aofsoru.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://aofsoru.com/
Effective URL:
https://aofsoru.com/
Submission: On February 06 via api (February 6th 2024, 8:49:34 pm UTC) from US — Scanned from NL

Summary HTTP 239 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 52 IPs in 6 countries across 31 domains to perform 239 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is aofsoru.com.
TLS certificate: Issued by E1 on January 30th 2024. Valid for: 3 months.

This is the only time aofsoru.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:d73b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
47	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
29	185.7.176.221 185.7.176.221	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.49.227.53 52.49.227.53	16509 (AMAZON-02) (AMAZON-02)
3	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
3	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	35.241.45.217 35.241.45.217	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	99.86.4.71 99.86.4.71	16509 (AMAZON-02) (AMAZON-02)
2	185.7.176.222 185.7.176.222	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
1	34.102.243.38 34.102.243.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
19	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
12 16	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
8 16	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 12	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
7	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
4	88.99.219.174 88.99.219.174	24940 (HETZNER-AS) (HETZNER-AS)
1 5	136.243.149.243 136.243.149.243	24940 (HETZNER-AS) (HETZNER-AS)
1 5	138.201.63.157 138.201.63.157	24940 (HETZNER-AS) (HETZNER-AS)
1 5	78.46.111.106 78.46.111.106	24940 (HETZNER-AS) (HETZNER-AS)
1 5	144.76.91.199 144.76.91.199	24940 (HETZNER-AS) (HETZNER-AS)
3 6	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
4	51.75.147.170 51.75.147.170	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	185.7.176.214 185.7.176.214	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:401b:806::2003	15169 (GOOGLE) (GOOGLE)
239	52

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

aofsoru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

aofsoru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.aofsoru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 185.7.176.221 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

static.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng2.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
logger.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.227.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-227-53.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.7.176.222 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

c1.imgiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com

feed.pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.185.162 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.64.151.101 (United States) 8 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.252.171.149 (Frankfurt am Main, Germany) 8 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.99.219.174 (Lutzingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 136.243.149.243 (Kronberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de

hal900030.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.63.157 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de

hal90007.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 78.46.111.106 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de

hal900027.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 144.76.91.199 (Bad Bellingen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de

hal900018.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.70 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.75.147.170 (United Kingdom)

ASN16276 (OVH, FR)
PTR: ns3133977.ip-51-75-147.eu

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.7.176.214 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

istr-n14.nktcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:401b:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	842 KB
41	doubleclick.net 15 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 309589	266 KB
29	virgul.com static.virgul.com — Cisco Umbrella Rank: 69810 ng.virgul.com — Cisco Umbrella Rank: 75164 ng2.virgul.com — Cisco Umbrella Rank: 76313 logger.virgul.com — Cisco Umbrella Rank: 97488	252 KB
24	redintelligence.net 4 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 38309 hal900030.redintelligence.net — Cisco Umbrella Rank: 248852 hal90007.redintelligence.net — Cisco Umbrella Rank: 229090 hal900027.redintelligence.net — Cisco Umbrella Rank: 220470 hal900018.redintelligence.net — Cisco Umbrella Rank: 219812	42 KB
16	casalemedia.com 8 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	9 KB
15	aofsoru.com 1 redirects aofsoru.com cdn.aofsoru.com	128 KB
12	adnxs.com 8 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	13 KB
12	gstatic.com fonts.gstatic.com csi.gstatic.com	415 KB
7	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143 adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 2	122 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 imasdk.googleapis.com — Cisco Umbrella Rank: 485 ajax.googleapis.com — Cisco Umbrella Rank: 369	412 KB
4	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 70174	221 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 314 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591	76 KB
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 857 id5-sync.com — Cisco Umbrella Rank: 425	52 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2029	21 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1736 google-bidout-d.openx.net — Cisco Umbrella Rank: 1735	783 B
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 423 mug.criteo.com — Cisco Umbrella Rank: 3123	7 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	244 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 4149 onesignal.com — Cisco Umbrella Rank: 1446	73 KB
2	imgiz.com c1.imgiz.com — Cisco Umbrella Rank: 132945	131 KB
2	pghub.io pghub.io — Cisco Umbrella Rank: 1987 feed.pghub.io — Cisco Umbrella Rank: 2288	6 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 bcp.crwdcntrl.net — Cisco Umbrella Rank: 898	12 KB
1	nktcdn.com istr-n14.nktcdn.com — Cisco Umbrella Rank: 565871
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 914	271 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	17 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 46	3 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1833	8 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1299	6 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 657	13 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	1 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2253	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	6 KB
239	31

	Domain	Requested by
47	pagead2.googlesyndication.com	aofsoru.com pagead2.googlesyndication.com daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com tpc.googlesyndication.com imasdk.googleapis.com securepubads.g.doubleclick.net
19	tpc.googlesyndication.com	daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
16	dsum-sec.casalemedia.com	8 redirects googleads.g.doubleclick.net
16	cm.g.doubleclick.net	12 redirects googleads.g.doubleclick.net
15	logger.virgul.com	c1.imgiz.com
12	ib.adnxs.com	8 redirects googleads.g.doubleclick.net
11	cdn.aofsoru.com	aofsoru.com
10	fonts.gstatic.com	fonts.googleapis.com aofsoru.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
7	ad.doubleclick.net	daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com 8019191.fls.doubleclick.net
7	static.virgul.com	aofsoru.com static.virgul.com
6	8019191.fls.doubleclick.net	3 redirects aofsoru.com
5	hal900018.redintelligence.net	1 redirects daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com hal900018.redintelligence.net
5	hal900027.redintelligence.net	1 redirects daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com hal900027.redintelligence.net
5	hal90007.redintelligence.net	1 redirects daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com hal90007.redintelligence.net
5	hal900030.redintelligence.net	1 redirects daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com hal900030.redintelligence.net
5	ng.virgul.com	static.virgul.com aofsoru.com
5	daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	cdn.contentspread.net	hal900030.redintelligence.net hal900018.redintelligence.net hal90007.redintelligence.net hal900027.redintelligence.net
4	hal9000.redintelligence.net	daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
4	aofsoru.com	1 redirects aofsoru.com
3	adservice.google.com	8019191.fls.doubleclick.net
3	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
3	c.amazon-adsystem.com	static.virgul.com c.amazon-adsystem.com
3	www.googletagmanager.com	aofsoru.com www.googletagmanager.com
3	securepubads.g.doubleclick.net	aofsoru.com securepubads.g.doubleclick.net
3	fonts.googleapis.com	aofsoru.com
2	csi.gstatic.com	imasdk.googleapis.com
2	ng2.virgul.com	aofsoru.com
2	imasdk.googleapis.com	c1.imgiz.com imasdk.googleapis.com
2	c1.imgiz.com	static.virgul.com c1.imgiz.com
2	id5-sync.com	cdn.id5-sync.com
2	oajs.openx.net	1 redirects aofsoru.com
2	gum.criteo.com	1 redirects static.criteo.net
2	cdn.id5-sync.com	securepubads.g.doubleclick.net aofsoru.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn.onesignal.com	aofsoru.com cdn.onesignal.com
1	www.google.com	tpc.googlesyndication.com
1	istr-n14.nktcdn.com	aofsoru.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	ajax.googleapis.com	hal90007.redintelligence.net
1	s0.2mdn.net	imasdk.googleapis.com
1	lh3.googleusercontent.com	aofsoru.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	feed.pghub.io	pghub.io
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	pghub.io	static.virgul.com
1	mug.criteo.com	aofsoru.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	onesignal.com	cdn.onesignal.com
1	cdnjs.cloudflare.com	aofsoru.com
239	58

This site contains links to these domains. Also see Links.

Domain
ataaofsoru.com
aolsoru.com
aoosoru.com
apps.apple.com
play.google.com
ehliyetsoru.com

Subject Issuer	Validity	Valid
aofsoru.com E1	`2024-01-30` - `2024-04-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.virgul.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-20` - `2024-10-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-12-23` - `2024-03-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2024-01-22` - `2024-04-22`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
pghub.io GTS CA 1D4	`2024-01-16` - `2024-04-15`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
*.imgiz.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-24` - `2024-09-23`	a year	crt.sh
feed.pghub.io GTS CA 1D4	`2024-01-16` - `2024-04-15`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
redintelligence.net R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
contentspread.net R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.nktcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-30` - `2024-11-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 30 frames:

Primary Page: https://aofsoru.com/
Frame ID: 4322DA1F9234C293AA9B28571E14A2BF
Requests: 103 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20190131/zrt_lookup_fy2021.html
Frame ID: E372B414FAD48C06BC7B582014541834
Requests: 1 HTTP requests in this frame

Frame: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3388F064790556D3006D60D7AB3477B8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=aofsoru.com
Frame ID: CB9F8C4B851BA561680E3114AE0FAC9E
Requests: 2 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: 59FFB3F22F2FFE75F1D72A1A6B85D4C2
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=&page_url=https%3A%2F%2Faofsoru.com%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: F13467DEC357966A3F99C1C856C68B55
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: AB8F8FD16BB3B09FEE5407A37718170A
Requests: 1 HTTP requests in this frame

Frame: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FFA5306810B60CACB6B31C20A7C54F9A
Requests: 16 HTTP requests in this frame

Frame: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 66943E190BA5B5CBAE21CB20B065E0EE
Requests: 16 HTTP requests in this frame

Frame: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 98E92F85916278C400D45906CECCB55A
Requests: 16 HTTP requests in this frame

Frame: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 08CEBC548C1C1EB62D691EF345F63359
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiv77vGATAB&v=APEucNUaA6Ki156HATeVwPkd7kc6qQ0_xKQWxESaZPVkNaJS93VIr70uvuEVntAKwDpj9R6P1etv6IrI7U8sknhbWduyVJuufx1FC_49LR4eaX3B2NpdkHkPGgLwgakWhhfFq47Ef-WUgQK7gSQY_ZufEO668KvMfz0QneP_8xJTs_xuBPRAFoE
Frame ID: F0D04851154767FFB8BF33245719BAE5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjogrzGATAB&v=APEucNUfRehInDaseo0T0BvoXIOC3e2W7d-KtIiTeiBwrIScqN7V-JmblI5I0LJfSQlOoulP-Sqmw7-hT-MsGoueZmgBdCpg4SH2R_O4JDcduNdQMRH3ZkYY2M5SAkOSztDTQNJBNbaMtLPkPrHB6qBnFCCevBtpC9XyCXfTH_znWHBVvwcaE88
Frame ID: 57936AFB54C9D6B254B7D23A2BC2AE98
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjpgrzGATAB&v=APEucNUIiAvF10gMLWbBG_TR8iuktCNE1GFgZPxSs5W66GpsnSBq2ZS4DnFeCFI_u01KR__rZdI3oqwijLuAZ3ePsa6y39IUb8eazHvHHBIGywjYraJwqTfVaJY0MUFcnmOkoIeTepJMSzWocHf5ZPJh0N1OMNd6_BJUHASfeyHYONKPracojLs
Frame ID: 853C8F121798C64EAA915AB6D56951D8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiv77vGATAB&v=APEucNW4ROdSdiZjznjLZAZB5300Dkek7spDzcMk6hankW7FpvhLimmuDZEIc8IudE6xbAL6Z670c6HhmWWh01Eulq-qCQual7_5VtMomr1xpxsbS9qUv3d11uMY2HOoxL3-QDcxIkmT1yniX7AlHMg9UTJAvoY5Hj5M-epMKlFUq5GzTMElABI
Frame ID: 980CE9CBF15DA1EB3289461B6BC75505
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1A2A261DEE1B9EA81F5478375AC029D8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 009F9AB997650968AC36C5AF87C2AB05
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9F3F856ADD17663238B736162B4086AF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: CC5B7EE7B7455EC11E7963B86CFABF6C
Requests: 3 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CLXa7bbLl4QDFZldkQUdSSwGCw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8369055238518.604
Frame ID: C3822A3087605EC15D7EF66B5D100212
Requests: 3 HTTP requests in this frame

Frame: https://hal900030.redintelligence.net/request_content.php?s=88334800254848204444476012592030&a=e56ef966
Frame ID: E4EA8CC3DE0374DD824AABCF7042D8E4
Requests: 5 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPHa7bbLl4QDFdpMkQUd5vcHpg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3659696580799.088
Frame ID: 8C38A6E4192650FBF3A6B31487C7E6D9
Requests: 3 HTTP requests in this frame

Frame: https://hal90007.redintelligence.net/request_content.php?s=70831800236824404444460012592007&a=3f53e4b4
Frame ID: 9560A9326247D05B4282D0D1B4606245
Requests: 6 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJvd7bbLl4QDFalLkQUd6t0Ipg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5258414706083.105
Frame ID: 66BF97BF34BC499578CA7C9D28297390
Requests: 3 HTTP requests in this frame

Frame: https://hal900027.redintelligence.net/request_content.php?s=29571500210757904444476012592027&a=93dcd315
Frame ID: CBDA785F8523DD56DB70F7BA18102394
Requests: 5 HTTP requests in this frame

Frame: https://hal900018.redintelligence.net/request_content.php?s=61877200214916704444474012592018&a=e6089b56
Frame ID: D767DB9A78AB8A086C496E7449092C9F
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.617.1_en.html
Frame ID: DB68819A47DE8AE1120E86DB2543A384
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FF3007ADF6407F3CFC14C6EE92BA9C8D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8430E5C142D0555F1E364904FA89C23D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 98430BE1DDF89EE7DDB0AFD411EC4B4D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Aöf Çıkmış Sorular, Ders Notları ve Özetleri, Online Deneme Sınavları

Page URL History Show full URLs

http://aofsoru.com/ HTTP 301
https://aofsoru.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

239
Requests

91 %
HTTPS

50 %
IPv6

31
Domains

58
Subdomains

52
IPs

6
Countries

3374 kB
Transfer

9928 kB
Size

30
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://ataaofsoru.com/
Title: ATA-AÖF

Search URL Search Domain Scan URL

URL: https://aolsoru.com/
Title: AÖL (Açık Lise)

Search URL Search Domain Scan URL

URL: https://aoosoru.com/
Title: AÖO (Açık Ortaokul)

Search URL Search Domain Scan URL

URL: https://apps.apple.com/tr/app/a%C3%B6f-soru/id1481651650?l=tr

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.aofsoru

Search URL Search Domain Scan URL

URL: https://ehliyetsoru.com/
Title: Ehliyet Çıkmış Sınav Soruları

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://aofsoru.com/ HTTP 301
https://aofsoru.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://oajs.openx.net/esp?url=https%3A%2F%2Faofsoru.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Faofsoru.com%2F&rid=esp&cc=1

Request Chain 51

https://gum.criteo.com/sid/json?origin=publishertagids&domain=aofsoru.com&sn=ChromeSyncframe&so=0&topUrl=aofsoru.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=8mejAXwyRUxoYkI0K3Z3SjRiT3orSWszd1NJZzRodVlUL3VBVHpsb25KV1JPR0lSbVBiOFZ3OTFKdm9MMk5GelZiekNCZWplMkN5amMzaWZPYzE4Rk14UkEvOWVLVnlRRkNFN21PckNiWGZkOWxQS3dTOUtTSFZhYXpHUXdQR3AzMG1yN0w0MW5FWk5zWHdDMVBvTXE3TjZDcFltQ01BRG52dFMzZ1JycmozMVBhNW9YUFFqbm0yNWJNRERCdU1jUHFZd1M4b1phcEVKZ3VwQ2FmRkhLRU9sSlg1VEdUZ0J3N2Y5bFEvNFZYVnZieDFieW10M1I2QnpyN2d5c3cxMTNiUEVsQ29OZnV5NUdSZXpXY0ZFeGdmZmdCTDNiM3BobW45eStidjY4Vk5KRXlsWT18&cppv=2

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_u_suo1cJfKiuV6PcGWE8&google_cver=1

Request Chain 107

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcKbV.PtvwZtKisjZau5ZgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1&google_hm=2

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFaD6VHg4fWXMVz_K4WVZFI&google_cver=1

Request Chain 109

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc5MzYyNDkyMzQwMzkyOTY0MA%3D%3D

Request Chain 113

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1

Request Chain 114

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcKbV.PtvwZtKisjZau5ZgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1&google_hm=2

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEN73eeSHjiQsfcV3U2X8VrQ&google_cver=1

Request Chain 116

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY2NjE0Mjk2NDYzMjE5ODUw

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1

Request Chain 118

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcKbVw6tK2elXc1haL34jAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1

Request Chain 119

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEN73eeSHjiQsfcV3U2X8VrQ&google_cver=1

Request Chain 120

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE5NTI3NDAyNjAyMzI4MTQzOQ%3D%3D

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1

Request Chain 122

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcKbVyGXdgGytsoE77dqEwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEN73eeSHjiQsfcV3U2X8VrQ&google_cver=1

Request Chain 124

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIyNjU5MTc3NTAyNjY5NTEwMA%3D%3D

Request Chain 154

https://hal900030.redintelligence.net/request.php?zone=b0ssnwblwmm3&nw=20&renderingType=javascript&namespace=48b7513072&subid=&uid=5b9f542009354d5e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKN2VVpvCZZuFL46Kx_AP8OKh-A_M-YagaaOwx__3D_AuEAEg4sLrI2CRBMgBCakCsf4QW8UGsj6oAwHIA5sEqgT7AU_QmiN27rGZQjLvvTd0bBJHtcyBojz8HjsX7fPj8D00Hd3fMAIEGYPanGpKpo2My9SiHP5Pe56W6tHVniDT3C7DK8Eag7GnukbCi-PMnEApkGE5iUwCiU9asshYNSRfktzz0akGxk67xugLQKCabbmsq2VvZVTqjMBwSCcj2pCJR-kC3C5itpeJRem9N-w5ZkBCjbJ8r-cj_21InKF_kY3uG1Nf3BsJmE8qaIungsrQS0unIkn3cygrDZmPbWGSILPAr6XoitWRuBUIGW8uNvGn_t9ynPlAXWnV93Yp4wl0bVlT_MsKP4ZyV-eV9SOQ_CNYoU10TXlqd7GgwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOliBpKG2y5eEA4AKAZgLAcgLAYAMAaoNAk5M4g0TCLTkobbLl4QDFQ7FEQgdcHEI_7AT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ%26sig%3DAOD64_20k7e01TrZ1lft7Mj8olsK1ti4Xw%26client%3Dca-pub-3095732206138064%26dbm_c%3DAKAmf-D2nOSPoR3fIPcCich_TE1S5pPfMRw1qBlvNkH3cn7Z5ounNABDUuuni_ySrMgy1IJqipWzQOskjYbgcSdliZb343oJCE9_VkiBoPU2y16PS6q1WlAUsZuVj4ptupM1gV_IZFiPWA6cX-CJ2YaNTNXgeiDrHIfhRyJnysW2mq2y4muZP0w%26cry%3D1%26dbm_d%3DAKAmf-DrstXMciEcO4JMM_HCBSq-qQu1EMB_Y-upGcGdIVZRt41P3DebLKfJ1am4qSLWCzjaDW6nMc1ir4dkn5p1vXdA8l5FDsyBJZ9zXGlJZD5y-u9q5pKsRAtAsEnh_WMl96a0uTIrqiBNU55ak_cJdg9lwIdchiN-unbfzQy_eQcUdMyKeGQu9wLOPpzu3KXn6YKZC7sZ2gZNugVZpJGgfJb9f-NHZXvRg6IyaWJyUGFhl6kCRis_-VcSr2q9Lv9YyWD6aKqX5N_TsvQ0GkriV4jvZREATsfSdUhPU2rnXUKsgmZYYBQcmRgly7Fd81GdDfGHOvr0ohxiDKk5F43Y42JbhjcMiFQotGaVvxVFJSM1ivi3vupyosb_f2vf0vaeq8mnKFOITRmf-bYWai2cX2ie0tFmR1ugKfWeuBCrN6KcYVLHci8-YTJELrwb5FTLvGjGo9b6ijZao9aVz1IE_Pf-LY6jns1La6IvnNcPP8xiQP8syKXRNbfiS4QwB9Te8mbv5CAuNkIIaXd68jEQOhdoMbgS8FCKO1_2MVtvmqEtMx8DWIscRJKm_UXaOvVg-eHAASWN%26adurl%3D&documentReferer=https%3A%2F%2Faofsoru.com%2F&ancestorOrigins=https%3A%2F%2Faofsoru.com&random=2589323501415&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900030.redintelligence.net/request.php?zone=b0ssnwblwmm3&nw=20&renderingType=javascript&namespace=48b7513072&subid=&uid=5b9f542009354d5e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKN2VVpvCZZuFL46Kx_AP8OKh-A_M-YagaaOwx__3D_AuEAEg4sLrI2CRBMgBCakCsf4QW8UGsj6oAwHIA5sEqgT7AU_QmiN27rGZQjLvvTd0bBJHtcyBojz8HjsX7fPj8D00Hd3fMAIEGYPanGpKpo2My9SiHP5Pe56W6tHVniDT3C7DK8Eag7GnukbCi-PMnEApkGE5iUwCiU9asshYNSRfktzz0akGxk67xugLQKCabbmsq2VvZVTqjMBwSCcj2pCJR-kC3C5itpeJRem9N-w5ZkBCjbJ8r-cj_21InKF_kY3uG1Nf3BsJmE8qaIungsrQS0unIkn3cygrDZmPbWGSILPAr6XoitWRuBUIGW8uNvGn_t9ynPlAXWnV93Yp4wl0bVlT_MsKP4ZyV-eV9SOQ_CNYoU10TXlqd7GgwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOliBpKG2y5eEA4AKAZgLAcgLAYAMAaoNAk5M4g0TCLTkobbLl4QDFQ7FEQgdcHEI_7AT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ%26sig%3DAOD64_20k7e01TrZ1lft7Mj8olsK1ti4Xw%26client%3Dca-pub-3095732206138064%26dbm_c%3DAKAmf-D2nOSPoR3fIPcCich_TE1S5pPfMRw1qBlvNkH3cn7Z5ounNABDUuuni_ySrMgy1IJqipWzQOskjYbgcSdliZb343oJCE9_VkiBoPU2y16PS6q1WlAUsZuVj4ptupM1gV_IZFiPWA6cX-CJ2YaNTNXgeiDrHIfhRyJnysW2mq2y4muZP0w%26cry%3D1%26dbm_d%3DAKAmf-DrstXMciEcO4JMM_HCBSq-qQu1EMB_Y-upGcGdIVZRt41P3DebLKfJ1am4qSLWCzjaDW6nMc1ir4dkn5p1vXdA8l5FDsyBJZ9zXGlJZD5y-u9q5pKsRAtAsEnh_WMl96a0uTIrqiBNU55ak_cJdg9lwIdchiN-unbfzQy_eQcUdMyKeGQu9wLOPpzu3KXn6YKZC7sZ2gZNugVZpJGgfJb9f-NHZXvRg6IyaWJyUGFhl6kCRis_-VcSr2q9Lv9YyWD6aKqX5N_TsvQ0GkriV4jvZREATsfSdUhPU2rnXUKsgmZYYBQcmRgly7Fd81GdDfGHOvr0ohxiDKk5F43Y42JbhjcMiFQotGaVvxVFJSM1ivi3vupyosb_f2vf0vaeq8mnKFOITRmf-bYWai2cX2ie0tFmR1ugKfWeuBCrN6KcYVLHci8-YTJELrwb5FTLvGjGo9b6ijZao9aVz1IE_Pf-LY6jns1La6IvnNcPP8xiQP8syKXRNbfiS4QwB9Te8mbv5CAuNkIIaXd68jEQOhdoMbgS8FCKO1_2MVtvmqEtMx8DWIscRJKm_UXaOvVg-eHAASWN%26adurl%3D&documentReferer=https%3A%2F%2Faofsoru.com%2F&ancestorOrigins=https%3A%2F%2Faofsoru.com&random=2589323501415&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 155

https://hal90007.redintelligence.net/request.php?zone=b1ecwdixnimz&nw=20&renderingType=javascript&namespace=b355b1ea67&subid=&uid=5bbb8cf52d506a2c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPgh5VpvCZZ2FL46Kx_AP8OKh-A_M-YagadO0x__3D_AuEAEg4sLrI2CRBMgBCakCsf4QW8UGsj6oAwHIA5sEqgT_AU_Qun8QFoWHukjHiFjIGfhn04uDVE4V8j10sDfv2BmNkI3KJxP8JZCm2TFbwXjPqPoaV5ERaQZZ9fcsfFRh-66S43YNwNVeO98ZDRguv3ZSpoqrGlRKGJ6iIw2dza5vNElgVnhmjnZMPdC6GCQpE1SqagsHcYe3mjrb1WjxKMlo4lu92VUEw1pobAUGfQQAaK48H8xnJKLYaegFmcahnxJkvkpXmJzPdMT-fDz_vJNCv5h9brA7c1evIHBc9oz7aS6U0AykC4DbPIiAplta0xw0g2vfC5k-u58m9bHmBAMIXDJxV1rQadN1L5g6nVhIBmyXwnMQOZsyBcjO8dLcGcAE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYgaShtsuXhAOACgGYCwHICwGADAGqDQJOTOINEwi15KG2y5eEAxUOxREIHXBxCP-wE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ%26sig%3DAOD64_2LIX01Sr322VZiKmy19xjQcJT1sw%26client%3Dca-pub-3095732206138064%26dbm_c%3DAKAmf-B05F--bjC0Vh2kR432ITnFNB9KvhyA_P_EfrHYAUT5lo9eZ9W3A7JB7xFn_mTw83GeurtAu5q1M9lXpojFa3fw0NsCwvLPaC1b8T0iMiz-yuCratPS-aeDH_1YQxrbFMP9B6CBkm6v3mx6BeymW8zcc0WdSK2j5vh-lnIuZAYHKdRwLJA%26cry%3D1%26dbm_d%3DAKAmf-A7QFnjRKNjH1Hz2FjFeEhUtqUeQGQWoaRAj8P8lGZgy6bYDkJR1OGc_57SOBbosL8w-WlkWJ0NXn7B9UudLR6rRLcWxWumh6tt-FHLYEKMkngjDlX9QFfpE7tKEnjZPf89Owx6udx0euO0zt4mxOqWDlHGr9pY82Ms0pz6SbSzbRd6AYp6txpSc0zn-qWKX10mYrb2AWoUbxpSIrYYP7-dj8NB5MYEpsjW8e4zCpe0XYngoie8fJXH4iabKTyX34bgl__OYjCCtCclVSJad6YlKiCOmP-L33gbHzip7W_pSevVVQDrqMdff7avltnhuj9nrhVxJO2GXPcoSfJcHlI-CJq88WkGNl5rywCYrpPBDABjmDMp6iZOcAVowrBAK8yxsV80X6oRqMtfWcloVTfW4tfAuJMmDzTMboR0rN_jdu_ZZCxn5k60qfc8UNIKadVaNTa5kILlrfmuJm4mDXOm2EgPd1DpaQtiAFAl35d_RedfW5bnWeObWZPNej7Nf6y22g5zJWXaatsavS4ti29HGMhhlnkq8hBoPq0Vm8EBYvsoarnQj2V5gzRvqoftnuC35QZO%26adurl%3D&documentReferer=https%3A%2F%2Faofsoru.com%2F&ancestorOrigins=https%3A%2F%2Faofsoru.com&random=2023948226353&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90007.redintelligence.net/request.php?zone=b1ecwdixnimz&nw=20&renderingType=javascript&namespace=b355b1ea67&subid=&uid=5bbb8cf52d506a2c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPgh5VpvCZZ2FL46Kx_AP8OKh-A_M-YagadO0x__3D_AuEAEg4sLrI2CRBMgBCakCsf4QW8UGsj6oAwHIA5sEqgT_AU_Qun8QFoWHukjHiFjIGfhn04uDVE4V8j10sDfv2BmNkI3KJxP8JZCm2TFbwXjPqPoaV5ERaQZZ9fcsfFRh-66S43YNwNVeO98ZDRguv3ZSpoqrGlRKGJ6iIw2dza5vNElgVnhmjnZMPdC6GCQpE1SqagsHcYe3mjrb1WjxKMlo4lu92VUEw1pobAUGfQQAaK48H8xnJKLYaegFmcahnxJkvkpXmJzPdMT-fDz_vJNCv5h9brA7c1evIHBc9oz7aS6U0AykC4DbPIiAplta0xw0g2vfC5k-u58m9bHmBAMIXDJxV1rQadN1L5g6nVhIBmyXwnMQOZsyBcjO8dLcGcAE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYgaShtsuXhAOACgGYCwHICwGADAGqDQJOTOINEwi15KG2y5eEAxUOxREIHXBxCP-wE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ%26sig%3DAOD64_2LIX01Sr322VZiKmy19xjQcJT1sw%26client%3Dca-pub-3095732206138064%26dbm_c%3DAKAmf-B05F--bjC0Vh2kR432ITnFNB9KvhyA_P_EfrHYAUT5lo9eZ9W3A7JB7xFn_mTw83GeurtAu5q1M9lXpojFa3fw0NsCwvLPaC1b8T0iMiz-yuCratPS-aeDH_1YQxrbFMP9B6CBkm6v3mx6BeymW8zcc0WdSK2j5vh-lnIuZAYHKdRwLJA%26cry%3D1%26dbm_d%3DAKAmf-A7QFnjRKNjH1Hz2FjFeEhUtqUeQGQWoaRAj8P8lGZgy6bYDkJR1OGc_57SOBbosL8w-WlkWJ0NXn7B9UudLR6rRLcWxWumh6tt-FHLYEKMkngjDlX9QFfpE7tKEnjZPf89Owx6udx0euO0zt4mxOqWDlHGr9pY82Ms0pz6SbSzbRd6AYp6txpSc0zn-qWKX10mYrb2AWoUbxpSIrYYP7-dj8NB5MYEpsjW8e4zCpe0XYngoie8fJXH4iabKTyX34bgl__OYjCCtCclVSJad6YlKiCOmP-L33gbHzip7W_pSevVVQDrqMdff7avltnhuj9nrhVxJO2GXPcoSfJcHlI-CJq88WkGNl5rywCYrpPBDABjmDMp6iZOcAVowrBAK8yxsV80X6oRqMtfWcloVTfW4tfAuJMmDzTMboR0rN_jdu_ZZCxn5k60qfc8UNIKadVaNTa5kILlrfmuJm4mDXOm2EgPd1DpaQtiAFAl35d_RedfW5bnWeObWZPNej7Nf6y22g5zJWXaatsavS4ti29HGMhhlnkq8hBoPq0Vm8EBYvsoarnQj2V5gzRvqoftnuC35QZO%26adurl%3D&documentReferer=https%3A%2F%2Faofsoru.com%2F&ancestorOrigins=https%3A%2F%2Faofsoru.com&random=2023948226353&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 157

https://hal900027.redintelligence.net/request.php?zone=b0ssnwblwmm3&nw=20&renderingType=javascript&namespace=b4d60c019c&subid=&uid=cce150ebc19e315f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq3oyVpvCZZ-FL46Kx_AP8OKh-A_M-YagaaOwx__3D_AuEAEg4sLrI2CRBMgBCakCsf4QW8UGsj6oAwHIA5sEqgT-AU_QtGLGW36QeLNvd0Q6OzzVQgJRbCMe_kdvPA9ORAMHrxzMJbVrjovOBCvdhjPff5ddrxGxop_bKInWbE27rvhUshowStygw1djd6tMB79MQSspfjDaIyebmREYN8KIBeoOwTXyyMuqZOIRKyBvSW4OXQwPm2NTFbuQD9YbiQ4_7LGX5FK37WQrdTvw-6YUJSf8bR-5NweyfgdHA9oGQtOzrFhjdRPr4ePgWjEOTMLpwGBA8DAW6JdWjVZ4YFDGKtiLuKgT85cCv66BMsVDrYwQVKO8WKmVpZceOgu66krmEth-HGMQ1dGHkQMZ6Ypnz80bAiEzMuGR9-UHFweZwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOliBpKG2y5eEA4AKAZgLAcgLAYAMAaoNAk5M4g0TCLfkobbLl4QDFQ7FEQgdcHEI_7AT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ%26sig%3DAOD64_0vN82JGZle9QxQqwXAj3dOHfZKbA%26client%3Dca-pub-3095732206138064%26dbm_c%3DAKAmf-A82361eEuejnCbv3WLsqdjxJw-yg9ZTv-YlvzUy9ZlSq79uWysMQUYB1LSpW6NUhemruvFKsO2v3j8AualnHZAyHbefMW1o6Z_o68T2u6Un72zVJ4pVD64cW602G8glj-nupur-MYV2VqrmkeSzJbQzO5ci8J1c67uVqXTvzQKT_MaM6U%26cry%3D1%26dbm_d%3DAKAmf-CrzrCc3V_HVbxzu4wuXmPdmbrzhVV017LhM_Z2n7pjSTlxMrGkYH8lVDVglJ0_1YoS0m7LtRlQREYxaVD3PonX-TfbY0aJg9LAacZhIRQ0EaHHtGRZK9Apf1XJC4qwVIwJnCYTIkklZuzDGZlLnDJF_6i3y8rFqXQf94ldZ0qu4UMfTHFr8zP3Xqz2916NGMhgN-DZ0tZlKFI5p6vcGKgxzUbNVXVQeQcjFUhWIAspQNXC7rp5BN56UaLKdSvNgmeMuDXse1TyuM98rVjnNVaDv9t0qaSzSsisk7J7HhL_uyRTzdIFE6YELwXXCSKSUD-F33huKIqVsG9aSEwEcp68eB3FPYyV8cJa7fNe8JfmdyiYvmkJ0f1M1rdVco0On9P6iU1mfX4N3oGVRYmnqKFsPN3kZgXoEkSCMP_q666q63MEMtznQVkXDxQ9WHlv9SLxbaxBnOsr0tJ2syAiNcsvC-s0jq6BXZZ1QmejaIDJMOE6rlvxZQLjljiJquPxdjZcUu1M4JAlou7N83uK8OCu3U8KXh-gtzHBwqyECI9poelQNPR_ERs9SFNPtoeYU8WUhAYi%26adurl%3D&documentReferer=https%3A%2F%2Faofsoru.com%2F&ancestorOrigins=https%3A%2F%2Faofsoru.com&random=8265929763159&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900027.redintelligence.net/request.php?zone=b0ssnwblwmm3&nw=20&renderingType=javascript&namespace=b4d60c019c&subid=&uid=cce150ebc19e315f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq3oyVpvCZZ-FL46Kx_AP8OKh-A_M-YagaaOwx__3D_AuEAEg4sLrI2CRBMgBCakCsf4QW8UGsj6oAwHIA5sEqgT-AU_QtGLGW36QeLNvd0Q6OzzVQgJRbCMe_kdvPA9ORAMHrxzMJbVrjovOBCvdhjPff5ddrxGxop_bKInWbE27rvhUshowStygw1djd6tMB79MQSspfjDaIyebmREYN8KIBeoOwTXyyMuqZOIRKyBvSW4OXQwPm2NTFbuQD9YbiQ4_7LGX5FK37WQrdTvw-6YUJSf8bR-5NweyfgdHA9oGQtOzrFhjdRPr4ePgWjEOTMLpwGBA8DAW6JdWjVZ4YFDGKtiLuKgT85cCv66BMsVDrYwQVKO8WKmVpZceOgu66krmEth-HGMQ1dGHkQMZ6Ypnz80bAiEzMuGR9-UHFweZwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOliBpKG2y5eEA4AKAZgLAcgLAYAMAaoNAk5M4g0TCLfkobbLl4QDFQ7FEQgdcHEI_7AT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ%26sig%3DAOD64_0vN82JGZle9QxQqwXAj3dOHfZKbA%26client%3Dca-pub-3095732206138064%26dbm_c%3DAKAmf-A82361eEuejnCbv3WLsqdjxJw-yg9ZTv-YlvzUy9ZlSq79uWysMQUYB1LSpW6NUhemruvFKsO2v3j8AualnHZAyHbefMW1o6Z_o68T2u6Un72zVJ4pVD64cW602G8glj-nupur-MYV2VqrmkeSzJbQzO5ci8J1c67uVqXTvzQKT_MaM6U%26cry%3D1%26dbm_d%3DAKAmf-CrzrCc3V_HVbxzu4wuXmPdmbrzhVV017LhM_Z2n7pjSTlxMrGkYH8lVDVglJ0_1YoS0m7LtRlQREYxaVD3PonX-TfbY0aJg9LAacZhIRQ0EaHHtGRZK9Apf1XJC4qwVIwJnCYTIkklZuzDGZlLnDJF_6i3y8rFqXQf94ldZ0qu4UMfTHFr8zP3Xqz2916NGMhgN-DZ0tZlKFI5p6vcGKgxzUbNVXVQeQcjFUhWIAspQNXC7rp5BN56UaLKdSvNgmeMuDXse1TyuM98rVjnNVaDv9t0qaSzSsisk7J7HhL_uyRTzdIFE6YELwXXCSKSUD-F33huKIqVsG9aSEwEcp68eB3FPYyV8cJa7fNe8JfmdyiYvmkJ0f1M1rdVco0On9P6iU1mfX4N3oGVRYmnqKFsPN3kZgXoEkSCMP_q666q63MEMtznQVkXDxQ9WHlv9SLxbaxBnOsr0tJ2syAiNcsvC-s0jq6BXZZ1QmejaIDJMOE6rlvxZQLjljiJquPxdjZcUu1M4JAlou7N83uK8OCu3U8KXh-gtzHBwqyECI9poelQNPR_ERs9SFNPtoeYU8WUhAYi%26adurl%3D&documentReferer=https%3A%2F%2Faofsoru.com%2F&ancestorOrigins=https%3A%2F%2Faofsoru.com&random=8265929763159&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 158

https://hal900018.redintelligence.net/request.php?zone=kqb6i1ypdv7u&nw=20&renderingType=javascript&namespace=0395271650&subid=&uid=925a9cc6b5199e0a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2O06VpvCZZ6FL46Kx_AP8OKh-A_M-Yagaau0x__3D_AuEAEg4sLrI2CRBMgBCakCsf4QW8UGsj6oAwHIA5sEqgT_AU_Qt8i5qrgNz5SamLa5LUlzHGuVQhcH_uf51oF440-Tc2UsXmOVk7rwqIJnWBBwg2KVuhOjyPMzw_b5gcXRPVvMaHfzu032OPvVXnbQ0kxEDdwH5viCIjBsKqISm2jVFfQT8NZsHlk2BJgxyTgNMw5p2QcqrJJYtfTFg8IaWKBRpmn9gDkklMZV_iyD47hlUMDghKitskfRLGO-uZJEhPNvalKkHMBtJ68XbK7v4y0XZ-XlbC8wzrmidJRURzx6iDh7EJSfAQmego8dmMKfIyN03gDE71gQ2_5B87JkT46MqEfyDO48k9tVZmpwFapLn3EKIi-ymzMSgBXVhUNo6MAE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYgaShtsuXhAOACgGYCwHICwGADAGqDQJOTOINEwi25KG2y5eEAxUOxREIHXBxCP-wE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ%26sig%3DAOD64_2u8C21gXHTWa1a51vr2biQkmh40A%26client%3Dca-pub-3095732206138064%26dbm_c%3DAKAmf-BPC3fg73kpP3W6kYQuiV29GUO_WOOX47QYFrrUsOkJbo0dEUyP8UVhtjJ-k273hen0CjHUEJZwtDya-93VcRxFkDd9f6HqqT4b4sqPXilK_hjZCbKKBgxs5OIGG7KEKRmDzpJnstGEC80MoHNZBg8m-ta9GhiT0fbOc39UprCscmH_mno%26cry%3D1%26dbm_d%3DAKAmf-CeV-Fe7zuNSV9EwoQUVXIpMut8D0SjTAW7eHp-unR0ZgRhz5hrK-k-gob5TGuhHhQamwssxJXPFasWFFCE-HwMYR0OJFA9uCuwLkfcoYu-S3Ua1_bypvHmumbqNuwvriCSoOgsj0lU0-9qJyeAqVR9O7ZDd5ajSZDbYm5XkuFufhLG1L6rXmOaQ9yMl0nOQsschtzAcxSzo_YfkyC1WmHaNPHfaOkcb8Ox710gvyTxKLnqAOT6T6_gWGe8krE2N1qzO1307v9vBPPbHsknnZuO3Qm-fW5VOdY2u4ux56QctP0L2mqizgX7iXhgmyFUZJnny0nuMEGyK1WTT3kFIakN7BLyAESs7OaKlySW5NiQwN8iD8hM3E4ydzHHXVImIukdJfhGkFaJuUZr3RnneOsrTIDByjZ4DUr5BmfTuVUg1QOmKUiql3A7I_LZ-NRHGShoRQuM-RSQnYHDkl3ANq4Qsr7SjFWptabTDyfAF4PJlVaYx-a2GQ44m-ORUGOGSV-Kh8BGmkvKGkfIYO7LUwxrvWA5-_sShESa57v7pKBZAo8M0aw7ykBExSA05CsQ1QNX3ICs%26adurl%3D&documentReferer=https%3A%2F%2Faofsoru.com%2F&ancestorOrigins=https%3A%2F%2Faofsoru.com&random=6267765803135&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900018.redintelligence.net/request.php?zone=kqb6i1ypdv7u&nw=20&renderingType=javascript&namespace=0395271650&subid=&uid=925a9cc6b5199e0a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2O06VpvCZZ6FL46Kx_AP8OKh-A_M-Yagaau0x__3D_AuEAEg4sLrI2CRBMgBCakCsf4QW8UGsj6oAwHIA5sEqgT_AU_Qt8i5qrgNz5SamLa5LUlzHGuVQhcH_uf51oF440-Tc2UsXmOVk7rwqIJnWBBwg2KVuhOjyPMzw_b5gcXRPVvMaHfzu032OPvVXnbQ0kxEDdwH5viCIjBsKqISm2jVFfQT8NZsHlk2BJgxyTgNMw5p2QcqrJJYtfTFg8IaWKBRpmn9gDkklMZV_iyD47hlUMDghKitskfRLGO-uZJEhPNvalKkHMBtJ68XbK7v4y0XZ-XlbC8wzrmidJRURzx6iDh7EJSfAQmego8dmMKfIyN03gDE71gQ2_5B87JkT46MqEfyDO48k9tVZmpwFapLn3EKIi-ymzMSgBXVhUNo6MAE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYgaShtsuXhAOACgGYCwHICwGADAGqDQJOTOINEwi25KG2y5eEAxUOxREIHXBxCP-wE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ%26sig%3DAOD64_2u8C21gXHTWa1a51vr2biQkmh40A%26client%3Dca-pub-3095732206138064%26dbm_c%3DAKAmf-BPC3fg73kpP3W6kYQuiV29GUO_WOOX47QYFrrUsOkJbo0dEUyP8UVhtjJ-k273hen0CjHUEJZwtDya-93VcRxFkDd9f6HqqT4b4sqPXilK_hjZCbKKBgxs5OIGG7KEKRmDzpJnstGEC80MoHNZBg8m-ta9GhiT0fbOc39UprCscmH_mno%26cry%3D1%26dbm_d%3DAKAmf-CeV-Fe7zuNSV9EwoQUVXIpMut8D0SjTAW7eHp-unR0ZgRhz5hrK-k-gob5TGuhHhQamwssxJXPFasWFFCE-HwMYR0OJFA9uCuwLkfcoYu-S3Ua1_bypvHmumbqNuwvriCSoOgsj0lU0-9qJyeAqVR9O7ZDd5ajSZDbYm5XkuFufhLG1L6rXmOaQ9yMl0nOQsschtzAcxSzo_YfkyC1WmHaNPHfaOkcb8Ox710gvyTxKLnqAOT6T6_gWGe8krE2N1qzO1307v9vBPPbHsknnZuO3Qm-fW5VOdY2u4ux56QctP0L2mqizgX7iXhgmyFUZJnny0nuMEGyK1WTT3kFIakN7BLyAESs7OaKlySW5NiQwN8iD8hM3E4ydzHHXVImIukdJfhGkFaJuUZr3RnneOsrTIDByjZ4DUr5BmfTuVUg1QOmKUiql3A7I_LZ-NRHGShoRQuM-RSQnYHDkl3ANq4Qsr7SjFWptabTDyfAF4PJlVaYx-a2GQ44m-ORUGOGSV-Kh8BGmkvKGkfIYO7LUwxrvWA5-_sShESa57v7pKBZAo8M0aw7ykBExSA05CsQ1QNX3ICs%26adurl%3D&documentReferer=https%3A%2F%2Faofsoru.com%2F&ancestorOrigins=https%3A%2F%2Faofsoru.com&random=6267765803135&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 164

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8369055238518.604 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CLXa7bbLl4QDFZldkQUdSSwGCw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8369055238518.604

Request Chain 168

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3659696580799.088 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CPHa7bbLl4QDFdpMkQUd5vcHpg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3659696580799.088

Request Chain 170

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5258414706083.105 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CJvd7bbLl4QDFalLkQUd6t0Ipg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5258414706083.105

239 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
aofsoru.com/
Redirect Chain

http://aofsoru.com/
https://aofsoru.com/

62 KB
11 KB

126ms
74ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aofsoru.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3e721ac37527410b7a62ea59a60755a072953aab190671c00181e791b2d120dc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: private, s-maxage=0
cf-cache-status: DYNAMIC
cf-ray: 8516427b6b896680-AMS
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 06 Feb 2024 20:49:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kYKNKhQxcRo3r4uMtUh02125r6h5R%2FPMp5Z1%2BVkLSeX1LvJkIjk%2Fi0s76t8wVpQQu6GFP6OIzBpdDPbkAEGkHCYaV0aekgaFXGyyqutJLOjPfF2xSfwGu438EjpdkydXw4VaTS1PDL5a6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-cache-status: HIT
x-powered-by: ASP.NET
x-server: ns3

Redirect headers

CF-RAY: 8516427ac9476f1a-CDG
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 06 Feb 2024 20:49:26 GMT
Expires: Tue, 06 Feb 2024 21:49:26 GMT
Location: https://aofsoru.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUqa%2BLIz02hOqV%2BszjtxBD%2F68zl7fiaN6iznsjX9y5L%2F6sbQdxkwhSAExSDGrGJoT0nXBf5gBsj2ce5Yegw%2BzBO6VlnZ%2B%2BHISfpUj7OEfg2BDfJVUiRfLGkQ41TxREJrlvq34Flh1UaMUg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 77ms
28ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: aofsoru.com
URL: https://aofsoru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 20:49:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Feb 2024 20:49:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 78ms
29ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:regular,bold,italic,thin,light,bolditalic,black,medium&lang=en

Requested by

Host: aofsoru.com
URL: https://aofsoru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

768883b6985b12ab49b540fdf96144e4e51236fa516332db8c60d8947f30a9c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 20:49:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Feb 2024 20:49:26 GMT

GET
H2 200 material-design-kit.css
cdn.aofsoru.com/Content/assets/vendor/ 7 KB
2 KB 67ms
48ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aofsoru.com/Content/assets/vendor/material-design-kit.css?v=636702343490681516
Requested by: Host: aofsoru.com
URL: https://aofsoru.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b0fc70528855301480c166a01950e48c670d98d8b80a6b4ce62d08a966fb60e1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5404
x-powered-by: ASP.NET
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 19 Aug 2018 00:12:29 GMT
server: cloudflare
etag: W/"acbaf4505137d41:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TjRF2R7U4wQoqDESsEHykHkMZmewh8G3vH09GX5%2F0vTFEcHZh2oufkyF%2FzAoYQ1FPehd%2FvTrQAPCNY6wi0TAdYo3ttDq3hvqRCkrzm2sCtit3SvXdskEouTDp72zJo83VTY0OxdQFGy8HrdXIA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-server: ns3
cf-ray: 8516427bfca46680-AMS

GET
H2 200 style.min.css
cdn.aofsoru.com/Content/assets/css/ 176 KB
27 KB 64ms
45ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aofsoru.com/Content/assets/css/style.min.css?v=638155201797710604
Requested by: Host: aofsoru.com
URL: https://aofsoru.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e967ec90fe90b25bc1d1e082f8b21eda43d2d0a2954e17d0d4fb2da79b57d258

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5404
x-powered-by: ASP.NET
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Mar 2023 13:22:59 GMT
server: cloudflare
etag: W/"c634140af60d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8zjgm272u51jKZWN5BgASvcWT3HqmLjS3BU1wxBN3s94nOTjpD7nVZqrZsyGKFZIA6Wff%2BMvqCGQCtPMw15y6Hy69vtdFqeWe1b5jfOU8K1hIxnqd2FrO9xgy6%2BY1ItsE0F%2FqeWgvTzsgcT%2BcE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-server: ns5
cf-ray: 8516427bfca16680-AMS

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 79ms
36ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: aofsoru.com
URL: https://aofsoru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2769845
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFS86iCQt2SH18dZfhH0tzf%2FdkDCubEkIaLkRhIWDBmkoZTySeKsjgBkJFPgBXaLyU0w4WgvkvWfwXAU9KqtDbwhHPCZCTL7aB%2Fja8aamvwHpFuJPYtnpH5H4D%2BXHcPh8G5%2BiaJwUr0ZXZkW4W2uuz5l"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8516427c1f381e53-FRA
expires: Sun, 26 Jan 2025 20:49:26 GMT

GET
H2 200 jquery.min.js Show response
cdn.aofsoru.com/Content/assets/vendor/ 84 KB
30 KB 60ms
41ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aofsoru.com/Content/assets/vendor/jquery.min.js?v=636702343490350648
Requested by: Host: aofsoru.com
URL: https://aofsoru.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f02a604f7fc67f1184b20b42926272e87ea47aabd41da9f73ab08d7d7d19b38f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5404
x-powered-by: ASP.NET
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 19 Aug 2018 00:12:29 GMT
server: cloudflare
etag: W/"38aeef505137d41:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pudh53lWE%2FvIb2vzHsxDWJ0J5UQT%2BGsObXevkf%2BwB%2F7Jv%2BP62P2X4R6SeL%2FLFBRXSreSA%2F9Vlg16P%2B4XYriJH0UFeBr6PQ2asWgW2aNvvEFj9D0tlzUrmEg48RswpWU%2BKlCj3ki2a%2B9SPIuw08Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-server: ns5
cf-ray: 8516427bfca76680-AMS

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
30 KB 136ms
62ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: aofsoru.com
URL: https://aofsoru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67feddda97c001e4ac9aca7ab16b77d937e22c0b0d7c51836c8a450b2aa40bd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29920
x-xss-protection: 0
server: cafe
etag: 996 / 19759 / m202402010101 / config-hash: 11818957895304582832
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 20:49:26 GMT

GET
H2 200 app_icon_2x_ios.png
aofsoru.com/Content/assets/images/ 6 KB
7 KB 30ms
30ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aofsoru.com/Content/assets/images/app_icon_2x_ios.png
Requested by: Host: aofsoru.com
URL: https://aofsoru.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3075a75fefa88b4268e5ef16ae51b4c0e979ffd4de9912cb70e12a026ff452b9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3757
x-powered-by: ASP.NET
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 6566
last-modified: Fri, 01 Dec 2023 11:33:46 GMT
server: cloudflare
etag: "5514ec3e4a24da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVTr7HamdOcx2t2AgEGVblnAQcI2xeE3A0s6L%2BmJSaESCvUwzdtmTad4WY%2F2CD0zBdOHuCqMPvLxebwqs%2BpM02ARAYCpMby2DjL%2F2kCt1tTpufd18QN%2BT5cQvkC3%2BTcfPa7L6RzQly2opg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-server: ns3
accept-ranges: bytes
cf-ray: 8516427bdc666680-AMS

GET
H2 200 app_icon_2x_android.png
aofsoru.com/Content/assets/images/ 8 KB
9 KB 33ms
33ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aofsoru.com/Content/assets/images/app_icon_2x_android.png
Requested by: Host: aofsoru.com
URL: https://aofsoru.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 86a3115c4b1dcf8824e068ee336cbc6f384740409ea30812393c31f105db2da0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5358
x-powered-by: ASP.NET
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 8554
last-modified: Fri, 01 Dec 2023 11:33:46 GMT
server: cloudflare
etag: "2b31fd3e4a24da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taCahkyOIA4uskoAZe8E6IrhW4%2FlScSjeBZ4zgRqY1oVx1SVUHej6knLCEN3YvIbInQ8%2ByyRRot2WrnCFDKr2K0XuUsDwr8db8MlNGhHe9fH5QyQmyYCiFMwEAbgU3zY4WNQYG60MWb2Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-server: ns3
accept-ranges: bytes
cf-ray: 8516427bdc686680-AMS

GET
H2 200 popper.min.js Show response
cdn.aofsoru.com/Content/assets/vendor/ 18 KB
7 KB 42ms
42ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aofsoru.com/Content/assets/vendor/popper.min.js?v=636702343492216152
Requested by: Host: aofsoru.com
URL: https://aofsoru.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b1151a18abb2b9b51dc38ae3e4e010bdd9911ee8c1d0d3798831dcf6ceedf6cb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1173
x-powered-by: ASP.NET
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 19 Aug 2018 00:12:29 GMT
server: cloudflare
etag: W/"5825c515137d41:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s20bzn5tQsfEJsxKOv%2F%2BrETrAFB3EwfW6p7BIbihpbkLIPtARy6Rq9ASQYuFuCQO90VO0u0ldopleWZpQx0AjYsQKqIAXRDV7CF36Q%2FH0HR%2BiPDTo8oIAILXfLo3wZni7TPJbXuD3AQDb1gS0nA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-server: ns5
cf-ray: 8516427c1cd76680-AMS

GET
H2 200 bootstrap.min.js Show response
cdn.aofsoru.com/Content/assets/vendor/ 49 KB
13 KB 46ms
46ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aofsoru.com/Content/assets/vendor/bootstrap.min.js?v=636702343485383932
Requested by: Host: aofsoru.com
URL: https://aofsoru.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 68815e077fe877e89ee34f4227fa2f3f2e6b711dd909346e021522194d9f3780

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1173
x-powered-by: ASP.NET
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 19 Aug 2018 00:12:28 GMT
server: cloudflare
etag: W/"fce4a3505137d41:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e62UgRU%2BqiNB6f1e%2BTyjS5tJ633R%2F5uynoJrMPoqAuwvRSWJDOOPyXeOGIXvnbb1p%2FeYKJRuIi4oMiP13KtaxXeFamLuoZLuC0kqIdCovG%2BSdvE5g24lDBsYohGEdbehnOFv7%2FfMeQkF8UDNyEQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-server: ns5
cf-ray: 8516427c1cdb6680-AMS

GET
H3 200 dom-factory.js Show response
cdn.aofsoru.com/Content/assets/vendor/ 21 KB
7 KB 33ms
33ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aofsoru.com/Content/assets/vendor/dom-factory.js?v=636702343486410882
Requested by: Host: aofsoru.com
URL: https://aofsoru.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b86b15eec88dbd693de59ed8925454bbe0b9fb86182b2090ba27c7e27a5bf196

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2476
x-powered-by: ASP.NET
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 19 Aug 2018 00:12:28 GMT
server: cloudflare
etag: W/"8290b3505137d41:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dr1J1zpU77YGs5eG1xOp%2B1WzEhWwrVKFtZfpGIc5DPGVSk31juC%2FODoB6qrtRG03YhUfabLRFVbR8H1Q9rN%2FykAcR3JtkIqi59Dcq3%2F9fvrr36VkepcjpJPXP4TdqVhH8JU4zUaQpMNxnIZSETE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-server: ns5
cf-ray: 8516427c6c065d4c-FRA

GET
H3 200 material-design-kit.js Show response
cdn.aofsoru.com/Content/assets/vendor/ 44 KB
11 KB 37ms
35ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aofsoru.com/Content/assets/vendor/material-design-kit.js?v=636702343490710324
Requested by: Host: aofsoru.com
URL: https://aofsoru.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e633a600c650c82ef618f1595455b135f3eb675e291333d43edcedf430887112

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2476
x-powered-by: ASP.NET
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 19 Aug 2018 00:12:29 GMT
server: cloudflare
etag: W/"342bf5505137d41:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2Lq2PS6Te%2FdFE9DcwZ6ogUA6%2FEm2czGfKG2%2BYffWMT%2FH%2BQLABBYKwdgXQV%2FKSyt1wlTTQwaDYO6PIx%2Ff%2BTcAHi2CftL9vzhBnp1qqzum8fn3krBMaDpv9wgRZCqRRmTNnIMRWQlp%2FqTiK%2BPGs8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-server: ns5
cf-ray: 8516427c6c075d4c-FRA

GET
H3 200 main.js Show response
cdn.aofsoru.com/Content/assets/js/ 1 KB
1 KB 54ms
53ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aofsoru.com/Content/assets/js/main.js?v=637151265434928269
Requested by: Host: aofsoru.com
URL: https://aofsoru.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 12c50cb02f944218f145a1842ed2962dc2a189d925acc23cb3de8966bd27260f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 20 Jan 2020 14:15:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8d84f9199ccfd51:0"
x-powered-by: ASP.NET
x-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4uWd21btWf8gDEXsMY8UlDogqcxnQBnxbAq4sWw0OKUFziAEYdlRV5NroI6qaSxCRYsAsUd7mtHRF%2B7dwr57hHQxrPQogY62NUg78FzUALvJiLzqBUgnAm7I2IKXy5QBirsImgpi0zC3Ae6qrk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
x-server: ns5
cf-ray: 8516427c6c095d4c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 countdown.min.js Show response
cdn.aofsoru.com/Content/assets/js/ 3 KB
2 KB 55ms
53ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aofsoru.com/Content/assets/js/countdown.min.js?v=637226849961850836
Requested by: Host: aofsoru.com
URL: https://aofsoru.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d2fdbbcb9c517aa30b467230f0da54faa28f08eff7e62abfa07217897ec85399

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 17 Apr 2020 01:49:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"d437da7e5a14d61:0"
x-powered-by: ASP.NET
x-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uL2BevR3BFQrT%2FyNfRB%2Bcu9E4JhaFNpSApH%2FtTtat3nYXaAOsINOljlIYuV1lMvilRgVhyZTth7jtEoK1ImJGpH160COjRdvuNEF2qk%2Bbttq5dFAlHYxPeFAtAOGf9q%2FKtDn49jGJkqm5v%2BVKic%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
x-server: ns5
cf-ray: 8516427c6c0b5d4c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Cookie.min.js Show response
cdn.aofsoru.com/Content/assets/js/ 742 B
806 B 35ms
34ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aofsoru.com/Content/assets/js/Cookie.min.js?v=637302516045099284
Requested by: Host: aofsoru.com
URL: https://aofsoru.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 22ead19470d5ff79454a52a4bc03c3d6f331ccd1f9b4e4b5762cf97a1aa3551a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2416
x-powered-by: ASP.NET
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 13 Jul 2020 15:40:04 GMT
server: cloudflare
etag: W/"14b1dde02b59d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7J%2FwzSDdaFkhSbkBkF2ARRp7%2FumddHGDPWEpzBv3Ktm%2Fp01hWbaPVLT5vJKG%2BiUfKiEEFyR4%2BUwpYY561N87dTDcQXlvER3JuymJJgyVfXEx6uIXYaBMcMKzowKxxTpeGSzq8RdbKxeGxjrW%2BWY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-server: ns5
cf-ray: 8516427c6c0d5d4c-FRA

GET
H3 200 Developer.js Show response
cdn.aofsoru.com/Content/assets/js/ 2 KB
1 KB 55ms
54ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aofsoru.com/Content/assets/js/Developer.js?v=638155889747499494
Requested by: Host: aofsoru.com
URL: https://aofsoru.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b1757f9bb61c74a631ac6217bf8c3390b3b7d47f27a1c2554620af3a692755e4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1837
x-powered-by: ASP.NET
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Mar 2023 08:29:34 GMT
server: cloudflare
etag: W/"e619426d4f61d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UudFhZfZwBQxjs7C7EISPQZlHwzSB0wPStoGzBrWDDFXmZEJkd3hYNEYzkfMFX3Qzd75ZTae4ZnsPDXW2Ihxw6ENovDcd0%2F53K6Fidb9Bu0x1MYAU9u%2BfNDXdR8rPPn6IlKGNkri3%2F0i8Opmu9c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-server: ns5
cf-ray: 8516427c6c0e5d4c-FRA

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 97ms
39ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: aofsoru.com
URL: https://aofsoru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 3593
etag: W/"a87c48d211877c49b878679b2e3cdab8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8516427cbd7f995a-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Feb 2024 20:49:26 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 113ms
66ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3095732206138064

Requested by

Host: aofsoru.com
URL: https://aofsoru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e2615993bcdb5994ffe8f88eb96234bceca452412980c66e0174738734b4d7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aofsoru.com/
Origin: https://aofsoru.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51438
x-xss-protection: 0
server: cafe
etag: 1692916510903120208
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 06 Feb 2024 20:49:26 GMT

GET
H2 200 outside.js Show response
static.virgul.com/theme/mockups/adcode/ 80 KB
28 KB 353ms
55ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=aofsoru&disableAdsenseCode=true

Requested by

Host: aofsoru.com
URL: https://aofsoru.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),

Reverse DNS

Software

openresty/1.15.8.3 /

Resource Hash

c3d790c927bcf40994046a33e13311619ede6222e2ef2b0a5581459337c6cc9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
last-modified: Mon, 05 Feb 2024 07:44:36 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 177 KB
64 KB 126ms
78ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-33768699-8

Requested by

Host: aofsoru.com
URL: https://aofsoru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6abf78b059960766b33e78536d49926141b8ca02ee6644d85b8e203392ac28a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65854
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 20:00:57 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Feb 2024 20:49:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
90 KB 93ms
46ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2BVGS4SLY7

Requested by

Host: aofsoru.com
URL: https://aofsoru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e635d0620a95bd1e1341c2ba41c1292e1fb737975553c6fc1c6226362acb48b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91582
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Feb 2024 20:49:26 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v141/ 125 KB
126 KB 75ms
27ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v141/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aofsoru.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 00:08:03 GMT
x-content-type-options: nosniff
age: 506483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:11:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 00:08:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 133ms
86ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,bold,italic,thin,light,bolditalic,black,medium&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aofsoru.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 09:10:14 GMT
x-content-type-options: nosniff
age: 41952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 09:10:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 69ms
22ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,bold,italic,thin,light,bolditalic,black,medium&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aofsoru.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 18:50:29 GMT
x-content-type-options: nosniff
age: 7137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 18:50:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 97ms
50ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,bold,italic,thin,light,bolditalic,black,medium&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aofsoru.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 18:51:53 GMT
x-content-type-options: nosniff
age: 7053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 18:51:53 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 128ms
83ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,bold,italic,thin,light,bolditalic,black,medium&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aofsoru.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 00:14:38 GMT
x-content-type-options: nosniff
age: 74088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 00:14:38 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 127ms
84ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,bold,italic,thin,light,bolditalic,black,medium&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aofsoru.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 21:16:49 GMT
x-content-type-options: nosniff
age: 84757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2025 21:16:49 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 121ms
81ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,bold,italic,thin,light,bolditalic,black,medium&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aofsoru.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 18:51:21 GMT
x-content-type-options: nosniff
age: 7085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11824
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 18:51:21 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 39ms
39ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 3586
etag: W/"e3be409ac3c100e2a5d3f264ec260551"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8516427d0dc8995a-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Feb 2024 20:49:26 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/ 406 KB
138 KB 116ms
74ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3095732206138064&plah=aofsoru.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3095732206138064

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a8b538356ab003b92c7267fa460b1af544e04bc9c6ad1bce151d78fc03c112d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141012
x-xss-protection: 0
server: cafe
etag: 8615906207697924113
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 20:49:26 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240201/r20190131/ Frame E372 9 KB
5 KB 86ms
30ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240201/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3095732206138064

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aofsoru.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 62388
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 03:29:38 GMT
etag: 3890843268177463596
expires: Tue, 20 Feb 2024 03:29:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/ 436 KB
137 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b00ed7ac792010cdeddcb5d6c719ff7e719e5046dedac2053b3caf64fceb579a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 14:48:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21648
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139580
x-xss-protection: 0
server: cafe
etag: 9278201123426970819
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 05 Feb 2025 14:48:38 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/b97385c5-fc3c-4c65-aacd-e3be22a61f54/ 3 KB
2 KB 48ms
32ms Script
text/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/b97385c5-fc3c-4c65-aacd-e3be22a61f54/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3085239b0ac1198bb491fd88eea460c2bdc4e6bd4fcbcaed23649eefe455b2f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 1162
cf-polished: origSize=3097
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: f2f6c648-3f9d-4a73-b7af-21fd56f5e31e
x-runtime: 0.032411
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"7dc39e90ab9d8cc040d69c9158562827"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 8516427dae49995a-FRA
access-control-allow-headers: SDK-Version
expires: Tue, 06 Feb 2024 21:49:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 79ms
32ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-33768699-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 06 Feb 2024 19:30:43 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4723
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 06 Feb 2024 21:30:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
90 KB 49ms
49ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2BVGS4SLY7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-33768699-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c679ed395e3c4909d63aac8311eb4f012658c30c5f030e0a3ba406fb0fde5f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91584
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Feb 2024 20:49:26 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 46ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2BVGS4SLY7&gtm=45je41v0v882518051za200&_p=1707252566511&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=2111608831.1707252567&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707252566&sct=1&seg=0&dl=https%3A%2F%2Faofsoru.com%2F&dt=A%C3%B6f%20%C3%87%C4%B1km%C4%B1%C5%9F%20Sorular%2C%20Ders%20Notlar%C4%B1%20ve%20%C3%96zetleri%2C%20Online%20Deneme%20S%C4%B1navlar%C4%B1&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1&tfd=514
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BVGS4SLY7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aofsoru.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 82ms
23ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 03:49:37 GMT
content-encoding: gzip
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 61190
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: yFhs-B1mmZq30mTljEjd7vYzSI-4Aqm90Xe5pAjFm7MGCwDGNWwn2g==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 104ms
50ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
via: 1.1 google, 1.1 google
last-modified: Mon, 05 Feb 2024 22:07:56 GMT
server: Google Frontend
etag: cd19e0900da0cdbc6697310fd9330fb6
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 20f8fbbe0a94fe68cbf359cea960bb8d
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1195

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 93ms
37ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17254
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230065-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FJ6ycbRiODQv4CFgrE%2BGqBVk8BjTPQr2PLEb%2B%2Bh%2BNYZsDHvNksniZe3%2BclI4Ew9le9lYlJY6pZbJlIJTLDrVHImsFUrbQWFLBaWQFJjOsfPvPxk5lFJrjNsNtbPma3MJyuB%2B5AeKzxFKHGfztg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8516427e687165e0-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 87 KB
26 KB 89ms
40ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f71c68db8f50cecab42686d45c685b9fa2710dac74bd8eb50df4689575fc204

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 30 Jan 2024 10:08:32 GMT
server: cloudflare
x-amz-request-id: HC3GMQDS1M9PJN19
age: 93
etag: W/"b03d5064c95ecd01501cdae49ca9228b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8516427e5dcf5c92-FRA
x-amz-id-2: jw6eOjITyZMwzi+XbJUz0At6efUxoZs1r6aOKrKrRYwZN+kjZrFOqEUqvQotf6n7JddF4P+yn7dAbcbh78EoVw==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 47ms
19ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 18 Jan 2024 07:12:05 GMT
server: nginx
etag: W/"65a8cf45-a585"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Feb 2024 20:49:26 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 17 KB
6 KB 100ms
28ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ad3f727ef5f17ff632a0cf27ad59f11458e1b4033322e5d2b4b2c3abe09ca5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 02 Feb 2024 21:17:15 GMT
server: cloudflare
age: 330710
etag: W/"65bd5bdb-42d1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8516427e8eb935f6-FRA
expires: Fri, 09 Feb 2024 20:49:26 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 69ms
16ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:32:29 GMT
content-encoding: gzip
age: 47817
x-guploader-uploadid: ABPtcPrLJ2cG2rdoYOLEzFOPU4uVt4WIE3JpWYoeW6OV4DuUWJIwQHpdmWcBtmI9tXU29I1-rBLMpuUvZQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Wed, 05 Feb 2025 07:32:29 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 101 KB
26 KB 535ms
535ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3272880346920995&correlator=3705609348221242&eid=31079957%2C31080782%2C31080857%2C95323523&output=ldjh&gdfp_req=1&vrg=202402010101&ptt=17&impl=fifs&iu_parts=115608474%2CAOFSoruV4_Web_Masthead_Smart_1%2CAOFSoruV4_Web_Pageskin_Left_Smart_1%2CAOFSoruV4_Web_Sidebar_1%2CAOFSoruV4_Web_Footer_Fixed%2CAOFSoruV4_Web_Question_1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=970x250%7C980x120%7C930x180%7C970x90%7C960x90%7C970x66%7C980x90%7C950x90%7C750x300%7C750x200%7C750x100%7C728x90%2C300x600%2C336x280%7C300x250%7C300x100%7C320x50%2C980x90%7C970x90%7C970x66%7C960x90%7C950x90%7C750x100%7C728x90%7C468x60%7C320x100%7C320x50%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C234x60%7C220x90%7C216x54%7C216x36%7C168x42%7C168x28%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31%2C480x320%7C336x280%7C300x250%7C250x250%7C234x60%7C320x480%7C300x600%7C240x400%7C300x100%7C468x60%7C320x50&ifi=2&didk=38170898~38170893~38170892~38170890~38170895&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1707252566716&lmt=1707252566&adxs=315%2C0%2C967%2C310%2C-9&adys=84%2C77%2C478%2C1180%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Faofsoru.com%2F&vis=1&psz=1600x0%7C1600x2740%7C334x2432%7C1600x2740%7C0x-1&msz=1600x0%7C300x-1%7C334x0%7C1600x-1%7C0x-1&fws=0%2C512%2C0%2C512%2C2&ohw=0%2C0%2C0%2C0%2C0&ga_vid=2111608831.1707252567&ga_sid=1707252567&ga_hid=831281004&ga_fc=true&dlt=1707252566366&idt=333&adks=1567319161%2C1809453319%2C4080222532%2C3161062677%2C3681370843&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25be91b1d8af9a83cdf5946c0a6f9e596e950b24b2de768b36bd34fef502e993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:27 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27009
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://aofsoru.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3388 6 KB
3 KB 121ms
27ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aofsoru.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 20:49:26 GMT
expires: Wed, 05 Feb 2025 20:49:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
203 B 38ms
38ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=831281004&t=pageview&_s=1&dl=https%3A%2F%2Faofsoru.com%2F&ul=en-us&de=UTF-8&dt=A%C3%B6f%20%C3%87%C4%B1km%C4%B1%C5%9F%20Sorular%2C%20Ders%20Notlar%C4%B1%20ve%20%C3%96zetleri%2C%20Online%20Deneme%20S%C4%B1navlar%C4%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=393860866&gjid=807979828&cid=2111608831.1707252567&tid=UA-33768699-8&_gid=863012986.1707252567&_r=1&gtm=457e41v0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&jsscut=1&z=79775420

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://aofsoru.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aofsoru.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame CB9F 14 KB
6 KB 44ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=aofsoru.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://aofsoru.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 20:49:26 GMT
server: Kestrel
server-processing-duration-in-ticks: 440818
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Faofsoru.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Faofsoru.com%2F&rid=esp&cc=1

85 B
194 B

125ms
124ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Faofsoru.com%2F&rid=esp&cc=1
Requested by: Host: aofsoru.com
URL: https://aofsoru.com/
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: d13bff6817f76571eb3cd9be78066ff34779e9bed1e820e6ec94eae923dc06a4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:27 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-ZwBMBwjH2X7qWwP7hBqPqyiSimA"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://aofsoru.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Tue, 06 Feb 2024 20:49:26 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://aofsoru.com
location: /esp?url=https%3A%2F%2Faofsoru.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 113ms
34ms XHR
application/json 52.49.227.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.227.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-227-53.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a222974d55a9a08c1b78db96ef4fba9e574fb525b6beea9917fb423135bc3099

Request headers

Referer: https://aofsoru.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:26 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://aofsoru.com
cache-control: no-cache
x-server: 10.45.17.246
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
227 B 74ms
22ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://aofsoru.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://aofsoru.com
date: Tue, 06 Feb 2024 20:49:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

sid Show response
mug.criteo.com/ Frame CB9F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=aofsoru.com&sn=ChromeSyncframe&so=0&topUrl=aofsoru.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=8mejAXwyRUxoYkI0K3Z3SjRiT3orSWszd1NJZzRodVlUL3VBVHpsb25KV1JPR0lSbVBiOFZ3OTFKdm9MMk5GelZiekNCZWplMkN5amMzaWZPYzE4Rk14UkEvOWVLVnlRRkNFN21PckNiWGZkOWxQS3dTOUtTSFZhYXpHUX...

431 B
647 B

15ms
15ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=8mejAXwyRUxoYkI0K3Z3SjRiT3orSWszd1NJZzRodVlUL3VBVHpsb25KV1JPR0lSbVBiOFZ3OTFKdm9MMk5GelZiekNCZWplMkN5amMzaWZPYzE4Rk14UkEvOWVLVnlRRkNFN21PckNiWGZkOWxQS3dTOUtTSFZhYXpHUXdQR3AzMG1yN0w0MW5FWk5zWHdDMVBvTXE3TjZDcFltQ01BRG52dFMzZ1JycmozMVBhNW9YUFFqbm0yNWJNRERCdU1jUHFZd1M4b1phcEVKZ3VwQ2FmRkhLRU9sSlg1VEdUZ0J3N2Y5bFEvNFZYVnZieDFieW10M1I2QnpyN2d5c3cxMTNiUEVsQ29OZnV5NUdSZXpXY0ZFeGdmZmdCTDNiM3BobW45eStidjY4Vk5KRXlsWT18&cppv=2

Requested by

Host: aofsoru.com
URL: https://aofsoru.com/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

390dcbb9c68e035a3380e5c4e42af0b5db542486266a613c04adcf6720f6e2cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:25 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1584641
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=8mejAXwyRUxoYkI0K3Z3SjRiT3orSWszd1NJZzRodVlUL3VBVHpsb25KV1JPR0lSbVBiOFZ3OTFKdm9MMk5GelZiekNCZWplMkN5amMzaWZPYzE4Rk14UkEvOWVLVnlRRkNFN21PckNiWGZkOWxQS3dTOUtTSFZhYXpHUXdQR3AzMG1yN0w0MW5FWk5zWHdDMVBvTXE3TjZDcFltQ01BRG52dFMzZ1JycmozMVBhNW9YUFFqbm0yNWJNRERCdU1jUHFZd1M4b1phcEVKZ3VwQ2FmRkhLRU9sSlg1VEdUZ0J3N2Y5bFEvNFZYVnZieDFieW10M1I2QnpyN2d5c3cxMTNiUEVsQ29OZnV5NUdSZXpXY0ZFeGdmZmdCTDNiM3BobW45eStidjY4Vk5KRXlsWT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 360194
content-length: 0
expires: 0

GET
H2 200 ads.js Show response
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ 120 B
338 B 52ms
52ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=aofsoru&disableAdsenseCode=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),

Reverse DNS

Software

openresty/1.15.8.3 /

Resource Hash

d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
strict-transport-security: max-age=63072000
last-modified: Wed, 21 Dec 2022 18:47:42 GMT
server: openresty/1.15.8.3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 120

GET
H2 200 str.html Show response
static.virgul.com/theme/mockups/outside/ Frame 59FF 891 B
1 KB 53ms
53ms Document
text/html 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.virgul.com/theme/mockups/outside/str.html?v=2

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=aofsoru&disableAdsenseCode=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),

Reverse DNS

Software

openresty/1.15.8.3 /

Resource Hash

2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://aofsoru.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 891
content-type: text/html
date: Tue, 06 Feb 2024 20:49:26 GMT
last-modified: Wed, 28 Sep 2022 10:07:57 GMT
server: openresty/1.15.8.3
strict-transport-security: max-age=63072000

GET
H2 200 prebid8.23.0.js Show response
static.virgul.com/theme/mockups/outside/ 543 KB
204 KB 57ms
57ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.virgul.com/theme/mockups/outside/prebid8.23.0.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=aofsoru&disableAdsenseCode=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),

Reverse DNS

Software

openresty/1.15.8.3 /

Resource Hash

643dd75cf9812c16397f2d14bd471c6265b4b2edf68b1a4297ca7daaf0f97dc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
last-modified: Thu, 16 Nov 2023 07:43:07 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 286 KB
71 KB 97ms
25ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=aofsoru&disableAdsenseCode=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 928a9c9642d5cb3bcfc458aa85b5bb31f26478245dd8ab187e624c1c21a9919a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:10:05 GMT
content-encoding: gzip
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified: Tue, 06 Feb 2024 19:17:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2362
x-amz-server-side-encryption: AES256
etag: W/"ba3382d9d570ac4bd87a011e1fec124d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: JEdOK0KN-J0P-i-cSP5IUYOe_65fUSvHNrBOCYtYn-d6TUe2enYqbQ==

GET
H2 200 pageview Show response
ng.virgul.com/ 15 KB
4 KB 110ms
90ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/pageview?c=site_geneli&mt=1707252566877&v=https%3A%2F%2Faofsoru.com%2F&r=aofsoru:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1&info=&ref=&rdmt=0.4474985906072151
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=aofsoru&disableAdsenseCode=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 88062de3c8a5648159d1b91e4c1b8caba24abccf90e282ba59bd47630e64303f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://aofsoru.com
content-type: application/javascript
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT

GET
H2 200 aofsoru.js Show response
static.virgul.com/theme/mockups/fallback/ 14 KB
5 KB 54ms
54ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.virgul.com/theme/mockups/fallback/aofsoru.js?dts=19759

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=aofsoru&disableAdsenseCode=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),

Reverse DNS

Software

openresty/1.15.8.3 /

Resource Hash

ca5f111d27fc6d71bc7bcb10a3333f7ab9cbedc0228a4e80c516918ce4a855cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
last-modified: Tue, 06 Feb 2024 16:11:29 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 ca-pub-3095732206138064 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 150ms
60ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-3095732206138064?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3095732206138064&plah=aofsoru.com&aplac=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

184a9f7058855625085d6487933125ce1dcc1c73202ab0f24b19dfd3f2b46987

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-9LVsjuke9if39sJpHPM4Qg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-9LVsjuke9if39sJpHPM4Qg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsCoxSXFEKQhxbCIfxfTyVu3mS4C8XmnO0zXgfiiylOmm0Bcy_CMqRWIH4Q_Y3oBxAYaz5ksgJjxzwsmTiB-9-UlE8fXl0wSQKwGxO8kXzF9A-IdPh4sb8Kns7JFTGeNq5vOmgPEfOums2qun8665cx01j1AHPN8OmsKEC9mncG6GoinBM5gnQPETukzWAOA-HPmDNbfQOxTP4M1CojLbp9jrQNiYbnzrNJALMTNcX1b1zo2gQsdH4QBt-NWqA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hb Show response
ng.virgul.com/ 18 KB
3 KB 66ms
66ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=aofsoru&dts=474236
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=aofsoru&disableAdsenseCode=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: f7fb51cd21138592ab834d10406bd4fb5e913ff3b5effafb95cb9fc5e37be52d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:26 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://aofsoru.com
content-type: application/javascript
cache-control: max-age=3600
access-control-allow-credentials: true

GET
H2 200 aofsoru.js Show response
static.virgul.com/theme/mockups/sites/ 97 B
314 B 53ms
53ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.virgul.com/theme/mockups/sites/aofsoru.js?dts=474236

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=aofsoru&disableAdsenseCode=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),

Reverse DNS

Software

openresty/1.15.8.3 /

Resource Hash

b04e9b8a3d9276fb2aabb2d883426e66070ed4a95f7bca76cd93d9e4fbc7ce79

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:27 GMT
strict-transport-security: max-age=63072000
last-modified: Mon, 19 Dec 2022 12:37:58 GMT
server: openresty/1.15.8.3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 97

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 17 KB
5 KB 70ms
15ms Script
application/javascript 35.241.45.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?namespace=empower&class=empower-ad&site=aofsoru&disableAdsenseCode=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:03:35 GMT
content-encoding: gzip
age: 2752
x-guploader-uploadid: ABPtcPovD4Qg5VSjTHzBrW150dKQT_TJV_KXryGSgFuZ2vbq_MNtzT7hniqCsxRFHaBDgSID4hGpR8m5xA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5009
last-modified: Mon, 05 Jun 2023 16:36:50 GMT
server: UploadServer
etag: "47a886353056caf33a998c6041e20896"
vary: Accept-Encoding
x-goog-generation: 1685983010517890
x-goog-hash: crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 5009
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 zoneview
ng.virgul.com/ 0
210 B 54ms
53ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1707252566993&v=https%3A%2F%2Faofsoru.com%2F&r=155365@154960:aofsoru&userId=vnet0da75db3-8f58-490c-91f0-496c182dd1c2&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1&info=&ref=&rdmt=0.11552081227956079
Requested by: Host: aofsoru.com
URL: https://aofsoru.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: https://aofsoru.com
date: Tue, 06 Feb 2024 20:49:27 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 empowerwebplayer4.js Show response
static.virgul.com/theme/mockups/outside/ 12 KB
4 KB 55ms
55ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL

https://static.virgul.com/theme/mockups/outside/empowerwebplayer4.js?v=18

Requested by

Host: aofsoru.com
URL: https://aofsoru.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),

Reverse DNS

Software

openresty/1.15.8.3 /

Resource Hash

7c0da909438cc10026ad4e61a73d30be3a6cdba12d41f9dc1baa20ca65a2abec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:27 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
last-modified: Mon, 25 Sep 2023 09:37:34 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 e0a76a78-9ad1-46f2-a337-886c2e24ac91 Show response
config.aps.amazon-adsystem.com/configs/ 564 B
839 B 91ms
28ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-71.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: bf1c7d4c32aa2782a67d98cd449bb2ca1276c4df627aaf8ceed4f92d707de88c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:26:59 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1348
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: Ebe_M0GTrE5ruvT0mnF6kmZNmWDOFYiN8Wvvd64Qm3HG0iHAV4_SgA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 488 B
844 B 29ms
29ms XHR
application/json 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Faofsoru.com&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 844b87b27dc65dd4bfd6b4a840673478ecdb0512337f6b30f7af691c339908af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:27:57 GMT
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 12090
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://aofsoru.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 488
x-amz-cf-id: rGbDZF5Y-Tt83THn_n83-SHz7T3KH8kChsrdYa6DgIEd601FdRIoFA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 66ms
23ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 07:00:13 GMT
x-amz-cf-pop: FRA56-P6
age: 49755
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: trrTDpLhIVX8y7ldiEtTuE0dOB_6wg4g9lGotog72n2tuR4Khw2NMQ==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 87 KB
25 KB 35ms
34ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: aofsoru.com
URL: https://aofsoru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b63e543d612152f5b04c6e77f5f8797cb13416c9c2e4440705565bb60d9d8373

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 30 Jan 2024 10:08:32 GMT
server: cloudflare
x-amz-request-id: AHNG0YEYX342ZYQ8
age: 3459
etag: W/"e88c8a94cbeb20543c62bf06c653a335"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 851642800f395c92-FRA
x-amz-id-2: T/HkvP+JeHCw0+meS+cHa2U5AWCGuE3Uk1NKwTHzreadI2lkkRbMB9Ljk5ol9tbxDSwaj+cn5Gg=

GET
H2 200 NoktaNpmPlayerApi.js Show response
c1.imgiz.com/player_others/html5/ 7 KB
3 KB 349ms
53ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19759
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer4.js?v=18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:27 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 11:58:21 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Tue, 13 Feb 2024 20:49:27 GMT

GET
H2 200 tag Show response
feed.pghub.io/ Frame F134 13 B
261 B 103ms
24ms Document
text/html 34.102.243.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.pghub.io/tag?referrer_url=&page_url=https%3A%2F%2Faofsoru.com%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://aofsoru.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-security-policy: default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type: text/html;charset=utf-8
date: Tue, 06 Feb 2024 20:49:27 GMT
server: Jetty(11.0.13)
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 200 AGSKWxXayO7TVyoDEBijKR1t0CccVDanVwgSOVJ8nsJKj0PckhD58tllHEKj6maBP7G38OBotbNkYU4xs2SdjokLI_-Y5ynzKCchc4AeyeFG0Yuhio83PXOAHMLFOFDT9SPt4gyy1rs3MA== Show response
fundingchoicesmessages.google.com/f/ 387 KB
60 KB 144ms
143ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXayO7TVyoDEBijKR1t0CccVDanVwgSOVJ8nsJKj0PckhD58tllHEKj6maBP7G38OBotbNkYU4xs2SdjokLI_-Y5ynzKCchc4AeyeFG0Yuhio83PXOAHMLFOFDT9SPt4gyy1rs3MA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MjUyNTY3LDExMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hb2Zzb3J1LmNvbS8iLG51bGwsW1s4LCJnRHR5ZzZYbDQ1ayJdLFs5LCJubCJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.gDtyg6Xl45k.es5.O/am=wA/d=1/rs=AJlcJMyBDJI5YzXWbRWcFzS1KZcz1MhUSw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

865995bf9dadb3924a5d627961253f559d0eddfa7f7b85e8ba2f951fa4ca29f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-krhuTZ1bEBJ5_en4C2JQQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-krhuTZ1bEBJ5_en4C2JQQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sKoxSXF4KAhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQListvnWOuAWFjuPKs0EAtxc1zf1rWOTeDGpA2FALoKUEU"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame AB8F 199 B
298 B 95ms
23ms Document
text/html 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://aofsoru.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Tue, 06 Feb 2024 20:49:27 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 container.html Show response
daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FFA5 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aofsoru.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 20:49:26 GMT
expires: Wed, 05 Feb 2025 20:49:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6694 6 KB
3 KB 19ms
19ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aofsoru.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 20:49:26 GMT
expires: Wed, 05 Feb 2025 20:49:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 98E9 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aofsoru.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 20:49:26 GMT
expires: Wed, 05 Feb 2025 20:49:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 08CE 6 KB
3 KB 19ms
19ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aofsoru.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 20:49:26 GMT
expires: Wed, 05 Feb 2025 20:49:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F0D0 624 B
537 B 71ms
69ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiv77vGATAB&v=APEucNUaA6Ki156HATeVwPkd7kc6qQ0_xKQWxESaZPVkNaJS93VIr70uvuEVntAKwDpj9R6P1etv6IrI7U8sknhbWduyVJuufx1FC_49LR4eaX3B2NpdkHkPGgLwgakWhhfFq47Ef-WUgQK7gSQY_ZufEO668KvMfz0QneP_8xJTs_xuBPRAFoE

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 20:49:27 GMT
expires: Tue, 06 Feb 2024 20:49:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FFA5 93 KB
33 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 20:49:27 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFA5 42 B
63 B 97ms
96ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bp6pncNMe8GzYb_Wz5c6K8_bE-FLFtAqWd4hn-PHOdNplx1Vhdab9VWjB2lFPPxQdCDK-pI--PGXiYPkFPexZhNw8i3qZdycNO8KdApXd9dP_MCpw

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame FFA5 3 KB
1 KB 104ms
43ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/window_focus_fy2021.js

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 15:35:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 15:35:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame FFA5 20 KB
9 KB 81ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77044
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 23:25:23 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame FFA5 205 KB
62 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:35:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63267
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 21:35:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 105 KB
6 KB 36ms
36ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.gDtyg6Xl45k.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzrrQiqp6pf4omgFoen9vIFEg4PnQ/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

867f683e26903b242dee20b61aa0ffba68101a72a70d279d8a5c6e77e9f48a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Feb 2024 20:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 20:49:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Feb 2024 20:49:27 GMT

GET
H2 200 2iUMahwR74W8x_kNG5jJTgnXEwNGXnhffWvOX4-dCxV_8VkaHEyFunWZZKVSaoAwU36s3gK1TOR8kvrKv9FNF57Poe_0BoSxi3J1fJsHwqMWhSnE5mDK=h60
lh3.googleusercontent.com/ 2 KB
3 KB 116ms
19ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/2iUMahwR74W8x_kNG5jJTgnXEwNGXnhffWvOX4-dCxV_8VkaHEyFunWZZKVSaoAwU36s3gK1TOR8kvrKv9FNF57Poe_0BoSxi3J1fJsHwqMWhSnE5mDK=h60

Requested by

Host: aofsoru.com
URL: https://aofsoru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4463fcebe495ad08ea6a190410ecdf1593f66485ecd8bcc52c770f7c2b333334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:04:08 GMT
x-content-type-options: nosniff
age: 2719
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2263
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 07 Feb 2024 20:04:08 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5793 624 B
504 B 71ms
69ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjogrzGATAB&v=APEucNUfRehInDaseo0T0BvoXIOC3e2W7d-KtIiTeiBwrIScqN7V-JmblI5I0LJfSQlOoulP-Sqmw7-hT-MsGoueZmgBdCpg4SH2R_O4JDcduNdQMRH3ZkYY2M5SAkOSztDTQNJBNbaMtLPkPrHB6qBnFCCevBtpC9XyCXfTH_znWHBVvwcaE88

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 20:49:27 GMT
expires: Tue, 06 Feb 2024 20:49:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6694 93 KB
33 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 20:49:27 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6694 42 B
63 B 73ms
72ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AAV0_q4pKoi6lAYC3XbR6ksILiXoBkjY6Oij7t-2QNlGHUTKp4o_XvKXBQDpl-jpm-nJDN55Ir8mz8xw9KS4VVVVjoztCdPYtmynU7mvLPm--P2pQ

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame 6694 3 KB
1 KB 78ms
44ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/window_focus_fy2021.js

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 15:35:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 15:35:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame 6694 20 KB
8 KB 57ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77044
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 23:25:23 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6694 205 KB
62 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:35:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63267
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 21:35:11 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: aofsoru.com
URL: https://aofsoru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aofsoru.com/
Origin: https://aofsoru.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 00:59:33 GMT
x-content-type-options: nosniff
age: 71394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 00:59:33 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 853C 624 B
505 B 75ms
71ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjpgrzGATAB&v=APEucNUIiAvF10gMLWbBG_TR8iuktCNE1GFgZPxSs5W66GpsnSBq2ZS4DnFeCFI_u01KR__rZdI3oqwijLuAZ3ePsa6y39IUb8eazHvHHBIGywjYraJwqTfVaJY0MUFcnmOkoIeTepJMSzWocHf5ZPJh0N1OMNd6_BJUHASfeyHYONKPracojLs

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 20:49:27 GMT
expires: Tue, 06 Feb 2024 20:49:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 98E9 93 KB
33 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 20:49:27 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98E9 42 B
63 B 67ms
65ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BXm7DVT14ObGkPMj3ftt6wflRdz44ptleAUBDToR3zd_FFiAeJPhBRl-98RGCwTlFdKZhShiG9V-Z7WTXW4wP4JtvqroB4KeJF2yl2I3IyDn1KbcM

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame 98E9 3 KB
1 KB 74ms
47ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/window_focus_fy2021.js

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 15:35:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 15:35:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame 98E9 20 KB
8 KB 54ms
27ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77044
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 23:25:23 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 98E9 205 KB
62 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:35:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63267
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 21:35:11 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 980C 624 B
505 B 73ms
70ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiv77vGATAB&v=APEucNW4ROdSdiZjznjLZAZB5300Dkek7spDzcMk6hankW7FpvhLimmuDZEIc8IudE6xbAL6Z670c6HhmWWh01Eulq-qCQual7_5VtMomr1xpxsbS9qUv3d11uMY2HOoxL3-QDcxIkmT1yniX7AlHMg9UTJAvoY5Hj5M-epMKlFUq5GzTMElABI

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 20:49:27 GMT
expires: Tue, 06 Feb 2024 20:49:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 08CE 93 KB
33 KB 78ms
76ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 20:49:27 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 08CE 42 B
63 B 66ms
64ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BnT6P_q5HTUEb56m9-3oSPsvA60PWqcio1eaxhkurubtd5DrS3SN6V1rUATgIL9RF4BtBEbQBT0PH_EFD0gxHNWPnm9ZP3sb6Il8eGZlH-j0dNIfU

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame 08CE 3 KB
1 KB 70ms
46ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/window_focus_fy2021.js

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 15:35:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 15:35:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame 08CE 20 KB
8 KB 65ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77044
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 23:25:23 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 08CE 205 KB
62 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:35:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63267
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 21:35:11 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: aofsoru.com
URL: https://aofsoru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aofsoru.com/
Origin: https://aofsoru.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 18:59:51 GMT
x-content-type-options: nosniff
age: 6576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 18:59:51 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 35 KB
35 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: aofsoru.com
URL: https://aofsoru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aofsoru.com/
Origin: https://aofsoru.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 19:01:23 GMT
x-content-type-options: nosniff
age: 6484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35328
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 19:01:23 GMT

POST
H3 204 AGSKWxVlICWHIKTsMhDb-TLgItd-FCVJPGCUDrY6vHzoZPArrSfU0ms5o8bXfcWh1AmiwEZOqMH_2YCC0mLTj6-v5XuEC9Jyp3yWdM62IxGaCut59iKA86HMoNJySzKL5oplVDRxsuZ-ug== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 79ms
36ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVlICWHIKTsMhDb-TLgItd-FCVJPGCUDrY6vHzoZPArrSfU0ms5o8bXfcWh1AmiwEZOqMH_2YCC0mLTj6-v5XuEC9Jyp3yWdM62IxGaCut59iKA86HMoNJySzKL5oplVDRxsuZ-ug==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-b2pxZKAkYbv8TtLLA0S5dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aofsoru.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Feb 2024 20:49:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-b2pxZKAkYbv8TtLLA0S5dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmII0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrABCX3T7HWgfEwnLnWaWBWIiH4_q2rnVsAise7zzBCADNkx8t"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://aofsoru.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame F0D0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_u_suo1cJfKiuV6PcGWE8&google_cver=1

43 B
329 B

36ms
36ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_u_suo1cJfKiuV6PcGWE8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiv77vGATAB&v=APEucNUaA6Ki156HATeVwPkd7kc6qQ0_xKQWxESaZPVkNaJS93VIr70uvuEVntAKwDpj9R6P1etv6IrI7U8sknhbWduyVJuufx1FC_49LR4eaX3B2NpdkHkPGgLwgakWhhfFq47Ef-WUgQK7gSQY_ZufEO668KvMfz0QneP_8xJTs_xuBPRAFoE
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mizJusN6cIenfZlDu23ZKy8246Y2MwQbTV1YroSJdeLkspkF6RFZ42Xa%2Bwqt%2B5qVx%2F31gFzlMTVmAZCv5xGV9Xb2pCx0OWzi%2FHDwu3SSgLTq2hTpq71Nv9tIRPvTcVr7MTX9xfqVd%2FExIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85164282dd8b4da4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_u_suo1cJfKiuV6PcGWE8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F0D0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcKbV.PtvwZtKisjZau5ZgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1&google_hm=2

43 B
770 B

36ms
36ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiv77vGATAB&v=APEucNUaA6Ki156HATeVwPkd7kc6qQ0_xKQWxESaZPVkNaJS93VIr70uvuEVntAKwDpj9R6P1etv6IrI7U8sknhbWduyVJuufx1FC_49LR4eaX3B2NpdkHkPGgLwgakWhhfFq47Ef-WUgQK7gSQY_ZufEO668KvMfz0QneP_8xJTs_xuBPRAFoE
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zExrrtcanpgWAh%2FHQvKyD7lllKNPVGvfi%2F5%2BMPp9wWomJgEWQNY%2Bgg%2BNZmqCo2oZobU1T7o678qjuNxku8d1VupIdjKbrDRYeO22hXrhZKs8ZnnpvEvmGlKwQOfodcrEdhgFC0QpPPPLGw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 851642833b3b65a6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame F0D0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFaD6VHg4fWXMVz_K4WVZFI&google_cver=1

43 B
1 KB

22ms
22ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFaD6VHg4fWXMVz_K4WVZFI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiv77vGATAB&v=APEucNUaA6Ki156HATeVwPkd7kc6qQ0_xKQWxESaZPVkNaJS93VIr70uvuEVntAKwDpj9R6P1etv6IrI7U8sknhbWduyVJuufx1FC_49LR4eaX3B2NpdkHkPGgLwgakWhhfFq47Ef-WUgQK7gSQY_ZufEO668KvMfz0QneP_8xJTs_xuBPRAFoE

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
an-x-request-uuid: 2a9e66e9-f79f-4a34-bc8f-67a33f9c8e67
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.48.94.19; 37.48.94.19; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFaD6VHg4fWXMVz_K4WVZFI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F0D0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc5MzYyNDkyMzQwMzkyOTY0MA%3D%3D

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc5MzYyNDkyMzQwMzkyOTY0MA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
an-x-request-uuid: b42b588f-9d95-400a-81de-93e4a8626f2f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc5MzYyNDkyMzQwMzkyOTY0MA%3D%3D
x-proxy-origin: 37.48.94.19; 37.48.94.19; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFA5 0
20 B 54ms
51ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4015843647882&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFA5 0
20 B 61ms
51ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4015843647882&version=m202401290101&ct=77&x=1&cor=6982843904530145000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FFA5 20 KB
14 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DbuUbQ1q-lZmgfyX5sC06fV-P5K-OMBdslBkdUlTOFC2nZJemhALAmq6vYmPuBUpNcm3XfAqqEmB3KG7UffYpTkYjkV9qtYFG3urmAuzGsCbwFs0YS5KmNMNQTfWPtkcCUVynUGmLpq1yoLBW-acYxQL04TOEm6hIfjIeKF91Q0t3STYA&cry=1&dbm_d=AKAmf-B-bQueLj1KYjYIJpIlCWjoeDfAuJu-2q1OBTa74iGjOHrdPdkYDevR0FjGrkNpnv71JS1l82uaavQOtLPqXfnGo92-jMGZbqfeL_y9ctPviU2gZfrw5LhSsYjHTDM56YTNmGxyivWcRtIOVwX-4f2ZCl8p5YFSp6EIMDWdQ4XpFsYOcRU7Oh3asU0v2iIQ0Q4v43fwbcGNhis7cf2TU9TBZ4pAticO7YcA0VQcQlHJkryEvu16IG5UCG-tg7gbP1lFB5I7cGEeohWi6VaIPe0QieILxkp4ibhRSKJweNvlxwOtN_PtO7rDGjwMlC-0mFhxU8eJp3e4md8n8psHSZJ7AGnllWIn2kbZ4_1t-UNRv1onEGVvRvJs_4fxMJuKh5BZv9ZFRqX4-mgU2f3vttyXwRn5u8SUV5hEvLDCGQjRPbsu6Eb31a5cap_fyzlzAUcSEp_ZLnUxzrqz2Y87vHtyFk2l68mJkN1OqjNptRgBU3fHM-9PGUR7WUck1AuPx7JaRL6kMcY77M8XTLqw9ikKDIMt5jfYtC8q2cyZCH73gAIY9zX9muLPKY11jPO8HYuGLSRMRkyT6DfREuKqveeSfOIXslpCYPXwpGJBkrKTP1mO82omsDR_7WG-ub58Efx_1K1J9SKoroHYCkpS4ROok-KCiAnWhtPDnEmzgjO-WNEEuM7ciYIAWMWgwhWmkaBmSZkIwpf7UxXSLe6U7jRjACvH4BOgB_X8UAm6qAL7WSEVihrGsG4nky0JOhgBWpk99HefY6c8w6osDZ0chWnX4g-Ktj8ee3ztB4DV-hD_thiM3AUnRhlK91YwhB2bZCRni5HrP05pYwpDck2t-S80htdzA6E97RDrqAFdiPaX_3WX-YLg6rvORqpUXZcf9XPXZkE0Mu9SeAE0DuJQp6eXsZehloPe43G6WnJIGfV0SYwx1piHO4CA-68YrGet7CIMNl19A_bLf0VPn79WwfohNc3JSpEVIqJC6xpJCbWN1g3g329WUGMzmCdDMh2ymfsaf8qkA2TrfEvLiD6e57JBFMFsjQ9LiIP2KwrglEgP0Dfghp1oLkNoyTgWVLj5AZ9WuOLo97ZyudtmXO7m-ILLu4yhfI62JUEPgdNgZyEP1w45DdWRjyEp-xM_-EEQz5RaWaneu55AQ73AaYwWKPERRkyqW-fldxdy0RUDQ7g32cHFFWFvxMBITwUaWe5XByluxHF8XwPKr9V9aNg6WnjxYl9BfAag7XIahPgiGLD9u0lL7yFuOtdY09L2EfnzmNME8mXdWFOQfjarKWVKVVSKF4xXSsyg1E3C8r5tavaEyZqahKs0jMCGRYmQMFnxtBjCTPiBwwd-U5JiwjbtUAyq_Ycu9LItmYVxbwyIlNkYZyNCIw8RgqZy2tqamnxsbmOIHXvVqqYY0wj0WuszOBvj4d8dgrQs0DC5F5TXqDgZoPD4W8vENdEeP6372TwDP32f8h3CG9s3q8xaAc87OJ-RD1vjs_HP4SLUijUo4-UO6x039pOife9VstPq8Aqd85SZF2s9Dnw--EHS6Iblcv-KwM8pgyTB3Yw317elNNqs0ntResvIhaoM1anFGjT5XhSpvI0D0TOgIjAy9DLZ0a_hF_pAD494iKDKcNcLU3aSuN89peE6ob0DRdhYIlcww7cSx-uG1RBDDNvVwYCCh-YNzkg_qLcjQkjYI-VwyYKc_ubwU9uJxTmn-C7-1v-XrPMCZk74YKhArZC_aH4dUYODsOByr1h3-E0JQJsDFbC_ZycB7EIhOynOFB6YRDw7W29lgA9jMGgl2d_wdT8zzF9zkOscUHxflJG9fkUInuc6AqXJ2DRY5YCHD6mIPtlMw1tLQ4kmT1VrCHX-2Chre6e6xk5OwCHDnAYyothRfH_K-rUikca0E_rF5pohUiHA3np_Yfe0PAIV9aOaaKvcjG-TNC00A-bRZH6RdZ8yu92YNb3_vDVDAciD1TW0fbcLa8EMwfz9cykZYXjResp_ZbNuF1_h_MLBdUR9QlPMU-Iht-uvrLFXgjAFa_qYxga6ph_q9Ou7AFSHFceG5JLHi-a1H1En1VqzUxdXdMnV9xm1teLWNRdNj60fvt0P9aeUNWkigmp8EUvdD3mX0NHyWA3Dlp31bRS8dXOnjGKkPzxI8v00RbQaVSSAEZzUHbtPWYpHJwVJS8rlVGdfpNucOobd9KYEazXZ4KJ_3ewImp1dwXYrxjmAHCmeGdvlR4GMsXxkzSlCjmr4CHoK9MYnQWMA2x0xnWzCp9i1k3QjTk9cfjnki-Gh-Qdti4m-scko5F1_faEW1_xtfKQuM3t7SDDBoeMEDwYm2KJxz43zzuZ4IgPeF5E0mZsWdSiiGiiOl4jfjdWFdmvmuM9thZF1maHx65amt8KGwZOvHwg3--_YannmybDWg0WQOFzf0zKq4AG4NA3jPnchObhEH2LN-ERAtbIDy_bz2f7RjgWQhi_M_07zf50YkofcXPh2DmkWChGjOMStZBQ4gvlLlLyOzjr7wsk2zO6ucfSyLksLKBDHQCmGRQWeFQ6mipPtWR0L1X7UhLdDm-GlrWAPY4Hn1-7kAtsQyYoQ2z8zdXgTekB7EwiRUxns-cRyQNsl4Rkgpu96_ha9oCzKbcniQx-hrog1ujLtILU4Sx7jsP_P0N0J1f0pZpOdf3LuAvOAV_qoiFQz_ano8lRbML9IukI2yahOHxI0cBHzEt0GOh07EvGNdxAVX7NVhJQ99COf18tSND_XOOI8yvBrBpWVZB3ovJYAwKVMSHfwSYopd0JEoe-NzOB1faaPL4iPHAUZc_DTKYrZjbVRA9om9CoIp0ObURMwYfI0ArNR3SL84ykZatah19smAowvA_RIezEUvnrLOVViwe-VcMd835U-Hrz8Jp4-LNfqFHZ0r57CMwEMz1ro1iWRZ9dgTGXXT5aYF3VzcSiJ19WaYb95xDxTSrYECBThnwgl6c_LaKCj-gWQLh3rRhrQFsK1muJVK0snDcTKp4OIRNToP_imgbyfJLsVCV0z4iOu8AbUgk8b4ed_sdKw3weIfUurmcIdPaDdr8xrwdluvwIeeCHrr6Cz4kJwriCrOUwIUbbkAmymjSoFxf72otpWZspufAZG_gSTmxRBsDydm7csX8DUSAgPl4p84dvBwFFPp1xnsJuWjAfKkSDZw2pw-r4uOK3YkwjotHZ5uxGiNMz_EfOLFSnoMNVat3irVVjTr5Sxt9BnSGyTLELce6VRPFLg-jo2Yx5IXaBqa1booXoG3DHeW6kcZBsPW9FAQ18RWarD7Lr2PdAjq_P3dxGAh3rq898dfDGVkbTDCjVuGslWQ-srW1lU8YV0sL-CQFaO2aAK9WSaGQ_nX314f3naHHa53OSsOZlkuzECrOqxcmDEAXYNsUDzfxLRDgLTx1bFtCuIcn_zMW3D9-jlArjZpR8PhC961_3lyIJhVpy5Xr6IZsvLbanSs-vQ2XLAJUFyGD0PU6rx3M_Q0nhpDokkmiZkPIxpwYmf6_1dKF9_qCKKK0X-_9R4jV0XcnkSovwLQRkghUbJJyhxCDvqtQH9KU7vOGvLpSOgD25Ovo6BIf6KW0nW_kX_gW13W9RM4MA8NuHGw7t2-VnKhhg4kYQDUEyk8cxHr6dUqmvyFoej-Q7Sf1zCgQgw2QnYVetowldA2enO3pXHRtf_ZJBq3ZaUUWwyd4dRXksBaUzlF-ME5n1ipaE2Fz1KfauAMW-GpG115gxfZH2_aRDI8daOdUXBNreH3Dp2-dbG-5LX_RULp-8GRYtN9Zf_EbOcEnsetsd6y9L17yHwocp5RL1P_vaReEYYHIk0szekmT30fobbAKJgs2WdD4xql3f_MGBm--mCa1G1ISQ6-gNTyWIucIbqkHVn6-Hh0X27pgUhsqc51eb1akksjBoDz_oxq4pncL2LZ1NEbuKOUmaG3ElZK-qJ-VK5pWuzkorCWuaTgnJxe1lD&cid=CAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Faofsoru.com%2F&ds=l&xdt=1&iif=1&cor=6982843904530145000&adk=943508964&idt=92&cac=0&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8704ef5a78d8fd5f29ac411db5eb9c6c138bd8904601782498942acfcf39fa4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14070
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 5793
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1

43 B
331 B

39ms
39ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjogrzGATAB&v=APEucNUfRehInDaseo0T0BvoXIOC3e2W7d-KtIiTeiBwrIScqN7V-JmblI5I0LJfSQlOoulP-Sqmw7-hT-MsGoueZmgBdCpg4SH2R_O4JDcduNdQMRH3ZkYY2M5SAkOSztDTQNJBNbaMtLPkPrHB6qBnFCCevBtpC9XyCXfTH_znWHBVvwcaE88
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYy04inRW4kHKXpLSL5Wv%2BsNxSC%2FHgFNJ%2BQ4YkdzxoS4y8OC56iwlumN8FsrvNE2yeEPTXK%2Fcd7%2B34qaw3GeQdwAuGaH8R6Hs3PkTXEL0%2Fx2MY2jvyh5latGvpVTW8zvMDjaBAzqo4omOw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85164282dd8e4da4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5793
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcKbV.PtvwZtKisjZau5ZgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1&google_hm=2

43 B
731 B

38ms
36ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjogrzGATAB&v=APEucNUfRehInDaseo0T0BvoXIOC3e2W7d-KtIiTeiBwrIScqN7V-JmblI5I0LJfSQlOoulP-Sqmw7-hT-MsGoueZmgBdCpg4SH2R_O4JDcduNdQMRH3ZkYY2M5SAkOSztDTQNJBNbaMtLPkPrHB6qBnFCCevBtpC9XyCXfTH_znWHBVvwcaE88
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGnMnHQ9aOen9Okird2qmhvjSgaz9GqLjt7W7tmci70DFtQfvyFaIVepibSAIIPxn0HibMFTurAzlJw6%2FoAR1S3ZE8a%2B77V7hS2iBl4H96k%2BGG5D2Gy9hScj96j8Dz%2BvL9zXnyaTbRhcVg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 851642834b5165a6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 5793
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEN73eeSHjiQsfcV3U2X8VrQ&google_cver=1

43 B
1 KB

21ms
21ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEN73eeSHjiQsfcV3U2X8VrQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjogrzGATAB&v=APEucNUfRehInDaseo0T0BvoXIOC3e2W7d-KtIiTeiBwrIScqN7V-JmblI5I0LJfSQlOoulP-Sqmw7-hT-MsGoueZmgBdCpg4SH2R_O4JDcduNdQMRH3ZkYY2M5SAkOSztDTQNJBNbaMtLPkPrHB6qBnFCCevBtpC9XyCXfTH_znWHBVvwcaE88

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
an-x-request-uuid: 905369d8-1b6e-417a-b24b-fac589acbeb5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.48.94.19; 37.48.94.19; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEN73eeSHjiQsfcV3U2X8VrQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5793
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY2NjE0Mjk2NDYzMjE5ODUw

170 B
243 B

31ms
30ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY2NjE0Mjk2NDYzMjE5ODUw

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
an-x-request-uuid: 1fb55fa3-770e-458f-b9ef-02e94e38c1af
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY2NjE0Mjk2NDYzMjE5ODUw
x-proxy-origin: 37.48.94.19; 37.48.94.19; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 980C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1

43 B
526 B

35ms
35ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiv77vGATAB&v=APEucNW4ROdSdiZjznjLZAZB5300Dkek7spDzcMk6hankW7FpvhLimmuDZEIc8IudE6xbAL6Z670c6HhmWWh01Eulq-qCQual7_5VtMomr1xpxsbS9qUv3d11uMY2HOoxL3-QDcxIkmT1yniX7AlHMg9UTJAvoY5Hj5M-epMKlFUq5GzTMElABI
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpwJJee80X5osBUSlRWH9%2BRzxyTy4xRQmkcLyNdiquOs6Of%2BHNpBcy8%2FNYnF71mlZGyvLBls66eVKODYYx3RnJwnPt0cRCyZhw3bu2Xij2aPZkXSJ4kH0%2FMT2S0jgBESmp6XecwhrUrNIw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85164282dda04da4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 980C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcKbVw6tK2elXc1haL34jAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1

43 B
735 B

59ms
59ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiv77vGATAB&v=APEucNW4ROdSdiZjznjLZAZB5300Dkek7spDzcMk6hankW7FpvhLimmuDZEIc8IudE6xbAL6Z670c6HhmWWh01Eulq-qCQual7_5VtMomr1xpxsbS9qUv3d11uMY2HOoxL3-QDcxIkmT1yniX7AlHMg9UTJAvoY5Hj5M-epMKlFUq5GzTMElABI
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jS758tKkihI6e1qh8t6xvJJZ%2FaVlUjMORkFRTls%2FJEeiZpeZarvMQr3jbHsFJZ6azwztumXFnQPdy8qWe6sOzCUEB3N%2FQJbKYZgXGuU4rRtv554%2Bhc8b1a55YLqxhVELwDZeEGfu%2Bgp4Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 851642833b3a65a6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 980C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEN73eeSHjiQsfcV3U2X8VrQ&google_cver=1

43 B
1 KB

21ms
21ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEN73eeSHjiQsfcV3U2X8VrQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiv77vGATAB&v=APEucNW4ROdSdiZjznjLZAZB5300Dkek7spDzcMk6hankW7FpvhLimmuDZEIc8IudE6xbAL6Z670c6HhmWWh01Eulq-qCQual7_5VtMomr1xpxsbS9qUv3d11uMY2HOoxL3-QDcxIkmT1yniX7AlHMg9UTJAvoY5Hj5M-epMKlFUq5GzTMElABI

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
an-x-request-uuid: e035ab0a-52e1-4b59-b9dd-6f0d5376fadc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.48.94.19; 37.48.94.19; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEN73eeSHjiQsfcV3U2X8VrQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 980C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE5NTI3NDAyNjAyMzI4MTQzOQ%3D%3D

170 B
232 B

31ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE5NTI3NDAyNjAyMzI4MTQzOQ%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
an-x-request-uuid: f6e01a3b-c256-413d-856d-cfcb7067bedf
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE5NTI3NDAyNjAyMzI4MTQzOQ%3D%3D
x-proxy-origin: 37.48.94.19; 37.48.94.19; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 853C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1

43 B
343 B

34ms
34ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjpgrzGATAB&v=APEucNUIiAvF10gMLWbBG_TR8iuktCNE1GFgZPxSs5W66GpsnSBq2ZS4DnFeCFI_u01KR__rZdI3oqwijLuAZ3ePsa6y39IUb8eazHvHHBIGywjYraJwqTfVaJY0MUFcnmOkoIeTepJMSzWocHf5ZPJh0N1OMNd6_BJUHASfeyHYONKPracojLs
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vngdkqxdsXPSMdq5D6pGYC2YKJvD5Z%2B6vS%2Fn8Uh0CYrDcs%2FEzuGgE6JoSXVvG94WFoJ%2Fz%2FCMCFLyUF1OWQN6sXLrNsFULidUhJazE0Qv9YyF7naZgJWYYG%2F1Z1w2sPLm8Y5VryUm7esOkA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85164282dd8c4da4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 853C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcKbVyGXdgGytsoE77dqEwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1

43 B
731 B

43ms
43ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjpgrzGATAB&v=APEucNUIiAvF10gMLWbBG_TR8iuktCNE1GFgZPxSs5W66GpsnSBq2ZS4DnFeCFI_u01KR__rZdI3oqwijLuAZ3ePsa6y39IUb8eazHvHHBIGywjYraJwqTfVaJY0MUFcnmOkoIeTepJMSzWocHf5ZPJh0N1OMNd6_BJUHASfeyHYONKPracojLs
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gNedcwwgJEX0wdhQV3zk2VzIgzrizJN0%2BgjVWTaoP2sT%2BBhYPZQwbcfgtyxKouX2%2FB8SeWbJf1tJOFMiydKfh5%2FyLVuKm5HHQcEv1I2RDhUke3J5Xd7IQsFnMQsorYtNoD7co2hK9iWmeA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 851642834b5465a6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFzY-vWlT4omVvjju3U1Wy8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 853C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEN73eeSHjiQsfcV3U2X8VrQ&google_cver=1

43 B
1 KB

29ms
29ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEN73eeSHjiQsfcV3U2X8VrQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjpgrzGATAB&v=APEucNUIiAvF10gMLWbBG_TR8iuktCNE1GFgZPxSs5W66GpsnSBq2ZS4DnFeCFI_u01KR__rZdI3oqwijLuAZ3ePsa6y39IUb8eazHvHHBIGywjYraJwqTfVaJY0MUFcnmOkoIeTepJMSzWocHf5ZPJh0N1OMNd6_BJUHASfeyHYONKPracojLs

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
an-x-request-uuid: c98faf9c-8f13-48bb-b1b3-b3866a2538b5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.48.94.19; 37.48.94.19; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEN73eeSHjiQsfcV3U2X8VrQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 853C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIyNjU5MTc3NTAyNjY5NTEwMA%3D%3D

170 B
232 B

33ms
32ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIyNjU5MTc3NTAyNjY5NTEwMA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
an-x-request-uuid: 418542c1-ccc3-45dd-918a-c87f90d54557
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIyNjU5MTc3NTAyNjY5NTEwMA%3D%3D
x-proxy-origin: 37.48.94.19; 37.48.94.19; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6694 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3592311015952&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6694 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3592311015952&version=m202401290101&ct=77&x=1&cor=3671082636327318500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6694 20 KB
13 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6Yhj8rY6Po5r7A9YTyHQhEO23T6mLq3a40I8186i8pO3hIsJ39j7X8DaRhPguMatYHlW_3xK8vFO2xbGSU4Xlt0w6M5zs9YWYT_Epwc32i0u0tU6BOQW4XzNex86rwVZRI_YbuOILi6V9jhLsQ4R_0sMJ1Fl4nUpqzjKzf5Za9rmnWhA&cry=1&dbm_d=AKAmf-ABcwvqEvGovtUf3tQurOFHxNpvLB9y26O0sCwZhdkuNeawySQ93IkTLg9bOq-oqas_o6Kfi_k2dU31AU3cvzjqqfyYUo_jV7RyQyFXIBsE90cunK_DRAn3Qt0YMsrqL9vYlsKbrhrvXNjU10eXfvlbbKMb9Ov1Nj1DkYAEjg0cOzZKMRZ3I54SKAInMcTYuv2Zvu0C-46HldgkVDq0OTJhEuC3ljn37Ilu4EygO7fC7CTiQvwQH7HhTsnW0ZdMcc_biqxGr-7zGF_uGe8-Zy7GSaMN9Gho3Zs86zQ2Z3y7foSWBhIDhhWldsMU2lRFleTtJ_c694KQqvMhtc6kbzdObID9xxrHjsbBr1-RhGJUDm7ljYX7DP85fIIeRMNpG-bYFJ1tNhj-uORM_okM7QASGe1vb35HxkWn6w2ocuRrjkMna-XOsbv6Ryaa2Llp2TE-Vvh8qM8YUSdzJpP3wNJPaPjJlBFwUHGgmMh-MGX498wiM_RiTVZv1xTPrcbzDW51Tvw5f7Zco1UgKS8nIbV2YgPDDije6noBne6W4lmfFSFwd6uocsyR8_V5AGFuduJgnHzLPGhCSH2wvK99Z20P1jU_i6W1veAwFagF8nChScpCYRAczf04iFJs7m8RJDpidK5zQm78oFuf4ivltzUjY8TGsmZZm84vLaRJAJaCOg68z4c0YUG9J84zvESPoXmz0cmFPAeM-c1Ykfix5TkZZBVE937hB2jIsQVe4ZliQuPENnOq98byZnmW1NKGtCJu_vPRfs36YB4EzAtAp3MH8MVUylqAzxuiQhF7GlCdr72DvYZrACdbmfbFWlYzdzJKzDChMjDvt_P3io-nIhtqtgSPMQBS69Jnkxi1zVjJw0sg2Z6v2CeNDUT2yuyp8RAPC4PEZHeJ72zFKGFIdCh0Ow_CFzvCIh7PDXXhSMMQdDm49565MzVH1E1U7wPKmKd3s-QXweF9mN4TKrW0jfgaAyzysV46C90tVozd8BcRXafXuxJHJ2iww4gMcXTkqFsYqiCYsdNG-jT0tDGC0-UIgEbL5JSJntEbuXFohEm8eq2kLlwiTcERC6HAOtjWEIxHXZAL4Z_8S_o2MW-RWIZFZ5K0FQlrue1FDe_ktnuslezr14z9qSfaq0_161TO9O40Cc5s-fLKmZxvufxWdoKW7g1PTFdJjh7MG0HJvVMsqCd6rCMSuCt2YPcHqtJY6kfCdlXp57_hCWokZqnX2KfdynFkZ-dWmVuaXq0DGoNzGxhW9kpihBN_N2qn14g0dUzQ66qQX9Y43GjJb2uBwlDNdw01ov9seSQPNEkj1_5F_xvYeIx-HnqlGNMa1l0LYqAckHWabLc7jjzWQjnB5k3KgD6yWjxx1_mqu1ox_v8AaLo6DsxAwcQ-nvkf5322fByZMD5eqhbqurfRFbkfEBAqG4N4Emlm63lCP6muQ1IfvuTegFa3ULsPP8PbT3rBPz8q51oOPXb0hpTrA-dAMBOqJjDJXxhtxh9o0AcERUhvx5QSPLcRGOvH9U4s7ugiShSvZtG210pAO9fBGuru5xgZxtHyeRvzQINHTeTcFSQI1OhT8wL_E6KlLDveLWBs--AkktG2-2kipYwjP2Q4i9ouiR_mWUdVegsJdxGxdFHXMksAtUl-vVH1087jdIfJpXZNIBWwpToimj2c7j0cQrKBJ4q_0gtxQ3BKIdChCm_rHyJoHmaw37hED46ToG_9TN4d3a8GTS5enqZkJN26PMX_ZMnJ_sKqB96kigej_bNh30fXHQ09d-GtXnMOeVQnm8EhFj8pyOam1zw13odrcxCQQnPyi9e65Nz3EwXiqKbR5VwughiSzOHIhBjj52zqTilldGVyAg5HqS4DTguOHSA4wT_CbNNQk92hfSJLZPDP3Zj4eXdagvfEZxgqCXfpxSJYexYvgHKdeiyvDbhoZlhIaUzwGdxFbjFFp4f_JRbOHs6WCyyYqB-Cow-RHSsPAWDYFgiIWY0AybjWk8ZP5d12jMH8dxgzZoaUN28S8aVC-C8J88f4VrP6Ps7vlsz1LyD98aqqHyencSMV2W8KAL67z4-TbPnl8Nu_IwU9sCwzPAtTknejTHle9rYaa4ybEE76pZLUvGGEzvf4SDhKdDRcbaR-trdO0DrYAKwARYJ4VMQP_j1WbDFZ7aGpJu5cvs-pfKxjN3qP8qkuy1CW4kJPDiWcobBqKT6-srClinjeHd2_nTcZauLRQS-Glu7gIrW-VtieY6-ikbtdL3gooUxT7Kf8XjM_RlCUMItO-4bAQvopS91R4vfusXFkNNH24V9-gMWmCYKYiWgvIUR8tKyolqENb4zaaaQuYvcquZKsyICyfD7pkKqR5UCnmfyvW4uwQhiensRRf0Z4aN_Vwyk8oyj7I0WOkhGUlaqo7kqn5tna8ZzWMTiPddPgJ1j97lZ74hghUU_tVCClGUZy3Pwfdi49rfve3I_EQGqSbmkkRXS-s4lz4MgHes54t7QgG9QZbkQdBr_5HWTNrbqy8cfMBKJmBrc_bjDAEFx_EANZGJOUjFvmiNGo3k-BE_g_lSfDteCJ4uIRZqIhrr48ffeaIYl-ltHG1KRwzNvnCodEQrQTrn85HUs-dHtEmfGB8bHy78iATvH7pmrFYH-f08Vck57TN6wM1RSNkSReiptYitsvGFHjzxHZHIwn6WIzwxg2cFq4UQyzG6MaL314un13cO456UPSVbFqf9ucNPJcc2HQOYO71Mw25oNpFNuhKMAf9Oc_r4OJPD1dnsA8_L90Hoxesoul54FDa5U-Pua40Hr9dTBuIq49ZGfplov4zkn0MIdAmbjnUO9kapnWFKVU5Y2AHIBwDSsN4_ik9Osn6fgRK4wCan2lRzR7Zp92xE2ANwaqxQ9pwL616TrxVRoBGUnsYm1RyAZq1pfWLorgTD4DESKiwRHqk5TEZA0aaLbnoKZLJud0hFHBF1VPBIonBh5FPabO7XoozomcnLkjsZ0EqvgYfcB6h4X1gSXZVKCoXFjQQmnamEIUTIK8HeHQf5LOP3Lc3YjMi1y85jqWDY7IoSvlm-C4eJF9fHiyiNJUcFzsXrrz9d2glFwzA1tQQUYxJCOT1OUW1Uw22tR4tJiRQpJqW6cBPIW2NReIeNdHHaNHj-jOrSK7Q7UZPBXtNOwNtIpaDaz2nxfR0BxWQWYUFUioOrdELtBUtlyZ610QU36TMFmIztDssnKQdrvi7bEK8i7k8WCXMJmXR81JHCxfkHFMA651uGqMK8qiJTg6UoiTPpXPYH_btYMglvBy1qtFNnrr-zZOS1bdyVhLb164N_mlkklCyQbnKBHNNkpkC3EElnwQdV_Ab4byrE6zkm3cDm7VaBQqqYUEhu0qTmE4I2htTdEJGI05Xv5SMJkEGIXKnJLbP2cZYNfyPVc67bwN1L09B7I82czOp-FnVCDSF5mVVY6Tgrq8xZ429VBh5hW5tTzUkMBSQuoYD5amWdBG8AdgdYEQS19PkfUBw_IkalWnVdY_C0W_BAmYbpwoxWfN77M0zi-h1z2nhfrw-Gg1aSWo1zA9ZwnIP4K0jWYF8-nZ174ZEjPxgpNcgwEm1Tu8rj5ct0Z1ejo7wDOIe9oZjRMsAfSBrlOS5Pik5EUcxtkP15ntT2hgZoJpkO0nmHwcPtRLckvygmopKNS0ip6Yp-qcHi82ramwLzhEMmijGahjLvwGpg5l2dB61bF59DKoO0XhBYtpytvqQcCeZzp36za91Dx7Y2fqcDz71MWf5EyjmdFxR5lpw-Iws5Z40Keg2a7db1mijF-8fAlBPie0dC-pqHZbQMB21NnNUj35Iv1myLp3pvbLVkkpiP2rF6ONA8zztOo46slKHoqJyooVCUtFXWlo20SFTtf2HF_T3llwo9WjjMdeQfCBGsnJc5HXpqj0w2nwjo0BCFv-H40m_LctlZ3YtgyT_LaAJE_DNwmPMkeZ4FmuTCl374FZqbJbTpJvCdgyugGNnHEaXBCFxg&cid=CAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Faofsoru.com%2F&ds=l&xdt=1&iif=1&cor=3671082636327318500&adk=3690638928&idt=87&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

479632c785088ec2b84dc4cd42e3ad48b1f11aa25d1034735c666be9826c0a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13664
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 379 KB
131 KB 117ms
64ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0875d6b24db9bcb78a66db78fca1d987caa7275bfaa3bcfc87e20a8f5ba6f052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133074
x-xss-protection: 0
expires: Tue, 06 Feb 2024 20:49:27 GMT

GET
H2 200 NoktaPlayer.js Show response
c1.imgiz.com/player_others/html5/ 400 KB
129 KB 60ms
60ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=2/6/2024
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19759
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 1d25b0cefe19cbd5e63464228a187e334112cafd107904271f9ab5fffc52a455

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:27 GMT
content-encoding: gzip
last-modified: Thu, 28 Dec 2023 20:17:08 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Tue, 13 Feb 2024 20:49:27 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 08CE 0
20 B 51ms
51ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4005973572685&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 08CE 0
20 B 51ms
51ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4005973572685&version=m202401290101&ct=77&x=1&cor=10444119199341324000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 08CE 20 KB
13 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ATpojSORhr9q7Q8qk4p8UC_plpufCgcrHKWGo0u7fXavxknbbNPmUsO3OnTsFkARh4RexJkAFlwBU3dC0GxlvHsyqxokgWRaD44sRUR2DQ9OZ_cM5Z30Hdb4wd-GlND0M71lkeaX94fj4_HJu3gtyk4nc0cDA7IQXRQP-O7MMcl1b3Rko&cry=1&dbm_d=AKAmf-Bs4DiEt-XjKj5rwwTc51fKjShtuf-pMFuxP-aeLbyWWIZO5_FXdSGM_Ca2Nap7vs0m8Ni4bDqG-gBlcs1WMAJtK1EjAUuSDXC99nY_ipekaNaxkIM0hX4ZtBF4kZaUKrTXrEfadE8THWyVaZ2JU6alPgkYTE5YqSTqFlzwFd_zie1jNWeSEJep14zKUTpFqFt2SmYUCjtkskldaug02SpsSsHynviVebtiLvxbeSQwnyitPaoZLa26k3MYtUfL4IHme42VQkBNMXfbrF3kBphhAWSBoEsKTjJq-HPTqA90SKeHgBJ5JH94tTMrdQAcwiyr7INCYPgJYoHknr2x6Q9s3z9fLP2mqTsiznT_lPf-DGC7xV1LTJlHiFrU9TVOMAI0mI0LFGWIJvOwWoL4HIln39Z7WVwnYYoNI--drUmPoduEPx9XBeV4C6aemseHHtNGLiH7HoKDpvkArucs2YBpdXrwNl5A5J4Tzdq0NGqWGpMnnyDHckOdLRHqykpPk0SiMmhkBSgzoRBFKXJ_GSYaWpMkSRo_mLaaZD3EGAmuZMSRRlFTWqMTZI9r6rQmAI9OcbheWRult51-kyO1H8hoMMeznO71YxcqvD2bFuRxaAw3ViCK-jT9vPEedfXugEvuZQdb47auWOIbFv7nv_d2jfgVBbRM77-UrZ8XYNl3t5Yrt-61aBEvtVhHmZ-0yoyjrPvPLhjkpuP5cnOteSiDvOsmTWJ-9xl00aha0o2uRtxjtmwz7tRYOCm5OnE2HcZKJzrc0cFCDXe_b7Zn54nUiGQiJaAqjfis_yqbEQcgyOSiZCOe8mgAKNVOr4_2Hr_lEQUwaKDdbR8SkToaVhfmL-c0iAJxfMKPrxO8WZneC4eOcPJkvp8tidbyL3Yb-j0biTaBJdJDpjwbHlD5CxwSO1svIM-FfKRCjLdvjuuPHmGuXOfPKs_-EQpl9jG-JY3sv67MQMum787IufFmVxWWH6WbSx-WDN8l0n9LxC6Yi22Didc8ZMVQeIcenLguo9aeBS46074HhPmaTQuaDhdlfYqse082ZOFH9YGCAF5kmFWovidYRoekdZSbHU3Z4h6lt03RrN9FxshhbWNKBZqpgMxDEV1DXLFqWr4oFWf6ub3dk66lk0PStYxVe7YK64HBLjs6C0DDd0ynTvKiwqejcUET9U9-hGfmXHPSN_zKwN5v8tf5Ug1b9Bb49p5i3NuSueVSsraYyhKjCzw_qa_mriKFHt9HkckIKBHagHKMieIDTRoxerpW7vEJ5wb9jD6MihiUfYv5vHVdHoA3I5kpKactljVV9W5f8fTryaAcA8bPTneLSc8717tGB9CBffT1_vzDhsG3xdollkQCWmVlysWdBGoVH0eJYhAXfUFYeFZrX5bXtSeccX5M3u-IZl6EVhMMfJ6Pi09bm1NgeHU-F5A-TqQ3Oo8Iv0rNHGOf0pjIMVt4mUGHyKsytxX5GT80JBorMxUXlLyW1T2-YAXrLnLlJPkOdviPco93lIgJ_WkDkCTgBVwdqihDjnKThlbTOtqehKAAaiP5h_-AlgqPPATwhQmhohaUOZ6hnx9Bu1Wt43_xzw5RTJnlBnN5WxuivdelFXGE9JhL5YOzwXP8__ixe3eqHz_ebbmzPYqONRuYEt2iHAkdOP0LzoiywUjEoimbLE8_dOTK_iD2qG7vG8yfpQWevMIqJBZMU-tDs1VbNL-IIKK-RcFAEQ6N3el-RCe0XCYYCxxWsCTpdYYJzk4QAMq0EbsTgRO03gR7ZjurJF4drehzOmvhCM2xclTpLt39JLD-I-ajxmT1dEsgjivVafg2a6tCI_mgzzVpN8iDoXX0Sg74Psyd06Uz8X4hZEHBiJuKaKQTyWgvIvpCy7RxPhfShGflhyJSRhkuB5xzsBXgfQGccW9anes08CY5DRm018t7-XM1sV9zCZIoWSmzeD1Bwd50zn8yc1bhzdWxiSgWwmbeM_jkrWW1xujqjX4szLISl_6cVcxMOuEOqMGzWTOWz6qFafagFJDAeOltPRU6tGRf0Kdsy9sDEGr8p-DqnvSl5HGGUqsApnsT0KlGvVrSo88zI6gmpZnGTe9b4DqSH4YnSn8OW_hWCSenwMK5htIuWN-YS4w_wp8Yb5CRp4pWbpxICDAq9Cz0hKmTrDsCbrNN74Mv-gSFJ3gJ0k4fw95Ew95sRsAMkYm1srRTMt_Wa2nNortYVIafpAD5SKjXmNKvbsB6MNnLWCONvCIXK32ZugN4Dgj7TXO9g79Jjnxo3MauC_6rc7FVzPT5qcaV-oDK-oNGTzdy7jw9O6X0fFHuUUAWlsxT5y585l_QTOc_3LoUpOt0ggvZUKTpPhELRjVw7x4LCuQEP3guVrugHA67POfxmHXSgCzi-lIEOav6xIHWKQ37730PBon3QIoBJZ0tdKNzQbV6pGs97wOmXNjzSDiOsxZlYH1KacTS0C2T2kGgx62osQyVJAD4XIfeeDWMJe8f09Un8VbdzslJ2_FluBO59iZ1JLUP1g6SODKNUet6UxR8tlZAxf7P6C8-a66hkypzL-xB63YqVuY9Woyt1rLyuc1JvzFhG9P3UV5EYRZOV7ux96I4IqFkwK8BXT_GTpucHtlpgswQbp1A-OeiWotrlPrIKlFvZi6waXBtFijeZaUi_uGKiT11dg3cY1srR5x6CHUHRYDEXrdhamfgPioq_E_cCMO22h0wwpDqPvTXrcxMqN1Ol8Gzemio-5V43Ekn-5KmkNvLOeNQ0_CTKxiPJzBuT9qPleCFx9J8oBhuSfm_votMxeGGCzNEm6Dn6p6tMV0W5Fs8igovKUsjq6cp5Gnola7fCz7a__Ig2Lp2x5M2mVFYuKE4soGuEns_cVwRtttKOPzTTEUYWRpFS0NgLm7yblsliKyBkqeA7BuKTzQ3j-mkROo0ozxTRlSeT9waSz_3tKmIsoLqyZoZL59llgjZBaH351JmxUIR1nRO9EPfHrcwrId_hdP2XGSwIq0UxUvaUSstwy9jONlWtrxPI9L2nOsEtEmPBtW-iVOG-6UExhOjl2BU8D0t4k7fpfMCr53OPzwUal_Yd-4lv0zIDx84ZhgSNq8O_SnuPA7ySeVC9XDcLb1LdmJ0hrVt9HOqfCYUWPONCmxrArz3EUcsDZ1dPR5mkdy3doBhb_ICd6Nw8VSVKMyBP_8fYF5qiLzgH078Ws9--OcrWY3ppzbjvzl4eGzG1BKUCpOetRnyy1rEw7gSLchIc08Dw7js3W7CoL913oxF4k27zc018W8ULyM648BN1YmHHVjMfNsdSejzaudc31GkF2WYMHYfu3wuCqOnarJwhxytBTfOD25Tp8GpMeHSU4I4uJkrwIKnihMkN3OAVBRilK6Xo-9VCCnSSYS3cIFhNYGmaoTJNlskA9rTh1cbWphmMlbDo7kemxdZL_dBE8ONXFP_ESX54vHa7K-eBzCu7_WBOqhvqahnRv5FXaKlKpPx3BXu8TIbalVZRlTRh1tSdLhlYzAS4Rf1Z06cmgoycRkDFBDRn75paqKX2O2Z3UAXh1hMumxuFbJFT3bwNQ5r9x4ft4lrHNU49e2RVgxotnxcXih1oKdz9ycQ1zAv3D0XCJfQGtXsaEr-FlDDRNlFcCagfLYFc05w0_R0CKvMfCPzEHoBWTwit5M2oDlb3MZU1ff2GpjT5FCtJTlTbwaQ8C3PrHKuaoNMpddu7ARdKIuB9RfgVf2ykLlArqcfO5ER7WeUbNPVUs5eqxlieMmTpKTsYpABuGgEzRxQszXWYdUlXICX1vFzE5bFzhKHd_Y4mEcOLKY2v1w7fVKk0TwqAlIPb3_VSegWd6nMVN2H74rOg0HbafcmQtWtj93IoMd3yGnoRir27m3w2CJsxXkkT3EupIQoho36aOCGfK8edMDbghSuvSaeyJ9RrEQDkLKNZnSAsq9mLO-n94ZI58PhCE22d-t2gLi6JKqxtqP06mOrassuCygQKgYX5v0ZZ1AUdA&cid=CAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Faofsoru.com%2F&ds=l&xdt=1&iif=1&cor=10444119199341324000&adk=4188270524&idt=79&cac=0&dtd=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

943006c80c2678ae10541a70afa2d6313546bfa93844f51e3a6d5b19ae0fa7fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13644
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98E9 0
20 B 51ms
51ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3485946509512&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98E9 0
20 B 50ms
50ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3485946509512&version=m202401290101&ct=77&x=1&cor=13053782085508520000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 98E9 20 KB
13 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AmqfvSoDbUUmyaN2Zp_AN78HcBXp_wkmAUxRq0yZyckqz3J4wwh5y64tpOqa_eQDgn9fkGa88Q2xL6ZGUCq8ERbcu-T2ECIM4rQucfYK8inxhzaJqxBZ72ZT5YipA2GEhuEolfHc4MJ87Q4bR2Awx3WxYmE54Mt7kZoHyJxUj1a6hvAXM&cry=1&dbm_d=AKAmf-C5rF-4b3Ce2SscXYSxTxISQffbKGjEU3bX6tI7iDjbhnlEX6rDnjaytyBwg3t8rqPu5Au5C7UhWdLyjlk8WZ772BsynS50RGd2OhJ_2rHzW6PIVe7LMX98gNeQGMSijsaBbRNMMdm8PHzOZHe0Tk-4pQg4E8BuPKrryhA3gKVe4qI5PyTIVbSrw2WeUv9FMgsMZRAYdx9vDG3wIgBR1XNKT9IgzJ-8iXHv8hFbDBlp33_vSOBeiLFnhilbAWSlaqzjWYAGcDWKZQNxgTPXFoEMULTwvXUkVF1w-9REedSuOpe__LnY0e5qaI0Fq0LHjFxpZWoDKiSaNpKdhMkoIgpfrbnuVk5jSCAsBPtJwUS7aelpC9qLFWeW2wo59rJdimHR9PjtjW14Z0xkZN6kTzKga-aHf2UbREnWqlQRNDsYc_FaQD7jd9GnzmYgB4P-tDMzSFK4fWPbrCKX9RpnA3QeGzEZ2jKW-rvMUdL2l_vythrbxhhXDh5U5PzXEyCxOPuV4biEf_Zn77X5kw_szf7uBbmYp9BP9vs0R12nYs0n_BE7JCugt7n0pxCQvcrK-YA_cRFm4yqxOfLPP9cBO8n_KVcjk6C_MBOKO_gfXGAI2ZSyeJV--Me_QTMOqrj97spqmc6IuwhWrraypHuQr6nuvS7VeL_2_7zj_EDG1lnjAC6bKNhxwxTaPToH3IQhXBif-LXD_HRUpEmwfaszhL1ry7vF_7-sA7BLhgecOGDBgVPevfPEcuFpExDuXko4Iy9t27IF3i9t3YOykP5ptxBn-6N6N4dn8t4SPNCzX6Xp1iFNmM8TqTDfHxheeREaYkz1SXHeCOLotkgLqq85SKGRa3QI2O-oOFf3axsMRaZNCO0I1Nm4tvK29h4MEDa29auXQx1cVQL2mtWyxGF-Zr9LJd9ZPvopLpbjFR_wV3WrzSm_sNfK6ra5LrSDGIs7sbZWsGF6I3_rwQs7TwxfK1tFavims8bhu9zytb5dnXOQs4qVbqN-DiDACuv08QJEZ4wWrUA7YNj_4WswzOzzA5Shm8p-pxCTLPbJ5mSIIn15-iIjcSMZ2AjSx4rqIyasJQjNiGoOy02W95FO-YFXffzUc3rjxEvWRrDCWMi1-bxW0tcIvuXDFyZ5PZKtrjLozam5MOUQOogD_kO9W4NtStVZtEeqNeOyLRE99bNTcA1Y8VRldGGdRdv9xwijfOAV5QolKzLoNss9clySBNmp5dA7JkV4cBZeS5aEAxZoWQzGHrMjNHsjSF9hWpWNn-N0kQRqhX0QaI_SEekTd3ggecE0iqGDNdS8R_fvHTY7AvY8571uzusmAkdgeRsJhMk3E44d5h3Xaz-6Y9Obh5P06IM7db_e6JiLti2ZS71qhZBsLErAm-hgPnK1FCtLf93h9m9LtJ_wSqv9evkxBlFLpnOmjROK2DjbswBEuVIUPEIJJ9uRJhfYRrNSLTW_u4V0m7Ath_M85DMC6Nj5Ivl46OtvQSufPz3oH_dLH8RnNpmuafxB_Yt_jIiRqY50HIivdzqwgjdRNqXYL-tfCTV2bflT9BgzdzI__xo8gop48l-u0_gWlC0UHxAK2-gwy5X-wIsDKlWBk-bNJmzV3LPMdOtdjIMPVIxuCCX6cjtGWpgTBfIqo0qOFNqKikdPtkNlA5AGhgc3J0sijRtQ7GUh6dkQFW6QywU_CriDfd7szEYwUaDmW7tZx8C-YGFX55V5lWAnd3FfkmbM_Rip0L-7zLe4LEi4ddJz6jkGRVrH-Bsa-wrEbMs0syoufQZkv4cAhFN1duve-wS2S0bLDD8IEKqXgzFSAj-Noer3YaheN_NSC5bhtZ3gy1t-SxBe9s3IE4YtWQXqZxed-FRsBcq84CFQT0fnj1arY-QMc5TgeEuk8rQV0M0lRtu9RZxpDeflDQQbNOgkmzPTWZ7Gq3EeTSxatjLYM75_EbYzyo_kZGaefSoM9E6Th5SkKW_MBWRF2IyI_kHeBG1zixKzgkFvpUKludF3_NIQeZZo-nhCu8Kf27doVNtT5khuxeZUhk93zEPUIIUP_zZ1I7qq9TYMSiuYftFG_m0xCMHHIThCqiJ4c3B7tW5gVDdiNkuliGUj0dfLm6M1U3Qpk-nl9tChXUApHZlXM0lKZW_ktMEHvna_sTzl7WSElXBQAB-BE7mc3yxQq0bjLspw5mZcY7rgCEVgbswLQqDeoQhvfWPj_qMfBlTQuIz8A_-b-7-BKdy2F6Ac3iN7_PQZBHl30h8Ye5NFdxcDZcjUMj4h7Z3KcdBLmpTF4M1HaopfpV_C-e6E_YAp9SQlC8ndytx3A_RpVyfzymrFew78Xu6Qm5cdllBv92T80P_WOmgyapEhHccQNPv9EpSGj1bPPDdefctVl4odLw9Dzz7FsLFwi-3x17w_bdVGk24wkkxSZ0lPd4bUXCwXOnaxS9e-fWbpwY4CHz2TnZzJJy4khUimtoVgou2S3GSwwljkX2I6EIPhn0oK-9Zypbb8733l5vmdwOuiQAOSiSRZBcC8nVGr-Yr5WUkvIcxacmByxQ8MV-7u4TmSFD9n28EoHWQz0ainYr0Ra7SRJ_gOlgVKpgkfBToCIFuyRCnGVVLLzuvbbAxinr7KJrZQXVMD4fVS91CxS4Frgm3x1gy_4ndvR9E96C1Htq5peTnTwd8BqKdkGiYB87YlbzwiUpS56s1CmzphzrzC970N9IrbQIeKvJRrUo1EJ1YCzdKwmDv9bIEDCBZ-XRkCH2geOVEVfzqOyn1C5tQEd9Rcpt7yPeY_L3Je59jsjJJmRt2M1Z3L9R-PUpoZE0w4m4t6LuvoSUfepTE6zX4yOG_d7R0jSBD7Y6ifqlNNSyxZbbXg85TpHRpPJWVZ6XAv7DfV-vEh6sqGfSXC10EzkeB3Wr7YntjTCCOGrR1UC2ZOQnXix4w6MR2qip_jsVH7fnHwpMapYusUqvtX3NK-7HCYvn3kWfO7aQ7xFgnzxtMS_1R-_VgE-8e2-9pCLjSTN3FGNkiAd3i5LKapI1adD4GmXkC_xM02LjGocghfs3BsepUeYRfARnjHuPBDab2Yo2MnwxJY3hv3tjLwVgpTaVQ0X3jmP0ZOzabz5k7VKhZhfZatM0HzBtrpaOnSNU4OZd-UVpvpqkLPSad1XiDGy97WpyuG4TbRaGog24m1sXhRctH-1do3R0DEKTE75ZKXQyuYjbtWmvLbsTGPkKP4-h7RjRSWNHbVV6yc8XnLFNJ9Id5m1hVUEXIob3jzIA9t7AFTUV-w8N9RwSXAlqt3meIIfDNTHdnocrwavZ93yF2LYDW1q51IurYCoJCsYjMwwd0ljqFAn55HSg8v66Ze9OGWzP2hsQ-RfrFaS8gK4_GjCfQT-oO99BWwlPTQFG487BbHpur3L-7vCNLw63dd9yPsU03flCcXBzhEyhQFsOh6yUQLQgmafcK6BN-1kkLAj17P-3uFvcjO5cP1Hha1InmgptHkpMP67mVQiZ9j15-EoCyTA2pUsy_BTZPh2X3ePny8Haig5RaUObZp5oYx8azXw53V5iOkvyZJyivQcvpYDK96bblLE-v-zXpyzITqgRMN3XTxHyCukpuUe_8KEQiljoebplnekdnrhSgCDjNdZGmpjJ7iqIQnKvm-1RZIPBgEOJgJfYfKKN1QWB_9xUce5AeOlyPH1Vt_eTX5096DzEil-U3ues-Syh0_WtUbe9JMb3QPuZ7mIhJa7AGGPNF6Stl9ulqVfWXbn5qsOXJzq4DzIzimFuIe1uxX_xOfSFU1oYJ01gI9NVhMK5G-h5-3qPRD6dp9HOS3mMaNRbVtwRWn_W5KabRhdURu77HCuCspiYBxUUxhWmWqntiLAczY_Snj_6D15AFldZKbdswTQM7xlMbc6XiN6xYKHbTNb1lVIc_YPMRA4drWPzvwFZxg7L5q_JCx2l_JooeHNGuUWzbx_HwzXeE8OK38WqiXkYAQfLiQYYJqXcXaR9-MCckwLtC4fA&cid=CAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Faofsoru.com%2F&ds=l&xdt=1&iif=1&cor=13053782085508520000&adk=1033480540&idt=82&cac=0&dtd=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

885cf483f0e9af5e424927f9e3b272b9281345f455a4ecc7a54406491b69bfa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13588
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame FFA5 41 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DbuUbQ1q-lZmgfyX5sC06fV-P5K-OMBdslBkdUlTOFC2nZJemhALAmq6vYmPuBUpNcm3XfAqqEmB3KG7UffYpTkYjkV9qtYFG3urmAuzGsCbwFs0YS5KmNMNQTfWPtkcCUVynUGmLpq1yoLBW-acYxQL04TOEm6hIfjIeKF91Q0t3STYA&cry=1&dbm_d=AKAmf-B-bQueLj1KYjYIJpIlCWjoeDfAuJu-2q1OBTa74iGjOHrdPdkYDevR0FjGrkNpnv71JS1l82uaavQOtLPqXfnGo92-jMGZbqfeL_y9ctPviU2gZfrw5LhSsYjHTDM56YTNmGxyivWcRtIOVwX-4f2ZCl8p5YFSp6EIMDWdQ4XpFsYOcRU7Oh3asU0v2iIQ0Q4v43fwbcGNhis7cf2TU9TBZ4pAticO7YcA0VQcQlHJkryEvu16IG5UCG-tg7gbP1lFB5I7cGEeohWi6VaIPe0QieILxkp4ibhRSKJweNvlxwOtN_PtO7rDGjwMlC-0mFhxU8eJp3e4md8n8psHSZJ7AGnllWIn2kbZ4_1t-UNRv1onEGVvRvJs_4fxMJuKh5BZv9ZFRqX4-mgU2f3vttyXwRn5u8SUV5hEvLDCGQjRPbsu6Eb31a5cap_fyzlzAUcSEp_ZLnUxzrqz2Y87vHtyFk2l68mJkN1OqjNptRgBU3fHM-9PGUR7WUck1AuPx7JaRL6kMcY77M8XTLqw9ikKDIMt5jfYtC8q2cyZCH73gAIY9zX9muLPKY11jPO8HYuGLSRMRkyT6DfREuKqveeSfOIXslpCYPXwpGJBkrKTP1mO82omsDR_7WG-ub58Efx_1K1J9SKoroHYCkpS4ROok-KCiAnWhtPDnEmzgjO-WNEEuM7ciYIAWMWgwhWmkaBmSZkIwpf7UxXSLe6U7jRjACvH4BOgB_X8UAm6qAL7WSEVihrGsG4nky0JOhgBWpk99HefY6c8w6osDZ0chWnX4g-Ktj8ee3ztB4DV-hD_thiM3AUnRhlK91YwhB2bZCRni5HrP05pYwpDck2t-S80htdzA6E97RDrqAFdiPaX_3WX-YLg6rvORqpUXZcf9XPXZkE0Mu9SeAE0DuJQp6eXsZehloPe43G6WnJIGfV0SYwx1piHO4CA-68YrGet7CIMNl19A_bLf0VPn79WwfohNc3JSpEVIqJC6xpJCbWN1g3g329WUGMzmCdDMh2ymfsaf8qkA2TrfEvLiD6e57JBFMFsjQ9LiIP2KwrglEgP0Dfghp1oLkNoyTgWVLj5AZ9WuOLo97ZyudtmXO7m-ILLu4yhfI62JUEPgdNgZyEP1w45DdWRjyEp-xM_-EEQz5RaWaneu55AQ73AaYwWKPERRkyqW-fldxdy0RUDQ7g32cHFFWFvxMBITwUaWe5XByluxHF8XwPKr9V9aNg6WnjxYl9BfAag7XIahPgiGLD9u0lL7yFuOtdY09L2EfnzmNME8mXdWFOQfjarKWVKVVSKF4xXSsyg1E3C8r5tavaEyZqahKs0jMCGRYmQMFnxtBjCTPiBwwd-U5JiwjbtUAyq_Ycu9LItmYVxbwyIlNkYZyNCIw8RgqZy2tqamnxsbmOIHXvVqqYY0wj0WuszOBvj4d8dgrQs0DC5F5TXqDgZoPD4W8vENdEeP6372TwDP32f8h3CG9s3q8xaAc87OJ-RD1vjs_HP4SLUijUo4-UO6x039pOife9VstPq8Aqd85SZF2s9Dnw--EHS6Iblcv-KwM8pgyTB3Yw317elNNqs0ntResvIhaoM1anFGjT5XhSpvI0D0TOgIjAy9DLZ0a_hF_pAD494iKDKcNcLU3aSuN89peE6ob0DRdhYIlcww7cSx-uG1RBDDNvVwYCCh-YNzkg_qLcjQkjYI-VwyYKc_ubwU9uJxTmn-C7-1v-XrPMCZk74YKhArZC_aH4dUYODsOByr1h3-E0JQJsDFbC_ZycB7EIhOynOFB6YRDw7W29lgA9jMGgl2d_wdT8zzF9zkOscUHxflJG9fkUInuc6AqXJ2DRY5YCHD6mIPtlMw1tLQ4kmT1VrCHX-2Chre6e6xk5OwCHDnAYyothRfH_K-rUikca0E_rF5pohUiHA3np_Yfe0PAIV9aOaaKvcjG-TNC00A-bRZH6RdZ8yu92YNb3_vDVDAciD1TW0fbcLa8EMwfz9cykZYXjResp_ZbNuF1_h_MLBdUR9QlPMU-Iht-uvrLFXgjAFa_qYxga6ph_q9Ou7AFSHFceG5JLHi-a1H1En1VqzUxdXdMnV9xm1teLWNRdNj60fvt0P9aeUNWkigmp8EUvdD3mX0NHyWA3Dlp31bRS8dXOnjGKkPzxI8v00RbQaVSSAEZzUHbtPWYpHJwVJS8rlVGdfpNucOobd9KYEazXZ4KJ_3ewImp1dwXYrxjmAHCmeGdvlR4GMsXxkzSlCjmr4CHoK9MYnQWMA2x0xnWzCp9i1k3QjTk9cfjnki-Gh-Qdti4m-scko5F1_faEW1_xtfKQuM3t7SDDBoeMEDwYm2KJxz43zzuZ4IgPeF5E0mZsWdSiiGiiOl4jfjdWFdmvmuM9thZF1maHx65amt8KGwZOvHwg3--_YannmybDWg0WQOFzf0zKq4AG4NA3jPnchObhEH2LN-ERAtbIDy_bz2f7RjgWQhi_M_07zf50YkofcXPh2DmkWChGjOMStZBQ4gvlLlLyOzjr7wsk2zO6ucfSyLksLKBDHQCmGRQWeFQ6mipPtWR0L1X7UhLdDm-GlrWAPY4Hn1-7kAtsQyYoQ2z8zdXgTekB7EwiRUxns-cRyQNsl4Rkgpu96_ha9oCzKbcniQx-hrog1ujLtILU4Sx7jsP_P0N0J1f0pZpOdf3LuAvOAV_qoiFQz_ano8lRbML9IukI2yahOHxI0cBHzEt0GOh07EvGNdxAVX7NVhJQ99COf18tSND_XOOI8yvBrBpWVZB3ovJYAwKVMSHfwSYopd0JEoe-NzOB1faaPL4iPHAUZc_DTKYrZjbVRA9om9CoIp0ObURMwYfI0ArNR3SL84ykZatah19smAowvA_RIezEUvnrLOVViwe-VcMd835U-Hrz8Jp4-LNfqFHZ0r57CMwEMz1ro1iWRZ9dgTGXXT5aYF3VzcSiJ19WaYb95xDxTSrYECBThnwgl6c_LaKCj-gWQLh3rRhrQFsK1muJVK0snDcTKp4OIRNToP_imgbyfJLsVCV0z4iOu8AbUgk8b4ed_sdKw3weIfUurmcIdPaDdr8xrwdluvwIeeCHrr6Cz4kJwriCrOUwIUbbkAmymjSoFxf72otpWZspufAZG_gSTmxRBsDydm7csX8DUSAgPl4p84dvBwFFPp1xnsJuWjAfKkSDZw2pw-r4uOK3YkwjotHZ5uxGiNMz_EfOLFSnoMNVat3irVVjTr5Sxt9BnSGyTLELce6VRPFLg-jo2Yx5IXaBqa1booXoG3DHeW6kcZBsPW9FAQ18RWarD7Lr2PdAjq_P3dxGAh3rq898dfDGVkbTDCjVuGslWQ-srW1lU8YV0sL-CQFaO2aAK9WSaGQ_nX314f3naHHa53OSsOZlkuzECrOqxcmDEAXYNsUDzfxLRDgLTx1bFtCuIcn_zMW3D9-jlArjZpR8PhC961_3lyIJhVpy5Xr6IZsvLbanSs-vQ2XLAJUFyGD0PU6rx3M_Q0nhpDokkmiZkPIxpwYmf6_1dKF9_qCKKK0X-_9R4jV0XcnkSovwLQRkghUbJJyhxCDvqtQH9KU7vOGvLpSOgD25Ovo6BIf6KW0nW_kX_gW13W9RM4MA8NuHGw7t2-VnKhhg4kYQDUEyk8cxHr6dUqmvyFoej-Q7Sf1zCgQgw2QnYVetowldA2enO3pXHRtf_ZJBq3ZaUUWwyd4dRXksBaUzlF-ME5n1ipaE2Fz1KfauAMW-GpG115gxfZH2_aRDI8daOdUXBNreH3Dp2-dbG-5LX_RULp-8GRYtN9Zf_EbOcEnsetsd6y9L17yHwocp5RL1P_vaReEYYHIk0szekmT30fobbAKJgs2WdD4xql3f_MGBm--mCa1G1ISQ6-gNTyWIucIbqkHVn6-Hh0X27pgUhsqc51eb1akksjBoDz_oxq4pncL2LZ1NEbuKOUmaG3ElZK-qJ-VK5pWuzkorCWuaTgnJxe1lD&cid=CAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Faofsoru.com%2F&ds=l&xdt=1&iif=1&cor=6982843904530145000&adk=943508964&idt=92&cac=0&dtd=19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 19:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 19:07:58 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzI1MjU2NzQ1MzgxNgogIHNlcnZlcl9pcDogMTM0MDU5NDQ2CiAgcHJvY2Vzc19pZDogMjE0ODExNTkyMgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame FFA5 0
868 B 113ms
56ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzI1MjU2NzQ1MzgxNgogIHNlcnZlcl9pcDogMTM0MDU5NDQ2CiAgcHJvY2Vzc19pZDogMjE0ODExNTkyMgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMTMwNDc5NDkwNzYwMTc1MTE3OQpkZWJ1Z19rZXk6IDEzODkxMjcyMjUzODQ5MzIyNzIyCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMi0wNiIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMjYzMDYyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2MzgzMDIxMDEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMTcwMDcKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMi5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xcffa90c964f5d4f90000000000000000","13":"0x68953a3c78d082b30000000000000000","14":"0xb11d3aaf26331b250000000000000000","15":"0x9a76125cb6ddaa320000000000000000"},"debug_key":"13891272253849322722","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"11304794907601751179"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK b0ssnwblwmm3 Show response
hal9000.redintelligence.net/zone/ Frame FFA5 11 KB
4 KB 89ms
26ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/b0ssnwblwmm3?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKN2VVpvCZZuFL46Kx_AP8OKh-A_M-YagaaOwx__3D_AuEAEg4sLrI2CRBMgBCakCsf4QW8UGsj6oAwHIA5sEqgT7AU_QmiN27rGZQjLvvTd0bBJHtcyBojz8HjsX7fPj8D00Hd3fMAIEGYPanGpKpo2My9SiHP5Pe56W6tHVniDT3C7DK8Eag7GnukbCi-PMnEApkGE5iUwCiU9asshYNSRfktzz0akGxk67xugLQKCabbmsq2VvZVTqjMBwSCcj2pCJR-kC3C5itpeJRem9N-w5ZkBCjbJ8r-cj_21InKF_kY3uG1Nf3BsJmE8qaIungsrQS0unIkn3cygrDZmPbWGSILPAr6XoitWRuBUIGW8uNvGn_t9ynPlAXWnV93Yp4wl0bVlT_MsKP4ZyV-eV9SOQ_CNYoU10TXlqd7GgwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOliBpKG2y5eEA4AKAZgLAcgLAYAMAaoNAk5M4g0TCLTkobbLl4QDFQ7FEQgdcHEI_7AT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ%26sig%3DAOD64_20k7e01TrZ1lft7Mj8olsK1ti4Xw%26client%3Dca-pub-3095732206138064%26dbm_c%3DAKAmf-D2nOSPoR3fIPcCich_TE1S5pPfMRw1qBlvNkH3cn7Z5ounNABDUuuni_ySrMgy1IJqipWzQOskjYbgcSdliZb343oJCE9_VkiBoPU2y16PS6q1WlAUsZuVj4ptupM1gV_IZFiPWA6cX-CJ2YaNTNXgeiDrHIfhRyJnysW2mq2y4muZP0w%26cry%3D1%26dbm_d%3DAKAmf-DrstXMciEcO4JMM_HCBSq-qQu1EMB_Y-upGcGdIVZRt41P3DebLKfJ1am4qSLWCzjaDW6nMc1ir4dkn5p1vXdA8l5FDsyBJZ9zXGlJZD5y-u9q5pKsRAtAsEnh_WMl96a0uTIrqiBNU55ak_cJdg9lwIdchiN-unbfzQy_eQcUdMyKeGQu9wLOPpzu3KXn6YKZC7sZ2gZNugVZpJGgfJb9f-NHZXvRg6IyaWJyUGFhl6kCRis_-VcSr2q9Lv9YyWD6aKqX5N_TsvQ0GkriV4jvZREATsfSdUhPU2rnXUKsgmZYYBQcmRgly7Fd81GdDfGHOvr0ohxiDKk5F43Y42JbhjcMiFQotGaVvxVFJSM1ivi3vupyosb_f2vf0vaeq8mnKFOITRmf-bYWai2cX2ie0tFmR1ugKfWeuBCrN6KcYVLHci8-YTJELrwb5FTLvGjGo9b6ijZao9aVz1IE_Pf-LY6jns1La6IvnNcPP8xiQP8syKXRNbfiS4QwB9Te8mbv5CAuNkIIaXd68jEQOhdoMbgS8FCKO1_2MVtvmqEtMx8DWIscRJKm_UXaOvVg-eHAASWN%26adurl%3D
Requested by: Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 Lutzingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: a4d7a2e2fc037b12b940fdb02e35665c086f67a9d89862bc13090506ea1ec42a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:49:27 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4182
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 6694 41 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6Yhj8rY6Po5r7A9YTyHQhEO23T6mLq3a40I8186i8pO3hIsJ39j7X8DaRhPguMatYHlW_3xK8vFO2xbGSU4Xlt0w6M5zs9YWYT_Epwc32i0u0tU6BOQW4XzNex86rwVZRI_YbuOILi6V9jhLsQ4R_0sMJ1Fl4nUpqzjKzf5Za9rmnWhA&cry=1&dbm_d=AKAmf-ABcwvqEvGovtUf3tQurOFHxNpvLB9y26O0sCwZhdkuNeawySQ93IkTLg9bOq-oqas_o6Kfi_k2dU31AU3cvzjqqfyYUo_jV7RyQyFXIBsE90cunK_DRAn3Qt0YMsrqL9vYlsKbrhrvXNjU10eXfvlbbKMb9Ov1Nj1DkYAEjg0cOzZKMRZ3I54SKAInMcTYuv2Zvu0C-46HldgkVDq0OTJhEuC3ljn37Ilu4EygO7fC7CTiQvwQH7HhTsnW0ZdMcc_biqxGr-7zGF_uGe8-Zy7GSaMN9Gho3Zs86zQ2Z3y7foSWBhIDhhWldsMU2lRFleTtJ_c694KQqvMhtc6kbzdObID9xxrHjsbBr1-RhGJUDm7ljYX7DP85fIIeRMNpG-bYFJ1tNhj-uORM_okM7QASGe1vb35HxkWn6w2ocuRrjkMna-XOsbv6Ryaa2Llp2TE-Vvh8qM8YUSdzJpP3wNJPaPjJlBFwUHGgmMh-MGX498wiM_RiTVZv1xTPrcbzDW51Tvw5f7Zco1UgKS8nIbV2YgPDDije6noBne6W4lmfFSFwd6uocsyR8_V5AGFuduJgnHzLPGhCSH2wvK99Z20P1jU_i6W1veAwFagF8nChScpCYRAczf04iFJs7m8RJDpidK5zQm78oFuf4ivltzUjY8TGsmZZm84vLaRJAJaCOg68z4c0YUG9J84zvESPoXmz0cmFPAeM-c1Ykfix5TkZZBVE937hB2jIsQVe4ZliQuPENnOq98byZnmW1NKGtCJu_vPRfs36YB4EzAtAp3MH8MVUylqAzxuiQhF7GlCdr72DvYZrACdbmfbFWlYzdzJKzDChMjDvt_P3io-nIhtqtgSPMQBS69Jnkxi1zVjJw0sg2Z6v2CeNDUT2yuyp8RAPC4PEZHeJ72zFKGFIdCh0Ow_CFzvCIh7PDXXhSMMQdDm49565MzVH1E1U7wPKmKd3s-QXweF9mN4TKrW0jfgaAyzysV46C90tVozd8BcRXafXuxJHJ2iww4gMcXTkqFsYqiCYsdNG-jT0tDGC0-UIgEbL5JSJntEbuXFohEm8eq2kLlwiTcERC6HAOtjWEIxHXZAL4Z_8S_o2MW-RWIZFZ5K0FQlrue1FDe_ktnuslezr14z9qSfaq0_161TO9O40Cc5s-fLKmZxvufxWdoKW7g1PTFdJjh7MG0HJvVMsqCd6rCMSuCt2YPcHqtJY6kfCdlXp57_hCWokZqnX2KfdynFkZ-dWmVuaXq0DGoNzGxhW9kpihBN_N2qn14g0dUzQ66qQX9Y43GjJb2uBwlDNdw01ov9seSQPNEkj1_5F_xvYeIx-HnqlGNMa1l0LYqAckHWabLc7jjzWQjnB5k3KgD6yWjxx1_mqu1ox_v8AaLo6DsxAwcQ-nvkf5322fByZMD5eqhbqurfRFbkfEBAqG4N4Emlm63lCP6muQ1IfvuTegFa3ULsPP8PbT3rBPz8q51oOPXb0hpTrA-dAMBOqJjDJXxhtxh9o0AcERUhvx5QSPLcRGOvH9U4s7ugiShSvZtG210pAO9fBGuru5xgZxtHyeRvzQINHTeTcFSQI1OhT8wL_E6KlLDveLWBs--AkktG2-2kipYwjP2Q4i9ouiR_mWUdVegsJdxGxdFHXMksAtUl-vVH1087jdIfJpXZNIBWwpToimj2c7j0cQrKBJ4q_0gtxQ3BKIdChCm_rHyJoHmaw37hED46ToG_9TN4d3a8GTS5enqZkJN26PMX_ZMnJ_sKqB96kigej_bNh30fXHQ09d-GtXnMOeVQnm8EhFj8pyOam1zw13odrcxCQQnPyi9e65Nz3EwXiqKbR5VwughiSzOHIhBjj52zqTilldGVyAg5HqS4DTguOHSA4wT_CbNNQk92hfSJLZPDP3Zj4eXdagvfEZxgqCXfpxSJYexYvgHKdeiyvDbhoZlhIaUzwGdxFbjFFp4f_JRbOHs6WCyyYqB-Cow-RHSsPAWDYFgiIWY0AybjWk8ZP5d12jMH8dxgzZoaUN28S8aVC-C8J88f4VrP6Ps7vlsz1LyD98aqqHyencSMV2W8KAL67z4-TbPnl8Nu_IwU9sCwzPAtTknejTHle9rYaa4ybEE76pZLUvGGEzvf4SDhKdDRcbaR-trdO0DrYAKwARYJ4VMQP_j1WbDFZ7aGpJu5cvs-pfKxjN3qP8qkuy1CW4kJPDiWcobBqKT6-srClinjeHd2_nTcZauLRQS-Glu7gIrW-VtieY6-ikbtdL3gooUxT7Kf8XjM_RlCUMItO-4bAQvopS91R4vfusXFkNNH24V9-gMWmCYKYiWgvIUR8tKyolqENb4zaaaQuYvcquZKsyICyfD7pkKqR5UCnmfyvW4uwQhiensRRf0Z4aN_Vwyk8oyj7I0WOkhGUlaqo7kqn5tna8ZzWMTiPddPgJ1j97lZ74hghUU_tVCClGUZy3Pwfdi49rfve3I_EQGqSbmkkRXS-s4lz4MgHes54t7QgG9QZbkQdBr_5HWTNrbqy8cfMBKJmBrc_bjDAEFx_EANZGJOUjFvmiNGo3k-BE_g_lSfDteCJ4uIRZqIhrr48ffeaIYl-ltHG1KRwzNvnCodEQrQTrn85HUs-dHtEmfGB8bHy78iATvH7pmrFYH-f08Vck57TN6wM1RSNkSReiptYitsvGFHjzxHZHIwn6WIzwxg2cFq4UQyzG6MaL314un13cO456UPSVbFqf9ucNPJcc2HQOYO71Mw25oNpFNuhKMAf9Oc_r4OJPD1dnsA8_L90Hoxesoul54FDa5U-Pua40Hr9dTBuIq49ZGfplov4zkn0MIdAmbjnUO9kapnWFKVU5Y2AHIBwDSsN4_ik9Osn6fgRK4wCan2lRzR7Zp92xE2ANwaqxQ9pwL616TrxVRoBGUnsYm1RyAZq1pfWLorgTD4DESKiwRHqk5TEZA0aaLbnoKZLJud0hFHBF1VPBIonBh5FPabO7XoozomcnLkjsZ0EqvgYfcB6h4X1gSXZVKCoXFjQQmnamEIUTIK8HeHQf5LOP3Lc3YjMi1y85jqWDY7IoSvlm-C4eJF9fHiyiNJUcFzsXrrz9d2glFwzA1tQQUYxJCOT1OUW1Uw22tR4tJiRQpJqW6cBPIW2NReIeNdHHaNHj-jOrSK7Q7UZPBXtNOwNtIpaDaz2nxfR0BxWQWYUFUioOrdELtBUtlyZ610QU36TMFmIztDssnKQdrvi7bEK8i7k8WCXMJmXR81JHCxfkHFMA651uGqMK8qiJTg6UoiTPpXPYH_btYMglvBy1qtFNnrr-zZOS1bdyVhLb164N_mlkklCyQbnKBHNNkpkC3EElnwQdV_Ab4byrE6zkm3cDm7VaBQqqYUEhu0qTmE4I2htTdEJGI05Xv5SMJkEGIXKnJLbP2cZYNfyPVc67bwN1L09B7I82czOp-FnVCDSF5mVVY6Tgrq8xZ429VBh5hW5tTzUkMBSQuoYD5amWdBG8AdgdYEQS19PkfUBw_IkalWnVdY_C0W_BAmYbpwoxWfN77M0zi-h1z2nhfrw-Gg1aSWo1zA9ZwnIP4K0jWYF8-nZ174ZEjPxgpNcgwEm1Tu8rj5ct0Z1ejo7wDOIe9oZjRMsAfSBrlOS5Pik5EUcxtkP15ntT2hgZoJpkO0nmHwcPtRLckvygmopKNS0ip6Yp-qcHi82ramwLzhEMmijGahjLvwGpg5l2dB61bF59DKoO0XhBYtpytvqQcCeZzp36za91Dx7Y2fqcDz71MWf5EyjmdFxR5lpw-Iws5Z40Keg2a7db1mijF-8fAlBPie0dC-pqHZbQMB21NnNUj35Iv1myLp3pvbLVkkpiP2rF6ONA8zztOo46slKHoqJyooVCUtFXWlo20SFTtf2HF_T3llwo9WjjMdeQfCBGsnJc5HXpqj0w2nwjo0BCFv-H40m_LctlZ3YtgyT_LaAJE_DNwmPMkeZ4FmuTCl374FZqbJbTpJvCdgyugGNnHEaXBCFxg&cid=CAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Faofsoru.com%2F&ds=l&xdt=1&iif=1&cor=3671082636327318500&adk=3690638928&idt=87&cac=0&dtd=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 19:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 19:07:58 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzI1MjU2NzQ3MDY1NgogIHNlcnZlcl9pcDogMTM0MDU5NDQ2CiAgcHJvY2Vzc19pZDogMjE0ODExNTkyMgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 6694 0
506 B 113ms
75ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzI1MjU2NzQ3MDY1NgogIHNlcnZlcl9pcDogMTM0MDU5NDQ2CiAgcHJvY2Vzc19pZDogMjE0ODExNTkyMgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxNDc4OTkxNzE4MzUyNjYyNzk5MgpkZWJ1Z19rZXk6IDQ4ODg0Njg2OTE0Nzc4MjA5NwppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDItMDYiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjI2MzAzNQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjM4MzAyMTAxCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjE5NDk2CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4xLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjIuY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xcffa90c964f5d4f90000000000000000","13":"0x68953a3c78d082b30000000000000000","14":"0xb11d3aaf26331b250000000000000000","15":"0xf1eefb9ec9e7203b0000000000000000"},"debug_key":"488846869147782097","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"14789917183526627992"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK b1ecwdixnimz Show response
hal9000.redintelligence.net/zone/ Frame 6694 11 KB
4 KB 73ms
25ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/b1ecwdixnimz?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPgh5VpvCZZ2FL46Kx_AP8OKh-A_M-YagadO0x__3D_AuEAEg4sLrI2CRBMgBCakCsf4QW8UGsj6oAwHIA5sEqgT_AU_Qun8QFoWHukjHiFjIGfhn04uDVE4V8j10sDfv2BmNkI3KJxP8JZCm2TFbwXjPqPoaV5ERaQZZ9fcsfFRh-66S43YNwNVeO98ZDRguv3ZSpoqrGlRKGJ6iIw2dza5vNElgVnhmjnZMPdC6GCQpE1SqagsHcYe3mjrb1WjxKMlo4lu92VUEw1pobAUGfQQAaK48H8xnJKLYaegFmcahnxJkvkpXmJzPdMT-fDz_vJNCv5h9brA7c1evIHBc9oz7aS6U0AykC4DbPIiAplta0xw0g2vfC5k-u58m9bHmBAMIXDJxV1rQadN1L5g6nVhIBmyXwnMQOZsyBcjO8dLcGcAE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYgaShtsuXhAOACgGYCwHICwGADAGqDQJOTOINEwi15KG2y5eEAxUOxREIHXBxCP-wE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ%26sig%3DAOD64_2LIX01Sr322VZiKmy19xjQcJT1sw%26client%3Dca-pub-3095732206138064%26dbm_c%3DAKAmf-B05F--bjC0Vh2kR432ITnFNB9KvhyA_P_EfrHYAUT5lo9eZ9W3A7JB7xFn_mTw83GeurtAu5q1M9lXpojFa3fw0NsCwvLPaC1b8T0iMiz-yuCratPS-aeDH_1YQxrbFMP9B6CBkm6v3mx6BeymW8zcc0WdSK2j5vh-lnIuZAYHKdRwLJA%26cry%3D1%26dbm_d%3DAKAmf-A7QFnjRKNjH1Hz2FjFeEhUtqUeQGQWoaRAj8P8lGZgy6bYDkJR1OGc_57SOBbosL8w-WlkWJ0NXn7B9UudLR6rRLcWxWumh6tt-FHLYEKMkngjDlX9QFfpE7tKEnjZPf89Owx6udx0euO0zt4mxOqWDlHGr9pY82Ms0pz6SbSzbRd6AYp6txpSc0zn-qWKX10mYrb2AWoUbxpSIrYYP7-dj8NB5MYEpsjW8e4zCpe0XYngoie8fJXH4iabKTyX34bgl__OYjCCtCclVSJad6YlKiCOmP-L33gbHzip7W_pSevVVQDrqMdff7avltnhuj9nrhVxJO2GXPcoSfJcHlI-CJq88WkGNl5rywCYrpPBDABjmDMp6iZOcAVowrBAK8yxsV80X6oRqMtfWcloVTfW4tfAuJMmDzTMboR0rN_jdu_ZZCxn5k60qfc8UNIKadVaNTa5kILlrfmuJm4mDXOm2EgPd1DpaQtiAFAl35d_RedfW5bnWeObWZPNej7Nf6y22g5zJWXaatsavS4ti29HGMhhlnkq8hBoPq0Vm8EBYvsoarnQj2V5gzRvqoftnuC35QZO%26adurl%3D
Requested by: Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 Lutzingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 87fe07f94358e38420b9387b4f0e40338a5bf9a0dabb80679db8a1bd3119e8e7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:49:27 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4194
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 1A2A 38 KB
13 KB 20ms
19ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 6069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 19:08:18 GMT
expires: Wed, 05 Feb 2025 19:08:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 08CE 41 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ATpojSORhr9q7Q8qk4p8UC_plpufCgcrHKWGo0u7fXavxknbbNPmUsO3OnTsFkARh4RexJkAFlwBU3dC0GxlvHsyqxokgWRaD44sRUR2DQ9OZ_cM5Z30Hdb4wd-GlND0M71lkeaX94fj4_HJu3gtyk4nc0cDA7IQXRQP-O7MMcl1b3Rko&cry=1&dbm_d=AKAmf-Bs4DiEt-XjKj5rwwTc51fKjShtuf-pMFuxP-aeLbyWWIZO5_FXdSGM_Ca2Nap7vs0m8Ni4bDqG-gBlcs1WMAJtK1EjAUuSDXC99nY_ipekaNaxkIM0hX4ZtBF4kZaUKrTXrEfadE8THWyVaZ2JU6alPgkYTE5YqSTqFlzwFd_zie1jNWeSEJep14zKUTpFqFt2SmYUCjtkskldaug02SpsSsHynviVebtiLvxbeSQwnyitPaoZLa26k3MYtUfL4IHme42VQkBNMXfbrF3kBphhAWSBoEsKTjJq-HPTqA90SKeHgBJ5JH94tTMrdQAcwiyr7INCYPgJYoHknr2x6Q9s3z9fLP2mqTsiznT_lPf-DGC7xV1LTJlHiFrU9TVOMAI0mI0LFGWIJvOwWoL4HIln39Z7WVwnYYoNI--drUmPoduEPx9XBeV4C6aemseHHtNGLiH7HoKDpvkArucs2YBpdXrwNl5A5J4Tzdq0NGqWGpMnnyDHckOdLRHqykpPk0SiMmhkBSgzoRBFKXJ_GSYaWpMkSRo_mLaaZD3EGAmuZMSRRlFTWqMTZI9r6rQmAI9OcbheWRult51-kyO1H8hoMMeznO71YxcqvD2bFuRxaAw3ViCK-jT9vPEedfXugEvuZQdb47auWOIbFv7nv_d2jfgVBbRM77-UrZ8XYNl3t5Yrt-61aBEvtVhHmZ-0yoyjrPvPLhjkpuP5cnOteSiDvOsmTWJ-9xl00aha0o2uRtxjtmwz7tRYOCm5OnE2HcZKJzrc0cFCDXe_b7Zn54nUiGQiJaAqjfis_yqbEQcgyOSiZCOe8mgAKNVOr4_2Hr_lEQUwaKDdbR8SkToaVhfmL-c0iAJxfMKPrxO8WZneC4eOcPJkvp8tidbyL3Yb-j0biTaBJdJDpjwbHlD5CxwSO1svIM-FfKRCjLdvjuuPHmGuXOfPKs_-EQpl9jG-JY3sv67MQMum787IufFmVxWWH6WbSx-WDN8l0n9LxC6Yi22Didc8ZMVQeIcenLguo9aeBS46074HhPmaTQuaDhdlfYqse082ZOFH9YGCAF5kmFWovidYRoekdZSbHU3Z4h6lt03RrN9FxshhbWNKBZqpgMxDEV1DXLFqWr4oFWf6ub3dk66lk0PStYxVe7YK64HBLjs6C0DDd0ynTvKiwqejcUET9U9-hGfmXHPSN_zKwN5v8tf5Ug1b9Bb49p5i3NuSueVSsraYyhKjCzw_qa_mriKFHt9HkckIKBHagHKMieIDTRoxerpW7vEJ5wb9jD6MihiUfYv5vHVdHoA3I5kpKactljVV9W5f8fTryaAcA8bPTneLSc8717tGB9CBffT1_vzDhsG3xdollkQCWmVlysWdBGoVH0eJYhAXfUFYeFZrX5bXtSeccX5M3u-IZl6EVhMMfJ6Pi09bm1NgeHU-F5A-TqQ3Oo8Iv0rNHGOf0pjIMVt4mUGHyKsytxX5GT80JBorMxUXlLyW1T2-YAXrLnLlJPkOdviPco93lIgJ_WkDkCTgBVwdqihDjnKThlbTOtqehKAAaiP5h_-AlgqPPATwhQmhohaUOZ6hnx9Bu1Wt43_xzw5RTJnlBnN5WxuivdelFXGE9JhL5YOzwXP8__ixe3eqHz_ebbmzPYqONRuYEt2iHAkdOP0LzoiywUjEoimbLE8_dOTK_iD2qG7vG8yfpQWevMIqJBZMU-tDs1VbNL-IIKK-RcFAEQ6N3el-RCe0XCYYCxxWsCTpdYYJzk4QAMq0EbsTgRO03gR7ZjurJF4drehzOmvhCM2xclTpLt39JLD-I-ajxmT1dEsgjivVafg2a6tCI_mgzzVpN8iDoXX0Sg74Psyd06Uz8X4hZEHBiJuKaKQTyWgvIvpCy7RxPhfShGflhyJSRhkuB5xzsBXgfQGccW9anes08CY5DRm018t7-XM1sV9zCZIoWSmzeD1Bwd50zn8yc1bhzdWxiSgWwmbeM_jkrWW1xujqjX4szLISl_6cVcxMOuEOqMGzWTOWz6qFafagFJDAeOltPRU6tGRf0Kdsy9sDEGr8p-DqnvSl5HGGUqsApnsT0KlGvVrSo88zI6gmpZnGTe9b4DqSH4YnSn8OW_hWCSenwMK5htIuWN-YS4w_wp8Yb5CRp4pWbpxICDAq9Cz0hKmTrDsCbrNN74Mv-gSFJ3gJ0k4fw95Ew95sRsAMkYm1srRTMt_Wa2nNortYVIafpAD5SKjXmNKvbsB6MNnLWCONvCIXK32ZugN4Dgj7TXO9g79Jjnxo3MauC_6rc7FVzPT5qcaV-oDK-oNGTzdy7jw9O6X0fFHuUUAWlsxT5y585l_QTOc_3LoUpOt0ggvZUKTpPhELRjVw7x4LCuQEP3guVrugHA67POfxmHXSgCzi-lIEOav6xIHWKQ37730PBon3QIoBJZ0tdKNzQbV6pGs97wOmXNjzSDiOsxZlYH1KacTS0C2T2kGgx62osQyVJAD4XIfeeDWMJe8f09Un8VbdzslJ2_FluBO59iZ1JLUP1g6SODKNUet6UxR8tlZAxf7P6C8-a66hkypzL-xB63YqVuY9Woyt1rLyuc1JvzFhG9P3UV5EYRZOV7ux96I4IqFkwK8BXT_GTpucHtlpgswQbp1A-OeiWotrlPrIKlFvZi6waXBtFijeZaUi_uGKiT11dg3cY1srR5x6CHUHRYDEXrdhamfgPioq_E_cCMO22h0wwpDqPvTXrcxMqN1Ol8Gzemio-5V43Ekn-5KmkNvLOeNQ0_CTKxiPJzBuT9qPleCFx9J8oBhuSfm_votMxeGGCzNEm6Dn6p6tMV0W5Fs8igovKUsjq6cp5Gnola7fCz7a__Ig2Lp2x5M2mVFYuKE4soGuEns_cVwRtttKOPzTTEUYWRpFS0NgLm7yblsliKyBkqeA7BuKTzQ3j-mkROo0ozxTRlSeT9waSz_3tKmIsoLqyZoZL59llgjZBaH351JmxUIR1nRO9EPfHrcwrId_hdP2XGSwIq0UxUvaUSstwy9jONlWtrxPI9L2nOsEtEmPBtW-iVOG-6UExhOjl2BU8D0t4k7fpfMCr53OPzwUal_Yd-4lv0zIDx84ZhgSNq8O_SnuPA7ySeVC9XDcLb1LdmJ0hrVt9HOqfCYUWPONCmxrArz3EUcsDZ1dPR5mkdy3doBhb_ICd6Nw8VSVKMyBP_8fYF5qiLzgH078Ws9--OcrWY3ppzbjvzl4eGzG1BKUCpOetRnyy1rEw7gSLchIc08Dw7js3W7CoL913oxF4k27zc018W8ULyM648BN1YmHHVjMfNsdSejzaudc31GkF2WYMHYfu3wuCqOnarJwhxytBTfOD25Tp8GpMeHSU4I4uJkrwIKnihMkN3OAVBRilK6Xo-9VCCnSSYS3cIFhNYGmaoTJNlskA9rTh1cbWphmMlbDo7kemxdZL_dBE8ONXFP_ESX54vHa7K-eBzCu7_WBOqhvqahnRv5FXaKlKpPx3BXu8TIbalVZRlTRh1tSdLhlYzAS4Rf1Z06cmgoycRkDFBDRn75paqKX2O2Z3UAXh1hMumxuFbJFT3bwNQ5r9x4ft4lrHNU49e2RVgxotnxcXih1oKdz9ycQ1zAv3D0XCJfQGtXsaEr-FlDDRNlFcCagfLYFc05w0_R0CKvMfCPzEHoBWTwit5M2oDlb3MZU1ff2GpjT5FCtJTlTbwaQ8C3PrHKuaoNMpddu7ARdKIuB9RfgVf2ykLlArqcfO5ER7WeUbNPVUs5eqxlieMmTpKTsYpABuGgEzRxQszXWYdUlXICX1vFzE5bFzhKHd_Y4mEcOLKY2v1w7fVKk0TwqAlIPb3_VSegWd6nMVN2H74rOg0HbafcmQtWtj93IoMd3yGnoRir27m3w2CJsxXkkT3EupIQoho36aOCGfK8edMDbghSuvSaeyJ9RrEQDkLKNZnSAsq9mLO-n94ZI58PhCE22d-t2gLi6JKqxtqP06mOrassuCygQKgYX5v0ZZ1AUdA&cid=CAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Faofsoru.com%2F&ds=l&xdt=1&iif=1&cor=10444119199341324000&adk=4188270524&idt=79&cac=0&dtd=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 19:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 19:07:58 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzI1MjU2NzQ4MTkzNQogIHNlcnZlcl9pcDogMTQ2NTM0MDM4CiAgcHJvY2Vzc19pZDogMzEwNDYwNDgzNAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 08CE 0
507 B 98ms
75ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzI1MjU2NzQ4MTkzNQogIHNlcnZlcl9pcDogMTQ2NTM0MDM4CiAgcHJvY2Vzc19pZDogMzEwNDYwNDgzNAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMzMwNTkzMDMwODc4NDc1ODg2MgpkZWJ1Z19rZXk6IDExNTI1NTQxMDM0Mjk4ODQ1OTcKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAyLTA2IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIyNjMwNjIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjYzODMwMjEwMQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIxNzAwNwogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4yLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xcffa90c964f5d4f90000000000000000","13":"0x68953a3c78d082b30000000000000000","14":"0xb11d3aaf26331b250000000000000000","15":"0x9a76125cb6ddaa320000000000000000"},"debug_key":"1152554103429884597","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"13305930308784758862"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK b0ssnwblwmm3 Show response
hal9000.redintelligence.net/zone/ Frame 08CE 11 KB
4 KB 72ms
25ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/b0ssnwblwmm3?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq3oyVpvCZZ-FL46Kx_AP8OKh-A_M-YagaaOwx__3D_AuEAEg4sLrI2CRBMgBCakCsf4QW8UGsj6oAwHIA5sEqgT-AU_QtGLGW36QeLNvd0Q6OzzVQgJRbCMe_kdvPA9ORAMHrxzMJbVrjovOBCvdhjPff5ddrxGxop_bKInWbE27rvhUshowStygw1djd6tMB79MQSspfjDaIyebmREYN8KIBeoOwTXyyMuqZOIRKyBvSW4OXQwPm2NTFbuQD9YbiQ4_7LGX5FK37WQrdTvw-6YUJSf8bR-5NweyfgdHA9oGQtOzrFhjdRPr4ePgWjEOTMLpwGBA8DAW6JdWjVZ4YFDGKtiLuKgT85cCv66BMsVDrYwQVKO8WKmVpZceOgu66krmEth-HGMQ1dGHkQMZ6Ypnz80bAiEzMuGR9-UHFweZwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOliBpKG2y5eEA4AKAZgLAcgLAYAMAaoNAk5M4g0TCLfkobbLl4QDFQ7FEQgdcHEI_7AT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ%26sig%3DAOD64_0vN82JGZle9QxQqwXAj3dOHfZKbA%26client%3Dca-pub-3095732206138064%26dbm_c%3DAKAmf-A82361eEuejnCbv3WLsqdjxJw-yg9ZTv-YlvzUy9ZlSq79uWysMQUYB1LSpW6NUhemruvFKsO2v3j8AualnHZAyHbefMW1o6Z_o68T2u6Un72zVJ4pVD64cW602G8glj-nupur-MYV2VqrmkeSzJbQzO5ci8J1c67uVqXTvzQKT_MaM6U%26cry%3D1%26dbm_d%3DAKAmf-CrzrCc3V_HVbxzu4wuXmPdmbrzhVV017LhM_Z2n7pjSTlxMrGkYH8lVDVglJ0_1YoS0m7LtRlQREYxaVD3PonX-TfbY0aJg9LAacZhIRQ0EaHHtGRZK9Apf1XJC4qwVIwJnCYTIkklZuzDGZlLnDJF_6i3y8rFqXQf94ldZ0qu4UMfTHFr8zP3Xqz2916NGMhgN-DZ0tZlKFI5p6vcGKgxzUbNVXVQeQcjFUhWIAspQNXC7rp5BN56UaLKdSvNgmeMuDXse1TyuM98rVjnNVaDv9t0qaSzSsisk7J7HhL_uyRTzdIFE6YELwXXCSKSUD-F33huKIqVsG9aSEwEcp68eB3FPYyV8cJa7fNe8JfmdyiYvmkJ0f1M1rdVco0On9P6iU1mfX4N3oGVRYmnqKFsPN3kZgXoEkSCMP_q666q63MEMtznQVkXDxQ9WHlv9SLxbaxBnOsr0tJ2syAiNcsvC-s0jq6BXZZ1QmejaIDJMOE6rlvxZQLjljiJquPxdjZcUu1M4JAlou7N83uK8OCu3U8KXh-gtzHBwqyECI9poelQNPR_ERs9SFNPtoeYU8WUhAYi%26adurl%3D
Requested by: Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 Lutzingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: ce3e94594d80ef715956d31301894b296be36f57eae85312cbac2ee8327bb2d8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:49:27 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4194
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 98E9 41 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AmqfvSoDbUUmyaN2Zp_AN78HcBXp_wkmAUxRq0yZyckqz3J4wwh5y64tpOqa_eQDgn9fkGa88Q2xL6ZGUCq8ERbcu-T2ECIM4rQucfYK8inxhzaJqxBZ72ZT5YipA2GEhuEolfHc4MJ87Q4bR2Awx3WxYmE54Mt7kZoHyJxUj1a6hvAXM&cry=1&dbm_d=AKAmf-C5rF-4b3Ce2SscXYSxTxISQffbKGjEU3bX6tI7iDjbhnlEX6rDnjaytyBwg3t8rqPu5Au5C7UhWdLyjlk8WZ772BsynS50RGd2OhJ_2rHzW6PIVe7LMX98gNeQGMSijsaBbRNMMdm8PHzOZHe0Tk-4pQg4E8BuPKrryhA3gKVe4qI5PyTIVbSrw2WeUv9FMgsMZRAYdx9vDG3wIgBR1XNKT9IgzJ-8iXHv8hFbDBlp33_vSOBeiLFnhilbAWSlaqzjWYAGcDWKZQNxgTPXFoEMULTwvXUkVF1w-9REedSuOpe__LnY0e5qaI0Fq0LHjFxpZWoDKiSaNpKdhMkoIgpfrbnuVk5jSCAsBPtJwUS7aelpC9qLFWeW2wo59rJdimHR9PjtjW14Z0xkZN6kTzKga-aHf2UbREnWqlQRNDsYc_FaQD7jd9GnzmYgB4P-tDMzSFK4fWPbrCKX9RpnA3QeGzEZ2jKW-rvMUdL2l_vythrbxhhXDh5U5PzXEyCxOPuV4biEf_Zn77X5kw_szf7uBbmYp9BP9vs0R12nYs0n_BE7JCugt7n0pxCQvcrK-YA_cRFm4yqxOfLPP9cBO8n_KVcjk6C_MBOKO_gfXGAI2ZSyeJV--Me_QTMOqrj97spqmc6IuwhWrraypHuQr6nuvS7VeL_2_7zj_EDG1lnjAC6bKNhxwxTaPToH3IQhXBif-LXD_HRUpEmwfaszhL1ry7vF_7-sA7BLhgecOGDBgVPevfPEcuFpExDuXko4Iy9t27IF3i9t3YOykP5ptxBn-6N6N4dn8t4SPNCzX6Xp1iFNmM8TqTDfHxheeREaYkz1SXHeCOLotkgLqq85SKGRa3QI2O-oOFf3axsMRaZNCO0I1Nm4tvK29h4MEDa29auXQx1cVQL2mtWyxGF-Zr9LJd9ZPvopLpbjFR_wV3WrzSm_sNfK6ra5LrSDGIs7sbZWsGF6I3_rwQs7TwxfK1tFavims8bhu9zytb5dnXOQs4qVbqN-DiDACuv08QJEZ4wWrUA7YNj_4WswzOzzA5Shm8p-pxCTLPbJ5mSIIn15-iIjcSMZ2AjSx4rqIyasJQjNiGoOy02W95FO-YFXffzUc3rjxEvWRrDCWMi1-bxW0tcIvuXDFyZ5PZKtrjLozam5MOUQOogD_kO9W4NtStVZtEeqNeOyLRE99bNTcA1Y8VRldGGdRdv9xwijfOAV5QolKzLoNss9clySBNmp5dA7JkV4cBZeS5aEAxZoWQzGHrMjNHsjSF9hWpWNn-N0kQRqhX0QaI_SEekTd3ggecE0iqGDNdS8R_fvHTY7AvY8571uzusmAkdgeRsJhMk3E44d5h3Xaz-6Y9Obh5P06IM7db_e6JiLti2ZS71qhZBsLErAm-hgPnK1FCtLf93h9m9LtJ_wSqv9evkxBlFLpnOmjROK2DjbswBEuVIUPEIJJ9uRJhfYRrNSLTW_u4V0m7Ath_M85DMC6Nj5Ivl46OtvQSufPz3oH_dLH8RnNpmuafxB_Yt_jIiRqY50HIivdzqwgjdRNqXYL-tfCTV2bflT9BgzdzI__xo8gop48l-u0_gWlC0UHxAK2-gwy5X-wIsDKlWBk-bNJmzV3LPMdOtdjIMPVIxuCCX6cjtGWpgTBfIqo0qOFNqKikdPtkNlA5AGhgc3J0sijRtQ7GUh6dkQFW6QywU_CriDfd7szEYwUaDmW7tZx8C-YGFX55V5lWAnd3FfkmbM_Rip0L-7zLe4LEi4ddJz6jkGRVrH-Bsa-wrEbMs0syoufQZkv4cAhFN1duve-wS2S0bLDD8IEKqXgzFSAj-Noer3YaheN_NSC5bhtZ3gy1t-SxBe9s3IE4YtWQXqZxed-FRsBcq84CFQT0fnj1arY-QMc5TgeEuk8rQV0M0lRtu9RZxpDeflDQQbNOgkmzPTWZ7Gq3EeTSxatjLYM75_EbYzyo_kZGaefSoM9E6Th5SkKW_MBWRF2IyI_kHeBG1zixKzgkFvpUKludF3_NIQeZZo-nhCu8Kf27doVNtT5khuxeZUhk93zEPUIIUP_zZ1I7qq9TYMSiuYftFG_m0xCMHHIThCqiJ4c3B7tW5gVDdiNkuliGUj0dfLm6M1U3Qpk-nl9tChXUApHZlXM0lKZW_ktMEHvna_sTzl7WSElXBQAB-BE7mc3yxQq0bjLspw5mZcY7rgCEVgbswLQqDeoQhvfWPj_qMfBlTQuIz8A_-b-7-BKdy2F6Ac3iN7_PQZBHl30h8Ye5NFdxcDZcjUMj4h7Z3KcdBLmpTF4M1HaopfpV_C-e6E_YAp9SQlC8ndytx3A_RpVyfzymrFew78Xu6Qm5cdllBv92T80P_WOmgyapEhHccQNPv9EpSGj1bPPDdefctVl4odLw9Dzz7FsLFwi-3x17w_bdVGk24wkkxSZ0lPd4bUXCwXOnaxS9e-fWbpwY4CHz2TnZzJJy4khUimtoVgou2S3GSwwljkX2I6EIPhn0oK-9Zypbb8733l5vmdwOuiQAOSiSRZBcC8nVGr-Yr5WUkvIcxacmByxQ8MV-7u4TmSFD9n28EoHWQz0ainYr0Ra7SRJ_gOlgVKpgkfBToCIFuyRCnGVVLLzuvbbAxinr7KJrZQXVMD4fVS91CxS4Frgm3x1gy_4ndvR9E96C1Htq5peTnTwd8BqKdkGiYB87YlbzwiUpS56s1CmzphzrzC970N9IrbQIeKvJRrUo1EJ1YCzdKwmDv9bIEDCBZ-XRkCH2geOVEVfzqOyn1C5tQEd9Rcpt7yPeY_L3Je59jsjJJmRt2M1Z3L9R-PUpoZE0w4m4t6LuvoSUfepTE6zX4yOG_d7R0jSBD7Y6ifqlNNSyxZbbXg85TpHRpPJWVZ6XAv7DfV-vEh6sqGfSXC10EzkeB3Wr7YntjTCCOGrR1UC2ZOQnXix4w6MR2qip_jsVH7fnHwpMapYusUqvtX3NK-7HCYvn3kWfO7aQ7xFgnzxtMS_1R-_VgE-8e2-9pCLjSTN3FGNkiAd3i5LKapI1adD4GmXkC_xM02LjGocghfs3BsepUeYRfARnjHuPBDab2Yo2MnwxJY3hv3tjLwVgpTaVQ0X3jmP0ZOzabz5k7VKhZhfZatM0HzBtrpaOnSNU4OZd-UVpvpqkLPSad1XiDGy97WpyuG4TbRaGog24m1sXhRctH-1do3R0DEKTE75ZKXQyuYjbtWmvLbsTGPkKP4-h7RjRSWNHbVV6yc8XnLFNJ9Id5m1hVUEXIob3jzIA9t7AFTUV-w8N9RwSXAlqt3meIIfDNTHdnocrwavZ93yF2LYDW1q51IurYCoJCsYjMwwd0ljqFAn55HSg8v66Ze9OGWzP2hsQ-RfrFaS8gK4_GjCfQT-oO99BWwlPTQFG487BbHpur3L-7vCNLw63dd9yPsU03flCcXBzhEyhQFsOh6yUQLQgmafcK6BN-1kkLAj17P-3uFvcjO5cP1Hha1InmgptHkpMP67mVQiZ9j15-EoCyTA2pUsy_BTZPh2X3ePny8Haig5RaUObZp5oYx8azXw53V5iOkvyZJyivQcvpYDK96bblLE-v-zXpyzITqgRMN3XTxHyCukpuUe_8KEQiljoebplnekdnrhSgCDjNdZGmpjJ7iqIQnKvm-1RZIPBgEOJgJfYfKKN1QWB_9xUce5AeOlyPH1Vt_eTX5096DzEil-U3ues-Syh0_WtUbe9JMb3QPuZ7mIhJa7AGGPNF6Stl9ulqVfWXbn5qsOXJzq4DzIzimFuIe1uxX_xOfSFU1oYJ01gI9NVhMK5G-h5-3qPRD6dp9HOS3mMaNRbVtwRWn_W5KabRhdURu77HCuCspiYBxUUxhWmWqntiLAczY_Snj_6D15AFldZKbdswTQM7xlMbc6XiN6xYKHbTNb1lVIc_YPMRA4drWPzvwFZxg7L5q_JCx2l_JooeHNGuUWzbx_HwzXeE8OK38WqiXkYAQfLiQYYJqXcXaR9-MCckwLtC4fA&cid=CAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Faofsoru.com%2F&ds=l&xdt=1&iif=1&cor=13053782085508520000&adk=1033480540&idt=82&cac=0&dtd=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 19:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 19:07:58 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzI1MjU2NzQ4NDc5MwogIHNlcnZlcl9pcDogMTQ2NTMxNzAzCiAgcHJvY2Vzc19pZDogMzEzNzM1NDA5Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 98E9 0
507 B 77ms
56ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzI1MjU2NzQ4NDc5MwogIHNlcnZlcl9pcDogMTQ2NTMxNzAzCiAgcHJvY2Vzc19pZDogMzEzNzM1NDA5Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxNTU3NTk5NTcxNTU2NjEzNTA4NQpkZWJ1Z19rZXk6IDk2MDQ4NDE0OTM5OTQ4NjUzNQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDItMDYiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjI2MzU4MQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjM4MzAyMTAxCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjE5NDk3CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4xLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjIuY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xcffa90c964f5d4f90000000000000000","13":"0x68953a3c78d082b30000000000000000","14":"0xb11d3aaf26331b250000000000000000","15":"0xf0962aad1c610aee0000000000000000"},"debug_key":"960484149399486535","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"15575995715566135085"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK kqb6i1ypdv7u Show response
hal9000.redintelligence.net/zone/ Frame 98E9 11 KB
4 KB 75ms
25ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/kqb6i1ypdv7u?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2O06VpvCZZ6FL46Kx_AP8OKh-A_M-Yagaau0x__3D_AuEAEg4sLrI2CRBMgBCakCsf4QW8UGsj6oAwHIA5sEqgT_AU_Qt8i5qrgNz5SamLa5LUlzHGuVQhcH_uf51oF440-Tc2UsXmOVk7rwqIJnWBBwg2KVuhOjyPMzw_b5gcXRPVvMaHfzu032OPvVXnbQ0kxEDdwH5viCIjBsKqISm2jVFfQT8NZsHlk2BJgxyTgNMw5p2QcqrJJYtfTFg8IaWKBRpmn9gDkklMZV_iyD47hlUMDghKitskfRLGO-uZJEhPNvalKkHMBtJ68XbK7v4y0XZ-XlbC8wzrmidJRURzx6iDh7EJSfAQmego8dmMKfIyN03gDE71gQ2_5B87JkT46MqEfyDO48k9tVZmpwFapLn3EKIi-ymzMSgBXVhUNo6MAE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYgaShtsuXhAOACgGYCwHICwGADAGqDQJOTOINEwi25KG2y5eEAxUOxREIHXBxCP-wE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ%26sig%3DAOD64_2u8C21gXHTWa1a51vr2biQkmh40A%26client%3Dca-pub-3095732206138064%26dbm_c%3DAKAmf-BPC3fg73kpP3W6kYQuiV29GUO_WOOX47QYFrrUsOkJbo0dEUyP8UVhtjJ-k273hen0CjHUEJZwtDya-93VcRxFkDd9f6HqqT4b4sqPXilK_hjZCbKKBgxs5OIGG7KEKRmDzpJnstGEC80MoHNZBg8m-ta9GhiT0fbOc39UprCscmH_mno%26cry%3D1%26dbm_d%3DAKAmf-CeV-Fe7zuNSV9EwoQUVXIpMut8D0SjTAW7eHp-unR0ZgRhz5hrK-k-gob5TGuhHhQamwssxJXPFasWFFCE-HwMYR0OJFA9uCuwLkfcoYu-S3Ua1_bypvHmumbqNuwvriCSoOgsj0lU0-9qJyeAqVR9O7ZDd5ajSZDbYm5XkuFufhLG1L6rXmOaQ9yMl0nOQsschtzAcxSzo_YfkyC1WmHaNPHfaOkcb8Ox710gvyTxKLnqAOT6T6_gWGe8krE2N1qzO1307v9vBPPbHsknnZuO3Qm-fW5VOdY2u4ux56QctP0L2mqizgX7iXhgmyFUZJnny0nuMEGyK1WTT3kFIakN7BLyAESs7OaKlySW5NiQwN8iD8hM3E4ydzHHXVImIukdJfhGkFaJuUZr3RnneOsrTIDByjZ4DUr5BmfTuVUg1QOmKUiql3A7I_LZ-NRHGShoRQuM-RSQnYHDkl3ANq4Qsr7SjFWptabTDyfAF4PJlVaYx-a2GQ44m-ORUGOGSV-Kh8BGmkvKGkfIYO7LUwxrvWA5-_sShESa57v7pKBZAo8M0aw7ykBExSA05CsQ1QNX3ICs%26adurl%3D
Requested by: Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 Lutzingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 2988755d1213f24c098a76431424715b078466e204da327af978360b0a588258

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:49:27 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4203
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 009F 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 6069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 19:08:18 GMT
expires: Wed, 05 Feb 2025 19:08:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A2A 50 KB
19 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:33:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19644
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 16:33:02 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9F3F 38 KB
13 KB 21ms
21ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 6069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 19:08:18 GMT
expires: Wed, 05 Feb 2025 19:08:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame CC5B 38 KB
13 KB 24ms
23ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 6069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 19:08:18 GMT
expires: Wed, 05 Feb 2025 19:08:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 009F 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 15:35:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 15:35:13 GMT

GET
H/1.1

200
OK

request.php Show response
hal900030.redintelligence.net/ Frame FFA5
Redirect Chain

https://hal900030.redintelligence.net/request.php?zone=b0ssnwblwmm3&nw=20&renderingType=javascript&namespace=48b7513072&subid=&uid=5b9f542009354d5e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900030.redintelligence.net/request.php?zone=b0ssnwblwmm3&nw=20&renderingType=javascript&namespace=48b7513072&subid=&uid=5b9f542009354d5e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

145ms
99ms

Script
application/x-javascript

136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/request.php?zone=b0ssnwblwmm3&nw=20&renderingType=javascript&namespace=48b7513072&subid=&uid=5b9f542009354d5e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKN2VVpvCZZuFL46Kx_AP8OKh-A_M-YagaaOwx__3D_AuEAEg4sLrI2CRBMgBCakCsf4QW8UGsj6oAwHIA5sEqgT7AU_QmiN27rGZQjLvvTd0bBJHtcyBojz8HjsX7fPj8D00Hd3fMAIEGYPanGpKpo2My9SiHP5Pe56W6tHVniDT3C7DK8Eag7GnukbCi-PMnEApkGE5iUwCiU9asshYNSRfktzz0akGxk67xugLQKCabbmsq2VvZVTqjMBwSCcj2pCJR-kC3C5itpeJRem9N-w5ZkBCjbJ8r-cj_21InKF_kY3uG1Nf3BsJmE8qaIungsrQS0unIkn3cygrDZmPbWGSILPAr6XoitWRuBUIGW8uNvGn_t9ynPlAXWnV93Yp4wl0bVlT_MsKP4ZyV-eV9SOQ_CNYoU10TXlqd7GgwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOliBpKG2y5eEA4AKAZgLAcgLAYAMAaoNAk5M4g0TCLTkobbLl4QDFQ7FEQgdcHEI_7AT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ%26sig%3DAOD64_20k7e01TrZ1lft7Mj8olsK1ti4Xw%26client%3Dca-pub-3095732206138064%26dbm_c%3DAKAmf-D2nOSPoR3fIPcCich_TE1S5pPfMRw1qBlvNkH3cn7Z5ounNABDUuuni_ySrMgy1IJqipWzQOskjYbgcSdliZb343oJCE9_VkiBoPU2y16PS6q1WlAUsZuVj4ptupM1gV_IZFiPWA6cX-CJ2YaNTNXgeiDrHIfhRyJnysW2mq2y4muZP0w%26cry%3D1%26dbm_d%3DAKAmf-DrstXMciEcO4JMM_HCBSq-qQu1EMB_Y-upGcGdIVZRt41P3DebLKfJ1am4qSLWCzjaDW6nMc1ir4dkn5p1vXdA8l5FDsyBJZ9zXGlJZD5y-u9q5pKsRAtAsEnh_WMl96a0uTIrqiBNU55ak_cJdg9lwIdchiN-unbfzQy_eQcUdMyKeGQu9wLOPpzu3KXn6YKZC7sZ2gZNugVZpJGgfJb9f-NHZXvRg6IyaWJyUGFhl6kCRis_-VcSr2q9Lv9YyWD6aKqX5N_TsvQ0GkriV4jvZREATsfSdUhPU2rnXUKsgmZYYBQcmRgly7Fd81GdDfGHOvr0ohxiDKk5F43Y42JbhjcMiFQotGaVvxVFJSM1ivi3vupyosb_f2vf0vaeq8mnKFOITRmf-bYWai2cX2ie0tFmR1ugKfWeuBCrN6KcYVLHci8-YTJELrwb5FTLvGjGo9b6ijZao9aVz1IE_Pf-LY6jns1La6IvnNcPP8xiQP8syKXRNbfiS4QwB9Te8mbv5CAuNkIIaXd68jEQOhdoMbgS8FCKO1_2MVtvmqEtMx8DWIscRJKm_UXaOvVg-eHAASWN%26adurl%3D&documentReferer=https%3A%2F%2Faofsoru.com%2F&ancestorOrigins=https%3A%2F%2Faofsoru.com&random=2589323501415&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 136.243.149.243 Kronberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: ebcf6399318e6b6951676429bbeeb5130e9edbfb2c3fe352e86d4078ba43a8fc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:49:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 88334800254848204444476012592030
Connection: close
Content-Length: 894
Expires: Tue, 06 Feb 2024 20:49:27 +0100

Redirect headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:49:27 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=b0ssnwblwmm3&nw=20&renderingType=javascript&namespace=48b7513072&subid=&uid=5b9f542009354d5e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKN2VVpvCZZuFL46Kx_AP8OKh-A_M-YagaaOwx__3D_AuEAEg4sLrI2CRBMgBCakCsf4QW8UGsj6oAwHIA5sEqgT7AU_QmiN27rGZQjLvvTd0bBJHtcyBojz8HjsX7fPj8D00Hd3fMAIEGYPanGpKpo2My9SiHP5Pe56W6tHVniDT3C7DK8Eag7GnukbCi-PMnEApkGE5iUwCiU9asshYNSRfktzz0akGxk67xugLQKCabbmsq2VvZVTqjMBwSCcj2pCJR-kC3C5itpeJRem9N-w5ZkBCjbJ8r-cj_21InKF_kY3uG1Nf3BsJmE8qaIungsrQS0unIkn3cygrDZmPbWGSILPAr6XoitWRuBUIGW8uNvGn_t9ynPlAXWnV93Yp4wl0bVlT_MsKP4ZyV-eV9SOQ_CNYoU10TXlqd7GgwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOliBpKG2y5eEA4AKAZgLAcgLAYAMAaoNAk5M4g0TCLTkobbLl4QDFQ7FEQgdcHEI_7AT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ%26sig%3DAOD64_20k7e01TrZ1lft7Mj8olsK1ti4Xw%26client%3Dca-pub-3095732206138064%26dbm_c%3DAKAmf-D2nOSPoR3fIPcCich_TE1S5pPfMRw1qBlvNkH3cn7Z5ounNABDUuuni_ySrMgy1IJqipWzQOskjYbgcSdliZb343oJCE9_VkiBoPU2y16PS6q1WlAUsZuVj4ptupM1gV_IZFiPWA6cX-CJ2YaNTNXgeiDrHIfhRyJnysW2mq2y4muZP0w%26cry%3D1%26dbm_d%3DAKAmf-DrstXMciEcO4JMM_HCBSq-qQu1EMB_Y-upGcGdIVZRt41P3DebLKfJ1am4qSLWCzjaDW6nMc1ir4dkn5p1vXdA8l5FDsyBJZ9zXGlJZD5y-u9q5pKsRAtAsEnh_WMl96a0uTIrqiBNU55ak_cJdg9lwIdchiN-unbfzQy_eQcUdMyKeGQu9wLOPpzu3KXn6YKZC7sZ2gZNugVZpJGgfJb9f-NHZXvRg6IyaWJyUGFhl6kCRis_-VcSr2q9Lv9YyWD6aKqX5N_TsvQ0GkriV4jvZREATsfSdUhPU2rnXUKsgmZYYBQcmRgly7Fd81GdDfGHOvr0ohxiDKk5F43Y42JbhjcMiFQotGaVvxVFJSM1ivi3vupyosb_f2vf0vaeq8mnKFOITRmf-bYWai2cX2ie0tFmR1ugKfWeuBCrN6KcYVLHci8-YTJELrwb5FTLvGjGo9b6ijZao9aVz1IE_Pf-LY6jns1La6IvnNcPP8xiQP8syKXRNbfiS4QwB9Te8mbv5CAuNkIIaXd68jEQOhdoMbgS8FCKO1_2MVtvmqEtMx8DWIscRJKm_UXaOvVg-eHAASWN%26adurl%3D&documentReferer=https%3A%2F%2Faofsoru.com%2F&ancestorOrigins=https%3A%2F%2Faofsoru.com&random=2589323501415&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Tue, 06 Feb 2024 20:49:27 +0100

GET
H/1.1

200
OK

request.php Show response
hal90007.redintelligence.net/ Frame 6694
Redirect Chain

https://hal90007.redintelligence.net/request.php?zone=b1ecwdixnimz&nw=20&renderingType=javascript&namespace=b355b1ea67&subid=&uid=5bbb8cf52d506a2c&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90007.redintelligence.net/request.php?zone=b1ecwdixnimz&nw=20&renderingType=javascript&namespace=b355b1ea67&subid=&uid=5bbb8cf52d506a2c&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

2 KB
1 KB

153ms
103ms

Script
application/x-javascript

138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request.php?zone=b1ecwdixnimz&nw=20&renderingType=javascript&namespace=b355b1ea67&subid=&uid=5bbb8cf52d506a2c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPgh5VpvCZZ2FL46Kx_AP8OKh-A_M-YagadO0x__3D_AuEAEg4sLrI2CRBMgBCakCsf4QW8UGsj6oAwHIA5sEqgT_AU_Qun8QFoWHukjHiFjIGfhn04uDVE4V8j10sDfv2BmNkI3KJxP8JZCm2TFbwXjPqPoaV5ERaQZZ9fcsfFRh-66S43YNwNVeO98ZDRguv3ZSpoqrGlRKGJ6iIw2dza5vNElgVnhmjnZMPdC6GCQpE1SqagsHcYe3mjrb1WjxKMlo4lu92VUEw1pobAUGfQQAaK48H8xnJKLYaegFmcahnxJkvkpXmJzPdMT-fDz_vJNCv5h9brA7c1evIHBc9oz7aS6U0AykC4DbPIiAplta0xw0g2vfC5k-u58m9bHmBAMIXDJxV1rQadN1L5g6nVhIBmyXwnMQOZsyBcjO8dLcGcAE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYgaShtsuXhAOACgGYCwHICwGADAGqDQJOTOINEwi15KG2y5eEAxUOxREIHXBxCP-wE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ%26sig%3DAOD64_2LIX01Sr322VZiKmy19xjQcJT1sw%26client%3Dca-pub-3095732206138064%26dbm_c%3DAKAmf-B05F--bjC0Vh2kR432ITnFNB9KvhyA_P_EfrHYAUT5lo9eZ9W3A7JB7xFn_mTw83GeurtAu5q1M9lXpojFa3fw0NsCwvLPaC1b8T0iMiz-yuCratPS-aeDH_1YQxrbFMP9B6CBkm6v3mx6BeymW8zcc0WdSK2j5vh-lnIuZAYHKdRwLJA%26cry%3D1%26dbm_d%3DAKAmf-A7QFnjRKNjH1Hz2FjFeEhUtqUeQGQWoaRAj8P8lGZgy6bYDkJR1OGc_57SOBbosL8w-WlkWJ0NXn7B9UudLR6rRLcWxWumh6tt-FHLYEKMkngjDlX9QFfpE7tKEnjZPf89Owx6udx0euO0zt4mxOqWDlHGr9pY82Ms0pz6SbSzbRd6AYp6txpSc0zn-qWKX10mYrb2AWoUbxpSIrYYP7-dj8NB5MYEpsjW8e4zCpe0XYngoie8fJXH4iabKTyX34bgl__OYjCCtCclVSJad6YlKiCOmP-L33gbHzip7W_pSevVVQDrqMdff7avltnhuj9nrhVxJO2GXPcoSfJcHlI-CJq88WkGNl5rywCYrpPBDABjmDMp6iZOcAVowrBAK8yxsV80X6oRqMtfWcloVTfW4tfAuJMmDzTMboR0rN_jdu_ZZCxn5k60qfc8UNIKadVaNTa5kILlrfmuJm4mDXOm2EgPd1DpaQtiAFAl35d_RedfW5bnWeObWZPNej7Nf6y22g5zJWXaatsavS4ti29HGMhhlnkq8hBoPq0Vm8EBYvsoarnQj2V5gzRvqoftnuC35QZO%26adurl%3D&documentReferer=https%3A%2F%2Faofsoru.com%2F&ancestorOrigins=https%3A%2F%2Faofsoru.com&random=2023948226353&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 7759dc36149866fca6e91d13efbb092de004cd3fe1b8c2a719dcdb5e1c1d99b9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:49:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 70831800236824404444460012592007
Connection: close
Content-Length: 893
Expires: Tue, 06 Feb 2024 20:49:27 +0100

Redirect headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:49:27 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=b1ecwdixnimz&nw=20&renderingType=javascript&namespace=b355b1ea67&subid=&uid=5bbb8cf52d506a2c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPgh5VpvCZZ2FL46Kx_AP8OKh-A_M-YagadO0x__3D_AuEAEg4sLrI2CRBMgBCakCsf4QW8UGsj6oAwHIA5sEqgT_AU_Qun8QFoWHukjHiFjIGfhn04uDVE4V8j10sDfv2BmNkI3KJxP8JZCm2TFbwXjPqPoaV5ERaQZZ9fcsfFRh-66S43YNwNVeO98ZDRguv3ZSpoqrGlRKGJ6iIw2dza5vNElgVnhmjnZMPdC6GCQpE1SqagsHcYe3mjrb1WjxKMlo4lu92VUEw1pobAUGfQQAaK48H8xnJKLYaegFmcahnxJkvkpXmJzPdMT-fDz_vJNCv5h9brA7c1evIHBc9oz7aS6U0AykC4DbPIiAplta0xw0g2vfC5k-u58m9bHmBAMIXDJxV1rQadN1L5g6nVhIBmyXwnMQOZsyBcjO8dLcGcAE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYgaShtsuXhAOACgGYCwHICwGADAGqDQJOTOINEwi15KG2y5eEAxUOxREIHXBxCP-wE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ%26sig%3DAOD64_2LIX01Sr322VZiKmy19xjQcJT1sw%26client%3Dca-pub-3095732206138064%26dbm_c%3DAKAmf-B05F--bjC0Vh2kR432ITnFNB9KvhyA_P_EfrHYAUT5lo9eZ9W3A7JB7xFn_mTw83GeurtAu5q1M9lXpojFa3fw0NsCwvLPaC1b8T0iMiz-yuCratPS-aeDH_1YQxrbFMP9B6CBkm6v3mx6BeymW8zcc0WdSK2j5vh-lnIuZAYHKdRwLJA%26cry%3D1%26dbm_d%3DAKAmf-A7QFnjRKNjH1Hz2FjFeEhUtqUeQGQWoaRAj8P8lGZgy6bYDkJR1OGc_57SOBbosL8w-WlkWJ0NXn7B9UudLR6rRLcWxWumh6tt-FHLYEKMkngjDlX9QFfpE7tKEnjZPf89Owx6udx0euO0zt4mxOqWDlHGr9pY82Ms0pz6SbSzbRd6AYp6txpSc0zn-qWKX10mYrb2AWoUbxpSIrYYP7-dj8NB5MYEpsjW8e4zCpe0XYngoie8fJXH4iabKTyX34bgl__OYjCCtCclVSJad6YlKiCOmP-L33gbHzip7W_pSevVVQDrqMdff7avltnhuj9nrhVxJO2GXPcoSfJcHlI-CJq88WkGNl5rywCYrpPBDABjmDMp6iZOcAVowrBAK8yxsV80X6oRqMtfWcloVTfW4tfAuJMmDzTMboR0rN_jdu_ZZCxn5k60qfc8UNIKadVaNTa5kILlrfmuJm4mDXOm2EgPd1DpaQtiAFAl35d_RedfW5bnWeObWZPNej7Nf6y22g5zJWXaatsavS4ti29HGMhhlnkq8hBoPq0Vm8EBYvsoarnQj2V5gzRvqoftnuC35QZO%26adurl%3D&documentReferer=https%3A%2F%2Faofsoru.com%2F&ancestorOrigins=https%3A%2F%2Faofsoru.com&random=2023948226353&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Tue, 06 Feb 2024 20:49:27 +0100

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 9F3F 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 15:35:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 15:35:13 GMT

GET
H/1.1

200
OK

request.php Show response
hal900027.redintelligence.net/ Frame 08CE
Redirect Chain

https://hal900027.redintelligence.net/request.php?zone=b0ssnwblwmm3&nw=20&renderingType=javascript&namespace=b4d60c019c&subid=&uid=cce150ebc19e315f&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900027.redintelligence.net/request.php?zone=b0ssnwblwmm3&nw=20&renderingType=javascript&namespace=b4d60c019c&subid=&uid=cce150ebc19e315f&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

132ms
86ms

Script
application/x-javascript

78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/request.php?zone=b0ssnwblwmm3&nw=20&renderingType=javascript&namespace=b4d60c019c&subid=&uid=cce150ebc19e315f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq3oyVpvCZZ-FL46Kx_AP8OKh-A_M-YagaaOwx__3D_AuEAEg4sLrI2CRBMgBCakCsf4QW8UGsj6oAwHIA5sEqgT-AU_QtGLGW36QeLNvd0Q6OzzVQgJRbCMe_kdvPA9ORAMHrxzMJbVrjovOBCvdhjPff5ddrxGxop_bKInWbE27rvhUshowStygw1djd6tMB79MQSspfjDaIyebmREYN8KIBeoOwTXyyMuqZOIRKyBvSW4OXQwPm2NTFbuQD9YbiQ4_7LGX5FK37WQrdTvw-6YUJSf8bR-5NweyfgdHA9oGQtOzrFhjdRPr4ePgWjEOTMLpwGBA8DAW6JdWjVZ4YFDGKtiLuKgT85cCv66BMsVDrYwQVKO8WKmVpZceOgu66krmEth-HGMQ1dGHkQMZ6Ypnz80bAiEzMuGR9-UHFweZwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOliBpKG2y5eEA4AKAZgLAcgLAYAMAaoNAk5M4g0TCLfkobbLl4QDFQ7FEQgdcHEI_7AT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ%26sig%3DAOD64_0vN82JGZle9QxQqwXAj3dOHfZKbA%26client%3Dca-pub-3095732206138064%26dbm_c%3DAKAmf-A82361eEuejnCbv3WLsqdjxJw-yg9ZTv-YlvzUy9ZlSq79uWysMQUYB1LSpW6NUhemruvFKsO2v3j8AualnHZAyHbefMW1o6Z_o68T2u6Un72zVJ4pVD64cW602G8glj-nupur-MYV2VqrmkeSzJbQzO5ci8J1c67uVqXTvzQKT_MaM6U%26cry%3D1%26dbm_d%3DAKAmf-CrzrCc3V_HVbxzu4wuXmPdmbrzhVV017LhM_Z2n7pjSTlxMrGkYH8lVDVglJ0_1YoS0m7LtRlQREYxaVD3PonX-TfbY0aJg9LAacZhIRQ0EaHHtGRZK9Apf1XJC4qwVIwJnCYTIkklZuzDGZlLnDJF_6i3y8rFqXQf94ldZ0qu4UMfTHFr8zP3Xqz2916NGMhgN-DZ0tZlKFI5p6vcGKgxzUbNVXVQeQcjFUhWIAspQNXC7rp5BN56UaLKdSvNgmeMuDXse1TyuM98rVjnNVaDv9t0qaSzSsisk7J7HhL_uyRTzdIFE6YELwXXCSKSUD-F33huKIqVsG9aSEwEcp68eB3FPYyV8cJa7fNe8JfmdyiYvmkJ0f1M1rdVco0On9P6iU1mfX4N3oGVRYmnqKFsPN3kZgXoEkSCMP_q666q63MEMtznQVkXDxQ9WHlv9SLxbaxBnOsr0tJ2syAiNcsvC-s0jq6BXZZ1QmejaIDJMOE6rlvxZQLjljiJquPxdjZcUu1M4JAlou7N83uK8OCu3U8KXh-gtzHBwqyECI9poelQNPR_ERs9SFNPtoeYU8WUhAYi%26adurl%3D&documentReferer=https%3A%2F%2Faofsoru.com%2F&ancestorOrigins=https%3A%2F%2Faofsoru.com&random=8265929763159&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 376ddde4c8168cd65ea992441bc4a2c7a47e6ec640d58f8a8e43f5228cd6b88a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:49:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 29571500210757904444476012592027
Connection: close
Content-Length: 891
Expires: Tue, 06 Feb 2024 20:49:27 +0100

Redirect headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:49:27 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=b0ssnwblwmm3&nw=20&renderingType=javascript&namespace=b4d60c019c&subid=&uid=cce150ebc19e315f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq3oyVpvCZZ-FL46Kx_AP8OKh-A_M-YagaaOwx__3D_AuEAEg4sLrI2CRBMgBCakCsf4QW8UGsj6oAwHIA5sEqgT-AU_QtGLGW36QeLNvd0Q6OzzVQgJRbCMe_kdvPA9ORAMHrxzMJbVrjovOBCvdhjPff5ddrxGxop_bKInWbE27rvhUshowStygw1djd6tMB79MQSspfjDaIyebmREYN8KIBeoOwTXyyMuqZOIRKyBvSW4OXQwPm2NTFbuQD9YbiQ4_7LGX5FK37WQrdTvw-6YUJSf8bR-5NweyfgdHA9oGQtOzrFhjdRPr4ePgWjEOTMLpwGBA8DAW6JdWjVZ4YFDGKtiLuKgT85cCv66BMsVDrYwQVKO8WKmVpZceOgu66krmEth-HGMQ1dGHkQMZ6Ypnz80bAiEzMuGR9-UHFweZwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOliBpKG2y5eEA4AKAZgLAcgLAYAMAaoNAk5M4g0TCLfkobbLl4QDFQ7FEQgdcHEI_7AT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ%26sig%3DAOD64_0vN82JGZle9QxQqwXAj3dOHfZKbA%26client%3Dca-pub-3095732206138064%26dbm_c%3DAKAmf-A82361eEuejnCbv3WLsqdjxJw-yg9ZTv-YlvzUy9ZlSq79uWysMQUYB1LSpW6NUhemruvFKsO2v3j8AualnHZAyHbefMW1o6Z_o68T2u6Un72zVJ4pVD64cW602G8glj-nupur-MYV2VqrmkeSzJbQzO5ci8J1c67uVqXTvzQKT_MaM6U%26cry%3D1%26dbm_d%3DAKAmf-CrzrCc3V_HVbxzu4wuXmPdmbrzhVV017LhM_Z2n7pjSTlxMrGkYH8lVDVglJ0_1YoS0m7LtRlQREYxaVD3PonX-TfbY0aJg9LAacZhIRQ0EaHHtGRZK9Apf1XJC4qwVIwJnCYTIkklZuzDGZlLnDJF_6i3y8rFqXQf94ldZ0qu4UMfTHFr8zP3Xqz2916NGMhgN-DZ0tZlKFI5p6vcGKgxzUbNVXVQeQcjFUhWIAspQNXC7rp5BN56UaLKdSvNgmeMuDXse1TyuM98rVjnNVaDv9t0qaSzSsisk7J7HhL_uyRTzdIFE6YELwXXCSKSUD-F33huKIqVsG9aSEwEcp68eB3FPYyV8cJa7fNe8JfmdyiYvmkJ0f1M1rdVco0On9P6iU1mfX4N3oGVRYmnqKFsPN3kZgXoEkSCMP_q666q63MEMtznQVkXDxQ9WHlv9SLxbaxBnOsr0tJ2syAiNcsvC-s0jq6BXZZ1QmejaIDJMOE6rlvxZQLjljiJquPxdjZcUu1M4JAlou7N83uK8OCu3U8KXh-gtzHBwqyECI9poelQNPR_ERs9SFNPtoeYU8WUhAYi%26adurl%3D&documentReferer=https%3A%2F%2Faofsoru.com%2F&ancestorOrigins=https%3A%2F%2Faofsoru.com&random=8265929763159&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Tue, 06 Feb 2024 20:49:27 +0100

GET
H/1.1

200
OK

request.php Show response
hal900018.redintelligence.net/ Frame 98E9
Redirect Chain

https://hal900018.redintelligence.net/request.php?zone=kqb6i1ypdv7u&nw=20&renderingType=javascript&namespace=0395271650&subid=&uid=925a9cc6b5199e0a&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900018.redintelligence.net/request.php?zone=kqb6i1ypdv7u&nw=20&renderingType=javascript&namespace=0395271650&subid=&uid=925a9cc6b5199e0a&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
938 B

139ms
92ms

Script
application/x-javascript

144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/request.php?zone=kqb6i1ypdv7u&nw=20&renderingType=javascript&namespace=0395271650&subid=&uid=925a9cc6b5199e0a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2O06VpvCZZ6FL46Kx_AP8OKh-A_M-Yagaau0x__3D_AuEAEg4sLrI2CRBMgBCakCsf4QW8UGsj6oAwHIA5sEqgT_AU_Qt8i5qrgNz5SamLa5LUlzHGuVQhcH_uf51oF440-Tc2UsXmOVk7rwqIJnWBBwg2KVuhOjyPMzw_b5gcXRPVvMaHfzu032OPvVXnbQ0kxEDdwH5viCIjBsKqISm2jVFfQT8NZsHlk2BJgxyTgNMw5p2QcqrJJYtfTFg8IaWKBRpmn9gDkklMZV_iyD47hlUMDghKitskfRLGO-uZJEhPNvalKkHMBtJ68XbK7v4y0XZ-XlbC8wzrmidJRURzx6iDh7EJSfAQmego8dmMKfIyN03gDE71gQ2_5B87JkT46MqEfyDO48k9tVZmpwFapLn3EKIi-ymzMSgBXVhUNo6MAE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYgaShtsuXhAOACgGYCwHICwGADAGqDQJOTOINEwi25KG2y5eEAxUOxREIHXBxCP-wE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ%26sig%3DAOD64_2u8C21gXHTWa1a51vr2biQkmh40A%26client%3Dca-pub-3095732206138064%26dbm_c%3DAKAmf-BPC3fg73kpP3W6kYQuiV29GUO_WOOX47QYFrrUsOkJbo0dEUyP8UVhtjJ-k273hen0CjHUEJZwtDya-93VcRxFkDd9f6HqqT4b4sqPXilK_hjZCbKKBgxs5OIGG7KEKRmDzpJnstGEC80MoHNZBg8m-ta9GhiT0fbOc39UprCscmH_mno%26cry%3D1%26dbm_d%3DAKAmf-CeV-Fe7zuNSV9EwoQUVXIpMut8D0SjTAW7eHp-unR0ZgRhz5hrK-k-gob5TGuhHhQamwssxJXPFasWFFCE-HwMYR0OJFA9uCuwLkfcoYu-S3Ua1_bypvHmumbqNuwvriCSoOgsj0lU0-9qJyeAqVR9O7ZDd5ajSZDbYm5XkuFufhLG1L6rXmOaQ9yMl0nOQsschtzAcxSzo_YfkyC1WmHaNPHfaOkcb8Ox710gvyTxKLnqAOT6T6_gWGe8krE2N1qzO1307v9vBPPbHsknnZuO3Qm-fW5VOdY2u4ux56QctP0L2mqizgX7iXhgmyFUZJnny0nuMEGyK1WTT3kFIakN7BLyAESs7OaKlySW5NiQwN8iD8hM3E4ydzHHXVImIukdJfhGkFaJuUZr3RnneOsrTIDByjZ4DUr5BmfTuVUg1QOmKUiql3A7I_LZ-NRHGShoRQuM-RSQnYHDkl3ANq4Qsr7SjFWptabTDyfAF4PJlVaYx-a2GQ44m-ORUGOGSV-Kh8BGmkvKGkfIYO7LUwxrvWA5-_sShESa57v7pKBZAo8M0aw7ykBExSA05CsQ1QNX3ICs%26adurl%3D&documentReferer=https%3A%2F%2Faofsoru.com%2F&ancestorOrigins=https%3A%2F%2Faofsoru.com&random=6267765803135&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 144.76.91.199 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 6bdf80942a2e51657caf0b0b479a6dfe055b566497cc9a6209ab1895d01115c2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:49:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 61877200214916704444474012592018
Connection: close
Content-Length: 332
Expires: Tue, 06 Feb 2024 20:49:27 +0100

Redirect headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:49:27 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=kqb6i1ypdv7u&nw=20&renderingType=javascript&namespace=0395271650&subid=&uid=925a9cc6b5199e0a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2O06VpvCZZ6FL46Kx_AP8OKh-A_M-Yagaau0x__3D_AuEAEg4sLrI2CRBMgBCakCsf4QW8UGsj6oAwHIA5sEqgT_AU_Qt8i5qrgNz5SamLa5LUlzHGuVQhcH_uf51oF440-Tc2UsXmOVk7rwqIJnWBBwg2KVuhOjyPMzw_b5gcXRPVvMaHfzu032OPvVXnbQ0kxEDdwH5viCIjBsKqISm2jVFfQT8NZsHlk2BJgxyTgNMw5p2QcqrJJYtfTFg8IaWKBRpmn9gDkklMZV_iyD47hlUMDghKitskfRLGO-uZJEhPNvalKkHMBtJ68XbK7v4y0XZ-XlbC8wzrmidJRURzx6iDh7EJSfAQmego8dmMKfIyN03gDE71gQ2_5B87JkT46MqEfyDO48k9tVZmpwFapLn3EKIi-ymzMSgBXVhUNo6MAE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYgaShtsuXhAOACgGYCwHICwGADAGqDQJOTOINEwi25KG2y5eEAxUOxREIHXBxCP-wE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ%26sig%3DAOD64_2u8C21gXHTWa1a51vr2biQkmh40A%26client%3Dca-pub-3095732206138064%26dbm_c%3DAKAmf-BPC3fg73kpP3W6kYQuiV29GUO_WOOX47QYFrrUsOkJbo0dEUyP8UVhtjJ-k273hen0CjHUEJZwtDya-93VcRxFkDd9f6HqqT4b4sqPXilK_hjZCbKKBgxs5OIGG7KEKRmDzpJnstGEC80MoHNZBg8m-ta9GhiT0fbOc39UprCscmH_mno%26cry%3D1%26dbm_d%3DAKAmf-CeV-Fe7zuNSV9EwoQUVXIpMut8D0SjTAW7eHp-unR0ZgRhz5hrK-k-gob5TGuhHhQamwssxJXPFasWFFCE-HwMYR0OJFA9uCuwLkfcoYu-S3Ua1_bypvHmumbqNuwvriCSoOgsj0lU0-9qJyeAqVR9O7ZDd5ajSZDbYm5XkuFufhLG1L6rXmOaQ9yMl0nOQsschtzAcxSzo_YfkyC1WmHaNPHfaOkcb8Ox710gvyTxKLnqAOT6T6_gWGe8krE2N1qzO1307v9vBPPbHsknnZuO3Qm-fW5VOdY2u4ux56QctP0L2mqizgX7iXhgmyFUZJnny0nuMEGyK1WTT3kFIakN7BLyAESs7OaKlySW5NiQwN8iD8hM3E4ydzHHXVImIukdJfhGkFaJuUZr3RnneOsrTIDByjZ4DUr5BmfTuVUg1QOmKUiql3A7I_LZ-NRHGShoRQuM-RSQnYHDkl3ANq4Qsr7SjFWptabTDyfAF4PJlVaYx-a2GQ44m-ORUGOGSV-Kh8BGmkvKGkfIYO7LUwxrvWA5-_sShESa57v7pKBZAo8M0aw7ykBExSA05CsQ1QNX3ICs%26adurl%3D&documentReferer=https%3A%2F%2Faofsoru.com%2F&ancestorOrigins=https%3A%2F%2Faofsoru.com&random=6267765803135&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Tue, 06 Feb 2024 20:49:27 +0100

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame CC5B 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 15:35:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 15:35:13 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A2A 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BMZr0V5vCZbjZG7ar9u8P0sumgAgAAAAAOAHgBAI&bg=!9fal9rnNAAZVxkGXdcY7ADQBe5WfOI0CrXZgTyxriez886sgHmV9X2dV1QkYRbXjg8sCx8Vd6e6ZA1CApWKBSErWISSmAgAAAGVSAAAAAmgBBwoAYp6xsAjx2_5M0AzKPgtUryQYAPbxE2IU6xi2kn6C88o3pjcjsuloEgCrvy48reqolx-OZ8pKSWEwVd8EoOnAcwF6sa-YBTbpgj4kGcUNGShoeo3kDB9frhmVRoYVo0OhckQImQMUvRGZWlEmg-ByMzXe-sKCN73DCtFPxs1jk3MOYM-8JH1IGnr0vSdTdCJoS-YBb0F6H4dlzabRE_-vrHAkTIR9Rwu947ia8Qu3usU5DHfiq9c9T9PO-6BGtr7IsjPvYmVJ6wh41ceapeCnx-0C52MRe-o2gc5MuUuPiwX_oFc5DUMCjd_xGCCdsHbD-FnXs0ujgTISOo1fXmBrBIXgQ6fhwjIfVqjHqL7p5vwD7jRNawn97hiqN5czpGEzk8B39waOoJYHaV8jTAmIMPo_7ClNPT2x_x2MQAR8vfnGG3g7uXJywyhKnn8TBoWPIH65_gKF6EUYz6-PJzpMxHFpelYpAak9zoN4I047dOQcZuuCJmbmn-raR3p2XMmwtsCr9VEvO9uNdNRNT5Va3y5BUtmK1gSdfl2GuekBD0Uu782a3nH21nOKihkYlnAOHeYGUAulZwopQePbOkRWBjetI5miAVNF_7RtyxaN-jUEAd6MTKcrmBrclKOzNY4vKbq1Z84aYB84uMnb6Kw4OHeHkh_9-Tk_zLSezJwSTYghS9cHZaARqCF3fXutSCktah14BVOeQAAXgYt2EJFjJzzFSPKei_CqrhPwplx6BrtTXJFn1qIPP99QK-QAch8v1OiW8zC8pn9boI16P1vdgFTJF_bYekWXxWtQh6ZCXs0yhLc7VzpnfOXdNlKAUsTcBJYMi8NdBggV_pOMzuIRGXK9wuJlQhS05PtkeVIWrwMUlg6_T7ZALOGU_X2BJxVSbNNxoldUf8FRSWKNqK55aBiFWzE9knBxY4o2vQAYpfFTaAlk7mzSPWiU77VZ_i65pYlgMrGDAjoHA0dSmZAG_-kgTHShjIuY9RrKBNoGr4D_DkHCHNkUArZFGgChzvzKX_ZyyXrjnA6fjhs35WmXutrO6Ta6UJdfo_4hNYQdjF37-vnhmSLE6NAomcV9EQwBMuJa9c2DfjIE2gR9TKt5RKk1O_CdTYaQPivbGoGelz41uL086WNUw73IDjQwW0RpmzWfOfAiu2oIWEh4J5LqW6URrhDH4dMPaJ4

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 009F 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BtE50V5vCZYDdHLar9u8P0sumgAgAAAAAOAHgBAI&bg=!kJOlk9zNAAa8BdJLnAU7ADQBe5WfOLrp7NMIlYdcVH4197UWImxUHLpg06P7NUtyxHF20IrQDdK6pWhM5_co4XdLrIU9AgAAAH9SAAAAAmgBB5kDH3oRI_wRaiTs7bNC_CRiTmI5SBY9gEl9Uys9ZsilI9kXx7ECNKLaju0ecHmXeOKYdbUxmezo867iXX65TICLtV9fcN-3yQ1RhNnWjSkYGJcmSVF7RwdPxba9Wn8rWUN9LjH3dVKP1MRwVFEUMI9sCViGWhWSwER8XKZ55WJjSJpKM7oeEvkrCcUIPx75N3yAkpJF-Cc_Fe2X9bPcftY7aulW8gbKOcE963_REYaVBZYicua5D29p2qZzxBAt_91whi7rC0B0uYFfMbT6FaK7F-p827wBPL7K6NMwyM0Bg6gBfhMSNQnZlBBcCOvDhLHDbSXrDA4xSu0hk4W4cA0eEHxyaKXlId5e4GE8bCLg4puHM4UbrqR2X3IwwaqDEekh0GCDOl73g5Dx1twVzgJjRVM_B6W-5RGEFJpKcwxE0edvVaNaIWeqHQDKPsiOYwKWHxwZZAVNYwCCpprnfyicP5t4iuEJiz4OiCzkCfuD6Zwb_jMtjbvxEceaUwvXEFM4fxoPNwfVZmPlz4KSls1thgSdSEXhNRLN4r1nsfkW5N1WGB9kRbibITj35Quw0YzL4NIZ_e6OpaQr0TqHH-TK6A6LyIcc4vWUaNM8FkUbgQbpVGRj525hA-1QVsAlx9XWFX0AmfnPoAuN0PjAA3lIPphXOevOJNGVtllXSXvJCI1ObGGYp4dS_NKGXG9PfaAIyHlxswc-2vAk3jB3a-DUQu7GnXQEb8cSzFXY8sXLDwlfJQq4YLlX1oUVbhyHX0pHjl3aebIKDlF9VyP7GvwYXXZyDAKU4OMShnP-Vym2Da98oqsF7yh6e9BoiGa99wHLwIl7TxUZ8s0CZn8esCt2xkiES-5wfu9GeqiV9PLd1LLxoHoTV_iaHueTc7rbwgPl-5QRz3plvxWIRt3zsRjsAUbQx6kKUE_ZmD_Q46Bk4zsxLTie3L7X-tF_kDFpP2atzC5yLVwgp9gJC-gYQRSHeFnS-N-nPQ3PKLBQxYqEfDMFXO5nSPOoX1nncq8Kap-zjWad9Me2GBpRn3nS79Ai9ArFHG2Ie-w78Y_AUeFbDJU

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F3F 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bcg4zV5vCZY-1HZbd7_UPooWyyAsAAAAAOAHgBAI&bg=!xsWlxYrNAAa8BdJLnAU7ADQBe5WfOJV_4RTn20r_w7v-1F9fbCwJKsme8OpQUpA43eC2lTUqv558IDXj1t-OPhPaHwaYAgAAAIRSAAAAAmgBB5kDCcr5PEwbp2n0jb2utvtGNDMAtc0bfr2_jpwF099cBhGVABrt-QvCHXiSmHa024_RTD8Dce-FA46ULf17xIgIqaWDEZtyYvAeA3GwF88zjwvP0vCrrLyn0JSJdd7QnDf0PEsyPpHVnpg4QEpzJiTvtbAzPk-izTw3HvwvsBG0fB3zFL9zGyht4IF6LXdYWxi-jRbbrTNXrjbq5Gy-7iautivBnnJtvI8HS12NJDQBnherYHMCaa16EQZcM6_PI1H82L-R-DJe7xKejI3pQDG5Z5Qr6vcaaou-EXVWEPu6-aKeLCrp7P_MXQllRnzstl91LB42IAtS8oSGMyXsvYGN_VvdilGschUlun1doINlRxbyw80YjXXLFVdKJqyKB3v_EB-SnR_1C5YOkgPaI8cqVGD7icLm4QL0Gy-PFNRbfdfTI1VEZg3NRdAMck_JV5mXiR0BtiY1giDpvV_RE0An_pllcjNzGDNAhJqjspmbxzZJIHl5s7xCSa7K8N5JsWnrIpNqwEgfzq40hvrZfyA-K8-2rXyTZHsZCLUvT5wMEH_sWHkqJF-9ZxsardXMrkFI6X5PZhfWSrXZo2L1rlRySs_TvtYmkfTIc4h5SgRk6PuyiGpYGo1Tu9uNjenwqfJ_FfZMh9uM13aXFmStDMeEPI_3RFvr1YmGZh-6Ikg-itqhVzF674trZ-GPfLf8JRh2e50r9rDXuQgxoF49BcGe1glUlr1DEphaNfBv6rA2ITu0Ed4FGFPamdoY6Sr0MLByCCekFQ2LA3mYQPXWem6CXHBis9SaivQ8g5LohQu4VCjSbI9wBSTnxVZRorWlvbL534fu2-2hvkR6p0psTPE_RO2MHnnriAAJJtDN4Mo7o6mV2rz6btyAbVNtmR9IYwB2kweKsrnT-NTKxln6Y9OTSn0BsVXAoSe9z53nwAIe-_Og3OwYXLDIXUVrpB_aSSPTeqaKKYPF5tx2IatokRqvIWbPsGUmZUfQJuPTRcLAcx6zfYsYtijbjFlfjJAJvdqWqDEsj0XISMGY0A

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CC5B 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BHurKV5vCZbnLHffK7_UP7PKA2AsAAAAAOAHgBAI&bg=!wsGlwY7NAAa8BdJLnAU7ADQBe5WfOFk7GnrDi5zILbUPTvMvHOO5JzLxWMnet3y3aTiwzrhoHa3fH0i0WzIAGRbOiFR8AgAAAHNSAAAAAmgBB5kDFEiKfasB44fUtDRAkmDtxzrYA0z_jajFVZn_e8XX53TTwJTWC9QZfXNrz4Z69o1O5Ld3X9wi6nkic_a1xoWpuADG1kE7aetD45QmooKmGfxqwKD9mQDaWcpupVo0tt5JYT83jmhCorCkgY7DGHza5ET-QmbKif6q5N9RtlrzzmX1p5IorwCuct3g5MbMir2ha-RxUHsKo2vDMXiwnwOeQ1vL8yvVFCg54FCvcjd_8nhfrQfB3cXFNlasgf88-LnQqsncBwsFgq9xbhoPzeiUkxQZ-VThLnMJPvtKLYN_KJl5I7Ccj9ktbwKPtHXVRHMHwZyJwNryop0LWT9iTAqFWEyMcF69MrV2arWNxuaLEPYf2tIbTzeHRGnvJFZxCcYLSwrGWUBG80g7RR0nLSY-Cxs8waxAnjJL2tdqAb_DMgYIYsCBksf9eHDxzBAkbWZ2RtSOZX0M9RCAqHZK7GrwrLj07Z6JeRoZeFxnTACgLPYY4C0gu5_T5iMPQqrOWo-hEI9zsHUmNqyL5wf_uOrN1HL835Yp9dI2d5FZsZFbBM4kB3odcmyBC6lKrThPyhEmmEvzC62tpO9c3QYGXsbDJbr1mahHSPTwzpfoAykj0WJrXPmPQFP2GT7Is7DH17YY9G0uoMh5TjEZ91PrxtKzDuYncxd-VewXblkZirR94kVohn_AyDnRRgX2dhg8IW2cN0wJTO4cVOBcGeYPD4OSnijKdAy8UWkkXB2qI8XOLqjGwO0N_JuRH7AVL0sruGNZ-8YQUlpJrDvdcrhw9YJIsMaSRwuJ4HVNnlR5gBbu4u1jjEpPyBA2gWJYbLjux527Rp9Iu9kQvginRa4gUUI5rIoHCGGcabS7IQIYCpy09AVwiZMiErgmnMRNnTybmbjUyd_cjKp2deiZ77aV4Bea_mVrV7NfQPjCNkVYqTKygFr1ECFcrE4OusEgWFWrdWPccNqAhSMrSuna_u-j6vy2cI5dC2fmfWA_8CieXI1KNJjIO9bZZkFlIChN5-p1YMs7-8o5SzobHQmmIlz0jS0LhjZznrW7

Requested by

Host: daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
URL: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CLXa7bbLl4QDFZldkQUdSSwGCw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8369055238518.604 Show response
8019191.fls.doubleclick.net/ Frame C382
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8369055238518.604?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CLXa7bbLl4QDFZldkQUdSSwGCw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8369055238518.604?

2 KB
1 KB

59ms
59ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CLXa7bbLl4QDFZldkQUdSSwGCw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8369055238518.604?

Requested by

Host: aofsoru.com
URL: https://aofsoru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

d82b7c79f2fe4f65ee60412e5807a49addda014c1c71f96b2fd2212388114146

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 903
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 20:49:28 GMT
expires: Tue, 06 Feb 2024 20:49:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 20:49:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CLXa7bbLl4QDFZldkQUdSSwGCw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8369055238518.604?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900030.redintelligence.net/ Frame E4EA 4 KB
2 KB 72ms
24ms Document
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/request_content.php?s=88334800254848204444476012592030&a=e56ef966
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=b0ssnwblwmm3&nw=20&renderingType=javascript&namespace=48b7513072&subid=&uid=5b9f542009354d5e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKN2VVpvCZZuFL46Kx_AP8OKh-A_M-YagaaOwx__3D_AuEAEg4sLrI2CRBMgBCakCsf4QW8UGsj6oAwHIA5sEqgT7AU_QmiN27rGZQjLvvTd0bBJHtcyBojz8HjsX7fPj8D00Hd3fMAIEGYPanGpKpo2My9SiHP5Pe56W6tHVniDT3C7DK8Eag7GnukbCi-PMnEApkGE5iUwCiU9asshYNSRfktzz0akGxk67xugLQKCabbmsq2VvZVTqjMBwSCcj2pCJR-kC3C5itpeJRem9N-w5ZkBCjbJ8r-cj_21InKF_kY3uG1Nf3BsJmE8qaIungsrQS0unIkn3cygrDZmPbWGSILPAr6XoitWRuBUIGW8uNvGn_t9ynPlAXWnV93Yp4wl0bVlT_MsKP4ZyV-eV9SOQ_CNYoU10TXlqd7GgwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOliBpKG2y5eEA4AKAZgLAcgLAYAMAaoNAk5M4g0TCLTkobbLl4QDFQ7FEQgdcHEI_7AT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ%26sig%3DAOD64_20k7e01TrZ1lft7Mj8olsK1ti4Xw%26client%3Dca-pub-3095732206138064%26dbm_c%3DAKAmf-D2nOSPoR3fIPcCich_TE1S5pPfMRw1qBlvNkH3cn7Z5ounNABDUuuni_ySrMgy1IJqipWzQOskjYbgcSdliZb343oJCE9_VkiBoPU2y16PS6q1WlAUsZuVj4ptupM1gV_IZFiPWA6cX-CJ2YaNTNXgeiDrHIfhRyJnysW2mq2y4muZP0w%26cry%3D1%26dbm_d%3DAKAmf-DrstXMciEcO4JMM_HCBSq-qQu1EMB_Y-upGcGdIVZRt41P3DebLKfJ1am4qSLWCzjaDW6nMc1ir4dkn5p1vXdA8l5FDsyBJZ9zXGlJZD5y-u9q5pKsRAtAsEnh_WMl96a0uTIrqiBNU55ak_cJdg9lwIdchiN-unbfzQy_eQcUdMyKeGQu9wLOPpzu3KXn6YKZC7sZ2gZNugVZpJGgfJb9f-NHZXvRg6IyaWJyUGFhl6kCRis_-VcSr2q9Lv9YyWD6aKqX5N_TsvQ0GkriV4jvZREATsfSdUhPU2rnXUKsgmZYYBQcmRgly7Fd81GdDfGHOvr0ohxiDKk5F43Y42JbhjcMiFQotGaVvxVFJSM1ivi3vupyosb_f2vf0vaeq8mnKFOITRmf-bYWai2cX2ie0tFmR1ugKfWeuBCrN6KcYVLHci8-YTJELrwb5FTLvGjGo9b6ijZao9aVz1IE_Pf-LY6jns1La6IvnNcPP8xiQP8syKXRNbfiS4QwB9Te8mbv5CAuNkIIaXd68jEQOhdoMbgS8FCKO1_2MVtvmqEtMx8DWIscRJKm_UXaOvVg-eHAASWN%26adurl%3D&documentReferer=https%3A%2F%2Faofsoru.com%2F&ancestorOrigins=https%3A%2F%2Faofsoru.com&random=2589323501415&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Kronberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 144105f107de72c981384eba7299b602c84d058cb8fd8fde7a3decd90194cb39

Request headers

Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1502
Content-Type: text/html; charset=utf-8
Date: Tue, 06 Feb 2024 20:49:27 GMT
Expires: Tue, 06 Feb 2024 20:49:27 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame FFA5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613102d12ace441bb7e42a3b9146733f009d268d0a2217d1319afedcbedaf294

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 63dcbdcce4b0332cc41f66d5
ng2.virgul.com/tck/imp/ 0
210 B 119ms
53ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/63dcbdcce4b0332cc41f66d5?g=1&t=gb&r=155365@site_geneli@aofsoru:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1&info=&mt=1707252566877&userId=vnet0da75db3-8f58-490c-91f0-496c182dd1c2
Requested by: Host: aofsoru.com
URL: https://aofsoru.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: https://aofsoru.com
date: Tue, 06 Feb 2024 20:49:28 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2

200

activityi;dc_pre=CPHa7bbLl4QDFdpMkQUd5vcHpg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3659696580799.088 Show response
8019191.fls.doubleclick.net/ Frame 8C38
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3659696580799.088?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CPHa7bbLl4QDFdpMkQUd5vcHpg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3659696580799.088?

2 KB
1 KB

62ms
61ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CPHa7bbLl4QDFdpMkQUd5vcHpg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3659696580799.088?

Requested by

Host: aofsoru.com
URL: https://aofsoru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

21cced5c2e795a2d0dcf7ca34603b2d38bd07e17f8b6b1cf0e91db58bed46808

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 910
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 20:49:28 GMT
expires: Tue, 06 Feb 2024 20:49:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 20:49:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPHa7bbLl4QDFdpMkQUd5vcHpg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3659696580799.088?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90007.redintelligence.net/ Frame 9560 7 KB
3 KB 72ms
25ms Document
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request_content.php?s=70831800236824404444460012592007&a=3f53e4b4
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=b1ecwdixnimz&nw=20&renderingType=javascript&namespace=b355b1ea67&subid=&uid=5bbb8cf52d506a2c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPgh5VpvCZZ2FL46Kx_AP8OKh-A_M-YagadO0x__3D_AuEAEg4sLrI2CRBMgBCakCsf4QW8UGsj6oAwHIA5sEqgT_AU_Qun8QFoWHukjHiFjIGfhn04uDVE4V8j10sDfv2BmNkI3KJxP8JZCm2TFbwXjPqPoaV5ERaQZZ9fcsfFRh-66S43YNwNVeO98ZDRguv3ZSpoqrGlRKGJ6iIw2dza5vNElgVnhmjnZMPdC6GCQpE1SqagsHcYe3mjrb1WjxKMlo4lu92VUEw1pobAUGfQQAaK48H8xnJKLYaegFmcahnxJkvkpXmJzPdMT-fDz_vJNCv5h9brA7c1evIHBc9oz7aS6U0AykC4DbPIiAplta0xw0g2vfC5k-u58m9bHmBAMIXDJxV1rQadN1L5g6nVhIBmyXwnMQOZsyBcjO8dLcGcAE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYgaShtsuXhAOACgGYCwHICwGADAGqDQJOTOINEwi15KG2y5eEAxUOxREIHXBxCP-wE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ%26sig%3DAOD64_2LIX01Sr322VZiKmy19xjQcJT1sw%26client%3Dca-pub-3095732206138064%26dbm_c%3DAKAmf-B05F--bjC0Vh2kR432ITnFNB9KvhyA_P_EfrHYAUT5lo9eZ9W3A7JB7xFn_mTw83GeurtAu5q1M9lXpojFa3fw0NsCwvLPaC1b8T0iMiz-yuCratPS-aeDH_1YQxrbFMP9B6CBkm6v3mx6BeymW8zcc0WdSK2j5vh-lnIuZAYHKdRwLJA%26cry%3D1%26dbm_d%3DAKAmf-A7QFnjRKNjH1Hz2FjFeEhUtqUeQGQWoaRAj8P8lGZgy6bYDkJR1OGc_57SOBbosL8w-WlkWJ0NXn7B9UudLR6rRLcWxWumh6tt-FHLYEKMkngjDlX9QFfpE7tKEnjZPf89Owx6udx0euO0zt4mxOqWDlHGr9pY82Ms0pz6SbSzbRd6AYp6txpSc0zn-qWKX10mYrb2AWoUbxpSIrYYP7-dj8NB5MYEpsjW8e4zCpe0XYngoie8fJXH4iabKTyX34bgl__OYjCCtCclVSJad6YlKiCOmP-L33gbHzip7W_pSevVVQDrqMdff7avltnhuj9nrhVxJO2GXPcoSfJcHlI-CJq88WkGNl5rywCYrpPBDABjmDMp6iZOcAVowrBAK8yxsV80X6oRqMtfWcloVTfW4tfAuJMmDzTMboR0rN_jdu_ZZCxn5k60qfc8UNIKadVaNTa5kILlrfmuJm4mDXOm2EgPd1DpaQtiAFAl35d_RedfW5bnWeObWZPNej7Nf6y22g5zJWXaatsavS4ti29HGMhhlnkq8hBoPq0Vm8EBYvsoarnQj2V5gzRvqoftnuC35QZO%26adurl%3D&documentReferer=https%3A%2F%2Faofsoru.com%2F&ancestorOrigins=https%3A%2F%2Faofsoru.com&random=2023948226353&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 70053887f7685690b356315b19b556b6a3f5f8a08bcb7e5ec8abb20117836bbf

Request headers

Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2295
Content-Type: text/html; charset=utf-8
Date: Tue, 06 Feb 2024 20:49:27 GMT
Expires: Tue, 06 Feb 2024 20:49:27 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2

200

activityi;dc_pre=CJvd7bbLl4QDFalLkQUd6t0Ipg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5258414706083.105 Show response
8019191.fls.doubleclick.net/ Frame 66BF
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5258414706083.105?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CJvd7bbLl4QDFalLkQUd6t0Ipg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5258414706083.105?

2 KB
1 KB

61ms
61ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CJvd7bbLl4QDFalLkQUd6t0Ipg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5258414706083.105?

Requested by

Host: aofsoru.com
URL: https://aofsoru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

ca66078f2357a9b8cff2f1521e263e739b393125f4599802842ef8697899824e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 904
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 20:49:28 GMT
expires: Tue, 06 Feb 2024 20:49:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 20:49:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJvd7bbLl4QDFalLkQUd6t0Ipg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5258414706083.105?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900027.redintelligence.net/ Frame CBDA 4 KB
2 KB 72ms
26ms Document
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/request_content.php?s=29571500210757904444476012592027&a=93dcd315
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=b0ssnwblwmm3&nw=20&renderingType=javascript&namespace=b4d60c019c&subid=&uid=cce150ebc19e315f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq3oyVpvCZZ-FL46Kx_AP8OKh-A_M-YagaaOwx__3D_AuEAEg4sLrI2CRBMgBCakCsf4QW8UGsj6oAwHIA5sEqgT-AU_QtGLGW36QeLNvd0Q6OzzVQgJRbCMe_kdvPA9ORAMHrxzMJbVrjovOBCvdhjPff5ddrxGxop_bKInWbE27rvhUshowStygw1djd6tMB79MQSspfjDaIyebmREYN8KIBeoOwTXyyMuqZOIRKyBvSW4OXQwPm2NTFbuQD9YbiQ4_7LGX5FK37WQrdTvw-6YUJSf8bR-5NweyfgdHA9oGQtOzrFhjdRPr4ePgWjEOTMLpwGBA8DAW6JdWjVZ4YFDGKtiLuKgT85cCv66BMsVDrYwQVKO8WKmVpZceOgu66krmEth-HGMQ1dGHkQMZ6Ypnz80bAiEzMuGR9-UHFweZwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOliBpKG2y5eEA4AKAZgLAcgLAYAMAaoNAk5M4g0TCLfkobbLl4QDFQ7FEQgdcHEI_7AT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ%26sig%3DAOD64_0vN82JGZle9QxQqwXAj3dOHfZKbA%26client%3Dca-pub-3095732206138064%26dbm_c%3DAKAmf-A82361eEuejnCbv3WLsqdjxJw-yg9ZTv-YlvzUy9ZlSq79uWysMQUYB1LSpW6NUhemruvFKsO2v3j8AualnHZAyHbefMW1o6Z_o68T2u6Un72zVJ4pVD64cW602G8glj-nupur-MYV2VqrmkeSzJbQzO5ci8J1c67uVqXTvzQKT_MaM6U%26cry%3D1%26dbm_d%3DAKAmf-CrzrCc3V_HVbxzu4wuXmPdmbrzhVV017LhM_Z2n7pjSTlxMrGkYH8lVDVglJ0_1YoS0m7LtRlQREYxaVD3PonX-TfbY0aJg9LAacZhIRQ0EaHHtGRZK9Apf1XJC4qwVIwJnCYTIkklZuzDGZlLnDJF_6i3y8rFqXQf94ldZ0qu4UMfTHFr8zP3Xqz2916NGMhgN-DZ0tZlKFI5p6vcGKgxzUbNVXVQeQcjFUhWIAspQNXC7rp5BN56UaLKdSvNgmeMuDXse1TyuM98rVjnNVaDv9t0qaSzSsisk7J7HhL_uyRTzdIFE6YELwXXCSKSUD-F33huKIqVsG9aSEwEcp68eB3FPYyV8cJa7fNe8JfmdyiYvmkJ0f1M1rdVco0On9P6iU1mfX4N3oGVRYmnqKFsPN3kZgXoEkSCMP_q666q63MEMtznQVkXDxQ9WHlv9SLxbaxBnOsr0tJ2syAiNcsvC-s0jq6BXZZ1QmejaIDJMOE6rlvxZQLjljiJquPxdjZcUu1M4JAlou7N83uK8OCu3U8KXh-gtzHBwqyECI9poelQNPR_ERs9SFNPtoeYU8WUhAYi%26adurl%3D&documentReferer=https%3A%2F%2Faofsoru.com%2F&ancestorOrigins=https%3A%2F%2Faofsoru.com&random=8265929763159&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: bebf3c2726ad0c143f89a97096d550ceaa5c551d629f7582eb7c34995541f8b6

Request headers

Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1502
Content-Type: text/html; charset=utf-8
Date: Tue, 06 Feb 2024 20:49:27 GMT
Expires: Tue, 06 Feb 2024 20:49:27 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK request_content.php Show response
hal900018.redintelligence.net/ Frame D767 4 KB
2 KB 69ms
23ms Document
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/request_content.php?s=61877200214916704444474012592018&a=e6089b56
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=kqb6i1ypdv7u&nw=20&renderingType=javascript&namespace=0395271650&subid=&uid=925a9cc6b5199e0a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2O06VpvCZZ6FL46Kx_AP8OKh-A_M-Yagaau0x__3D_AuEAEg4sLrI2CRBMgBCakCsf4QW8UGsj6oAwHIA5sEqgT_AU_Qt8i5qrgNz5SamLa5LUlzHGuVQhcH_uf51oF440-Tc2UsXmOVk7rwqIJnWBBwg2KVuhOjyPMzw_b5gcXRPVvMaHfzu032OPvVXnbQ0kxEDdwH5viCIjBsKqISm2jVFfQT8NZsHlk2BJgxyTgNMw5p2QcqrJJYtfTFg8IaWKBRpmn9gDkklMZV_iyD47hlUMDghKitskfRLGO-uZJEhPNvalKkHMBtJ68XbK7v4y0XZ-XlbC8wzrmidJRURzx6iDh7EJSfAQmego8dmMKfIyN03gDE71gQ2_5B87JkT46MqEfyDO48k9tVZmpwFapLn3EKIi-ymzMSgBXVhUNo6MAE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYgaShtsuXhAOACgGYCwHICwGADAGqDQJOTOINEwi25KG2y5eEAxUOxREIHXBxCP-wE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ%26sig%3DAOD64_2u8C21gXHTWa1a51vr2biQkmh40A%26client%3Dca-pub-3095732206138064%26dbm_c%3DAKAmf-BPC3fg73kpP3W6kYQuiV29GUO_WOOX47QYFrrUsOkJbo0dEUyP8UVhtjJ-k273hen0CjHUEJZwtDya-93VcRxFkDd9f6HqqT4b4sqPXilK_hjZCbKKBgxs5OIGG7KEKRmDzpJnstGEC80MoHNZBg8m-ta9GhiT0fbOc39UprCscmH_mno%26cry%3D1%26dbm_d%3DAKAmf-CeV-Fe7zuNSV9EwoQUVXIpMut8D0SjTAW7eHp-unR0ZgRhz5hrK-k-gob5TGuhHhQamwssxJXPFasWFFCE-HwMYR0OJFA9uCuwLkfcoYu-S3Ua1_bypvHmumbqNuwvriCSoOgsj0lU0-9qJyeAqVR9O7ZDd5ajSZDbYm5XkuFufhLG1L6rXmOaQ9yMl0nOQsschtzAcxSzo_YfkyC1WmHaNPHfaOkcb8Ox710gvyTxKLnqAOT6T6_gWGe8krE2N1qzO1307v9vBPPbHsknnZuO3Qm-fW5VOdY2u4ux56QctP0L2mqizgX7iXhgmyFUZJnny0nuMEGyK1WTT3kFIakN7BLyAESs7OaKlySW5NiQwN8iD8hM3E4ydzHHXVImIukdJfhGkFaJuUZr3RnneOsrTIDByjZ4DUr5BmfTuVUg1QOmKUiql3A7I_LZ-NRHGShoRQuM-RSQnYHDkl3ANq4Qsr7SjFWptabTDyfAF4PJlVaYx-a2GQ44m-ORUGOGSV-Kh8BGmkvKGkfIYO7LUwxrvWA5-_sShESa57v7pKBZAo8M0aw7ykBExSA05CsQ1QNX3ICs%26adurl%3D&documentReferer=https%3A%2F%2Faofsoru.com%2F&ancestorOrigins=https%3A%2F%2Faofsoru.com&random=6267765803135&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: dec4de0c10e348d61796ded3ddfca707ee61ab5e82e100e9ff6e747fd79abbf9

Request headers

Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1415
Content-Type: text/html; charset=utf-8
Date: Tue, 06 Feb 2024 20:49:27 GMT
Expires: Tue, 06 Feb 2024 20:49:27 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 6694 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69750a9ca850fa80bb4e3e229b2f391bc470d7a13b7e0a9581d1323a17e85233

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 08CE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cae491d276a1e1073506734a40d02cafa4c562d315cc8585d84ac8effbda9755

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 98E9 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6092c6b52bea4300388aa3de34654d7f8ae2d1516b433405bd0460bc5c07536

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK S-970x90.gif
cdn.contentspread.net/24i/content/soberfb/EN/ Frame E4EA 24 KB
24 KB 134ms
46ms Image
image/gif 51.75.147.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/EN/S-970x90.gif
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=88334800254848204444476012592030&a=e56ef966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.75.147.170 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3133977.ip-51-75-147.eu
Software: nginx /
Resource Hash: 38453bff795a12c184a0475a9442ce348cea9fcb8b70a8dbb4cce0f7f1c5820f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:49:28 GMT
Last-Modified: Mon, 23 Jul 2018 15:20:15 GMT
Server: nginx
ETag: "5b55f22f-5f6a"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 24426

GET
H/1.1 200
OK viewability Show response
hal900030.redintelligence.net/ Frame E4EA 0
150 B 71ms
24ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/viewability?s=88334800254848204444476012592030&a=750c8577&vb=m
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=88334800254848204444476012592030&a=e56ef966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Kronberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900030.redintelligence.net/request_content.php?s=88334800254848204444476012592030&a=e56ef966
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:49:28 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame E4EA 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 bridge3.617.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame DB68 756 KB
242 KB 31ms
30ms Document
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.617.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fa98ee146677acb0f4c72e1bc219c8b3fe050038bb5be4556b7084d24cb90b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aofsoru.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 345723
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 247530
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 20:47:25 GMT
expires: Sat, 01 Feb 2025 20:47:25 GMT
last-modified: Fri, 02 Feb 2024 20:44:48 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 89ms
42ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Feb 2024 20:49:28 GMT

POST
H2 200 count
logger.virgul.com/ 0
116 B 190ms
54ms Ping
image/jpeg 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=infoLoad&g=m&r=npm_aofsoru:::&o=0-100&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=2/6/2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:49:28 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FF30 40 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 06 Feb 2024 21:36:51 GMT

GET
H/1.1 200
OK S-336x280.gif
cdn.contentspread.net/24i/content/soberfb/EN/ Frame D767 77 KB
77 KB 119ms
43ms Image
image/gif 51.75.147.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/EN/S-336x280.gif
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=61877200214916704444474012592018&a=e6089b56
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.75.147.170 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3133977.ip-51-75-147.eu
Software: nginx /
Resource Hash: 0a946d52ac8890900833e2996c926ddabba3d9aa7dd4d9d7a1b4e5cd1db8dd34

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900018.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:49:28 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:52 GMT
Server: nginx
ETag: "5b55f218-13517"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 79127

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 9560 89 KB
32 KB 79ms
31ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=70831800236824404444460012592007&a=3f53e4b4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 18:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 18:57:06 GMT

GET
H/1.1 200
OK S-300x600.gif
cdn.contentspread.net/24i/content/soberfb/EN/ Frame 9560 95 KB
96 KB 117ms
45ms Image
image/gif 51.75.147.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/EN/S-300x600.gif
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=70831800236824404444460012592007&a=3f53e4b4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.75.147.170 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3133977.ip-51-75-147.eu
Software: nginx /
Resource Hash: 15489bb6f46021bebd0fedd4fef40981361ec05da79884da97f998dfe3c4690a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:49:28 GMT
Last-Modified: Mon, 23 Jul 2018 15:20:13 GMT
Server: nginx
ETag: "5b55f22d-17dde"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 97758

GET
H/1.1 200
OK S-970x90.gif
cdn.contentspread.net/24i/content/soberfb/EN/ Frame CBDA 24 KB
24 KB 117ms
43ms Image
image/gif 51.75.147.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/EN/S-970x90.gif
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=29571500210757904444476012592027&a=93dcd315
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.75.147.170 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3133977.ip-51-75-147.eu
Software: nginx /
Resource Hash: 38453bff795a12c184a0475a9442ce348cea9fcb8b70a8dbb4cce0f7f1c5820f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:49:28 GMT
Last-Modified: Mon, 23 Jul 2018 15:20:15 GMT
Server: nginx
ETag: "5b55f22f-5f6a"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 24426

GET
H/1.1 200
OK viewability Show response
hal900018.redintelligence.net/ Frame D767 0
150 B 73ms
25ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/viewability?s=61877200214916704444474012592018&a=8f5f30c3&vb=m
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=61877200214916704444474012592018&a=e6089b56
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900018.redintelligence.net/request_content.php?s=61877200214916704444474012592018&a=e6089b56
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:49:28 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame D767 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK viewability Show response
hal900027.redintelligence.net/ Frame CBDA 0
150 B 72ms
25ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/viewability?s=29571500210757904444476012592027&a=13a398ab&vb=m
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=29571500210757904444476012592027&a=93dcd315
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900027.redintelligence.net/request_content.php?s=29571500210757904444476012592027&a=93dcd315
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:49:28 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame CBDA 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
271 B 83ms
23ms Fetch
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

2c5111dc3f9609eda9bab8a21beb969e331bf9434e885cdb4096f14cf356343a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: https://aofsoru.com
date: Tue, 06 Feb 2024 20:49:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 dc_pre=CLXa7bbLl4QDFZldkQUdSSwGCw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8369055238518.604
adservice.google.com/ddm/fls/z/ Frame C382 42 B
107 B 122ms
69ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLXa7bbLl4QDFZldkQUdSSwGCw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8369055238518.604

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CLXa7bbLl4QDFZldkQUdSSwGCw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8369055238518.604?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDgwMTkxOTEKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2dvb2dsZXN5bmRpY2F0aW9uLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04K...
ad.doubleclick.net/ddm/activity/ Frame C382 0
1 KB 55ms
53ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDgwMTkxOTEKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2dvb2dsZXN5bmRpY2F0aW9uLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04KZGVidWdfa2V5OiAxNzA2OTExNTcwMjQ0ODQwOTQwMwpjdGNfY29udmVyc2lvbl9idWNrZXQ6IDEKYXJjaGV0eXBlX2lkOiAxCmFyY2hldHlwZV9pZDogMwphcmNoZXR5cGVfaWQ6IDQKYXJjaGV0eXBlX2lkOiA1CmFyY2hldHlwZV9pZDogNgphcmNoZXR5cGVfaWQ6IDcKYXJjaGV0eXBlX2lkOiA4CmFyY2hldHlwZV9pZDogOQphcmNoZXR5cGVfaWQ6IDEwCmFyY2hldHlwZV9pZDogMTEKYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphcmNoZXR5cGVfaWQ6IDE2CmFyY2hldHlwZV9pZDogMTcKYXJjaGV0eXBlX2lkOiAxOAphcmNoZXR5cGVfaWQ6IDE5CmFyY2hldHlwZV9pZDogMjAKYXJjaGV0eXBlX2lkOiAyMQpjb252ZXJzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBDT05WRVJTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0FDVElWSVRZX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA2MDM5MDAxCiAgfQp9CmNvbnZlcnNpb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IENPTlZFUlNJT05fRElNRU5TSU9OX0NPTlZFUlNJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAyLTA2IgogIH0KfQpicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNTcwNDI1MzQ0CmdjbGlkOiAiIgp0cmlnZ2VyX2RlZHVwbGljYXRpb25fa2V5OiAxMzU4MzE3MjI0OTU5MjI2Mzk2OQo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:28 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"13583172249592263969"}],"aggregatable_trigger_data":[{"filters":{"14":["6039001"]},"key_piece":"0x229d6528dd72fae9","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0x54e43f177d5852ab","not_filters":{"14":["6039001"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["6039001"]},"key_piece":"0x7f943ac4f1479f60","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xd51c334b82bb79a8","not_filters":{"14":["6039001"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"17069115702448409403","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"13583172249592263969","filters":{"14":["6039001"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"13583172249592263969","filters":{"14":["6039001"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"13583172249592263969","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"13583172249592263969","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["8019191"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CPHa7bbLl4QDFdpMkQUd5vcHpg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3659696580799.088
adservice.google.com/ddm/fls/z/ Frame 8C38 42 B
107 B 120ms
68ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPHa7bbLl4QDFdpMkQUd5vcHpg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3659696580799.088

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPHa7bbLl4QDFdpMkQUd5vcHpg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3659696580799.088?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDgwMTkxOTEKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2dvb2dsZXN5bmRpY2F0aW9uLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04K...
ad.doubleclick.net/ddm/activity/ Frame 8C38 0
1 KB 55ms
54ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDgwMTkxOTEKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2dvb2dsZXN5bmRpY2F0aW9uLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04KZGVidWdfa2V5OiAxNTA3NzI3MjI4MjU5Mzk1Njk4CmN0Y19jb252ZXJzaW9uX2J1Y2tldDogMQphcmNoZXR5cGVfaWQ6IDEKYXJjaGV0eXBlX2lkOiAzCmFyY2hldHlwZV9pZDogNAphcmNoZXR5cGVfaWQ6IDUKYXJjaGV0eXBlX2lkOiA2CmFyY2hldHlwZV9pZDogNwphcmNoZXR5cGVfaWQ6IDgKYXJjaGV0eXBlX2lkOiA5CmFyY2hldHlwZV9pZDogMTAKYXJjaGV0eXBlX2lkOiAxMQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFyY2hldHlwZV9pZDogMTYKYXJjaGV0eXBlX2lkOiAxNwphcmNoZXR5cGVfaWQ6IDE4CmFyY2hldHlwZV9pZDogMTkKYXJjaGV0eXBlX2lkOiAyMAphcmNoZXR5cGVfaWQ6IDIxCmNvbnZlcnNpb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IENPTlZFUlNJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQUNUSVZJVFlfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDYwMzkwMDEKICB9Cn0KY29udmVyc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogQ09OVkVSU0lPTl9ESU1FTlNJT05fQ09OVkVSU0lPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDItMDYiCiAgfQp9CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA1NzA0MjUzNDQKZ2NsaWQ6ICIiCnRyaWdnZXJfZGVkdXBsaWNhdGlvbl9rZXk6IDI0NTkwNjQwMDIwMDEzMTMxMQo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:28 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"245906400200131311"}],"aggregatable_trigger_data":[{"filters":{"14":["6039001"]},"key_piece":"0x229d6528dd72fae9","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0x54e43f177d5852ab","not_filters":{"14":["6039001"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["6039001"]},"key_piece":"0x7f943ac4f1479f60","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xd51c334b82bb79a8","not_filters":{"14":["6039001"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"1507727228259395698","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"245906400200131311","filters":{"14":["6039001"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"245906400200131311","filters":{"14":["6039001"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"245906400200131311","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"245906400200131311","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["8019191"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CJvd7bbLl4QDFalLkQUd6t0Ipg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5258414706083.105
adservice.google.com/ddm/fls/z/ Frame 66BF 42 B
401 B 117ms
66ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJvd7bbLl4QDFalLkQUd6t0Ipg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5258414706083.105

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJvd7bbLl4QDFalLkQUd6t0Ipg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5258414706083.105?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDgwMTkxOTEKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2dvb2dsZXN5bmRpY2F0aW9uLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04K...
ad.doubleclick.net/ddm/activity/ Frame 66BF 0
1 KB 55ms
54ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDgwMTkxOTEKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2dvb2dsZXN5bmRpY2F0aW9uLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04KZGVidWdfa2V5OiAxMTkwNDk1NDcwNDYwMDg3NDQxMQpjdGNfY29udmVyc2lvbl9idWNrZXQ6IDEKYXJjaGV0eXBlX2lkOiAxCmFyY2hldHlwZV9pZDogMwphcmNoZXR5cGVfaWQ6IDQKYXJjaGV0eXBlX2lkOiA1CmFyY2hldHlwZV9pZDogNgphcmNoZXR5cGVfaWQ6IDcKYXJjaGV0eXBlX2lkOiA4CmFyY2hldHlwZV9pZDogOQphcmNoZXR5cGVfaWQ6IDEwCmFyY2hldHlwZV9pZDogMTEKYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphcmNoZXR5cGVfaWQ6IDE2CmFyY2hldHlwZV9pZDogMTcKYXJjaGV0eXBlX2lkOiAxOAphcmNoZXR5cGVfaWQ6IDE5CmFyY2hldHlwZV9pZDogMjAKYXJjaGV0eXBlX2lkOiAyMQpjb252ZXJzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBDT05WRVJTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0FDVElWSVRZX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA2MDM5MDAxCiAgfQp9CmNvbnZlcnNpb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IENPTlZFUlNJT05fRElNRU5TSU9OX0NPTlZFUlNJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAyLTA2IgogIH0KfQpicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNTcwNDI1MzQ0CmdjbGlkOiAiIgp0cmlnZ2VyX2RlZHVwbGljYXRpb25fa2V5OiAxMTY2MDAwOTk2Mjg5NTE4ODIwNgo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:28 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"11660009962895188206"}],"aggregatable_trigger_data":[{"filters":{"14":["6039001"]},"key_piece":"0x229d6528dd72fae9","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0x54e43f177d5852ab","not_filters":{"14":["6039001"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["6039001"]},"key_piece":"0x7f943ac4f1479f60","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xd51c334b82bb79a8","not_filters":{"14":["6039001"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"11904954704600874411","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"11660009962895188206","filters":{"14":["6039001"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"11660009962895188206","filters":{"14":["6039001"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"11660009962895188206","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"11660009962895188206","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["8019191"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 count
logger.virgul.com/ 0
116 B 66ms
54ms Ping
image/jpeg 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=adDataLoad&g=m&r=npm_aofsoru:preroll:100&o=&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=2/6/2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:49:28 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

GET
DATA 200
OK truncated
/ 1016 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6823cdc5c5bc297bd4ac06187687fecb2a5c110658ebd5efba820132571fe6a2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 zoneview
ng.virgul.com/ 0
210 B 56ms
55ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1707252568128&v=https%3A%2F%2Faofsoru.com%2F%26vi%3D10750013%40&r=154956:aofsoru&userId=vnet0da75db3-8f58-490c-91f0-496c182dd1c2&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1&info=&ref=&rdmt=0.25957195435646385
Requested by: Host: aofsoru.com
URL: https://aofsoru.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: https://aofsoru.com
date: Tue, 06 Feb 2024 20:49:28 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

POST
H2 200 count
logger.virgul.com/ 0
116 B 57ms
52ms Ping
image/jpeg 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=alive&g=h&r=&o=npm_aofsoru::25:::vnet0da75db3-8f58-490c-91f0-496c182dd1c2&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=2/6/2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:49:28 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

POST
H2 200 count
logger.virgul.com/ 0
116 B 57ms
53ms Ping
image/jpeg 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=alive&g=h&r=&o=npm_aofsoru::50:::vnet0da75db3-8f58-490c-91f0-496c182dd1c2&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=2/6/2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:49:28 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

POST
H2 200 count
logger.virgul.com/ 0
116 B 57ms
53ms Ping
image/jpeg 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=alive&g=h&r=&o=npm_aofsoru::75:::vnet0da75db3-8f58-490c-91f0-496c182dd1c2&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=2/6/2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:49:28 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

GET
H2 206 10750013-270_1-72k.mp4
istr-n14.nktcdn.com/data/videos/10750/ 759 KB
0 273ms
53ms Media
video/mp4 185.7.176.214
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://istr-n14.nktcdn.com/data/videos/10750/10750013-270_1-72k.mp4?token=IONSCTGMu3gRalxENG-ZcA&ts=2037860309
Requested by: Host: aofsoru.com
URL: https://aofsoru.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.214 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash

Request headers

Referer: https://aofsoru.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Range: bytes=0-

Response headers

access-control-allow-origin: *
Content-Range: bytes 0-2617238/2617239
date: Tue, 06 Feb 2024 20:49:28 GMT
last-modified: Mon, 27 Feb 2023 11:44:56 GMT
server: openresty/1.15.8.3
Content-Length: 2617239
content-type: video/mp4

GET
H/1.1 200
OK viewability Show response
hal90007.redintelligence.net/ Frame 9560 0
150 B 74ms
25ms Script
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/viewability?s=70831800236824404444460012592007&a=26aee82f&vb=m
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=70831800236824404444460012592007&a=3f53e4b4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal90007.redintelligence.net/request_content.php?s=70831800236824404444460012592007&a=3f53e4b4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:49:28 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 9560 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 v3 Show response
id5-sync.com/gm/ 289 B
566 B 65ms
22ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

8ce65dfdc3af57cb32deb605c2df091811dd449bb4ea3e82325ed3f70592a403

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://aofsoru.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://aofsoru.com
date: Tue, 06 Feb 2024 20:49:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 70ms
69ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b3152aea725f1731980178061087d73e0863494b74bd04b790bb6432cedd7f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12364
x-xss-protection: 0

POST
H2 200 count
logger.virgul.com/ 0
116 B 53ms
53ms Ping
image/jpeg 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=initBufferFull&g=h&r=npm_aofsoru::&o=&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=2/6/2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:49:28 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

POST
H2 200 count
logger.virgul.com/ 0
116 B 53ms
53ms Ping
image/jpeg 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=start&g=m&r=npm_aofsoru::::&o=vnet0da75db3-8f58-490c-91f0-496c182dd1c2:49:400-500::&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=2/6/2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:49:28 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

POST
H2 200 count
logger.virgul.com/ 0
116 B 53ms
53ms Ping
image/jpeg 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=adRequest&g=m&r=npm_aofsoru:preroll&o=&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=2/6/2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:49:28 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

GET
DATA 200
OK truncated
/ 985 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6efe7e4964448fbdd5349e5116703648d6692fc191736eb19b62515e21a7a3d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 20:49:28 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8430 13 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aofsoru.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 18856
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 15:35:12 GMT
expires: Wed, 05 Feb 2025 15:35:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9843 829 B
1 KB 78ms
30ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d4821000dd9762379cdda13cbd4eceb4005d50075b1a6de2b0eb4801c51afdd4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zAvtJsJxH4_Rhj4F-wnsVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://aofsoru.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-zAvtJsJxH4_Rhj4F-wnsVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 20:49:28 GMT
expires: Tue, 06 Feb 2024 20:49:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 8430 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 15:35:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 15:35:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9843 0
0 51ms
51ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402010101&jk=3272880346920995&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8430 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FTbOSQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 63a21065e4b0b002bf0b9b6d
ng2.virgul.com/tck/imp/ 0
210 B 53ms
53ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/63a21065e4b0b002bf0b9b6d?g=1&t=gb&r=154960@site_geneli@aofsoru:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1&info=&mt=1707252566877&userId=vnet0da75db3-8f58-490c-91f0-496c182dd1c2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: https://aofsoru.com
date: Tue, 06 Feb 2024 20:49:28 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FFA5 42 B
64 B 56ms
55ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHN07XGDA-BsMCJA_JGpEvl12mz7Yyq03rWh41ccxbjMvmq25TDJOM-R9sDFfdNfbGexr670bCG4ExtSP1JGeUtSBiEnnj49Q7qsVf62TWpkB7cLUe31hOlkz3twONKKt_FLLo31_alsdPI_-VA7fN&sai=AMfl-YQP50QHV8L_ApiuBcsi_C1qTE30jujtuEb80w81CqvbabZwXce8V53gC2KkjgA52XcnQEVf_iHsWH_m07eg6ylJTn-aFCemXJrdx-Itt9dNYhgIK5PzlEM_ZaI8NeB96NJk2Tg9tJMlsJOBMi_3sQ&sig=Cg0ArKJSzNOiBDd6njZREAE&cid=CAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ&id=lidar2&mcvt=1000&p=76,315,166,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240201&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1567319161&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=318536700&rst=1707252567267&rpt=648&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 98E9 42 B
64 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmW_aNVcMCTgdMt_BPSIoHQpYw7RAXZWhPDab3h-KPKhyLnz7RMnfV9mo7ULZqgjMd8TAkooc06aLKImmVCrzoY1lPcs207Q-J5_5YRPJtX2EgzwfYM3x8fE8LNn9fBiwBtY9EYsNhFGWg76eP2WTb&sai=AMfl-YTnvJaAdk1vjAZkFk5tXLiyD4p-zJkV7iI_--siN_pFJX9BJOF9Aqpr6qZ4vYA1hX_4f2QJ3DOP_KpZEwTsTdCY2ToDUYKROWsSD3mxG9aZ8GV00l6htOn61xg-juHfC04iWTgqSfi8fn3n_Xqzfw&sig=Cg0ArKJSzETBBOneuGJyEAE&cid=CAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ&id=lidar2&mcvt=1000&p=753,967,1033,1303&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240201&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4080222532&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=318536700&rst=1707252567282&rpt=686&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6694 42 B
64 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZABwc5aU2zPgKTrZ1DfDC8q5Qt4scGMI6UjjXjVKjK8MQs0nclUwK7rZmS3EtKMTPwK9f80qSNrXkdqUkjukD4CF_AeJYKpVCRXrVTLW8DF8KZwE7ooa2ltZekgmTk3ke_PoiUcMIqwwyV1_TNYvm&sai=AMfl-YTFbKOHnkGOXOy-QH23F6rCTVyV8nZwAwPyLrsZ75eMnb9QXTeLZeRs-GOv89NbOzWXZe-2ecXrWowxW_ca4D1ePNjQO8-v0CgJIPyXqU9WWqvG5xGzufzKAIsdk1dqvZglENlLFuZqqvZQrDpBrw&sig=Cg0ArKJSzKk7a8rDLPMpEAE&cid=CAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ&id=lidar2&mcvt=1001&p=77,0,677,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240201&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1809453319&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=318536700&rst=1707252567277&rpt=661&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 08CE 42 B
64 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsseljLPQMBOcjH5q9rM_TazqelEiru9OrqX5Bx5XuZvtbt46748lAKpvk3_YRb3RT05YVzcixLZC3HG1GMv_Ek6kyXvHNyHuvbCXkvcKpauqRkUR-DBprWCcwitGWKqxBxYAmLXagsXPRmYRSU77-R4&sai=AMfl-YSjrt-nG3O-lVTADxoQdCFCJPhVqaaTzsqzJUZdoXK8xqj2egSW1x8DjPY1fMKqVJv4h9PTvc6_XSVRkmffDwJD4DZxD0C0aMte3Gh3sb_AU0dDZieVYdSuQklfE5zC2A2O6Dg-h8ypNDlwkAUVCw&sig=Cg0ArKJSzK4me4HwCQW-EAE&cid=CAQSTwAvHhf_uIWyDpxXQnHwbaVkk37DRUDaKvMX9D1XUbPg10dn9j4CpgYOAc-MhsWVw0a0gMfWy91v1fkMJP6H6zJXOfKGI2qWDALuFam95F8YAQ&id=lidar2&mcvt=1002&p=1110,315,1200,1285&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240201&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3161062677&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=318536700&rst=1707252567286&rpt=669&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame DB68 124 B
125 B 34ms
34ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21728129623%2C115608474%2Fweb_aofsoru_preroll_FP3&description_url=http%3A%2F%2Faofsoru.com%2F&env=vp&correlator=1559537105460810&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x360&unviewed_position_start=1&ppid=vnet0da75db38f58490c91f0496c182dd1c2&cust_params=site%3Daofsoru%26env%3Dweb%26mt%3D1707252566877%26r%3D154956%40site_geneli%40aofsoru%3Asite_geneli%26info%3D%26policy%3D0%26iabcat%3DIAB5-2%26targetCtr%3D0%26viewable%3D2%26site%3Daofsoru%26plm%3Dnull%26pid%3Dvnet0da75db3-8f58-490c-91f0-496c182dd1c2%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&sdkv=h.3.617.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=1478079889&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.617.1&sid=C5823EEA-7044-4BDB-8C0E-C9AE4EB78157&nel=0&eid=44752657%2C44772139%2C44777649%2C44781409%2C95321947%2C95322027&url=https%3A%2F%2Faofsoru.com%2F&dlt=1707252566366&idt=1760&dt=1707252569046&scor=3604377278356699&ged=ve4_td3_tt1_pd3_la3000_er228.978.381.1278_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.617.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900030.redintelligence.net/ Frame E4EA 0
150 B 73ms
26ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/viewability?s=88334800254848204444476012592030&a=750c8577&vb=v
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=88334800254848204444476012592030&a=e56ef966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Kronberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900030.redintelligence.net/request_content.php?s=88334800254848204444476012592030&a=e56ef966
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:49:29 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H2 204 csi
csi.gstatic.com/ Frame DB68 0
225 B 170ms
56ms Ping
image/gif 2a00:1450:401b:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lsau3kfm&c=575573104809&slotId=287786552404.5&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.617.1_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:401b:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 count
logger.virgul.com/ 0
116 B 52ms
52ms Ping
image/jpeg 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=adError&g=m&r=npm_aofsoru:preroll:303:&o=&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=2/6/2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:49:29 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

POST
H2 200 count
logger.virgul.com/ 0
116 B 52ms
52ms Ping
image/jpeg 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=adRequest&g=m&r=npm_aofsoru:preroll&o=&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=2/6/2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:49:29 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

GET
H/1.1 200
OK viewability Show response
hal900018.redintelligence.net/ Frame D767 0
150 B 76ms
26ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/viewability?s=61877200214916704444474012592018&a=8f5f30c3&vb=v
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=61877200214916704444474012592018&a=e6089b56
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900018.redintelligence.net/request_content.php?s=61877200214916704444474012592018&a=e6089b56
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:49:29 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
hal900027.redintelligence.net/ Frame CBDA 0
150 B 76ms
27ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/viewability?s=29571500210757904444476012592027&a=13a398ab&vb=v
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=29571500210757904444476012592027&a=93dcd315
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900027.redintelligence.net/request_content.php?s=29571500210757904444476012592027&a=93dcd315
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:49:29 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98E9 0
20 B 52ms
52ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3485946509512&version=m202401290101&ct=77&x=1&cor=13053782085508520000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame DB68 0
54 B 53ms
53ms Ping
image/gif 2a00:1450:401b:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lsau3l6m&c=575573104809&slotId=287786552404.5&ghmsh_eids=44752657%2C44772139%2C44777649%2C44781409%2C95321947%2C95322027
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.617.1_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:401b:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 08CE 0
20 B 51ms
51ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4005973572685&version=m202401290101&ct=77&x=1&cor=10444119199341324000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6694 0
20 B 52ms
51ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3592311015952&version=m202401290101&ct=77&x=1&cor=3671082636327318500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFA5 0
20 B 52ms
52ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4015843647882&version=m202401290101&ct=77&x=1&cor=6982843904530145000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90007.redintelligence.net/ Frame 9560 0
150 B 72ms
25ms Script
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/viewability?s=70831800236824404444460012592007&a=26aee82f&vb=v
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=70831800236824404444460012592007&a=3f53e4b4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal90007.redintelligence.net/request_content.php?s=70831800236824404444460012592007&a=3f53e4b4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:49:29 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
53ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402010101&jk=3272880346920995&bg=!CQqlCkXNAAa8BdJLnAU7ADQBe5WfOK-fRxKHy5KNkR-rB6ssi5x5nDg0K2moXMWEFX-SIOrQGtbWutneVBDYJIkzu8SmAgAAAD5SAAAAAWgBB5kCxy8_hGpIplTcqR16AVRAyDKGdspPFN5AfI6CSY5bSWGHqWBHH6nj1DBJDlyD4X-cdXl1QSJrQgxW7Qa12Is9aDqCLGjYeaDIqijOsL9CbNevJj02ekXVFlZWnKMaLZD21q7HbIuiGY8IBOPxICkz7M9PPY-cqbAcqwYT232Bd7PHigxuzzZpDcSCc8m8cCKTL-AxBqW7HJzAr89ddOm0RUi5_sAotuxXEr3Ijisc7cNQw39wh5o2eBvvwZ5NzK8kn5KBG17DJjjVBiehSskXtrPX73vRxDQ2A1f7JfhMx23FoNZ9G61wCEeROnQ41qqlqrGgVbcpLu475cIiPqmZSexKkDYHXs5dKo1xyfquwe4OuZusAh96rq8XcWfc7Lfvc__HyyinZZGm2VxvK1wwBDDhhe9ioKNnqA9NT3MuryFUt_zXjQP3nk1QRQeEQwR6Lxsi52BsuyryvkKN_CvwdWPkmWQUfzzKcahz5JqH0SGtoYzCBW8ku6E9xMBxYPv4BLDDL1nHxAtgR1ouk3PeS3cnFZTpCN2OHvaJeJ4UXMgiMdj0w2PIn8-ZK6Tx_q6-D-p_EFRoP-j3W43GgswjdZhB3IqJC7FZrmn7TyuEr4jqwBnKhTNOBKp4xNS2nm5r_iaj3llR_Dk6Q8B9IOvex3ZU7QKYzr8Vqtvko1T8BXl0ULSKd5BG2PHxRD8zXJJvFkxLLx-HcKaJXT9sBDNETjyJ_b0y_j8LJ4BhjUL2CyP1iHR_SqmgSHINET3tBuYCxnBXMksINOVGTPxRedKWEvSHK9TfZ1swpQtV_VQldgOlTrX58B8uXXMvbK7_V69CbOiOeu-Aelc845L2G8vqggcVblvix3MrqSSx4ORgaiKTGrdpa6br3IKM57dWgvNzUTIyQYj2kREe6hJ2KREmdzhbz_kJMGnP9z6TtWNkSe7UJ6X4hAoM4w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame DB68 124 B
125 B 34ms
34ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21728129623%2C115608474%2Fweb_aofsoru_preroll_FP2&description_url=http%3A%2F%2Faofsoru.com%2F&env=vp&correlator=1559537105460810&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x360&unviewed_position_start=1&ppid=vnet0da75db38f58490c91f0496c182dd1c2&cust_params=site%3Daofsoru%26env%3Dweb%26mt%3D1707252566877%26r%3D154956%40site_geneli%40aofsoru%3Asite_geneli%26info%3D%26policy%3D0%26iabcat%3DIAB5-2%26targetCtr%3D0%26viewable%3D2%26site%3Daofsoru%26plm%3Dnull%26pid%3Dvnet0da75db3-8f58-490c-91f0-496c182dd1c2%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&sdkv=h.3.617.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=1478079889&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.617.1&sid=C5823EEA-7044-4BDB-8C0E-C9AE4EB78157&nel=0&eid=44752657%2C44772139%2C44777649%2C44781409%2C95321947%2C95322027&url=https%3A%2F%2Faofsoru.com%2F&dlt=1707252566366&idt=1760&dt=1707252569591&scor=3604377278356699&ged=ve4_td4_tt2_pd4_la4000_er228.978.381.1278_vi0.0.1200.1600_vp100_ts1_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.617.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 count
logger.virgul.com/ 0
116 B 53ms
53ms Ping
image/jpeg 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=adError&g=m&r=npm_aofsoru:preroll:303:&o=&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=2/6/2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:49:29 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

POST
H2 200 count
logger.virgul.com/ 0
116 B 53ms
53ms Ping
image/jpeg 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=adRequest&g=m&r=npm_aofsoru:preroll&o=&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=2/6/2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:49:29 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

GET
H2 200 63dcbdcce4b0332cc41f66d5
ng.virgul.com/tck/i_vb2/ 0
210 B 56ms
55ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/63dcbdcce4b0332cc41f66d5?l=&r=155365@site_geneli@aofsoru:site_geneli&cs=1707252569996&userId=vnet0da75db3-8f58-490c-91f0-496c182dd1c2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: https://aofsoru.com
date: Tue, 06 Feb 2024 20:49:30 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame DB68 124 B
125 B 35ms
34ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21728129623%2C115608474%2Fweb_aofsoru_preroll_FP1&description_url=http%3A%2F%2Faofsoru.com%2F&env=vp&correlator=1559537105460810&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x360&unviewed_position_start=1&ppid=vnet0da75db38f58490c91f0496c182dd1c2&cust_params=site%3Daofsoru%26env%3Dweb%26mt%3D1707252566877%26r%3D154956%40site_geneli%40aofsoru%3Asite_geneli%26info%3D%26policy%3D0%26iabcat%3DIAB5-2%26targetCtr%3D0%26viewable%3D2%26site%3Daofsoru%26plm%3Dnull%26pid%3Dvnet0da75db3-8f58-490c-91f0-496c182dd1c2%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&sdkv=h.3.617.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=1478079889&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.617.1&sid=C5823EEA-7044-4BDB-8C0E-C9AE4EB78157&nel=0&eid=44752657%2C44772139%2C44777649%2C44781409%2C95321947%2C95322027&url=https%3A%2F%2Faofsoru.com%2F&dlt=1707252566366&idt=1760&dt=1707252570131&scor=3604377278356699&ged=ve4_td4_tt2_pd4_la4000_er228.978.381.1278_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.617.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 count
logger.virgul.com/ 0
116 B 57ms
57ms Ping
image/jpeg 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=adError&g=m&r=npm_aofsoru:preroll:303:&o=&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=2/6/2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:49:30 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

POST
H2 200 count
logger.virgul.com/ 0
116 B 58ms
58ms Ping
image/jpeg 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=adRequest&g=m&r=npm_aofsoru:preroll&o=&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=2/6/2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:49:30 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame DB68 124 B
125 B 36ms
36ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21728129623%2C115608474%2Fweb_aofsoru_preroll&description_url=http%3A%2F%2Faofsoru.com%2F&env=vp&correlator=1559537105460810&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x360&unviewed_position_start=1&ppid=vnet0da75db38f58490c91f0496c182dd1c2&cust_params=site%3Daofsoru%26env%3Dweb%26mt%3D1707252566877%26r%3D154956%40site_geneli%40aofsoru%3Asite_geneli%26info%3D%26policy%3D0%26iabcat%3DIAB5-2%26targetCtr%3D0%26viewable%3D2%26site%3Daofsoru%26plm%3Dnull%26pid%3Dvnet0da75db3-8f58-490c-91f0-496c182dd1c2%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&sdkv=h.3.617.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=1478079889&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.617.1&sid=C5823EEA-7044-4BDB-8C0E-C9AE4EB78157&nel=0&eid=44752657%2C44772139%2C44777649%2C44781409%2C95321947%2C95322027&url=https%3A%2F%2Faofsoru.com%2F&dlt=1707252566366&idt=1760&dt=1707252570672&scor=3604377278356699&ged=ve4_td5_tt3_pd5_la5000_er228.978.381.1278_vi0.0.1200.1600_vp100_ts1_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.617.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:49:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 count
logger.virgul.com/ 0
116 B 53ms
52ms Ping
image/jpeg 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.virgul.com/count?m=adError&g=m&r=npm_aofsoru:preroll:303:&o=&iv=&wVID=&info=&os=windows&dt=desktop
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=2/6/2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aofsoru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:49:30 GMT
server: openresty/1.15.8.3
content-length: 0
access-control-allow-methods: GET, POST
content-type: image/jpeg

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 17ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2BVGS4SLY7&gtm=45je41v0v882518051za200&_p=1707252566511&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&tcfd=10001&cid=2111608831.1707252567&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEI&sid=1707252566&sct=1&seg=0&dl=https%3A%2F%2Faofsoru.com%2F&dt=A%C3%B6f%20%C3%87%C4%B1km%C4%B1%C5%9F%20Sorular%2C%20Ders%20Notlar%C4%B1%20ve%20%C3%96zetleri%2C%20Online%20Deneme%20S%C4%B1navlar%C4%B1&_s=2&tfd=6148
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BVGS4SLY7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aofsoru.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:49:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aofsoru.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

375 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
aofsoru.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: gv5vjnuctqxdug2rhlavtqn2
.onesignal.com/	1970-01-20 18:14:14	Name: __cf_bm Value: 32VstdHy.BGPyPQToCW41qWeEceMYRSwCKEH2v26wSo-1707252566-1-Af3fKChARtgp8biTILIlrjUP1j+wtHlbZFmFVtoNS1OS6f/1D54Is5SoLDNyAmk4y5Rue/DW1Gld+S+YzjkR694=
.aofsoru.com/	1970-01-21 03:50:12	Name: _ga Value: GA1.2.2111608831.1707252567
.aofsoru.com/	1970-01-20 18:15:38	Name: _gid Value: GA1.2.863012986.1707252567
.aofsoru.com/	1970-01-20 18:14:12	Name: _gat_gtag_UA_33768699_8 Value: 1
.criteo.com/	1970-01-21 03:35:48	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 03:35:48	Name: uid Value: 0ee4e3f0-171d-4525-b1a0-97310fb0b1db
.aofsoru.com/	1970-01-21 03:35:48	Name: cto_bundle Value: UkWYHl9mMldkS29rank1OUhNV09scHpQN2J3V3M5Uk1WS29zUk51SDE4JTJCJTJGTTkyeEZYZk1QS0oxcHRLOTQzJTJCMjFpM1BveUNRaDFsVUN1b0F6bmhsdTdhazQzdlJoVWZLdk5xRU5WN1pUVU5RJTJCQ3d0V3pNQzJEa3U0SXY3cTdKQ2l1REhEMUNjbFU2ZkxNWnR3cGcwajVkN1VtUSUzRCUzRA
.openx.net/	1970-01-21 02:59:48	Name: i Value: 454087e8-3a71-4022-9069-bcf2a5de1038\|1707252566
aofsoru.com/	1969-12-31 23:59:59	Name: pId Value: vnet0da75db3-8f58-490c-91f0-496c182dd1c2
aofsoru.com/	1969-12-31 23:59:59	Name: TAPAD Value: %7B%22id%22%3A%22b4ec653d-6439-4720-8dcc-725562e4e578%22%7D
.aofsoru.com/	1970-01-21 03:35:48	Name: __gads Value: ID=830b8f8f815cb860:T=1707252566:RT=1707252566:S=ALNI_MazodjzM1PFMoq2JZuyfhFqlniSUA
.aofsoru.com/	1970-01-21 03:35:48	Name: __gpi Value: UID=00000d5240774f2e:T=1707252566:RT=1707252566:S=ALNI_MYH9mG_b24-KiMWgvo67mnDDUN29A
.aofsoru.com/	1970-01-20 22:33:24	Name: __eoi Value: ID=dc0175ca867de6a5:T=1707252566:RT=1707252566:S=AA-AfjZbCS0xoZfi3V4kQS6JF9hx
.aofsoru.com/	1970-01-21 03:50:12	Name: _ga_2BVGS4SLY7 Value: GS1.1.1707252566.1.0.1707252567.0.0.0
.doubleclick.net/	1970-01-21 03:35:48	Name: IDE Value: AHWqTUk6qgj45Fj47aq9EONSMOgpfHtHq5zRqmLtHiexEP6MtUAZNGzWcr66Ggd-
.adnxs.com/	1970-01-21 03:50:12	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-20 20:23:48	Name: CMPS Value: 5134
.doubleclick.net/	1970-01-20 22:33:24	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:23:48	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVUrCF`u!]tbPl1M>e)ZlrFUfJ+tGXxp6aX+E!^]de.CzbDoUzX)'OPO!CX^Y8?C3l/lbpRzqF1`b`!3/$]k
.doubleclick.net/	1970-01-20 22:33:24	Name: APC Value: AfxxVi6arK-w406tRwbBtCv0A2Sw2BQu88PG5SbEPW9efHXgK6jgnQ
.casalemedia.com/	1970-01-21 02:59:48	Name: CMID Value: ZcKbVyGXdgGytsoE77dqEwAA
.casalemedia.com/	1970-01-20 20:23:48	Name: CMPRO Value: 5134
.adnxs.com/	1970-01-20 20:23:48	Name: XANDR_PANID Value: 3K6HIV5nYWtos0YDqEd9c8wAf5MzL90kqq3g6grMDfznIc1ZbstCtujYXTlIOVU3zHvKlKoPnipwmHAv-OZobRVtnMNZdZEx3PeMO5umm1Q.
.adnxs.com/	1970-01-20 20:23:48	Name: uuid2 Value: 4793624923403929640
.doubleclick.net/	1970-01-20 18:57:24	Name: ar_debug Value: 1
.redintelligence.net/	1970-01-20 20:23:48	Name: 8lcfmzhxc8d6_uid Value: 93fbcb6da34e07a4
aofsoru.com/	1969-12-31 23:59:59	Name: watchID Value: 3e9e061b-5a8c-4bb2-8f1d-fcd09d33c883
aofsoru.com/	1970-01-20 18:57:24	Name: userID Value: f35e02ff-6a5d-43e9-9a5f-280708233058
aofsoru.com/	1969-12-31 23:59:59	Name: nonpa Value: 1

193 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 510) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aofsoru.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
ajax.googleapis.com
aofsoru.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
c1.imgiz.com
cdn-ima.33across.com
cdn.aofsoru.com
cdn.contentspread.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.onesignal.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
csi.gstatic.com
daa1ad00b3067baadfa19cef07aa7c57.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
feed.pghub.io
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900018.redintelligence.net
hal900027.redintelligence.net
hal900030.redintelligence.net
hal90007.redintelligence.net
ib.adnxs.com
id5-sync.com
imasdk.googleapis.com
invstatic101.creativecdn.com
istr-n14.nktcdn.com
lb.eu-1-id5-sync.com
lh3.googleusercontent.com
logger.virgul.com
mug.criteo.com
ng.virgul.com
ng2.virgul.com
oa.openxcdn.net
oajs.openx.net
onesignal.com
pagead2.googlesyndication.com
pghub.io
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.criteo.net
static.virgul.com
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
108.138.6.136
136.243.149.243
138.201.63.157
142.250.185.134
142.250.185.162
142.250.186.70
144.76.91.199
162.19.138.118
172.64.151.101
172.64.152.89
185.7.176.214
185.7.176.221
185.7.176.222
2001:4860:4802:34::36
2606:4700:10::6816:3456
2606:4700::6810:5514
2606:4700::6811:190e
2606:4700::6812:d73b
2a00:1450:4001:800::200a
2a00:1450:4001:806::200e
2a00:1450:4001:808::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2006
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2001
2a00:1450:4001:811::2008
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a00:1450:401b:806::2003
2a02:2638:3::3
2a02:2638:3::c
2a06:98c1:3120::3
2a06:98c1:3121::3
34.102.146.192
34.102.243.38
34.120.107.143
34.96.70.87
35.241.45.217
35.244.159.8
37.252.171.149
51.75.147.170
52.49.227.53
65.9.66.68
78.46.111.106
88.99.219.174
99.86.4.71
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0875d6b24db9bcb78a66db78fca1d987caa7275bfaa3bcfc87e20a8f5ba6f052
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0a946d52ac8890900833e2996c926ddabba3d9aa7dd4d9d7a1b4e5cd1db8dd34
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b3152aea725f1731980178061087d73e0863494b74bd04b790bb6432cedd7f3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
12c50cb02f944218f145a1842ed2962dc2a189d925acc23cb3de8966bd27260f
144105f107de72c981384eba7299b602c84d058cb8fd8fde7a3decd90194cb39
15489bb6f46021bebd0fedd4fef40981361ec05da79884da97f998dfe3c4690a
184a9f7058855625085d6487933125ce1dcc1c73202ab0f24b19dfd3f2b46987
1d25b0cefe19cbd5e63464228a187e334112cafd107904271f9ab5fffc52a455
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
21cced5c2e795a2d0dcf7ca34603b2d38bd07e17f8b6b1cf0e91db58bed46808
22ead19470d5ff79454a52a4bc03c3d6f331ccd1f9b4e4b5762cf97a1aa3551a
25be91b1d8af9a83cdf5946c0a6f9e596e950b24b2de768b36bd34fef502e993
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
2988755d1213f24c098a76431424715b078466e204da327af978360b0a588258
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2c5111dc3f9609eda9bab8a21beb969e331bf9434e885cdb4096f14cf356343a
2e2615993bcdb5994ffe8f88eb96234bceca452412980c66e0174738734b4d7a
3075a75fefa88b4268e5ef16ae51b4c0e979ffd4de9912cb70e12a026ff452b9
3085239b0ac1198bb491fd88eea460c2bdc4e6bd4fcbcaed23649eefe455b2f2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
376ddde4c8168cd65ea992441bc4a2c7a47e6ec640d58f8a8e43f5228cd6b88a
38453bff795a12c184a0475a9442ce348cea9fcb8b70a8dbb4cce0f7f1c5820f
390dcbb9c68e035a3380e5c4e42af0b5db542486266a613c04adcf6720f6e2cd
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e721ac37527410b7a62ea59a60755a072953aab190671c00181e791b2d120dc
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4463fcebe495ad08ea6a190410ecdf1593f66485ecd8bcc52c770f7c2b333334
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
479632c785088ec2b84dc4cd42e3ad48b1f11aa25d1034735c666be9826c0a61
4a8b538356ab003b92c7267fa460b1af544e04bc9c6ad1bce151d78fc03c112d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94
5c679ed395e3c4909d63aac8311eb4f012658c30c5f030e0a3ba406fb0fde5f3
613102d12ace441bb7e42a3b9146733f009d268d0a2217d1319afedcbedaf294
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
643dd75cf9812c16397f2d14bd471c6265b4b2edf68b1a4297ca7daaf0f97dc3
67feddda97c001e4ac9aca7ab16b77d937e22c0b0d7c51836c8a450b2aa40bd7
6823cdc5c5bc297bd4ac06187687fecb2a5c110658ebd5efba820132571fe6a2
68815e077fe877e89ee34f4227fa2f3f2e6b711dd909346e021522194d9f3780
69750a9ca850fa80bb4e3e229b2f391bc470d7a13b7e0a9581d1323a17e85233
6abf78b059960766b33e78536d49926141b8ca02ee6644d85b8e203392ac28a0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bdf80942a2e51657caf0b0b479a6dfe055b566497cc9a6209ab1895d01115c2
6efe7e4964448fbdd5349e5116703648d6692fc191736eb19b62515e21a7a3d2
70053887f7685690b356315b19b556b6a3f5f8a08bcb7e5ec8abb20117836bbf
768883b6985b12ab49b540fdf96144e4e51236fa516332db8c60d8947f30a9c5
7759dc36149866fca6e91d13efbb092de004cd3fe1b8c2a719dcdb5e1c1d99b9
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c0da909438cc10026ad4e61a73d30be3a6cdba12d41f9dc1baa20ca65a2abec
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
7fa98ee146677acb0f4c72e1bc219c8b3fe050038bb5be4556b7084d24cb90b0
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
844b87b27dc65dd4bfd6b4a840673478ecdb0512337f6b30f7af691c339908af
84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b
865995bf9dadb3924a5d627961253f559d0eddfa7f7b85e8ba2f951fa4ca29f2
867f683e26903b242dee20b61aa0ffba68101a72a70d279d8a5c6e77e9f48a2b
86a3115c4b1dcf8824e068ee336cbc6f384740409ea30812393c31f105db2da0
8704ef5a78d8fd5f29ac411db5eb9c6c138bd8904601782498942acfcf39fa4a
87fe07f94358e38420b9387b4f0e40338a5bf9a0dabb80679db8a1bd3119e8e7
88062de3c8a5648159d1b91e4c1b8caba24abccf90e282ba59bd47630e64303f
885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68
885cf483f0e9af5e424927f9e3b272b9281345f455a4ecc7a54406491b69bfa1
8ce65dfdc3af57cb32deb605c2df091811dd449bb4ea3e82325ed3f70592a403
928a9c9642d5cb3bcfc458aa85b5bb31f26478245dd8ab187e624c1c21a9919a
943006c80c2678ae10541a70afa2d6313546bfa93844f51e3a6d5b19ae0fa7fa
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9f71c68db8f50cecab42686d45c685b9fa2710dac74bd8eb50df4689575fc204
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a222974d55a9a08c1b78db96ef4fba9e574fb525b6beea9917fb423135bc3099
a4d7a2e2fc037b12b940fdb02e35665c086f67a9d89862bc13090506ea1ec42a
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
b00ed7ac792010cdeddcb5d6c719ff7e719e5046dedac2053b3caf64fceb579a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04e9b8a3d9276fb2aabb2d883426e66070ed4a95f7bca76cd93d9e4fbc7ce79
b0fc70528855301480c166a01950e48c670d98d8b80a6b4ce62d08a966fb60e1
b1151a18abb2b9b51dc38ae3e4e010bdd9911ee8c1d0d3798831dcf6ceedf6cb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1757f9bb61c74a631ac6217bf8c3390b3b7d47f27a1c2554620af3a692755e4
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b63e543d612152f5b04c6e77f5f8797cb13416c9c2e4440705565bb60d9d8373
b86b15eec88dbd693de59ed8925454bbe0b9fb86182b2090ba27c7e27a5bf196
bebf3c2726ad0c143f89a97096d550ceaa5c551d629f7582eb7c34995541f8b6
bf1c7d4c32aa2782a67d98cd449bb2ca1276c4df627aaf8ceed4f92d707de88c
c3d790c927bcf40994046a33e13311619ede6222e2ef2b0a5581459337c6cc9d
c5ad3f727ef5f17ff632a0cf27ad59f11458e1b4033322e5d2b4b2c3abe09ca5
ca5f111d27fc6d71bc7bcb10a3333f7ab9cbedc0228a4e80c516918ce4a855cf
ca66078f2357a9b8cff2f1521e263e739b393125f4599802842ef8697899824e
cae491d276a1e1073506734a40d02cafa4c562d315cc8585d84ac8effbda9755
ce3e94594d80ef715956d31301894b296be36f57eae85312cbac2ee8327bb2d8
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d13bff6817f76571eb3cd9be78066ff34779e9bed1e820e6ec94eae923dc06a4
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d2fdbbcb9c517aa30b467230f0da54faa28f08eff7e62abfa07217897ec85399
d4821000dd9762379cdda13cbd4eceb4005d50075b1a6de2b0eb4801c51afdd4
d82b7c79f2fe4f65ee60412e5807a49addda014c1c71f96b2fd2212388114146
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
dec4de0c10e348d61796ded3ddfca707ee61ab5e82e100e9ff6e747fd79abbf9
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6092c6b52bea4300388aa3de34654d7f8ae2d1516b433405bd0460bc5c07536
e633a600c650c82ef618f1595455b135f3eb675e291333d43edcedf430887112
e635d0620a95bd1e1341c2ba41c1292e1fb737975553c6fc1c6226362acb48b0
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e967ec90fe90b25bc1d1e082f8b21eda43d2d0a2954e17d0d4fb2da79b57d258
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebcf6399318e6b6951676429bbeeb5130e9edbfb2c3fe352e86d4078ba43a8fc
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02a604f7fc67f1184b20b42926272e87ea47aabd41da9f73ab08d7d7d19b38f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7fb51cd21138592ab834d10406bd4fb5e913ff3b5effafb95cb9fc5e37be52d
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

aofsoru.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

239 Requests

91 %HTTPS

50 %IPv6

31 Domains

58 Subdomains

52 IPs

6 Countries

3374 kBTransfer

9928 kBSize

30 Cookies

6 Outgoing links

Page URL History

Redirected requests

239 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

aofsoru.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

239
Requests

91 %
HTTPS

50 %
IPv6

31
Domains

58
Subdomains

52
IPs

6
Countries

3374 kB
Transfer

9928 kB
Size

30
Cookies

239 HTTP transactions
10 data transactions