncUVyXhvlg0G-q2zk3DAd6PdrqLpSGBbDfi1daZh13tBiNhX-i1dSpNLLBB2ULzEG&sig=Cg0ArKJSzC2NZBXsmhWHEAE&cid=CAQSGwDUE5ymkw8k_eXZ-Iqzvx7Pn8YH7Fl_omFjNxgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=161,844,1000,1123,1123&tos=161,683,156,123,0&v=20230215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676570922775&rpt=337&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 18:08:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230213&jk=3995021825616269&bg=!rK-lr_vNAAYuhb89DoU7ADkAdvg8WoqKHJ0sN35IRmVrhS8kPDvDntojPEVpfhbeKHhKkjCriULn6j-WIuaaiOBVf7Fcd4vlGhcCAAAATlIAAAADaAEHCgBIdJq_YUEzcIzhM47ccf2Qkpo6A9qEdKC3Y8OTzpj9qI-mVNUqZEcYx96N-CXTtS7g8v14OnWipr5DQsA2l75c1FQKPTla9fvZmQLfbPdFpjUlKQ0tl09FQBvH2yNipdkCNsn1iMaBEcRCvlV7xQR2cqyiQY9yC3i3STteQm97wkvx5acOB5gb4R1AR-NSrWznneSrE-UdvNwaKtBvoJGXqnjxLWDF2v9MSxxWh5AIZKaCXbuAk4_2K0qMpdLowcgQeN8ALAPJaBLojZ2akbvYDNb9PepPV52fQIthAMszn8wQpjbEYDDT7REKejc-saXkLpXp5jqqU4MPAMVWArLptm2F_KhMDzlK0_U2Ev3nEzwK_vsHcKzu_5qQ2VMHaWxpezJarCXw9mGoPut0xPmp-DdXGA_krWNsPDMhGu8BjC4gbVqNpDOItnPh4PZC2sfk9zbzd2qDyPXG22fSwjrFoaGYsneGyS3pTS8vqegt3XYgOBHFfMA1L2IkudOV1ys5ZpwcpYX7gMnPLNRTuw7_R71yERoZs_SinRgIf7lvARGI7d6fZGyS9t2PiWlBJ3GpYRo8zYpHdVQ5U7Wyq635HzWK3n7La67IvrNMPYwprQG3rJuThud3CSIbQ5DPYJdo3xY3uaHJBYQkYFPfrvHTS_UVy2SS4m9EyF-c0T-qhSVuQO3B9Syu4Rg50dTtN1gjcUH-YBp4zKaO5ftNXrn6SHa2vf0bIPGqZKG0-D5xPODbSl63og0sNUhRRlnbgKwxegDgRN5_pDYUpd8YKV05JvWwomi130jW0uIezb-1q5-90EXrrDOTZ9atbaNIFlkHz5z0ijxWZcuSMrXtZ9L_lZgwirgAugQxGgvB5NnL5TOV26i9sG1wmNDRVIq4anzlvJDy53WPwO1C59JebvmRgCP533Vb9vFC_ETPHy91f_6eYVHfomZvZImD5tZf4ktwEsJoDmm8xe3OOmEvr8GB7MAyDeHt9kBYcyysg625UVgXNW0jqANlJy6zH3d4xbcUG-4Fd9BV1LZXDcPRdFxVrHAF1SNibj1OMCtmubRq8ADWXOC_vxA4TLPY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vpnstuff.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vpnstuff.net/	1970-01-20 19:04:26	Name: __gads Value: ID=3d2ea6e58e800dc7-2264f07fb2dc0072:T=1676570922:RT=1676570922:S=ALNI_MaX9lCFGvsns7qEUY8a7NrSmymR_g
.vpnstuff.net/	1970-01-20 19:04:26	Name: __gpi Value: UID=00000bb86e60b557:T=1676570922:RT=1676570922:S=ALNI_MacEZqqrpuGAM4PYGXMM8ERw4gElA
.doubleclick.net/	1970-01-20 19:04:26	Name: IDE Value: AHWqTUnFIB68S9wo7K6xuyV1ojt3x9qR3E0ALGhV0Iu6XjfwoJBwOK4kw0NEWsdZHXI
.doubleclick.net/	1970-01-20 09:42:54	Name: DSID Value: NO_DATA
.3lift.com/	1970-01-20 11:52:26	Name: tluid Value: 4156967408445574431711
.adform.net/	1970-01-20 10:23:10	Name: C Value: 1
.pubmatic.com/	1970-01-20 09:44:17	Name: KTPCACOOKIE Value: YES
.quantserve.com/	1970-01-20 11:52:26	Name: d Value: EBcBCQGnKIEA
.quantserve.com/	1970-01-20 19:13:05	Name: mc Value: 63ee712b-a2b5b-f6178-11c57
.yahoo.com/	1970-01-20 18:28:48	Name: A3 Value: d=AQABBCtx7mMCEBUQY_D9Zp4opmjPVU8ssXIFEgEBAQHC72P4YwAAAAAA_eMAAA&S=AQAAAt0MZ6ej0Sr22Ppk5tva990
.adnxs.com/	1970-01-20 11:52:26	Name: uuid2 Value: 3867034200850188218
.casalemedia.com/	1970-01-20 18:28:26	Name: CMID Value: Y.5xK4wydjLDKtQ1lyQb3wAA
.casalemedia.com/	1970-01-20 11:52:26	Name: CMPS Value: 1109
.casalemedia.com/	1970-01-20 11:52:26	Name: CMPRO Value: 1109
.pubmatic.com/	1970-01-20 18:28:26	Name: KADUSERCOOKIE Value: 31CEA1E7-1534-466B-8A0F-D5884A7B4BEE
.adform.net/	1970-01-20 11:09:14	Name: uid Value: 6225308192979550254
.bidswitch.net/	1970-01-20 18:28:26	Name: c Value: 1676570923
.bidswitch.net/	1970-01-20 18:28:26	Name: tuuid_lu Value: 1676570923
.bidswitch.net/	1970-01-20 18:28:26	Name: tuuid Value: 19a65748-6694-4efb-91f7-695a8665434e
.bidswitch.net/	1970-01-20 09:42:51	Name: google_push Value: Aa02lx_KFK7CVt5dza_Fx0WBonoSl7e1qwvLfyhKXgIyiUovVzfBJrkpIcmEs7aW7bdH5mmsgFtJwjvJ3k452IhrmWjax5401naNP1c
.e.dlx.addthis.com/	1970-01-20 19:13:05	Name: na_tc Value: Y
.tribalfusion.com/	1970-01-20 11:52:26	Name: ANON_ID Value: a1nseFMwTkF6Xlypr9MLklxJnG59a08vG1ycEvhpkhpIYDXSP0YE52EModZbri01i9ZaFZavVXZaPKPmYS2wwStg
.addthis.com/	1970-01-20 19:13:05	Name: na_id Value: 2023021618084400049503387132
.addthis.com/	1970-01-20 19:13:05	Name: na_tc Value: Y
.addthis.com/	1970-01-20 19:13:05	Name: uid Value: 63ee712c4c9ff5c8
.addthis.com/	1970-01-20 19:13:05	Name: ouid Value: 63ee712c000182338f8662fef932dca32ba1748ce4f300f922cd
.dlx.addthis.com/	1970-01-20 10:26:02	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 10:26:02	Name: na_sr Value: 20230216
.dlx.addthis.com/	1970-01-20 09:42:50	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 10:26:02	Name: na_sc_e Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-8979619446781272&fa=1&ifi=7&uci=a!7&btvi=4&xpc=mYxl5HH5y5&p=https%3A//vpnstuff.net Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
adservice.google.com
adservice.google.nl
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
e.dlx.addthis.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pixel.wp.com
pr-bh.ybp.yahoo.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
secure.adnxs.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stats.wp.com
tpc.googlesyndication.com
vpnstuff.net
www.google.com
www.googletagservices.com
www.gstatic.com
www.vpnstuff.net
x.bidswitch.net
104.18.25.185
13.248.245.213
172.217.18.98
185.64.190.78
185.86.138.155
192.0.76.3
23.203.125.189
2600:9000:20eb:7e00:1b:5138:8a40:93a1
2606:4700::6812:18ad
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:400d:807::2004
2a00:1450:400d:808::2002
2a00:1450:400d:80e::200a
2a02:fa8:8806:13::1370
2a05:d018:d29:3602:d8ac:1edd:aee1:32b6
2a06:98c1:3121::3
3.64.121.24
34.160.236.64
35.227.252.103
37.157.5.141
37.252.171.21
51.75.86.98
69.173.144.138
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0497bf3a6ad658fad1d6ccbdb44098ff11ea9bacb26a7b1ebe665653314f6626
0746291f8b075144de0d7084b9dae35477bb6856c404f0eb469ee319c79a7444
085dd13c2471130009c8cbab6b9829c10032550fc48bf3f5af513e3ef4069cee
09378701accdd1ba2c603e8b67e01e40101803acbdcd0a1c20ba8dd800b32dec
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e4d1d7a07ea6fddd6ab116e27bc0e074f5fe6ad6c89f719a515ae9c80436b6d
1021efafbf9b43acf446f436556222d910e0d86d09d796b6fb16101efedffa22
15d287e632ab017c0cc1145bca13b94d3931aa1d6a27e9b63bb8f112aede0859
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1952965e2c8210f189d1aa88632ea9cb48a8d6c98d32e54e72b272af5eb9b25c
22af5d3bf749542c2d95975186991b7b8c1e0766449c3fdeab55d57eb0d1ffdc
24faf77d5a17580beb5fc90fdf3f7aecf5336fd0b3c1fb32e8a76e9170fcfc05
265c1a18ba7cf075e9e81048d528b59bb6bcdcb6e2cd53e0e4a6c2292fe7f788
2904775cbf1c61dfe426fba2a3be06024297a61a9df43ccda472345cb79b6d16
2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37813ebd6ff70bf619e9030983320bcad15704e6af35654c37e7949012a59bb5
3b58a0989d6131e9b31d5ae48ee68afc125563c0ed1b656ac1b5205924640cf1
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b15bb1e4a15eb09225e7a3c6800da0f7f5f0f110f5cee9e11d5574a7e923083
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5481534bfa877f092089a267737ce064f75292afce0acb18956e0e2bd2dffa82
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55aa397e00e748cacec23809e21ed28636ebf0b82566c41ff019368c653fc426
5ad7384d9c9b85f05c6c242a412b353a5d400705ea93573fa6a461847c256602
5bdd35da441f2a6f62422c685e3909f33978b7cddaca38672bf482cf45869132
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61cfe1e4bad8332eaf07240b9a18cd9c20f55c526e9c0b9ad9bf3255265c695d
68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e
6d6b4e3715b628457d40f2bf6e62b661d2bb36d85296d08a0bca4858dd617f7d
75c771066604b1aa44e316a32a903763ffcf8f6a09e3b52192eecaf017a3fb1a
765d7308ebd55d0d2e9babfd37e30335be02efbbf3d3176f3e1f730cc4177045
7af41e42ed4135409186d6a3c877bc23605cdc2295333f351a3f9c76a8204fae
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
86d35ac82dbd88d25ba613b73ac156fd953a8b8afa3ce925aefe3f964fa8c242
8ab550a843c22436fbc85716aa622b816b482f1cc6f06818bad741db87922028
8c2eb4bd436a068318ae842919d15610711964b98cf65a76c3cabf176a1cf98e
9476a04a6aef63bf36cf5ab470789b461002d80e27d610879cf54da93818e90c
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
992f8c2d291366ab7310e20ae8b8b970b1ce77622220a5d20fc84cf25d0030f2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cfc72f87bf1597df4da24dab70a531fc8666984b1393411d845b8e3cc68638f
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a13852e1bf363dbefcd8329e3b5b2c841ad3d5150899a541a1fad9959333b9d5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a69b896f769c49bc0f52b93a00fd1ec9f63e2d3ce70fcf23b526804356e18e0f
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
abbf7840f8e7186ec857d1dd0ba170a2236daa48e28522b7795e4e53be633662
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b52c106741e95185aabd3207ecd15686e066ae9f516ebd45e87936829c14ca2e
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b88fca268e1352a0922f301c6b88f0499606c01faa8d0718de11a8153a5edc3a
ba2e6431e96d234cf470415c723247c4849cfdd527361b67595d26d82c716f3e
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
cc7f2807e1ee85b95a906b460dcbde2ac37445b35ba58a5137f4e161b58b5751
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e235711fbbe0386501e4ca29766513dcf3498fa782abccf11dcbf30225e08b17
e2cb7a0cfeabb2725097db9f854dd57a83caa1df3b28dc5ac1d732ddb9c41c16
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ec241bc60ec19df1c59a9d86fdd74cb5a3e4a58df75124507d9a4ea3cea5c437
edf28446f50d57b497e259711b3e7144cdc8d3d344b625f8f00878f877aecbd1
eef4b1257e491d3649e52915c29cb8c453400b03da373098321bcb9a6c0850c8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f6a77a159c96f0e34a1ddf72ffcb4c8dd8adf687068b921eeda5e10664ebebca
f81b040c7267df313664e2e4156da6cd214c4ec3727ab140bfad36537bf36a73
fef244c8caa28ed977c72b3d6b2dfb8c56919f979fc82c7f720d7a3deb8b7a2d

vpnstuff.net Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

172 Requests

91 %HTTPS

52 %IPv6

27 Domains

34 Subdomains

20 IPs

9 Countries

1702 kBTransfer

4189 kBSize

30 Cookies

2 Outgoing links

Page URL History

Redirected requests

172 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vpnstuff.net Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

172
Requests

91 %
HTTPS

52 %
IPv6

27
Domains

34
Subdomains

20
IPs

9
Countries

1702 kB
Transfer

4189 kB
Size

30
Cookies

172 HTTP transactions
5 data transactions