scriptpastebin.com Open in urlscan Pro
45.143.81.187  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

• https://googleads.g.doubleclick.net/pagead/id HTTP 302
• https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 67

• https://oajs.openx.net/esp?url=https%3A%2F%2Fscriptpastebin.com%2F1900%2F&rid=esp HTTP 302
• https://oajs.openx.net/esp?url=https%3A%2F%2Fscriptpastebin.com%2F1900%2F&rid=esp&cc=1

Request Chain 69

• https://gum.criteo.com/sid/json?origin=publishertagids&domain=scriptpastebin.com&sn=ChromeSyncframe&so=0&topUrl=scriptpastebin.com&cw=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=9fshfnxRNkFNWlZLN3FXZUtHVUNHUzUrUDdZOVprNmZHbVZ6NmxCYVI1S0t6VFJGaEdBejNBUEZLVXJvSEk3S1pleCtvQUZSRkprTWR6TENFVE00cUxBRThjdm9qNUxSV3pGTURySm9IVHlrN2JCdHRwdkFKNHFMTUdkclVxNGZ2eTl0YzhBZWJoSXhlSm5GVW9zSlNkQzVZK20rMWFFb0wycjQwYWR5MVpqVnd4V2lFNTRiMTdwTjhOZml6LzBUY0pRMHRZTEdiM0ttbXJMZHlGNnBQZitERStSTVRFQ1NoWGlEUkk5Vk1rMWVnM0ptd3MxK0M5VTIvSTZMRzBhRUxLRlU4WWRvd1doMG9nZ1N5dEs0VlkwV1g2QT09fA&cppv=2

Request Chain 110

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENVXa7K4fdUTGgeAmDNR7Sg&google_cver=1

Request Chain 111

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YlXoDgTwcdR.BIPaE7oxngAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAbkGJi8CNswElHcEVfqdQw&google_cver=1&google_hm=2

Request Chain 112

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESENLm-RXy4k5im3FK6n5os_Y&google_cver=1

Request Chain 113

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIwMzkzMjQ4MzM4NzQzNzU0OQ%3D%3D

Request Chain 114

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENVXa7K4fdUTGgeAmDNR7Sg&google_cver=1

Request Chain 115

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YlXoDgTwcdR.BIPaE7oxngAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAbkGJi8CNswElHcEVfqdQw&google_cver=1&google_hm=2

Request Chain 116

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESENLm-RXy4k5im3FK6n5os_Y&google_cver=1

Request Chain 117

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIwMzkzMjQ4MzM4NzQzNzU0OQ%3D%3D

Request Chain 118

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMkF0swNkNweLrmLB3ooFIQ&google_cver=1

Request Chain 119

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YlXoDgTwcdR.BIPaE7oxngAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAbkGJi8CNswElHcEVfqdQw&google_cver=1&google_hm=2

Request Chain 120

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESELWwkql-Ew_0vTcF3zbur7Q&google_cver=1

Request Chain 121

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIwMzkzMjQ4MzM4NzQzNzU0OQ%3D%3D

Request Chain 225

• https://fw.adsafeprotected.com/rfw/st/1005663/62077108/skeleton.js?ias_dspID=3&ias_campId=25770367&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=15622086937&bidurl=https://scriptpastebin.com/1900/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gsOhwep8ExR1uFCGjN7vC6&adsafe_url=https%3A%2F%2Fscriptpastebin.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:8ce3a67a-1304-389f-db8f-070df891bc1c,c:9BG1tr,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-7f56698b44-krmcp,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,nbld:0,mtim:568,fm:t2PiE6c+11%7C12%7C13%7C14%7C15%7C16%7C17*.1005663-62077108%7C171%7C172%7C18%7C191%7C1921%7C1931%7C1a%7C1b%7C1c%7C1d1%7C1d21%7C1d3%7C1e%7C1f%7C1g1,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:582,oid:5d2516e3-baa3-11ec-b4eb-1694ec529ab0,v:19.8.299,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://static.adsafeprotected.com/skeleton.js

Request Chain 277

• https://a.tribalfusion.com/i.match?p=b6&u=CAESEEyHycx3me6UMNuw9q8UPzg&google_cver=1&google_push=AYg5qPKfKnAI4yuEjxA-PSRyCbEsCcm3mQCsxg0DE-5Ak_qJBKdGZMx3xrda8GM0putP5IO1M7Pqkx26YnMclxOUM0_ar9HfKTpf&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKfKnAI4yuEjxA-PSRyCbEsCcm3mQCsxg0DE-5Ak_qJBKdGZMx3xrda8GM0putP5IO1M7Pqkx26YnMclxOUM0_ar9HfKTpf%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEyHycx3me6UMNuw9q8UPzg&google_cver=1&google_push=AYg5qPKfKnAI4yuEjxA-PSRyCbEsCcm3mQCsxg0DE-5Ak_qJBKdGZMx3xrda8GM0putP5IO1M7Pqkx26YnMclxOUM0_ar9HfKTpf&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKfKnAI4yuEjxA-PSRyCbEsCcm3mQCsxg0DE-5Ak_qJBKdGZMx3xrda8GM0putP5IO1M7Pqkx26YnMclxOUM0_ar9HfKTpf%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 279

• https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGTH7VE_w2bvn37F-hZ5YWI&google_cver=1&google_push=AYg5qPIWhvtmKyFDOY4NX4j4AOYDYZrkHprgxHaHnN5OEVThwoyi1FBpzDDjNkXHeR9I3v41vlEZpZ4DW1e-GjbXTcOQ-7uPtJgh HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIWhvtmKyFDOY4NX4j4AOYDYZrkHprgxHaHnN5OEVThwoyi1FBpzDDjNkXHeR9I3v41vlEZpZ4DW1e-GjbXTcOQ-7uPtJgh&google_hm=ODcyMzQ5MzcwMjgyNzk0MjMyMQ%3D%3D

Request Chain 280

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMHslJR8VClCbKOiezkKmMo&google_cver=1&google_push=AYg5qPK8rg1FbvUBJvUo2zbpy5qQUnb7BmO-1PtE54gOuB9Gq8vddCX9GLo8DSxrqW5JB3q3TFOS0WI5AvP_GKz-weJcI4_T7PF8 HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMHslJR8VClCbKOiezkKmMo&google_cver=1&google_push=AYg5qPK8rg1FbvUBJvUo2zbpy5qQUnb7BmO-1PtE54gOuB9Gq8vddCX9GLo8DSxrqW5JB3q3TFOS0WI5AvP_GKz-weJcI4_T7PF8 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc1NTIyMzU3MDc5MjA0MDIxNQ&google_push=AYg5qPK8rg1FbvUBJvUo2zbpy5qQUnb7BmO-1PtE54gOuB9Gq8vddCX9GLo8DSxrqW5JB3q3TFOS0WI5AvP_GKz-weJcI4_T7PF8

Request Chain 281

• https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEBOiUTW8tz_Sam4UUWOUx68&google_cver=1&google_push=AYg5qPL5VbbLgtUSL4qLrqNPFjaIGcv1fIHsCDierOsTWIghPV9Wpk1U_atrb_YO2KFq2aP1he01iVBbLzuGWQFn0yAB_gJe0Ys HTTP 302
• https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEBOiUTW8tz_Sam4UUWOUx68&google_push=AYg5qPL5VbbLgtUSL4qLrqNPFjaIGcv1fIHsCDierOsTWIghPV9Wpk1U_atrb_YO2KFq2aP1he01iVBbLzuGWQFn0yAB_gJe0Ys&s=2 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPL5VbbLgtUSL4qLrqNPFjaIGcv1fIHsCDierOsTWIghPV9Wpk1U_atrb_YO2KFq2aP1he01iVBbLzuGWQFn0yAB_gJe0Ys&google_hm=b0xBTjVEYnZIUEpDTWtaUkNwb0c=

Request Chain 283

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

282 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response scriptpastebin.com/1900/	46 KB 9 KB	1788ms 329ms	Document text/html	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash d4ca8762e249425ddbd4336115bdc2120e94f38b879278f30218fe23090dd9ff Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" cache-control max-age=0, no-cache, no-store, must-revalidate content-encoding br content-length 9232 content-type text/html date Tue, 12 Apr 2022 20:58:51 GMT expires Mon, 29 Oct 1923 20:30:00 GMT last-modified Tue, 12 Apr 2022 14:07:45 GMT pragma no-cache server LiteSpeed strict-transport-security max-age=31536000 vary Accept-Encoding,User-Agent x-content-type-options nosniff x-powered-by Niagahoster x-xss-protection 1; mode=block;
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	83 KB 28 KB	117ms 36ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software sffe / Resource Hash fcda5207edf04e751c21a98ee44b31dd17ab67f38d34497b27d072233ec2f822 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28314 x-xss-protection 0 server sffe etag "1186 / 975 of 1000 / last-modified: 1649774533" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Tue, 12 Apr 2022 20:58:52 GMT
GET H2	200	site.js Show response protagcdn.com/s/scriptpastebin.com/	358 KB 104 KB	150ms 92ms	Script application/javascript	2606:4700:20::681a:68e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://protagcdn.com/s/scriptpastebin.com/site.js Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:68e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe576e2ad7441a2dbc2491ba270a187e108efea7cbd66f6b85893a847ee45721 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 894 cf-polished origSize=367772 cf-bgj minify alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma no-cache last-modified Mon, 11 Apr 2022 13:10:24 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UabxvKpb7BY3%2BsOqYZmekGGH%2FkXjzzE%2BcczaOudzIQj2ielt9SBaagZpXfvvzjbDJI55DNO7E%2Bj1IMTajc%2Bxki56cNvFOXDPwRLGGwUMBmoFdHF80b1t18NCwjQzxhNnBJsd%2FFA2JvV8xrY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=1800 cf-ray 6faee1ebde299a39-FRA expires Tue, 12 Apr 2022 21:28:52 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	155 KB 53 KB	105ms 44ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8684986675842996 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c63b2c5736b81e437d37d8b20807b652d960be450efffd6397be8af00193876e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://scriptpastebin.com/ Origin https://scriptpastebin.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 54028 x-xss-protection 0 server cafe etag 2652591770494462405 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Tue, 12 Apr 2022 20:58:52 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	97 KB 38 KB	85ms 35ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-223821340-1 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4bd65c5fd5a85e1d99df158edebcb0a40c135ce7d8289e67036449db8df223d6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38475 x-xss-protection 0 last-modified Tue, 12 Apr 2022 18:48:32 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 12 Apr 2022 20:58:52 GMT
GET H2	200	style.min.css scriptpastebin.com/wp-includes/css/dist/block-library/	81 KB 10 KB	330ms 329ms	Stylesheet text/css	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://scriptpastebin.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 06 Apr 2022 01:47:58 GMT server LiteSpeed x-powered-by Niagahoster vary Accept-Encoding,User-Agent content-type text/css cache-control public, max-age=10368000 strict-transport-security max-age=31536000 accept-ranges bytes content-length 10549 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H2	200	styles-blocks.css scriptpastebin.com/wp-content/plugins/prismatic/css/	526 B 313 B	330ms 329ms	Stylesheet text/css	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://scriptpastebin.com/wp-content/plugins/prismatic/css/styles-blocks.css?ver=5.9.3 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash dc8e317c924d49916e599d91520cb5f64eb9b1ff74120e5d058ca526d0ec6266 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 16 Mar 2022 14:52:42 GMT server LiteSpeed x-powered-by Niagahoster vary Accept-Encoding,User-Agent content-type text/css cache-control public, max-age=10368000 strict-transport-security max-age=31536000 accept-ranges bytes content-length 253 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H2	200	blocks.style.build.css scriptpastebin.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/	184 B 252 B	331ms 329ms	Stylesheet text/css	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://scriptpastebin.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css?ver=2.0.46 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash 36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT x-content-type-options nosniff last-modified Sun, 03 Apr 2022 04:35:42 GMT server LiteSpeed x-powered-by Niagahoster strict-transport-security max-age=31536000 content-type text/css cache-control public, max-age=10368000 accept-ranges bytes vary User-Agent content-length 184 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H2	200	copy-the-code.css scriptpastebin.com/wp-content/plugins/copy-the-code/assets/css/	2 KB 499 B	331ms 329ms	Stylesheet text/css	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://scriptpastebin.com/wp-content/plugins/copy-the-code/assets/css/copy-the-code.css?ver=2.2.2 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash 5b1f1a3655e50c034c00d4e9475ec01f3b405c436520a63ec32483613907d052 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 16 Mar 2022 10:17:01 GMT server LiteSpeed x-powered-by Niagahoster vary Accept-Encoding,User-Agent content-type text/css cache-control public, max-age=10368000 strict-transport-security max-age=31536000 accept-ranges bytes content-length 439 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H2	200	gruvbox-dark.css scriptpastebin.com/wp-content/plugins/prismatic/lib/highlight/css/	1 KB 656 B	331ms 330ms	Stylesheet text/css	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://scriptpastebin.com/wp-content/plugins/prismatic/lib/highlight/css/gruvbox-dark.css?ver=3.0 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash 007f6c95f9a9e9148e589b9f654bde9413703bcc7bd1ddd6a02855ee1e082dbb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 16 Mar 2022 14:52:42 GMT server LiteSpeed x-powered-by Niagahoster vary Accept-Encoding,User-Agent content-type text/css cache-control public, max-age=10368000 strict-transport-security max-age=31536000 accept-ranges bytes content-length 619 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H2	200	widget-options.css scriptpastebin.com/wp-content/plugins/widget-options/assets/css/	1 KB 278 B	332ms 330ms	Stylesheet text/css	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://scriptpastebin.com/wp-content/plugins/widget-options/assets/css/widget-options.css Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash d4f24797ac4621646a35e5e688a697b8595cdcb186317372d3bc70c490bd6c73 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT content-encoding br x-content-type-options nosniff last-modified Thu, 24 Mar 2022 11:35:52 GMT server LiteSpeed x-powered-by Niagahoster vary Accept-Encoding,User-Agent content-type text/css cache-control public, max-age=10368000 strict-transport-security max-age=31536000 accept-ranges bytes content-length 219 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H2	200	wpp.css scriptpastebin.com/wp-content/plugins/wordpress-popular-posts/assets/css/	2 KB 576 B	332ms 330ms	Stylesheet text/css	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://scriptpastebin.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=5.5.1 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash 291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT content-encoding br x-content-type-options nosniff last-modified Sun, 27 Mar 2022 07:35:17 GMT server LiteSpeed x-powered-by Niagahoster vary Accept-Encoding,User-Agent content-type text/css cache-control public, max-age=10368000 strict-transport-security max-age=31536000 accept-ranges bytes content-length 516 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H2	200	iconfont-min.css scriptpastebin.com/wp-content/themes/page-builder-framework/css/min/	2 KB 619 B	332ms 331ms	Stylesheet text/css	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://scriptpastebin.com/wp-content/themes/page-builder-framework/css/min/iconfont-min.css?ver=2.9 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash 37b2094a3c34a2575e23cffad130fb2e3e535284c3fedf4ce0ffdfd30a9aa49a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 18 Mar 2022 14:54:40 GMT server LiteSpeed x-powered-by Niagahoster vary Accept-Encoding,User-Agent content-type text/css cache-control public, max-age=10368000 strict-transport-security max-age=31536000 accept-ranges bytes content-length 559 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H2	200	style.css scriptpastebin.com/wp-content/themes/page-builder-framework/	35 KB 7 KB	657ms 656ms	Stylesheet text/css	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://scriptpastebin.com/wp-content/themes/page-builder-framework/style.css?ver=2.9 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash da769ac36179c01a2227651a60e528983d9d17bd2585f3d11aab86bd9356215b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT content-encoding br x-content-type-options nosniff last-modified Thu, 24 Mar 2022 19:17:46 GMT server LiteSpeed x-powered-by Niagahoster vary Accept-Encoding,User-Agent content-type text/css cache-control public, max-age=10368000 strict-transport-security max-age=31536000 accept-ranges bytes content-length 7197 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H2	200	responsive-min.css scriptpastebin.com/wp-content/themes/page-builder-framework/css/min/	10 KB 1 KB	657ms 656ms	Stylesheet text/css	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://scriptpastebin.com/wp-content/themes/page-builder-framework/css/min/responsive-min.css?ver=2.9 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash be33d9268e6867c07a6a0a7393fc35ce570af9ac3139742e1c538cd510f8046d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 18 Mar 2022 14:54:40 GMT server LiteSpeed x-powered-by Niagahoster vary Accept-Encoding,User-Agent content-type text/css cache-control public, max-age=10368000 strict-transport-security max-age=31536000 accept-ranges bytes content-length 1299 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H2	200	jquery.min.js Show response scriptpastebin.com/wp-includes/js/jquery/	87 KB 30 KB	658ms 657ms	Script application/javascript	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://scriptpastebin.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 10 Mar 2021 13:37:24 GMT server LiteSpeed x-powered-by Niagahoster vary Accept-Encoding,User-Agent content-type application/javascript cache-control public, max-age=10368000 strict-transport-security max-age=31536000 accept-ranges bytes content-length 30273 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H2	200	jquery-migrate.min.js Show response scriptpastebin.com/wp-includes/js/jquery/	11 KB 4 KB	658ms 658ms	Script application/javascript	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://scriptpastebin.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 18 Nov 2020 07:36:06 GMT server LiteSpeed x-powered-by Niagahoster vary Accept-Encoding,User-Agent content-type application/javascript cache-control public, max-age=10368000 strict-transport-security max-age=31536000 accept-ranges bytes content-length 3995 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H2	200	wpp.min.js Show response scriptpastebin.com/wp-content/plugins/wordpress-popular-posts/assets/js/	3 KB 1 KB	659ms 658ms	Script application/javascript	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://scriptpastebin.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.5.1 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash 9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT content-encoding br x-content-type-options nosniff last-modified Sun, 27 Mar 2022 07:35:17 GMT server LiteSpeed x-powered-by Niagahoster vary Accept-Encoding,User-Agent content-type application/javascript cache-control public, max-age=10368000 strict-transport-security max-age=31536000 accept-ranges bytes content-length 1215 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H3	200	maxresdefault-3-5.jpg scriptpastebin.com/wp-content/uploads/2022/03/	124 KB 124 KB	1366ms 1365ms	Image image/jpeg	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://scriptpastebin.com/wp-content/uploads/2022/03/maxresdefault-3-5.jpg Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Security QUIC, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash 5d64fdcc0ac74e68e801159dd2dbdea95dda91851eb502bd6d75107001906810 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT x-content-type-options nosniff last-modified Fri, 25 Mar 2022 07:29:59 GMT server LiteSpeed x-powered-by Niagahoster strict-transport-security max-age=31536000 content-type image/jpeg cache-control public, max-age=10368000 accept-ranges bytes vary User-Agent content-length 126488 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H3	200	copy-the-code.js Show response scriptpastebin.com/wp-content/plugins/copy-the-code/assets/js/	12 KB 2 KB	593ms 593ms	Script application/javascript	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://scriptpastebin.com/wp-content/plugins/copy-the-code/assets/js/copy-the-code.js?ver=2.2.2 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Security QUIC, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash c56473172f48e7fd2d50e95ba946345ca1881c92a27fbde6176fd3622479b36b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 16 Mar 2022 10:17:01 GMT server LiteSpeed x-powered-by Niagahoster vary Accept-Encoding,User-Agent content-type application/javascript cache-control public, max-age=10368000 strict-transport-security max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 2235 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H3	200	highlight-core.js Show response scriptpastebin.com/wp-content/plugins/prismatic/lib/highlight/js/	235 KB 67 KB	600ms 600ms	Script application/javascript	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://scriptpastebin.com/wp-content/plugins/prismatic/lib/highlight/js/highlight-core.js?ver=3.0 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Security QUIC, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash ddc8f04731b6276f45b405a387724024f00d09dcccdf04f043fa396108a1ece8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 16 Mar 2022 14:52:42 GMT server LiteSpeed x-powered-by Niagahoster vary Accept-Encoding,User-Agent content-type application/javascript cache-control public, max-age=10368000 strict-transport-security max-age=31536000 accept-ranges bytes content-length 68464 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H3	200	site-min.js Show response scriptpastebin.com/wp-content/themes/page-builder-framework/js/min/	7 KB 2 KB	1366ms 1364ms	Script application/javascript	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://scriptpastebin.com/wp-content/themes/page-builder-framework/js/min/site-min.js?ver=2.9 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Security QUIC, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash 4dee72bbd5ff7e22f00f17f9e5e8beb2fb62e16219d3b76aa7d68ae403ca6bc8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 18 Mar 2022 14:54:40 GMT server LiteSpeed x-powered-by Niagahoster vary Accept-Encoding,User-Agent content-type application/javascript cache-control public, max-age=10368000 strict-transport-security max-age=31536000 accept-ranges bytes content-length 2003 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H3	200	comment-reply.min.js Show response scriptpastebin.com/wp-includes/js/	3 KB 1 KB	1366ms 1364ms	Script application/javascript	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://scriptpastebin.com/wp-includes/js/comment-reply.min.js?ver=5.9.3 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Security QUIC, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT content-encoding br x-content-type-options nosniff last-modified Mon, 01 Nov 2021 20:17:14 GMT server LiteSpeed x-powered-by Niagahoster vary Accept-Encoding,User-Agent content-type application/javascript cache-control public, max-age=10368000 strict-transport-security max-age=31536000 accept-ranges bytes content-length 1221 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H3	200	ads.js Show response scriptpastebin.com/wp-content/plugins/quick-adsense-reloaded/assets/js/	78 B 135 B	1366ms 1364ms	Script application/javascript	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://scriptpastebin.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.46 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Security QUIC, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash 2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT x-content-type-options nosniff last-modified Sun, 03 Apr 2022 04:35:43 GMT server LiteSpeed x-powered-by Niagahoster strict-transport-security max-age=31536000 content-type application/javascript cache-control public, max-age=10368000 accept-ranges bytes vary User-Agent content-length 78 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H3	200	wp-emoji-release.min.js Show response scriptpastebin.com/wp-includes/js/	18 KB 5 KB	1344ms 1343ms	Script application/javascript	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://scriptpastebin.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Security QUIC, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:02 GMT content-encoding br x-content-type-options nosniff last-modified Tue, 08 Jun 2021 20:45:12 GMT server LiteSpeed x-powered-by Niagahoster vary Accept-Encoding,User-Agent content-type application/javascript cache-control public, max-age=10368000 strict-transport-security max-age=31536000 accept-ranges bytes content-length 4539 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H3	200	pubads_impl_2022040701.js Show response securepubads.g.doubleclick.net/gpt/	368 KB 125 KB	70ms 31ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software sffe / Resource Hash 4eba10304f45a9ca7d6b3b882e564a5dd00d3900dc515fbe6137765ed0fb45a3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:52:45 GMT content-encoding gzip x-content-type-options nosniff age 367 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 127673 x-xss-protection 0 last-modified Thu, 07 Apr 2022 08:34:53 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Wed, 12 Apr 2023 20:52:45 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	117 B 122 B	58ms 30ms	XHR application/json	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=scriptpastebin.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash a3aaf391a23189a2e33b5efda0c0665981d5383db55c79d3394a3cac3f34f9b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Apr 2022 20:58:52 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 97 x-xss-protection 0 expires Tue, 12 Apr 2022 20:58:52 GMT
POST H3	201	popular-posts Show response scriptpastebin.com/wp-json/wordpress-popular-posts/v1/	55 B 408 B	883ms 883ms	XHR application/json	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://scriptpastebin.com/wp-json/wordpress-popular-posts/v1/popular-posts Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.5.1 Protocol H3 Security QUIC, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash 16f1363d37180a9754daaf1a3ed304df6a25a2c07d737c4af46582adf0170668 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers Referer https://scriptpastebin.com/1900/ X-Requested-With XMLHttpRequest accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 12 Apr 2022 20:58:53 GMT content-encoding br x-content-type-options nosniff x-powered-by Niagahoster vary Origin,Accept-Encoding,User-Agent content-length 59 x-xss-protection 1; mode=block; link <https://scriptpastebin.com/wp-json/>; rel="https://api.w.org/" allow GET, POST server LiteSpeed strict-transport-security max-age=31536000 access-control-allow-methods OPTIONS, GET, POST, PUT, PATCH, DELETE content-type application/json; charset=UTF-8 access-control-allow-origin https://scriptpastebin.com x-wp-nonce fd0a8fee68 access-control-allow-credentials true x-robots-tag noindex access-control-allow-headers Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type access-control-expose-headers X-WP-Total, X-WP-TotalPages, Link
GET H3	200	page-builder-framework.woff2 scriptpastebin.com/wp-content/themes/page-builder-framework/fonts/	7 KB 7 KB	575ms 574ms	Font application/font-woff2	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://scriptpastebin.com/wp-content/themes/page-builder-framework/fonts/page-builder-framework.woff2 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/wp-content/themes/page-builder-framework/css/min/iconfont-min.css?ver=2.9 Protocol H3 Security QUIC, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash 6046cd31a6f87df47b1c59eca0d11b6b3399041ae2a3e1ba825b9e08d70cda2b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers Referer https://scriptpastebin.com/wp-content/themes/page-builder-framework/css/min/iconfont-min.css?ver=2.9 Origin https://scriptpastebin.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT x-content-type-options nosniff last-modified Fri, 18 Mar 2022 14:54:40 GMT server LiteSpeed x-powered-by Niagahoster strict-transport-security max-age=31536000 content-type application/font-woff2 cache-control public, max-age=10368000 accept-ranges bytes vary User-Agent content-length 7112 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H2	200	Z0InFRKwuXk Show response www.youtube.com/embed/ Frame B390	61 KB 26 KB	133ms 72ms	Document text/html	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/Z0InFRKwuXk Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ad7d8ab7cb8172c1a5228fc2b1134ee8341b8ad7d92df5fbdde6339e3b413057 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://scriptpastebin.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding br content-type text/html; charset=utf-8 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" date Tue, 12 Apr 2022 20:58:52 GMT expires Mon, 01 Jan 1990 00:00:00 GMT p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info." permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} server ESF strict-transport-security max-age=31536000 x-content-type-options nosniff x-xss-protection 0
GET H3	200	bloxfmukurinew-1024x578.png scriptpastebin.com/wp-content/uploads/2022/04/	402 KB 403 KB	1328ms 1328ms	Image image/png	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://scriptpastebin.com/wp-content/uploads/2022/04/bloxfmukurinew-1024x578.png Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Security QUIC, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash 9d595557ca00b4844d92a63f2d915c7a8832f61b9ab5355a5f1ab984d608b7df Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT x-content-type-options nosniff last-modified Mon, 11 Apr 2022 04:54:20 GMT server LiteSpeed x-powered-by Niagahoster strict-transport-security max-age=31536000 content-type image/png cache-control public, max-age=10368000 accept-ranges bytes vary User-Agent content-length 411868 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H3	200	losm-1024x578.png scriptpastebin.com/wp-content/uploads/2022/04/	274 KB 274 KB	1538ms 1537ms	Image image/png	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://scriptpastebin.com/wp-content/uploads/2022/04/losm-1024x578.png Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Security QUIC, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash e87257043d7a61d9421dce8ba4f876d021188311675cf1f4c60f3d95aa6b00ef Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT x-content-type-options nosniff last-modified Tue, 12 Apr 2022 07:44:06 GMT server LiteSpeed x-powered-by Niagahoster strict-transport-security max-age=31536000 content-type image/png cache-control public, max-age=10368000 accept-ranges bytes vary User-Agent content-length 280422 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H3	200	aopgnewupdate-1024x578.png scriptpastebin.com/wp-content/uploads/2022/04/	403 KB 403 KB	1912ms 1912ms	Image image/png	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://scriptpastebin.com/wp-content/uploads/2022/04/aopgnewupdate-1024x578.png Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Security QUIC, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash 4a1a0e2dac4f8d499200e5bae0126f1a7442114ffb7983bdb0374cc9871c4120 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT x-content-type-options nosniff last-modified Tue, 12 Apr 2022 04:58:14 GMT server LiteSpeed x-powered-by Niagahoster strict-transport-security max-age=31536000 content-type image/png cache-control public, max-age=10368000 accept-ranges bytes vary User-Agent content-length 412722 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	69ms 20ms	Script text/javascript	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-223821340-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 2501 date Tue, 12 Apr 2022 20:17:11 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Tue, 12 Apr 2022 22:17:11 GMT
GET H3	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/	301 KB 108 KB	74ms 46ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8684986675842996&plah=scriptpastebin.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8684986675842996 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41fa7e8ffbcaa5ce69d951687de0cb45b8e98ea9473635a75615cf49d3b2ff1c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:52 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 110328 x-xss-protection 0 server cafe etag 1148290837941698068 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 12 Apr 2022 20:58:52 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/ Frame 1B75	10 KB 5 KB	71ms 20ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8684986675842996 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://scriptpastebin.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 12609 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=1209600 content-encoding gzip content-length 4398 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 12 Apr 2022 17:28:43 GMT etag 14837630671339829333 expires Tue, 26 Apr 2022 17:28:43 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	www-player.css www.youtube.com/s/player/1e29bfc0/ Frame B390	346 KB 46 KB	49ms 21ms	Stylesheet text/css	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/1e29bfc0/www-player.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/Z0InFRKwuXk Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 745ceabc71fc51c9e19807a454ec780584da7f59f0f568edd02562343749c0b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.youtube.com/embed/Z0InFRKwuXk User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 16:50:12 GMT content-encoding br x-content-type-options nosniff age 14921 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47431 x-xss-protection 0 last-modified Mon, 11 Apr 2022 00:15:09 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 12 Apr 2023 16:50:12 GMT
GET H3	200	www-embed-player.js Show response www.youtube.com/s/player/1e29bfc0/www-embed-player.vflset/ Frame B390	278 KB 86 KB	72ms 44ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/1e29bfc0/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/Z0InFRKwuXk Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bd040a9506a3805bd492a729bc7a28a8deb8260f710329b18314b9db58208fa3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.youtube.com/embed/Z0InFRKwuXk User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 19:53:08 GMT content-encoding br x-content-type-options nosniff age 3945 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 87824 x-xss-protection 0 last-modified Mon, 11 Apr 2022 00:15:09 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 12 Apr 2023 19:53:08 GMT
GET H3	200	base.js Show response www.youtube.com/s/player/1e29bfc0/player_ias.vflset/nl_NL/ Frame B390	2 MB 524 KB	79ms 51ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/nl_NL/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/Z0InFRKwuXk Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2547542175cbd0e342f678278c614f3b543773623dfac1c36795f39605cc6e6d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.youtube.com/embed/Z0InFRKwuXk User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 14:57:20 GMT content-encoding br x-content-type-options nosniff age 108093 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 536060 x-xss-protection 0 last-modified Mon, 11 Apr 2022 00:15:09 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 11 Apr 2023 14:57:20 GMT
GET H3	200	fetch-polyfill.js Show response www.youtube.com/s/player/1e29bfc0/fetch-polyfill.vflset/ Frame B390	9 KB 3 KB	71ms 43ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/1e29bfc0/fetch-polyfill.vflset/fetch-polyfill.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/Z0InFRKwuXk Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.youtube.com/embed/Z0InFRKwuXk User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 14:57:04 GMT content-encoding br x-content-type-options nosniff age 108109 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2786 x-xss-protection 0 last-modified Mon, 11 Apr 2022 00:15:09 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 11 Apr 2023 14:57:04 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	98ms 29ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=scriptpastebin.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Apr 2022 20:58:53 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	83ms 34ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=scriptpastebin.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Apr 2022 20:58:53 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	294 KB 83 KB	643ms 642ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3693338721605987&correlator=251960035278002&eid=31065713%2C31065659%2C44755509&output=ldjh&gdfp_req=1&vrg=2022040701&ptt=17&impl=fifs&iu_parts=162717810%3A22714479765%2Cscriptpastebin.com%2Cheader%2Cbefore_content%2Cin_content%2Cafter_content%2Cnative-after_content&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6&prev_iu_szs=728x90%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C320x50&fluid=0%2C0%2C0%2C0%2Cheight&ifi=2&adks=2661619351%2C3078935760%2C3363404490%2C2415385834%2C2692636924&sfv=1-0-38&ecs=20220412&fsapi=false&prev_scp=env%3Dprod%26site%3Dscriptpastebin.com%26referrer%3D-%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fscriptpastebin.com%252F1900%252F%26utm_campaign%3D-%26utm_source%3D-%26utm_medium%3D-%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D62%26protag_minutes%3D58%26protag_hours%3D20%26protag_day%3D2%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-header%7Cenv%3Dprod%26site%3Dscriptpastebin.com%26referrer%3D-%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fscriptpastebin.com%252F1900%252F%26utm_campaign%3D-%26utm_source%3D-%26utm_medium%3D-%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D62%26protag_minutes%3D58%26protag_hours%3D20%26protag_day%3D2%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-before_content%26protag_check%3Dtrue%7Cenv%3Dprod%26site%3Dscriptpastebin.com%26referrer%3D-%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fscriptpastebin.com%252F1900%252F%26utm_campaign%3D-%26utm_source%3D-%26utm_medium%3D-%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D62%26protag_minutes%3D58%26protag_hours%3D20%26protag_day%3D2%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-in_content%7Cenv%3Dprod%26site%3Dscriptpastebin.com%26referrer%3D-%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fscriptpastebin.com%252F1900%252F%26utm_campaign%3D-%26utm_source%3D-%26utm_medium%3D-%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D62%26protag_minutes%3D58%26protag_hours%3D20%26protag_day%3D2%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-after_content%7Cenv%3Dprod%26site%3Dscriptpastebin.com%26referrer%3D-%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fscriptpastebin.com%252F1900%252F%26utm_campaign%3D-%26utm_source%3D-%26utm_medium%3D-%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D62%26protag_minutes%3D58%26protag_hours%3D20%26protag_day%3D2%26protag_native%3Dnative%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-native-after_content%26protag_multiplex%3Dmultiplex&sc=1&cookie_enabled=1&abxe=1&dt=1649797132979&lmt=1649772465&dlt=1649797132044&idt=896&biw=1600&bih=1200&adxs=-9%2C-9%2C-9%2C-9%2C0&adys=-9%2C-9%2C-9%2C-9%2C1702&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fscriptpastebin.com%2F1900%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x0&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x0&fws=2%2C2%2C2%2C2%2C4&ohw=0%2C0%2C0%2C0%2C1600&ga_vid=1764676294.1649797133&ga_sid=1649797133&ga_hid=1915100491&ga_fc=false&btvi=-1%7C-1%7C-1%7C-1%7C1&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 1ce94472dd9ac57d3cbf802eed035b83af9a8f3e5b29e8a86325a79e72f45b1d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:53 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 84818 x-xss-protection 0 google-lineitem-id -1,5636256369,-1,-1,-2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -1,138343422777,-1,-1,-2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://scriptpastebin.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A002	6 KB 4 KB	143ms 27ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://scriptpastebin.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 12 Apr 2022 20:58:53 GMT expires Wed, 12 Apr 2023 20:58:53 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame B390	15 KB 16 KB	85ms 23ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/Z0InFRKwuXk Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 17:06:41 GMT x-content-type-options nosniff age 13932 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 12 Apr 2023 17:06:41 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	56ms 28ms	XHR text/plain	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1915100491&t=pageview&_s=1&dl=https%3A%2F%2Fscriptpastebin.com%2F1900%2F&ul=en-us&de=UTF-8&dt=BLOX%20FRUITS%20%E2%80%93%20ScriptPastebin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=716558593&gjid=97598367&cid=1764676294.1649797133&tid=UA-223821340-1&_gid=1879403706.1649797133&_r=1&gtm=2ou460&z=402245160 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://scriptpastebin.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:53 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://scriptpastebin.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	222 B 421 B	30ms 29ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=scriptpastebin.com&callback=_gfp_s_&client=ca-pub-8684986675842996 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8684986675842996&plah=scriptpastebin.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 5052605cbb26927001523511623b1e151f35b1fc5d80d317f6201fe9ae88102e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:53 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 206 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame BB83	9 KB 4 KB	165ms 132ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8684986675842996&output=html&adk=1812271804&adf=3025194257&lmt=1649772465&plat=8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fscriptpastebin.com%2F1900%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649797132897&bpp=4&bdt=854&idt=138&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3236918258865&frm=20&pv=2&ga_vid=1764676294.1649797133&ga_sid=1649797133&ga_hid=1915100491&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066434%2C31065659&oid=2&pvsid=3693338721605987&pem=195&tmod=232341668&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=150 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8684986675842996&plah=scriptpastebin.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1086c0cefa41addf80c5a3669cefee728280d70232ffb61d38e610c96471fe81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://scriptpastebin.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 4006 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 12 Apr 2022 20:58:53 GMT expires Tue, 12 Apr 2022 20:58:53 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	id Show response googleads.g.doubleclick.net/pagead/ Frame B390 Redirect Chain https://googleads.g.doubleclick.net/pagead/id https://googleads.g.doubleclick.net/pagead/id?slf_rd=1	100 B 146 B	29ms 28ms	XHR application/json	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/Z0InFRKwuXk Protocol H3 Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4dcc099ae76ab30de48031b4f627871c7cff796bb9ad0c68e6d5b6dcc085d8ce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:53 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 120 x-xss-protection 0 pragma no-cache server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Tue, 12 Apr 2022 20:58:53 GMT x-content-type-options nosniff access-control-allow-origin https://www.youtube.com p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad_status.js Show response static.doubleclick.net/instream/ Frame B390	29 B 588 B	123ms 59ms	Script text/javascript	2a00:1450:4001:810::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.doubleclick.net/instream/ad_status.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/1e29bfc0/www-embed-player.vflset/www-embed-player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:44:42 GMT x-content-type-options nosniff age 851 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29 x-xss-protection 0 last-modified Thu, 12 Dec 2013 23:40:16 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 20:59:42 GMT
OPTIONS H2	200	Create jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	77ms 28ms	Preflight text/html	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 content-type text/html date Tue, 12 Apr 2022 20:58:53 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	Create Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame B390	45 KB 22 KB	68ms 40ms	XHR application/json+protobuf	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/nl_NL/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f5720bfad9719c2993594db027beaad0206bf2e303f3b587b80dbc38c80f1ec5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type application/json+protobuf Response headers date Tue, 12 Apr 2022 20:58:53 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 22121 x-xss-protection 0
GET H3	200	remote.js Show response www.youtube.com/s/player/1e29bfc0/player_ias.vflset/nl_NL/ Frame B390	118 KB 37 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/nl_NL/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/nl_NL/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b112e7b56bd0a29cb15b8cc6cd3f1a1ade5d79dbfd8eaed0072f5f25a5cfb15 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.youtube.com/embed/Z0InFRKwuXk User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 14:57:20 GMT content-encoding br x-content-type-options nosniff age 108093 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37597 x-xss-protection 0 last-modified Mon, 11 Apr 2022 00:15:09 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 11 Apr 2023 14:57:20 GMT
GET H2	200	4oMByJh1q-5iQTeULa1T5dHvkxHqEtzS8fNkzvg1raE.js Show response www.google.com/js/th/ Frame B390	35 KB 14 KB	97ms 21ms	Script text/javascript	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/th/4oMByJh1q-5iQTeULa1T5dHvkxHqEtzS8fNkzvg1raE.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/nl_NL/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e28301c89875abee624137942dad53e5d1ef9311ea12dcd2f1f364cef835ada1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 06 Apr 2022 12:06:47 GMT content-encoding br x-content-type-options nosniff age 550326 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13598 x-xss-protection 0 last-modified Mon, 04 Apr 2022 13:00:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 06 Apr 2023 12:06:47 GMT
GET H3	200	embed.js Show response www.youtube.com/s/player/1e29bfc0/player_ias.vflset/nl_NL/ Frame B390	27 KB 8 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/nl_NL/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/nl_NL/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4e804bf38eb791bc6f08e221707ded2ca2a704158232880b1a3cf9834a235674 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.youtube.com/embed/Z0InFRKwuXk User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 15:03:54 GMT content-encoding br x-content-type-options nosniff age 107699 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8128 x-xss-protection 0 last-modified Mon, 11 Apr 2022 00:15:09 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 11 Apr 2023 15:03:54 GMT
GET DATA	200 OK	truncated / Frame B390	175 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Content-Type image/png
GET H2	200	AKedOLTN9DCzjiH2pMVNnlyEf54akfav3rYcPYoa3g48KQ=s68-c-k-c0x00ffffff-no-rj yt3.ggpht.com/ytc/ Frame B390	2 KB 2 KB	142ms 27ms	Image image/jpeg	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://yt3.ggpht.com/ytc/AKedOLTN9DCzjiH2pMVNnlyEf54akfav3rYcPYoa3g48KQ=s68-c-k-c0x00ffffff-no-rj Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/Z0InFRKwuXk Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 30417a2843ebe61690b2ce2efe278797f8b13bbe7dddc35a6f7b57b37f468cdf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 18:51:52 GMT x-content-type-options nosniff age 7621 content-disposition inline;filename="unnamed.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1553 x-xss-protection 0 server fife etag "v84" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Wed, 06 Apr 2022 06:15:39 GMT
GET H2	200	sddefault.webp i.ytimg.com/vi_webp/Z0InFRKwuXk/ Frame B390	33 KB 34 KB	163ms 34ms	Image image/webp	2a00:1450:4001:80f::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi_webp/Z0InFRKwuXk/sddefault.webp Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/Z0InFRKwuXk Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fbd7cd126427cdc4a8524a966cb8fb7c0e3b9922fa4c2002c4f2e5060892b6cb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:53 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33794 x-xss-protection 0 server sffe etag "1631461546" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/webp cache-control public, max-age=7200 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 12 Apr 2022 22:58:53 GMT
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame B390	4 KB 3 KB	105ms 30ms	Script text/javascript	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/nl_NL/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:53 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 12 Apr 2022 20:58:53 GMT
GET H3	204	generate_204 www.youtube.com/ Frame B390	0 9 B	21ms 20ms	Image text/plain	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/generate_204?LhCLcQ Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/Z0InFRKwuXk Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.youtube.com/embed/Z0InFRKwuXk User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:53 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	200	cast_sender.js Show response www.gstatic.com/eureka/clank/100/ Frame B390	52 KB 15 KB	49ms 20ms	Script text/javascript	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/100/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 30b6e85cb864024d05a4778952ea29bc0612dc2f73e68354ae9ac3375eab7132 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:39:44 GMT content-encoding gzip x-content-type-options nosniff age 1149 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15463 x-xss-protection 0 last-modified Mon, 07 Feb 2022 16:04:59 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview-release" vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes expires Wed, 13 Apr 2022 20:39:44 GMT
GET H2	200	script.protag.js Show response cdn.proadscdn.com/s/script.protag/	132 KB 31 KB	85ms 33ms	Script application/javascript	2606:4700:20::ac43:4ad8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.proadscdn.com/s/script.protag/script.protag.js Requested by Host: protagcdn.com URL: https://protagcdn.com/s/scriptpastebin.com/site.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4ad8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a1d18656936294a54e8ba07c0b459b652a767d2b54b97adcf0cbbd2852850885 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:53 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6361 cf-bgj minify alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 22 Mar 2022 22:57:27 GMT server cloudflare etag W/"20f2c-5dad6897b3c86-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fG23fGbtqkEhFrNlJd6cG6zfcDAAVdfN%2FA0sd2xRXQSHb0Bm9eZf2qLbkad8eWj9nldfIxHXJ%2FRlUte61CcghuObgWoCIhULwPqxfWOBqLYOyK7Yr%2F22gzv4OskhR1m72QESaB7GgDGMV03lJ4Q9"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=1209600 cf-ray 6faee1f478dd9bc4-FRA expires Tue, 26 Apr 2022 19:12:52 GMT
POST H3	200	GenerateIT Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame B390	98 B 142 B	31ms 30ms	XHR application/json+protobuf	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/nl_NL/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c4477d6385822aae86f3a90508425d233a6eba79fdcd81ca8b2e5596728abc1f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type application/json+protobuf Response headers date Tue, 12 Apr 2022 20:58:53 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 118 x-xss-protection 0
OPTIONS H3	200	GenerateIT jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	27ms 27ms	Preflight text/html	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 content-type text/html date Tue, 12 Apr 2022 20:58:53 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	376 KB 126 KB	83ms 28ms	Script text/javascript	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: cdn.proadscdn.com URL: https://cdn.proadscdn.com/s/script.protag/script.protag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 15377398f026b4beb337db55bf9021fb3090d44db1786fec179955ef3b14c2d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:53 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 128424 x-xss-protection 0 expires Tue, 12 Apr 2022 20:58:53 GMT
GET H2	200	pubcid.min.js Show response id.sharedid.org/lib/	732 B 904 B	559ms 172ms	Script application/javascript	52.10.19.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://id.sharedid.org/lib/pubcid.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.10.19.115 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-10-19-115.us-west-2.compute.amazonaws.com Software / Resource Hash a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:54 GMT cache-control public, max-age=86400 last-modified Tue, 12 Apr 2022 04:27:05 GMT accept-ranges bytes content-length 732 vary accept-encoding content-type application/javascript
GET H2	200	esp.js Show response oa.openxcdn.net/	24 KB 8 KB	85ms 14ms	Script application/javascript	34.102.146.192 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://oa.openxcdn.net/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 192.146.102.34.bc.googleusercontent.com Software UploadServer / Resource Hash 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 01 Apr 2022 09:13:23 GMT content-encoding gzip age 992730 x-guploader-uploadid ADPycdtHLiEksjAnV2qS_tolB3doMSP5kDIThxUmM4XPHhP_A5CQsbGKd6lmqwarYMK0FuEhfhChj7LabSlmCeRq7dMjhb9zmg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc clear content-length 7927 last-modified Thu, 27 May 2021 18:30:51 GMT server UploadServer etag "df5542b88bc0e368c6999754a5b9e2ba" x-goog-hash crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug== x-goog-generation 1622140251693895 cache-control no-transform x-goog-stored-content-length 7927 accept-ranges bytes content-type application/javascript expires Sat, 01 Apr 2023 09:13:23 GMT
GET H2	200	publishertag.ids.js Show response static.criteo.net/js/ld/	36 KB 12 KB	91ms 43ms	Script text/javascript	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.ids.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash bfda32b0e5b10d90ca5baf94a67aa30c9cea8f49efed26f649a8de73116fbcd6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:53 GMT content-encoding gzip last-modified Tue, 05 Apr 2022 12:58:04 GMT server nginx etag W/"624c3cdc-8ed3" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 13 Apr 2022 20:58:53 GMT
GET H3	200	esp Show response oajs.openx.net/ Redirect Chain https://oajs.openx.net/esp?url=https%3A%2F%2Fscriptpastebin.com%2F1900%2F&rid=esp https://oajs.openx.net/esp?url=https%3A%2F%2Fscriptpastebin.com%2F1900%2F&rid=esp&cc=1	85 B 103 B	131ms 115ms	Fetch application/json	34.120.135.53 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://oajs.openx.net/esp?url=https%3A%2F%2Fscriptpastebin.com%2F1900%2F&rid=esp&cc=1 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Server 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 53.135.120.34.bc.googleusercontent.com Software / Express Resource Hash 93435d815676c1b709a88539439870763959bb83cb1a6d6f0bdd430ddd13a958 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:53 GMT via 1.1 google etag W/"55-ITiYnVTD03bnxVSE4pVgP8RMECA" x-powered-by Express vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://scriptpastebin.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 85 Redirect headers date Tue, 12 Apr 2022 20:58:53 GMT via 1.1 google access-control-allow-origin https://scriptpastebin.com x-powered-by Express vary Origin location /esp?url=https%3A%2F%2Fscriptpastebin.com%2F1900%2F&rid=esp&cc=1 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	syncframe Show response gum.criteo.com/ Frame 681D	13 KB 5 KB	203ms 33ms	Document text/html	2a02:2638::1c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=scriptpastebin.com Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.ids.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 2d97ecc3fc54beb500cfdfaab6e611f49e22c5dbaf368ede1c612e50bfd5099f Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://scriptpastebin.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-length 5136 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 12 Apr 2022 20:58:53 GMT server-processing-duration-in-ticks 4130 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	sid Show response mug.criteo.com/ Frame 681D Redirect Chain https://gum.criteo.com/sid/json?origin=publishertagids&domain=scriptpastebin.com&sn=ChromeSyncframe&so=0&topUrl=scriptpastebin.com&cw=1&lsw=1 https://mug.criteo.com/sid?cpp=9fshfnxRNkFNWlZLN3FXZUtHVUNHUzUrUDdZOVprNmZHbVZ6NmxCYVI1S0t6VFJGaEdBejNBUEZLVXJvSEk3S1pleCtvQUZSRkprTWR6TENFVE00cUxBRThjdm9qNUxSV3pGTURySm9IVHlrN2JCdHRwdkFKNHFMTUdkcl...	446 B 647 B	195ms 17ms	Fetch application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=9fshfnxRNkFNWlZLN3FXZUtHVUNHUzUrUDdZOVprNmZHbVZ6NmxCYVI1S0t6VFJGaEdBejNBUEZLVXJvSEk3S1pleCtvQUZSRkprTWR6TENFVE00cUxBRThjdm9qNUxSV3pGTURySm9IVHlrN2JCdHRwdkFKNHFMTUdkclVxNGZ2eTl0YzhBZWJoSXhlSm5GVW9zSlNkQzVZK20rMWFFb0wycjQwYWR5MVpqVnd4V2lFNTRiMTdwTjhOZml6LzBUY0pRMHRZTEdiM0ttbXJMZHlGNnBQZitERStSTVRFQ1NoWGlEUkk5Vk1rMWVnM0ptd3MxK0M5VTIvSTZMRzBhRUxLRlU4WWRvd1doMG9nZ1N5dEs0VlkwV1g2QT09fA&cppv=2 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 419b772f9e40d11ace152ac42f20d63f7101107a04eaa68cd1dafd78c55fdedb Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language nl-NL,nl;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:53 GMT content-encoding gzip vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 5044 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Tue, 12 Apr 2022 20:58:53 GMT strict-transport-security max-age=31536000; preload; content-type text/html; charset=utf-8 location https://mug.criteo.com/sid?cpp=9fshfnxRNkFNWlZLN3FXZUtHVUNHUzUrUDdZOVprNmZHbVZ6NmxCYVI1S0t6VFJGaEdBejNBUEZLVXJvSEk3S1pleCtvQUZSRkprTWR6TENFVE00cUxBRThjdm9qNUxSV3pGTURySm9IVHlrN2JCdHRwdkFKNHFMTUdkclVxNGZ2eTl0YzhBZWJoSXhlSm5GVW9zSlNkQzVZK20rMWFFb0wycjQwYWR5MVpqVnd4V2lFNTRiMTdwTjhOZml6LzBUY0pRMHRZTEdiM0ttbXJMZHlGNnBQZitERStSTVRFQ1NoWGlEUkk5Vk1rMWVnM0ptd3MxK0M5VTIvSTZMRzBhRUxLRlU4WWRvd1doMG9nZ1N5dEs0VlkwV1g2QT09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 1941 content-length 541 expires 0
GET H2	200	pd Show response google-bidout-d.openx.net/w/1.0/ Frame 2E1A	0 177 B	77ms 28ms	Document text/html	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://google-bidout-d.openx.net/w/1.0/pd?plm=5 Requested by Host: oa.openxcdn.net URL: https://oa.openxcdn.net/esp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/18.0.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://scriptpastebin.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding gzip content-length 20 content-type text/html date Tue, 12 Apr 2022 20:58:54 GMT server OXGW/18.0.0 vary Accept, Accept-Encoding via 1.1 google
GET H3	200	2 Show response scriptpastebin.com/wp-json/wordpress-popular-posts/v1/popular-posts/widget/	5 KB 1 KB	710ms 710ms	XHR application/json	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://scriptpastebin.com/wp-json/wordpress-popular-posts/v1/popular-posts/widget/2?is_single=1900 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.5.1 Protocol H3 Security QUIC, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash 7b5a1c29e9e352fb8985c936db04ecb1ddae6b13104cb187858aae05f5f53c02 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers Referer https://scriptpastebin.com/1900/ X-Requested-With XMLHttpRequest accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:54 GMT content-encoding br x-content-type-options nosniff server LiteSpeed access-control-allow-headers Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type x-powered-by Niagahoster vary Origin,Accept-Encoding,User-Agent content-type application/json; charset=UTF-8 allow GET strict-transport-security max-age=31536000 x-robots-tag noindex link <https://scriptpastebin.com/wp-json/>; rel="https://api.w.org/" content-length 1230 x-xss-protection 1; mode=block; access-control-expose-headers X-WP-Total, X-WP-TotalPages, Link
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	82ms 42ms	Script application/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=scriptpastebin.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Apr 2022 20:58:54 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	59ms 30ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=scriptpastebin.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Apr 2022 20:58:54 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	91 KB 37 KB	388ms 388ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3693338721605987&correlator=251960035278002&eid=31065713%2C31065659%2C44755509&output=ldjh&gdfp_req=1&vrg=2022040701&ptt=17&impl=fifs&iu_parts=162717810%3A22714479765%2Cscriptpastebin.com%2Csticky-bottom&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90&ifi=7&adks=2585299712&sfv=1-0-38&ecs=20220412&fsapi=false&prev_scp=env%3Dprod%26site%3Dscriptpastebin.com%26referrer%3D-%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fscriptpastebin.com%252F1900%252F%26utm_campaign%3D-%26utm_source%3D-%26utm_medium%3D-%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D62%26protag_minutes%3D58%26protag_hours%3D20%26protag_day%3D2%26protag_sticky_pos%3Dbottom%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-sticky-bottom&sc=1&cookie=ID%3D0803afc836e54fae-22e054a874cd0042%3AT%3D1649797133%3AS%3DALNI_MZnqnazjBBwibMEMytf9YjruEbcvw&abxe=1&dt=1649797134267&lmt=1649772465&dlt=1649797132044&idt=896&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fscriptpastebin.com%2F1900%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AGkb-H9CjyoAPzsCTj3UjG943ku7BXwUrB8blXPj4AzfibvVkoT2EGjzZwBcd_y8iwAgwSTJmbEOAGByZSVySHfUiFbptQ%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1764676294.1649797133&ga_sid=1649797133&ga_hid=1915100491&ga_fc=true&btvi=-1&a3p=EkEKBW9wZW54EixleUpwSWpvaVFsWmFTRzFGYkVwUlNHa3ZUVE5pZFcxSVJVUm9VVDA5SW4wPRjF7cn8gTBFAAAAAA..&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 3fbb359e2a69df93dae12ec61cb8ae1646beda761a486a52e46bbae93b4a125c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:54 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37777 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://scriptpastebin.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	container.html Show response c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6A20	6 KB 3 KB	50ms 21ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://scriptpastebin.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 12 Apr 2022 20:58:53 GMT expires Wed, 12 Apr 2023 20:58:53 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	fltiu.js Show response pixel.yabidos.com/ Frame 2308	2 KB 1 KB	87ms 28ms	Script application/javascript	104.16.201.58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=scriptpastebin.com&s=scriptpastebin.com&adtg=protag-header&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=90&w=728 Requested by Host: protagcdn.com URL: https://protagcdn.com/s/scriptpastebin.com/site.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.201.58 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:54 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 07 Apr 2022 17:01:39 GMT server cloudflare age 4187 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 6faee1f9c8db6977-FRA content-length 1168 expires Tue, 12 Apr 2022 22:58:54 GMT
GET H3	200	container.html Show response c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2504	6 KB 3 KB	32ms 22ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://scriptpastebin.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 12 Apr 2022 20:58:53 GMT expires Wed, 12 Apr 2023 20:58:53 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	fltiu.js Show response pixel.yabidos.com/ Frame A2E4	2 KB 1 KB	81ms 37ms	Script application/javascript	104.16.201.58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=scriptpastebin.com&s=scriptpastebin.com&adtg=protag-in_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=280&w=336 Requested by Host: protagcdn.com URL: https://protagcdn.com/s/scriptpastebin.com/site.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.201.58 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:54 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 07 Apr 2022 17:01:39 GMT server cloudflare age 4187 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 6faee1f9c8dd6977-FRA content-length 1168 expires Tue, 12 Apr 2022 22:58:54 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 8611	0 0	69ms 69ms	Fetch image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBB7ptMMNYHKVi75zqHc1EjmMaJxJ_XomDrUfHUQac4_p8vV5jMjRIy-tUPh74nFw2V1r2UOFCC9ifW6i2Yz4uG9URaM4l0Uyu4MJkht8DHscZxOzfKorCC5tYi5X3IDBRLvl2qYHvLrsJUJ5Bq_N97opQtILv2UJgRXSO0wdbv55xr7BDCK7sFmGyBdjvUQLYCZl_T_Jg16pKFEGzX9jiT79YfcHsQiRUdR39I96MhlbeZNSONopfXReSMxzU3hFaMATwmk42AuF1HnCtJb9atM9a8E5YxpK3hONZIc1HOt5e5oSrbI8ym6HIU189A7Lbo4osMzjSFH7IBGcPJAVwqZa2_00sboh9yQd7y9-Uq82O&sai=AMfl-YScX11J9KNbaSplXj_s0umJ24Zq0FvOHH7D0PNhBXI2DRhV9iigsc5koSRw4O_BKNGqF9sdOVL6LT5JMy3pxzOvbsvuXye7r1eFsC8p840cqiNXq14nkVgMisgyE0M&sig=Cg0ArKJSzDgNnYBDkSAsEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Apr 2022 20:58:54 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Tue, 12 Apr 2022 20:58:54 GMT
POST H2	204	matomo.php x.protagcdn.com/ Frame 8611	0 360 B	239ms 230ms	Ping text/plain	2606:4700:20::681a:68e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://x.protagcdn.com/matomo.php?action_name=scriptpastebin.com%2F&idsite=JlDE21DBnw&rec=1&r=921481&h=20&m=58&s=54&url=https%3A%2F%2Fscriptpastebin.com%2F1900%2F&_id=&_idn=1&_refts=0&send_image=0&cookie=1&res=1600x1200&pv_id=RAvOvl Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:68e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://scriptpastebin.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers date Tue, 12 Apr 2022 20:58:54 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRibSoOuW6rU%2Bh%2B5SSl1Y3HygThSJqdAF7u6EZmryYWJ0Jp10vzwS11qCMtgywK4Q7y7x8cFFQBVdfas1NtVptpdxicFdWXCHfq7b5t6PVm7VNEIYUkBjZqrCUh6bTfY0p19AkUEE9fo29sAfg%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://scriptpastebin.com access-control-allow-credentials true cf-ray 6faee1f9a97f9a39-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 8611	119 KB 37 KB	115ms 29ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:54 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36908 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1649677559247379" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 12 Apr 2022 20:58:54 GMT
GET H2	200	fltiu.js Show response pixel.yabidos.com/ Frame 0F49	2 KB 1 KB	44ms 29ms	Script application/javascript	104.16.201.58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4994360772&p=scriptpastebin.com&s=scriptpastebin.com&adtg=protag-before_content&nci=2827340060&ci=138343422777&lon=&lat=&emh=&nai=4994360772&h=280&w=468 Requested by Host: protagcdn.com URL: https://protagcdn.com/s/scriptpastebin.com/site.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.201.58 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:54 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 07 Apr 2022 17:01:39 GMT server cloudflare age 4187 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 6faee1f9c8e16977-FRA content-length 1168 expires Tue, 12 Apr 2022 22:58:54 GMT
GET H3	200	container.html Show response c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4C0D	6 KB 3 KB	20ms 20ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://scriptpastebin.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 12 Apr 2022 20:58:53 GMT expires Wed, 12 Apr 2023 20:58:53 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	fltiu.js Show response pixel.yabidos.com/ Frame 8133	2 KB 1 KB	33ms 29ms	Script application/javascript	104.16.201.58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=scriptpastebin.com&s=scriptpastebin.com&adtg=protag-after_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=280&w=336 Requested by Host: protagcdn.com URL: https://protagcdn.com/s/scriptpastebin.com/site.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.201.58 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:54 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 07 Apr 2022 17:01:39 GMT server cloudflare age 4187 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 6faee1f9c8e06977-FRA content-length 1168 expires Tue, 12 Apr 2022 22:58:54 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame E143	624 B 300 B	32ms 31ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmZKBDNq5aCAhiQ0eO-ATAB&v=APEucNXgpSkvmWIzDTUWpag-feZ696I9fwPXGJajg360BGNcykH-PMcGzFE6zf_NH1TwdtQuokWuSfDyCYLnPHLSd3-qmvDRkYdeXklUa886c3_CAgxKG8QjxmR_fCliEliD5Q14BBpqDshhE2t_7ipCKw_LAZTcLhhAw9uN-RQ_hEij1kTpt5rvy7TuAfjbkXkjsYB1cNHiXDFPguVd6EGjjK8dp9TG1w Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding gzip content-length 276 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 12 Apr 2022 20:58:54 GMT expires Tue, 12 Apr 2022 20:58:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 6A20	70 KB 32 KB	62ms 62ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJesmlR4PHN-W3r9EGvxFxXvIR2436YZCeYjRRdaHtXqqb-LkB_j2C6NlfRLZfsk2g0qpI2tFKRPSfB8CWf1LPFPW9G7ytucuLe5owUOSjbceN0CA2TAXHCUQfbCitzCrsYkb5Th9Xw0rjWz95J7GlOsLQnQ&dbm_d=AKAmf-DkC1byw7z5ucytaKTWqOmIyTrEmEQK_gWcTVIJKJvyC_1-bqJz1MjbTorXQhR1I7AjjJwfKAq0uXbkO5In6uV2g6zpLvbucEUYTPmUb-zQicJGfHp5TqVGKsL-d1_icdUQIdzaXOOCIfLGRplO2g8Rt2Fsu6d1uBYykfi9Oi-nH8f5Yij6QqySau0FV-rgs-cmDGNumuhpjbATFjLht7Unl7Vje56jNjosbyTVHZrF8Ku8_SaEnRCkAXTvgOAPFhq_M44Ljk_IwQb6mRciTPkNOay86hcQXFCx6DxpCQTnT_-XDrsLaR3ATeUUv9QL1nvxkRcko-G4EHtpP2CYa1qqmiH1IEdgPQyW6TWAMKXBwvI2JlpBroeTBWBN9lqD3b8WpEKABtSh7vz6b-C7W42FJFpLwXwTRNZ7pf7cacNRE_e0dqDDORo0d6FFK8_cufAZzTrNKYntwCgDPjJK9fmFUF6XCo2Dggf-rwmN3faSua1W3HhrP6YoknA0x8ka_mTQjS8Vzgp3EnzOfc0CfGO4i5_PsmRYUiwPHPA2cPz1998CvBa8-_QfLvFEqZv0egRAuHTQOVE00EYXZQTaHd-OYaQn6K4VMG1OZc-1PWY-9qowqTLeIGQ5kzeTCJwijWo-WUXOGvVOTmhPp1vtjat9Vl2oA3bgm36Cpuqm_qf71zLLSKMmfUnQtN4GSUGSBhcDtsXJtkYDnHCsttVnMM62VePe5kurCcUM5FmYGKQeaFndRFF5cchU7xWs4XCpV917IfzEbtJfSLsheV9-1UF2u_kzcUEXq3BCZoILiOHYlVFjPDzGKvvFUIEfJj80rGIMRx8R5RrCbb43IkiN2ZpxuN9Lm8P6Nqj0BTvmUewQgctTkfOIW22JO0v8auvYMq-sgMXlhDqBvl51YNyzYPVxinmj4L9Qaj7i5MMTXOuB9UIq6IqUWLrSOB_e7tOAdzx1_e9Uzg3-A6wxi1wjEeay-8mB_eZ5WIF29Wjz__AcOoogb95NU88e3cxgniDoKFwaZZR-ldaadYTtwImhMIG5S92HB8fqyiZXzkHED7T-otuPG0fyZpwD6BPnztaY7Wq1mfJqyRwG0OF3nVm1eVub7PQBslxlkhV41Yo6SnYaraaot9ctz-ZDyNk6w52j5AdQ-9l6mb1wDNcyDaCli8lpzutt4RzxNQ_dMNScUuY1ze_09NGPze4mqmmGpX-D1IYlcnhTTFqW6l1tWBFUM_1Xm_Upg87dU5Kd1-LrF8DRQZZpsRYjgY6LU_LMdl-VuBIbFAG2IrCXOZHd6gRdT1b8chAwWFAWUOGw63T4B2rg5cWyX5w1K9H7Id5zwpkXick9r3Wbu7wIvaRvZee-lZMPapE9DvN9yrbPyvTM009zkeB7t28wXfc09_EeDGjqf5LSvrRw4o7wiNJLzCfnrsnvUOO0YTDj7VTC5eawzUOa6tiTXqiljzfbob6NcdtAELIp_ry9bzLlP5OKKRHKu1naGI3jPrSNHTAMobc9PJGqHiuL1k6D3jBb229VqMElepGz0-MijVGn81Nr-Y6nrkvuFyMxrtvCLZkHpRCQUr2Y83CoKJa04PAhbitswXAjjBTuo9hvNcttkvOSTyOygZWCFkny1l48a0yduHyvD6vPuVoq-9JmyhjITRjcGObCwjF5CE2LmgaZfcLrQu49Hv3IzJSYQrAR7XSfPoMku8lIRXkxmoW0h550pT-3L_4MZfYm6CUbGFk4BGFsqn6o4hW9c3WRkKfH5ncRAUXP1s_VuPG-hwKBqprty1fxy3aKaJyRkxtfBwt8LT25GDLE1ETPaznT3hfmb5pZlzcSCxzD5K7xtkyodGSV4JeUJthJzjz0ENc8mqCEcnqFqpykidrw5iP_Iz7eFIx2HR2J0j4MBIbL5oNvxvXR2JBCzOvRMf1PY-RhrT0iiVcSPmGL3Xr3qxlKVVWV8P-CA3X3-2OhLkIvkS9ZEYSHD-N4OFvyQJWmpCCPUY8IwgKe1u-gayplschtbjERFIqqpKnuz122DnCVRFNecuII9ZMIszT-1Dy_rwRpAeWzd0kfbyaM_X8cZjif_fxTqDUpxXSziMC-4JGEdUH4342zeliLHutxP2Crpt-QObYHDYDXlwUaGZ4Juh-1bIsSLbV7lvDFQRYWOKaZCQjD7w5ULsFRd7leVAG0gj1P5A2d9TgGnYLBj7ROFDZKHY_D0LpuxJXfgnP7PSBjc89rC_qiUY18KZQX2XHF_sYXwbk3FyXccGHBBXlxqPpFx7DZ9_0-qUEIHn2FAMTNEj_ZC3wjUWRduFyywQ0FdLkAMRH7rE3UF4W-vSEOe6nhorLehYwHQLw7u_yWZiA5MA6U02ofTW7DhF-Z0_-HVfR7rZT_rrKdn9CBQ1e_6Wb4yEeIsQ58-XDSgEUoOy11nk2EYJZzPVS78U1tau7i0TaTnbsqR8iIC4QYN4p-i8o1vzw8qs2kPZMYpLRDScxoE8WFzF01QC3rXxay2_RNq5kh20ohaL1VNNc-XONGy9GI6V5rGWq2HHCNb1AND1O8CuWB-_2ypzVb5f1LD2WKkMAP91igleiS1f_4HD6k9qCpcEDm7FWefCJl7Lk6oKV-X_tKMcpF51Hr3-Gjf-F_hjCVJNEl6T8lvfLfE3yv2tTXwxIkgBhx3c3EUQTAebY-gSmKX_P8JM5slc7LsyZa_3DvVYF71IdcUpQWOPnIKetYi_B7KwtSksOvZboynSjkygSsaaAO2C3YCkTDaSTaKfv-WGg5vyuT241hBEK53HMAVUz1J9lXe4ZcNaLKadl78HOFDZ8KOac837e2YFgtUEz62ANA0EhLX6u9m_6xFIvSXgXCHla8pIdfYdu8dXquVcCItPnQcDr7embZj0MnCb0E9uU3_oB5cUBLlYhrhcTCjd_ZzhirvVieOIATNj-9WbUcjnMPstAxLUsdgTu6_aNa2tXVWAM0OBOE8xF3sCwHLlMFyeZfQZy1aPUZKf-6TJ3KgInfNosJ9I5RX5_i-Y37u55SdBlUSEycrP5ZbDopLtMq99GvunoSNUBkiy2faM6Y-y5WcJ6yZglBs7qXuEuTqyVkz6bJ_xia6UJRlbbm3VpX-JbHdCKI8iTNL3caIm07tDmUJXw5rdSNC-PIhn6-rH1UkVgq8RNRBLwHIAseib_qkJDXk56egzEl4I0xGlggCBQqb94MvSSM_8rQui-JXgEYvR1LVjo1HYrY5THGjixQ2Tjb8Ax5cx0KUpIaGq-L_qzgd-KUfiDXcrcp-ATXdz14_r-DENr_gU--kWo-n3UkXedYGpHgdwGZ3wIt-Jc&cid=CAASJ-RoO9n3OorZyT-nY7YytV-6BLJlpsNdsUraJ3vTel8Kqqtgf_VEIQ&rfl=1%2Chttps%253A%252F%252Fscriptpastebin.com%252F%240 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5a32d3a445d536845f46a0817fbb146f398e3ed132d38ce26a9bdd52d73452c9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:54 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32762 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 6A20	42 B 63 B	53ms 53ms	Image image/gif	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BtMNoYD2LG_A-pnOEgNABqjUuA-iWV93MUo6vqU-WalhvyD5QyZsI57HlKizh5pYGzWVnvtnmCCnIuLC9R7S_a4KufOygKABbypGRAL_4471lKMM8 Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:54 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 6A20	3 KB 1 KB	90ms 38ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:55:19 GMT content-encoding gzip x-content-type-options nosniff age 215 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Apr 2022 20:55:19 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 6A20	119 KB 36 KB	94ms 55ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:54 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36908 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1649677559247379" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 12 Apr 2022 20:58:54 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 6A20	15 KB 7 KB	71ms 19ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:54:50 GMT content-encoding gzip x-content-type-options nosniff age 244 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6409 x-xss-protection 0 server cafe etag 15284592792851369840 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Apr 2022 20:54:50 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 6A20	0 0	59ms 28ms	Image text/html	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQA0_iuycXWPKTEXu0ntce1S6aZmjNx1szPM0twJGEu56QFUwgfRTqqmoZC71hZGkYEMD6qd4H9bfQs8pcQeJyfujnIZA Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 9AD0	624 B 300 B	33ms 32ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC6hRoY4tWTrQEwAQ&v=APEucNVxfrkDoajqnGJe-i_DvhgPKnF19VR7S0CRjmNaLlllHz7hJDGV5ALiEqXQSooYsgWWuXTjbRkn-KoyAsJeqR9BBsLqP8ciAYhhTSKhuEHDx0eEgrCcrU97Ot5vHKNbUPEQ56VvDCIHkqpBzeTyqNlF84iTDckxuprSLqmuzVvzi11V9-aEyfvovlRnQj4Ds9c6gz9fXF67l43zrduq0h7JmxpZ6w Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding gzip content-length 276 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 12 Apr 2022 20:58:54 GMT expires Tue, 12 Apr 2022 20:58:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 2504	89 KB 34 KB	73ms 72ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8c_wnvZ7c5RMsK-XueONGUyvPf5V4KsJZB4d6fnF-BtsJt26wr6jqUuaOQa9nJLPK1iLaEDQ3dklKfEohnuVY6Iqjss5KxJ5ri_lSI_Re2ehyuAjUPM7m8N92_nQncMKk-IqMh8pSXpqVAwOo_B32ERZKYg&dbm_d=AKAmf-DJI0h7w6_CZXXekZcI411ZiZtWhZ8J5wCl4ZH6v1TkDraa-HCOIULWNpcvHUkVFbykFeWUfKbvliG_KGlRX3UUqMmZKyiv17KuRmR3c57RkSyS_vDcBhHUbPs03eV_SgW2jFNRTH7cA9_Q50y3OoxFmCQ2824vo3zTcJI61rtl4cNYDQ3UxFuRjy5wcUbI48VSiRSsAE823JPY60PVujWCtlBUTY1cf1Ic9pBLHNw9TPu5iYVJ1zace7WMmkrueVbjiiPT1iUdvIRG0o-RFFaiAlr3Um7GllzjBf_5v-Myx9nU7atWR0ja-Hs_6fzkfvOo71cXIJffku91-04H7AsIsNsgJjqwf_z7HFlGX2_t1SivR8d_45dUeqcEx7XvVYtGMTCHGJaUX9crOlHBURbrkX8YKziHOg4ks-bjM1Ms9VbqgEfAzHJHal7UFf-vKSObJK84bfaUA-pM1pWBt1PYCOgkRjWgGYLlQStQa4gJuUzx5p3_7AF8zqqK3qv0jL_rcRZ_RNi0rX8uXF8FSt5IYUws7aVNsmlA9NCAgsfx20XJB7VOdyEzCBSGcinoiug7oGxzYPwUjUM2xu4pwSXkKjwhVc2GlQ0ZMwDKvKe0CfeKdYXNUOVF1XvsYIfCWhd2uPLTGhDQjguaH7sdx1-va9vQ1UTXlEvkMfD1jf8mLI_i2udH6ZmAjTh58wzYMX6tbQdIJbgmfVyllNITNdZS45G2Ahb6lAPYdrxRrjEmy5kBINZS6nYH6d0fZCp0wR65VfKbU-vF8uCYp_KHRggZhIegNtpK64GbyGT2LLi9w2k3PamdmV-sO6iGHozi9xXvYfkc7Z1C5PMwM_iz3Jx561USrw6xcXGXX4KmbIWtDjq8bhdnxtTWeeVVH-0nYi6EI8DdZKWMFCKxEiqjr2UKI1gK4VgD8lb2D1GeRZdHxqs-pz07ftIPDAK1g6kBI3ikw7E9szBukmrpftmgfL_9yW8mv2WQWkG4zSE9oFKnijNLRAnBY2F1SfA_UruKomuZsPf51TobWYGQWYcEMEGCxH5nGjR31xilHvxFY0RLcMQbroaPF3CTBdoZ8SxJNkLmlSv7izwwpV30yivfGKj_Er5cYfXYYXm8gpajM_UP9-5El7OaGCNME9xuyeQHSt3FwdrJO_TL3G3c_39O-LMPEs-eDE99g5NSS-z15r2hxq-Ser7JsEVM01J-zvlAtIGYR3pB1Mgs0tetRssk94zsVBPxN5Z3BWI6Xp7tVZREUIkyV2MAqT1DV2FI9i6EyHp1Jpur4KCPai8Dzvuh9EXRPNKWasqcGohorDKaRo0iAFGJxYBdXqe0oF4Z5xujq8FH4OXcvMnIvy01ACDihvw4xdl_w4d6apNCOZILExU98CRDAxcFhX7tAXY1xEh--py85TucZEsKBIXBp3sTbdxYn2UFVauds5xnPflyTBzcbUhPruzRAJscyqWyYWBTIWifN_vvBsywNhgdvs69Trggc7XsDPcKh_IRnwzoLaFtwhoQgeGsHye5DKpU7Spahgpuv3CbX-jbF-QDhdaSedx-E5uUc6xCwTRjPlVX6QZK4VirMVdAktZuk3UgaNHNRR3yTeYPrKc1uwsBVQWfpTnHHeVVOlqPDab8gODVuRHCs0pHT2Go4KFp_WRHibYxJgFC-cyDyFCjoJMnZC7z5SmNeX9lPAHIFIre1PkKLrGvXEu8aQqQFTw0yrI-Xcm0cgmf7tfSj0cW4poTX67X_6FEkOFXnJY6kvJ07mMC-C_tLbx9XnkTU3HlZ992Gas2bV1bN1h-d1fT1Z8qNLXVWmZltS7wPKamd7LBJtDdy6T-8yjlza_vy3yF32luvxIwDzYtVBNLKEBd0cFKwUDJq17Cy9tPfNRGhnNUId6HVUgukix3FP8Pva1kq00aSAHC1nFl_HnmFMIrEWmoWcUFMUn5EAQZBVhB5OIltv80BFzo8EFvDkUYWVV2tKpXdPsPKW38LWSImsISKSWLafSdrKKqmMbvh0THmR6iFtzlhkumGVo1ubakrQohWKUjGRICQmILSftgLAqgMVQpnj2goFW4Wk4FZ0CdeOZJSV11ioOGdJ3Igdpm8K1chi2hma0wy8HelcIMfHDNYPGz4Xwzh7jjM4j6hMzR43tiw3EB-FYvchiceTyT9MsI03FnZUWlzzreg4zXGdH1ABSlyYRSufR5h5r7h4YUW4d5mhtgFzkJ-K0PNebmC_61Mpnp06LVHcN4VRuDKY6hvwlREJtnpwjTGUSio5ZbwsLWkaGySMbixlnSBJLevqU4aG6OaR3pJMPzq95LE14aDJ0Ej77kVsQh-49LRQnio2hRZJQWX4n98a7gjOmJqCKlu0Mi3V5B1kqL36_f1ORSWdLX8_-G_yWTwuRD3bFmxpXsLqlfnT33QEimEOA6tzLV3-F0vvznq6pKIaOPMVO_3kpUHPBqO7UMruh5A979vDY1-RJIavtK90QQtsJgWwOsPzSTjvNqFAzv8BhrslmWWW3cfbtisuNf9HTJjb_gvEalDvqtJw6eal5ot5pi02DrbAZ1aUzLcn1yyRLW1jwAveO0m_cRBLuFdmLUwyW761XeuQzT85sMDjriq7QghyR2kGp6jdyHZwcrKccFHt60IxrQA8XYkNVrJP-ppgtg41xRyoAXcoRSYgf9BC2fZ2w1Sgn_e0dXtGSmdw_D_mHjB8u6oUvmUeM_CG625JtJbwGNDbZvBOrA9p1tpQddtKV_aVjhkHQjVX5mNQ3jCJBPWeW65nWUqx7nca-Ml9CC0wye5molbt0jGsXwcCHUgo88vTSzX1mYvQueheqLPHRb3q8AF5SrF0WxqkYmSHJUXEThAOoCfY6BjQo6NG9cyBK6YwxQ4ngzyHSN64TxP61oWEGQQpIgucufvzqL3LAzKh5iOl8gbb-kBZfhjCRkUXKR2RaeQQ4VHHuUQR9stKCIMZdaby_vIBaLT277nyzgLd4iDqKGnshxjPFbWCmtLilNNHFfbphuecnwOFs8dVadPncbx0-Vak8AsaAMr2fpV8pqkGmq4WXQelhYdGU0zwgOu33ZGxqA2cKJubH-tE4KSH1ClncA-iyoj5W3zS0pvSEvLpvWGXWOuHHNoLWjT3RJhVqyY96GEuhDxztWc8dMHAsTynNNYqYaqdW4TNEkGDIxWqkNud38UiKv5-A&cid=CAASJ-RoWv5N9NJ93WamOrdORcIaS9mN17xnOO3LEL2FA0hMmwv6lRn6Og&rfl=1%2Chttps%253A%252F%252Fscriptpastebin.com%252F%240 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 37e091b8d27c5d1a750fc3a2366862023a0ead11f13b7436326883cedda5a386 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:54 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34555 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2504	42 B 63 B	53ms 52ms	Image image/gif	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DA7VeIUp9I-E55cwrkTQ59yntWwZ0wZIXuMZ29L1OGj6XXPaOJ0Zo6FPx_S8_LOAcj_tfCDiSc-Dj6XyqYMuQcioCkD9VyguGwe8TjnzKbtsyiuxI Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:54 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 2504	3 KB 1 KB	87ms 38ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:55:19 GMT content-encoding gzip x-content-type-options nosniff age 215 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Apr 2022 20:55:19 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 2504	119 KB 36 KB	113ms 77ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:54 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36908 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1649677559247379" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 12 Apr 2022 20:58:54 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 2504	15 KB 6 KB	70ms 21ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:54:50 GMT content-encoding gzip x-content-type-options nosniff age 244 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6409 x-xss-protection 0 server cafe etag 15284592792851369840 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Apr 2022 20:54:50 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 2504	0 0	56ms 28ms	Image text/html	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQld-yLYKBwAqmosxgN-7moMYlGVuA5jeAdTc-4OgYKorNJ0b3oUV8gaZfEvThtLDngQhcrKm7K23TtOtw0RnVh9Qi4ig Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 5213	624 B 300 B	38ms 33ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC6hRoY4tWTrQEwAQ&v=APEucNWrwaYj8G_r73bd-Wuj405pdIDXz4_31U4fR8rTfRbA9VAyhdfm7-OioM1Ego-KE9xnjkqACAB_7K1TloekXWRzDCrt4Aj9Cg8t6WXTXQMBd1PmSWYSMuCBzeo341JNgS7RL_YU19kde-qyhE6DnqL5l-4F-MxZkisbGm8q_-1g2ZAGKoMpMe-k6eMzwLUbwIU4E_B2oKWnRMG18nPoPsqjk5tMFA Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding gzip content-length 276 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 12 Apr 2022 20:58:54 GMT expires Tue, 12 Apr 2022 20:58:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 4C0D	89 KB 34 KB	84ms 81ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CssE23CK9hFQIL3U5FgBX5LgS-JBXPON95xHcftdNx9OTER-kH19bJtMuR1JhLdV4GsojhBFJbK1GBaOuyaRCyl_PpeEWcijgFHQDAg9Iv1DpqxtkfH68x9qNegrXLjX8Z-dAGGRQMdg-QBQ09oev5lqEyJw&dbm_d=AKAmf-BJ51mZHa31l7ANtRXPRq6cYYr7sEAtC7N7TYTIZAOD7PuYOo5AImHcFMzKSm7bCdXJFQIbw8eOm-GKY0mwowVQZ8gfAIRd4eHtFb0TGL2TnXhf_2U5m-u1L_Xn9h_MeqVX6qpjXKkciUUqHabbUD10_5SNYNXn8xKL1CKlGtEq9iEFxV61EUpsZw2x22D-JWO31RtqNRyUXvW8h449JFuphEuJ-adg-5pVNQazQWKS9RbGjEDPzeFhTc_rXkCCA75Ot4G-wLTbYNt_jZsAoJvQzy8wteO1HQgq8jXRBRrbDZ43oJH7iLuH9yNmO9nspuouctsnm6nVqx3QclKWEDodf-FIob1-DCem0r_S6RAFJZGjA9w8uSm8Df7smPeDIdgE6ucjPi2Gs890S0tL_fxMwFbSmcEHp6HNDQYRXDjllHzxfNfPPPrMeW7eeeHTvO0yO5Glpvwty7xyoJG8LK2_DWnCZkEW4xDxEfz67xfaXDSTD38j33RrhhPxE1aOELJDZqlrYKRRZh5Fkxvc6N_UgRgQDVbwqrvFrCCbV6XOjTw3ITIBvizQXioraD6hMhYRnT9Unv_7w4Oxi08IjCfC8YaziqdVyOwTbx8wv8eklnvtMrpTnEyk2LjVdQeG0RYUkxyAJiub73MwRmGb0QTK4jIi5JAdhXChPdWgULJ3rxoX6CqHtNUDQKGGAbQwtxwjdP_TRimyrA53KECX6C6HYiob0dusdeDfGuPt1rHOyW6IFcYsJKvgMnt1IMddsRH0UgowKSwyqMAD8A8K0R0l5mKCiXDBzENgBhk84DHT8JmpcUuDFUN2Pj8eNH1Xnu6KxKhoFvsPFjckMLvS1sHHtiEVXQQl8WcEcBAGDFoDwiVc5T5KqppJwqoPaU3t2oS6uF0-I_C4lD2g98b_ulHB6_kfigXk2nsYPr--EXtOK4pabeSUu8P-3JVZbSv7tXerbzHye7DibnwFWikhZXU-lzCuomCAoolcomzoxCYFU2XZ0rU_Pr_DCV3o4faNQw0Vz6g72QVucru5BthBUIsa9m_fdsxtRCi2rKX0Y-F13JYluAI6t1Cwf5pLZ7Q97rpTBfTPSdITU9QZjsezaEXxBnnLZqL-hw7NFtRiw64Ge_zylPrTaM0qM0VSk3nQG7gowJAdR7rRO_vZEhJ11RYk6cUbjF6Hm0v96eJbw1WQkD5TJlANbHUErH6GM7jzQpvo8Cv2tUVhiB0yR17qommu8BFGwGX34yIDZnTluHOV3IkuvOpYdh-JTR6WHMMxTPfLJzk28IjLhAaCDwOIewQoXNc8O3oU62dFKa378wjS70bNgZbhnTwh_yxlvQzHzBUEkc4_L4kkTJ0IUJsCUtI82PVKuPbtlIqkwhUmRCLltAjyOKJYEZZ2xqG_D5k56apWW-YYAUF2UI5lfEZL-HfF2x_bVAWo5IfLnaSrvoRmLBQee5LC1E-wD9TyPleEInr6e21scp-gSLTVif4cP8doHKOO7dqm7GkBA-mKOUEkBUpGke3EVsLAgqZDZTW2jWPFQriLnY0TVOXteZoJ3FTFptzMCrckNTS-WzYRxG4QMD4yF81msWGgOOMTbK_o-ROWYkM9gPAULgpX-FCKNG7PF4Ur3dnHCyCnMAu1z6y_5TOwms5MxOY2uzIMD4WMTSKJwgrtstKkJx-2MZLTquHZroqx3NhEvBxPfl-uG1j17GanAycK7dM0uPlCChGcdt0MTlF6__v0hRtppJYfBm1TWmvOVzSe19LpCuFYQG_wYd81eOURAcuC_xvDz77DMq78tSZhTIWEgO0Dm1eGlIm-Fb8Zqom0waypOrehVePtJF_wKIaY-OvwCNT9Ezedq_fr5wp8h6ta57Q8kzHUfKEsVhnOXL6PG8iNUJf4NUyrOpfUnNNdy9MYH0GcnVAzZvPTQbXsBlvWyhwY_Pr1GA_JPtIJ_gMBgIb4NnugXVFjztQaSyi7yuNEKAsp_kdZgVv1uOIDZsGlnhUfHwXbdeCGeT3Y5khkjGKRWfTOixRhAd6vWzCpGYbzoFh3Lsrp-zFEasYiPV0dOjMp3FqM8w9xAF3R74fA_sbxk48XNBQJm5NX5kUvr54o9mrX49IrHaQV-gBPNu7MwLSn1lSwt8Blrr_rDmyQeArfHq7ZjEahFWiJORHWfcq_OOaBoHcPUN2eLtSnUQkz9nFfOgpTGcjTyt6YqED3KNhsoU112TJk9OOHwg1KpqXl1hJysrXwGwRtenQKPG3cqTqs0zMOe7E1FbnTRDmXR-EyO3LxK_a6QV1NM32d5FeMA2OOEJQrrUobiiQ2jrVGu6LNs68TelzcIix63Jj8TlBE8D8XObvwGDEArfhYXy4bXHoOpvN3VnMbMbDbDJsBvqoJmZ1gyKfEXqWUPqvI0rPQ5lZQJnNGDGqzyjjUYfVkfjXy7BbXR0SlKh00iJ5SkHDDmi7iB2Hz6m0uZES6JWAoZ2-4Pk3r-NloHSonv287lkbYB2IJITvlQdS1n-5SCRDOACup_Mcp_24BrgohlTJ3mccZBRU3-0ArBBD6ieabJ1mHhqsyKu9dMbfw3aQbQv9XPRf-dWc4Y-jvvQVB9OZkAJIAkewpWjwKeUhZOE2-NUjj_16v-nLZCEYCjJyBsobSaD-WQsxBXC-MUJCEzduzGcfKPYNUsBvGUpEOkPha-I2fjbotuJrpkdoBOuUOOpbA9W9EG4umHTVpU5LSg-Nqlm17bPI259N0hx5MCJEIhR-ABsCrRUzBYyGlcCyN3f7tLbJfG66g3U1i08nQr_YEkYZDi0QqqA7ZhlV4_uHSQ9w7OGi5_ljRzd54BzzmpGBm9EIsYFH-x0S2YXwaDHgrJKw1UxFCnweiQv0GFrWl-udzfIBn7pDC1HX1QjqBr4N5K6wJxjbEdzwSG7vZ4ybrA7xrHcSkl0So_zmQdu5s9w3pdvnDSea9EQfcXt36bWhbxy1W2k-eqLyGueW0n_Ufo1gdbrzE3InUr5dTaRXhkyDX1GjJemj6wzovXcE7pdA1udu2rb-n0ju63WlhFnwMvHlJrtrLTvJlmFqzaRabpg1asBF_BO51_VCP6-HHqED5chwOHESuYuQmvEtp7l9QPXqyOt2JLVOivvepcG0oBSkILAGwobfSB2JQhDgtN0KduBXE2kyP2ua35_Zax5f66AmV5a6_MoSnEq4&cid=CAASJ-RownfXqnP56e6AmPWEssVXYXL9Yf6viLjZuR0ryvI-Rv_tTMghIQ&rfl=1%2Chttps%253A%252F%252Fscriptpastebin.com%252F%240 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fc3ebf948d2dcf8233fc7422fc8cd49aa628114d8a04359dbd0caa946ef13dc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:54 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34590 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 4C0D	42 B 63 B	56ms 53ms	Image image/gif	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AIOFaE9N1PmdBXUsglWJgCb4lFkaCDBD-IMglZOeJ_8014E0gFnEdTxwA-Jis0k7jw80ULeni0WwPkusFJ16X6kKPFrv-KeUhWx4bJvbTfcMKNZzw Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:54 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 4C0D	3 KB 1 KB	78ms 37ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:55:19 GMT content-encoding gzip x-content-type-options nosniff age 215 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Apr 2022 20:55:19 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 4C0D	119 KB 36 KB	98ms 69ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:54 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36908 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1649677559247379" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 12 Apr 2022 20:58:54 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 4C0D	15 KB 6 KB	64ms 24ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:54:50 GMT content-encoding gzip x-content-type-options nosniff age 244 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6409 x-xss-protection 0 server cafe etag 15284592792851369840 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Apr 2022 20:54:50 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 4C0D	0 0	49ms 29ms	Image text/html	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSD9oCNW9aM0QSn4Hxc3yfph1j9APFvVWdlKw6V6TubqA3J2w8M28gHR_SNBdGvqVzHpG-2OjEmHYVa4CzH7UTHyycAyw Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers
GET H2	200	flimpobj.js Show response pixel.yabidos.com/ Frame 2308	31 KB 24 KB	28ms 27ms	Script application/javascript	104.16.201.58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/flimpobj.js?cb=1649797134389&ver1=2.2.3&qid=73533313f553633313f593630313&rnd=cxwt45u8haq5&cid=1069 Requested by Host: pixel.yabidos.com URL: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=scriptpastebin.com&s=scriptpastebin.com&adtg=protag-header&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=90&w=728 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.201.58 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:54 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 07 Apr 2022 17:01:39 GMT server cloudflare age 4163 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 6faee1fa09556977-FRA content-length 24217 expires Tue, 12 Apr 2022 22:58:54 GMT
GET H2	200	flimpobj.js Show response pixel.yabidos.com/ Frame 8133	31 KB 24 KB	29ms 28ms	Script application/javascript	104.16.201.58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/flimpobj.js?cb=1649797134390&ver1=2.2.3&qid=73533313f553633313f593630313&rnd=s4gewljwepj7&cid=1069 Requested by Host: pixel.yabidos.com URL: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=scriptpastebin.com&s=scriptpastebin.com&adtg=protag-after_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=280&w=336 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.201.58 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:54 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 07 Apr 2022 17:01:39 GMT server cloudflare age 4163 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 6faee1fa09616977-FRA content-length 24217 expires Tue, 12 Apr 2022 22:58:54 GMT
GET H2	200	flimpobj.js Show response pixel.yabidos.com/ Frame 0F49	31 KB 24 KB	29ms 29ms	Script application/javascript	104.16.201.58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/flimpobj.js?cb=1649797134391&ver1=2.2.3&qid=73533313f553633313f593630313&rnd=kxuwk14q8brf&cid=1069 Requested by Host: pixel.yabidos.com URL: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4994360772&p=scriptpastebin.com&s=scriptpastebin.com&adtg=protag-before_content&nci=2827340060&ci=138343422777&lon=&lat=&emh=&nai=4994360772&h=280&w=468 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.201.58 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:54 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 07 Apr 2022 17:01:39 GMT server cloudflare age 4163 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 6faee1fa09636977-FRA content-length 24217 expires Tue, 12 Apr 2022 22:58:54 GMT
GET H2	200	flimpobj.js Show response pixel.yabidos.com/ Frame A2E4	31 KB 24 KB	44ms 44ms	Script application/javascript	104.16.201.58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/flimpobj.js?cb=1649797134395&ver1=2.2.3&qid=73533313f553633313f593630313&rnd=yvynhq4llnn0&cid=1069 Requested by Host: pixel.yabidos.com URL: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=scriptpastebin.com&s=scriptpastebin.com&adtg=protag-in_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=280&w=336 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.201.58 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:54 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 07 Apr 2022 17:01:39 GMT server cloudflare age 4163 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 6faee1fa096c6977-FRA content-length 24217 expires Tue, 12 Apr 2022 22:58:54 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame E143 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENVXa7K4fdUTGgeAmDNR7Sg&google_cver=1	43 B 1014 B	120ms 51ms	Image image/gif	104.102.29.65 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENVXa7K4fdUTGgeAmDNR7Sg&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmZKBDNq5aCAhiQ0eO-ATAB&v=APEucNXgpSkvmWIzDTUWpag-feZ696I9fwPXGJajg360BGNcykH-PMcGzFE6zf_NH1TwdtQuokWuSfDyCYLnPHLSd3-qmvDRkYdeXklUa886c3_CAgxKG8QjxmR_fCliEliD5Q14BBpqDshhE2t_7ipCKw_LAZTcLhhAw9uN-RQ_hEij1kTpt5rvy7TuAfjbkXkjsYB1cNHiXDFPguVd6EGjjK8dp9TG1w Protocol HTTP/1.1 Server 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-102-29-65.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Pragma no-cache Date Tue, 12 Apr 2022 20:58:54 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 12 Apr 2022 20:58:54 GMT Redirect headers pragma no-cache date Tue, 12 Apr 2022 20:58:54 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENVXa7K4fdUTGgeAmDNR7Sg&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame E143 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YlXoDgTwcdR.BIPaE7oxngAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAbkGJi8CNswElHcEVfqdQw&google_cver=1&google_hm=2	43 B 894 B	52ms 51ms	Image image/gif	104.102.29.65 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAbkGJi8CNswElHcEVfqdQw&google_cver=1&google_hm=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmZKBDNq5aCAhiQ0eO-ATAB&v=APEucNXgpSkvmWIzDTUWpag-feZ696I9fwPXGJajg360BGNcykH-PMcGzFE6zf_NH1TwdtQuokWuSfDyCYLnPHLSd3-qmvDRkYdeXklUa886c3_CAgxKG8QjxmR_fCliEliD5Q14BBpqDshhE2t_7ipCKw_LAZTcLhhAw9uN-RQ_hEij1kTpt5rvy7TuAfjbkXkjsYB1cNHiXDFPguVd6EGjjK8dp9TG1w Protocol HTTP/1.1 Server 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-102-29-65.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Pragma no-cache Date Tue, 12 Apr 2022 20:58:54 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 12 Apr 2022 20:58:54 GMT Redirect headers pragma no-cache date Tue, 12 Apr 2022 20:58:54 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAbkGJi8CNswElHcEVfqdQw&google_cver=1&google_hm=2 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame E143 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESENLm-RXy4k5im3FK6n5os_Y&google_cver=1	43 B 1014 B	202ms 164ms	Image image/gif	37.252.172.250 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESENLm-RXy4k5im3FK6n5os_Y&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmZKBDNq5aCAhiQ0eO-ATAB&v=APEucNXgpSkvmWIzDTUWpag-feZ696I9fwPXGJajg360BGNcykH-PMcGzFE6zf_NH1TwdtQuokWuSfDyCYLnPHLSd3-qmvDRkYdeXklUa886c3_CAgxKG8QjxmR_fCliEliD5Q14BBpqDshhE2t_7ipCKw_LAZTcLhhAw9uN-RQ_hEij1kTpt5rvy7TuAfjbkXkjsYB1cNHiXDFPguVd6EGjjK8dp9TG1w Protocol HTTP/1.1 Server 37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Pragma no-cache Date Tue, 12 Apr 2022 20:58:54 GMT X-Proxy-Origin 185.17.184.1; 185.17.184.1; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 1e06a483-2594-4435-9595-70bf483bd411 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 12 Apr 2022 20:58:54 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESENLm-RXy4k5im3FK6n5os_Y&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame E143 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIwMzkzMjQ4MzM4NzQzNzU0OQ%3D%3D	170 B 188 B	83ms 43ms	Image image/png	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIwMzkzMjQ4MzM4NzQzNzU0OQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmZKBDNq5aCAhiQ0eO-ATAB&v=APEucNXgpSkvmWIzDTUWpag-feZ696I9fwPXGJajg360BGNcykH-PMcGzFE6zf_NH1TwdtQuokWuSfDyCYLnPHLSd3-qmvDRkYdeXklUa886c3_CAgxKG8QjxmR_fCliEliD5Q14BBpqDshhE2t_7ipCKw_LAZTcLhhAw9uN-RQ_hEij1kTpt5rvy7TuAfjbkXkjsYB1cNHiXDFPguVd6EGjjK8dp9TG1w Protocol H3 Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 12 Apr 2022 20:58:54 GMT X-Proxy-Origin 185.17.184.1; 185.17.184.1; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 5cecbf09-9618-4b0f-a823-b3362fcef615 Server nginx/1.21.3 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIwMzkzMjQ4MzM4NzQzNzU0OQ%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 9AD0 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENVXa7K4fdUTGgeAmDNR7Sg&google_cver=1	43 B 1014 B	94ms 67ms	Image image/gif	104.102.29.65 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENVXa7K4fdUTGgeAmDNR7Sg&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC6hRoY4tWTrQEwAQ&v=APEucNVxfrkDoajqnGJe-i_DvhgPKnF19VR7S0CRjmNaLlllHz7hJDGV5ALiEqXQSooYsgWWuXTjbRkn-KoyAsJeqR9BBsLqP8ciAYhhTSKhuEHDx0eEgrCcrU97Ot5vHKNbUPEQ56VvDCIHkqpBzeTyqNlF84iTDckxuprSLqmuzVvzi11V9-aEyfvovlRnQj4Ds9c6gz9fXF67l43zrduq0h7JmxpZ6w Protocol HTTP/1.1 Server 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-102-29-65.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Pragma no-cache Date Tue, 12 Apr 2022 20:58:54 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 12 Apr 2022 20:58:54 GMT Redirect headers pragma no-cache date Tue, 12 Apr 2022 20:58:54 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENVXa7K4fdUTGgeAmDNR7Sg&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 9AD0 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YlXoDgTwcdR.BIPaE7oxngAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAbkGJi8CNswElHcEVfqdQw&google_cver=1&google_hm=2	43 B 894 B	51ms 51ms	Image image/gif	104.102.29.65 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAbkGJi8CNswElHcEVfqdQw&google_cver=1&google_hm=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC6hRoY4tWTrQEwAQ&v=APEucNVxfrkDoajqnGJe-i_DvhgPKnF19VR7S0CRjmNaLlllHz7hJDGV5ALiEqXQSooYsgWWuXTjbRkn-KoyAsJeqR9BBsLqP8ciAYhhTSKhuEHDx0eEgrCcrU97Ot5vHKNbUPEQ56VvDCIHkqpBzeTyqNlF84iTDckxuprSLqmuzVvzi11V9-aEyfvovlRnQj4Ds9c6gz9fXF67l43zrduq0h7JmxpZ6w Protocol HTTP/1.1 Server 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-102-29-65.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Pragma no-cache Date Tue, 12 Apr 2022 20:58:54 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 12 Apr 2022 20:58:54 GMT Redirect headers pragma no-cache date Tue, 12 Apr 2022 20:58:54 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAbkGJi8CNswElHcEVfqdQw&google_cver=1&google_hm=2 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 9AD0 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESENLm-RXy4k5im3FK6n5os_Y&google_cver=1	43 B 1014 B	65ms 41ms	Image image/gif	37.252.172.250 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESENLm-RXy4k5im3FK6n5os_Y&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC6hRoY4tWTrQEwAQ&v=APEucNVxfrkDoajqnGJe-i_DvhgPKnF19VR7S0CRjmNaLlllHz7hJDGV5ALiEqXQSooYsgWWuXTjbRkn-KoyAsJeqR9BBsLqP8ciAYhhTSKhuEHDx0eEgrCcrU97Ot5vHKNbUPEQ56VvDCIHkqpBzeTyqNlF84iTDckxuprSLqmuzVvzi11V9-aEyfvovlRnQj4Ds9c6gz9fXF67l43zrduq0h7JmxpZ6w Protocol HTTP/1.1 Server 37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Pragma no-cache Date Tue, 12 Apr 2022 20:58:54 GMT X-Proxy-Origin 185.17.184.1; 185.17.184.1; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 07040534-77b6-4dce-9801-f422f5ec9a1f Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 12 Apr 2022 20:58:54 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESENLm-RXy4k5im3FK6n5os_Y&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9AD0 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIwMzkzMjQ4MzM4NzQzNzU0OQ%3D%3D	170 B 188 B	61ms 44ms	Image image/png	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIwMzkzMjQ4MzM4NzQzNzU0OQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC6hRoY4tWTrQEwAQ&v=APEucNVxfrkDoajqnGJe-i_DvhgPKnF19VR7S0CRjmNaLlllHz7hJDGV5ALiEqXQSooYsgWWuXTjbRkn-KoyAsJeqR9BBsLqP8ciAYhhTSKhuEHDx0eEgrCcrU97Ot5vHKNbUPEQ56VvDCIHkqpBzeTyqNlF84iTDckxuprSLqmuzVvzi11V9-aEyfvovlRnQj4Ds9c6gz9fXF67l43zrduq0h7JmxpZ6w Protocol H3 Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 12 Apr 2022 20:58:54 GMT X-Proxy-Origin 185.17.184.1; 185.17.184.1; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid e6efd694-0687-4099-a539-8063fb23c471 Server nginx/1.21.3 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIwMzkzMjQ4MzM4NzQzNzU0OQ%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 5213 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMkF0swNkNweLrmLB3ooFIQ&google_cver=1	43 B 1014 B	93ms 65ms	Image image/gif	104.102.29.65 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMkF0swNkNweLrmLB3ooFIQ&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC6hRoY4tWTrQEwAQ&v=APEucNWrwaYj8G_r73bd-Wuj405pdIDXz4_31U4fR8rTfRbA9VAyhdfm7-OioM1Ego-KE9xnjkqACAB_7K1TloekXWRzDCrt4Aj9Cg8t6WXTXQMBd1PmSWYSMuCBzeo341JNgS7RL_YU19kde-qyhE6DnqL5l-4F-MxZkisbGm8q_-1g2ZAGKoMpMe-k6eMzwLUbwIU4E_B2oKWnRMG18nPoPsqjk5tMFA Protocol HTTP/1.1 Server 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-102-29-65.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Pragma no-cache Date Tue, 12 Apr 2022 20:58:54 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 12 Apr 2022 20:58:54 GMT Redirect headers pragma no-cache date Tue, 12 Apr 2022 20:58:54 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMkF0swNkNweLrmLB3ooFIQ&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 5213 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YlXoDgTwcdR.BIPaE7oxngAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAbkGJi8CNswElHcEVfqdQw&google_cver=1&google_hm=2	43 B 1014 B	50ms 49ms	Image image/gif	104.102.29.65 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAbkGJi8CNswElHcEVfqdQw&google_cver=1&google_hm=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC6hRoY4tWTrQEwAQ&v=APEucNWrwaYj8G_r73bd-Wuj405pdIDXz4_31U4fR8rTfRbA9VAyhdfm7-OioM1Ego-KE9xnjkqACAB_7K1TloekXWRzDCrt4Aj9Cg8t6WXTXQMBd1PmSWYSMuCBzeo341JNgS7RL_YU19kde-qyhE6DnqL5l-4F-MxZkisbGm8q_-1g2ZAGKoMpMe-k6eMzwLUbwIU4E_B2oKWnRMG18nPoPsqjk5tMFA Protocol HTTP/1.1 Server 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-102-29-65.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Pragma no-cache Date Tue, 12 Apr 2022 20:58:55 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 12 Apr 2022 20:58:55 GMT Redirect headers pragma no-cache date Tue, 12 Apr 2022 20:58:55 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAbkGJi8CNswElHcEVfqdQw&google_cver=1&google_hm=2 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 5213 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESELWwkql-Ew_0vTcF3zbur7Q&google_cver=1	43 B 1014 B	60ms 20ms	Image image/gif	37.252.172.250 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESELWwkql-Ew_0vTcF3zbur7Q&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC6hRoY4tWTrQEwAQ&v=APEucNWrwaYj8G_r73bd-Wuj405pdIDXz4_31U4fR8rTfRbA9VAyhdfm7-OioM1Ego-KE9xnjkqACAB_7K1TloekXWRzDCrt4Aj9Cg8t6WXTXQMBd1PmSWYSMuCBzeo341JNgS7RL_YU19kde-qyhE6DnqL5l-4F-MxZkisbGm8q_-1g2ZAGKoMpMe-k6eMzwLUbwIU4E_B2oKWnRMG18nPoPsqjk5tMFA Protocol HTTP/1.1 Server 37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Pragma no-cache Date Tue, 12 Apr 2022 20:58:54 GMT X-Proxy-Origin 185.17.184.1; 185.17.184.1; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 27645d20-3a61-4a44-83d5-7eb26056ad62 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 12 Apr 2022 20:58:54 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESELWwkql-Ew_0vTcF3zbur7Q&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5213 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIwMzkzMjQ4MzM4NzQzNzU0OQ%3D%3D	170 B 188 B	48ms 43ms	Image image/png	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIwMzkzMjQ4MzM4NzQzNzU0OQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC6hRoY4tWTrQEwAQ&v=APEucNWrwaYj8G_r73bd-Wuj405pdIDXz4_31U4fR8rTfRbA9VAyhdfm7-OioM1Ego-KE9xnjkqACAB_7K1TloekXWRzDCrt4Aj9Cg8t6WXTXQMBd1PmSWYSMuCBzeo341JNgS7RL_YU19kde-qyhE6DnqL5l-4F-MxZkisbGm8q_-1g2ZAGKoMpMe-k6eMzwLUbwIU4E_B2oKWnRMG18nPoPsqjk5tMFA Protocol H3 Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 12 Apr 2022 20:58:54 GMT X-Proxy-Origin 185.17.184.1; 185.17.184.1; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid ecbb34d8-dd16-4c21-8978-530dc66f2dbc Server nginx/1.21.3 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIwMzkzMjQ4MzM4NzQzNzU0OQ%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	vbl.gif pre.glotgrx.com/ Frame 2308	26 B 84 B	102ms 49ms	Image image/gif	2606:4700::6810:79c3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pre.glotgrx.com/vbl.gif?cb=1649797134485&rnd=cxwt45u8haq5&ifm=2&uai=2&cid=1069&s=scriptpastebin.com&p=scriptpastebin.com&x=4404325371&adtg=protag-header&ats=0&atf=&nsi=&si=&nci=2101210293&nai=4404325371&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh= Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:79c3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:54 GMT cf-cache-status HIT last-modified Sat, 05 Mar 2022 11:39:33 GMT server cloudflare age 3093 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif cache-control public, max-age=7200 accept-ranges bytes cf-ray 6faee1fafb879055-FRA content-length 26 expires Tue, 12 Apr 2022 22:58:54 GMT
GET H2	200	nflrc.gif pre.glotgrx.com/ Frame 2308	26 B 304 B	101ms 48ms	Image image/gif	2606:4700::6810:79c3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pre.glotgrx.com/nflrc.gif?cb=1649797134471432&ver=1.2r81&qid=73533313f553633313f593630313&p=scriptpastebin.com&s=scriptpastebin.com&x=4404325371&cid=1069&od1=&od2=&adtg=protag-header&nci=2101210293&nai=4404325371&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=cxwt45u8haq5&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&w=728&h=90&lat=&lon=&ci=&1=27dec25a2c8d270f41761338362fff9f&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1069&ifm=2&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=0&icp=&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-28-p-fl-18-s-fl-18-x-fl-10-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-13-nci-fl-10-nai-fl-10-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-w-fl-3-h-fl-2-lat-fl-0-lon-fl-0-ci-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1x1&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=23 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:79c3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:54 GMT cf-cache-status HIT last-modified Sat, 05 Mar 2022 11:39:33 GMT server cloudflare age 3092 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif cache-control public, max-age=7200 accept-ranges bytes cf-ray 6faee1fafb8b9055-FRA content-length 26 expires Tue, 12 Apr 2022 22:58:54 GMT
GET H2	200	vbl.gif pre.glotgrx.com/ Frame 8133	26 B 88 B	46ms 45ms	Image image/gif	2606:4700::6810:79c3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pre.glotgrx.com/vbl.gif?cb=1649797134515&rnd=s4gewljwepj7&ifm=2&uai=2&cid=1069&s=scriptpastebin.com&p=scriptpastebin.com&x=4404325371&adtg=protag-after_content&ats=0&atf=&nsi=&si=&nci=2101210293&nai=4404325371&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh= Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:79c3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:54 GMT cf-cache-status HIT last-modified Sat, 05 Mar 2022 11:39:33 GMT server cloudflare age 3093 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif cache-control public, max-age=7200 accept-ranges bytes cf-ray 6faee1fb0b919055-FRA content-length 26 expires Tue, 12 Apr 2022 22:58:54 GMT
GET H2	200	nflrc.gif pre.glotgrx.com/ Frame 8133	26 B 84 B	49ms 49ms	Image image/gif	2606:4700::6810:79c3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pre.glotgrx.com/nflrc.gif?cb=16497971345001&ver=1.2r81&qid=73533313f553633313f593630313&p=scriptpastebin.com&s=scriptpastebin.com&x=4404325371&cid=1069&od1=&od2=&adtg=protag-after_content&nci=2101210293&nai=4404325371&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=s4gewljwepj7&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&w=336&h=280&lat=&lon=&ci=&1=27dec25a2c8d270f41761338362fff9f&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1069&ifm=2&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=0&icp=&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-28-p-fl-18-s-fl-18-x-fl-10-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-20-nci-fl-10-nai-fl-10-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-w-fl-3-h-fl-3-lat-fl-0-lon-fl-0-ci-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1x1&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=51 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:79c3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:54 GMT cf-cache-status HIT last-modified Sat, 05 Mar 2022 11:39:33 GMT server cloudflare age 3092 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif cache-control public, max-age=7200 accept-ranges bytes cf-ray 6faee1fb0b929055-FRA content-length 26 expires Tue, 12 Apr 2022 22:58:54 GMT
GET H2	200	skeleton.js Show response fw.adsafeprotected.com/rjss/st/1005663/62077108/ Frame 6A20	46 KB 12 KB	138ms 33ms	Script application/javascript	54.154.24.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fw.adsafeprotected.com/rjss/st/1005663/62077108/skeleton.js?ias_dspID=3&ias_campId=25770367&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=15622086937&bidurl=https://scriptpastebin.com/1900/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gsOhwep8ExR1uFCGjN7vC6 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJesmlR4PHN-W3r9EGvxFxXvIR2436YZCeYjRRdaHtXqqb-LkB_j2C6NlfRLZfsk2g0qpI2tFKRPSfB8CWf1LPFPW9G7ytucuLe5owUOSjbceN0CA2TAXHCUQfbCitzCrsYkb5Th9Xw0rjWz95J7GlOsLQnQ&dbm_d=AKAmf-DkC1byw7z5ucytaKTWqOmIyTrEmEQK_gWcTVIJKJvyC_1-bqJz1MjbTorXQhR1I7AjjJwfKAq0uXbkO5In6uV2g6zpLvbucEUYTPmUb-zQicJGfHp5TqVGKsL-d1_icdUQIdzaXOOCIfLGRplO2g8Rt2Fsu6d1uBYykfi9Oi-nH8f5Yij6QqySau0FV-rgs-cmDGNumuhpjbATFjLht7Unl7Vje56jNjosbyTVHZrF8Ku8_SaEnRCkAXTvgOAPFhq_M44Ljk_IwQb6mRciTPkNOay86hcQXFCx6DxpCQTnT_-XDrsLaR3ATeUUv9QL1nvxkRcko-G4EHtpP2CYa1qqmiH1IEdgPQyW6TWAMKXBwvI2JlpBroeTBWBN9lqD3b8WpEKABtSh7vz6b-C7W42FJFpLwXwTRNZ7pf7cacNRE_e0dqDDORo0d6FFK8_cufAZzTrNKYntwCgDPjJK9fmFUF6XCo2Dggf-rwmN3faSua1W3HhrP6YoknA0x8ka_mTQjS8Vzgp3EnzOfc0CfGO4i5_PsmRYUiwPHPA2cPz1998CvBa8-_QfLvFEqZv0egRAuHTQOVE00EYXZQTaHd-OYaQn6K4VMG1OZc-1PWY-9qowqTLeIGQ5kzeTCJwijWo-WUXOGvVOTmhPp1vtjat9Vl2oA3bgm36Cpuqm_qf71zLLSKMmfUnQtN4GSUGSBhcDtsXJtkYDnHCsttVnMM62VePe5kurCcUM5FmYGKQeaFndRFF5cchU7xWs4XCpV917IfzEbtJfSLsheV9-1UF2u_kzcUEXq3BCZoILiOHYlVFjPDzGKvvFUIEfJj80rGIMRx8R5RrCbb43IkiN2ZpxuN9Lm8P6Nqj0BTvmUewQgctTkfOIW22JO0v8auvYMq-sgMXlhDqBvl51YNyzYPVxinmj4L9Qaj7i5MMTXOuB9UIq6IqUWLrSOB_e7tOAdzx1_e9Uzg3-A6wxi1wjEeay-8mB_eZ5WIF29Wjz__AcOoogb95NU88e3cxgniDoKFwaZZR-ldaadYTtwImhMIG5S92HB8fqyiZXzkHED7T-otuPG0fyZpwD6BPnztaY7Wq1mfJqyRwG0OF3nVm1eVub7PQBslxlkhV41Yo6SnYaraaot9ctz-ZDyNk6w52j5AdQ-9l6mb1wDNcyDaCli8lpzutt4RzxNQ_dMNScUuY1ze_09NGPze4mqmmGpX-D1IYlcnhTTFqW6l1tWBFUM_1Xm_Upg87dU5Kd1-LrF8DRQZZpsRYjgY6LU_LMdl-VuBIbFAG2IrCXOZHd6gRdT1b8chAwWFAWUOGw63T4B2rg5cWyX5w1K9H7Id5zwpkXick9r3Wbu7wIvaRvZee-lZMPapE9DvN9yrbPyvTM009zkeB7t28wXfc09_EeDGjqf5LSvrRw4o7wiNJLzCfnrsnvUOO0YTDj7VTC5eawzUOa6tiTXqiljzfbob6NcdtAELIp_ry9bzLlP5OKKRHKu1naGI3jPrSNHTAMobc9PJGqHiuL1k6D3jBb229VqMElepGz0-MijVGn81Nr-Y6nrkvuFyMxrtvCLZkHpRCQUr2Y83CoKJa04PAhbitswXAjjBTuo9hvNcttkvOSTyOygZWCFkny1l48a0yduHyvD6vPuVoq-9JmyhjITRjcGObCwjF5CE2LmgaZfcLrQu49Hv3IzJSYQrAR7XSfPoMku8lIRXkxmoW0h550pT-3L_4MZfYm6CUbGFk4BGFsqn6o4hW9c3WRkKfH5ncRAUXP1s_VuPG-hwKBqprty1fxy3aKaJyRkxtfBwt8LT25GDLE1ETPaznT3hfmb5pZlzcSCxzD5K7xtkyodGSV4JeUJthJzjz0ENc8mqCEcnqFqpykidrw5iP_Iz7eFIx2HR2J0j4MBIbL5oNvxvXR2JBCzOvRMf1PY-RhrT0iiVcSPmGL3Xr3qxlKVVWV8P-CA3X3-2OhLkIvkS9ZEYSHD-N4OFvyQJWmpCCPUY8IwgKe1u-gayplschtbjERFIqqpKnuz122DnCVRFNecuII9ZMIszT-1Dy_rwRpAeWzd0kfbyaM_X8cZjif_fxTqDUpxXSziMC-4JGEdUH4342zeliLHutxP2Crpt-QObYHDYDXlwUaGZ4Juh-1bIsSLbV7lvDFQRYWOKaZCQjD7w5ULsFRd7leVAG0gj1P5A2d9TgGnYLBj7ROFDZKHY_D0LpuxJXfgnP7PSBjc89rC_qiUY18KZQX2XHF_sYXwbk3FyXccGHBBXlxqPpFx7DZ9_0-qUEIHn2FAMTNEj_ZC3wjUWRduFyywQ0FdLkAMRH7rE3UF4W-vSEOe6nhorLehYwHQLw7u_yWZiA5MA6U02ofTW7DhF-Z0_-HVfR7rZT_rrKdn9CBQ1e_6Wb4yEeIsQ58-XDSgEUoOy11nk2EYJZzPVS78U1tau7i0TaTnbsqR8iIC4QYN4p-i8o1vzw8qs2kPZMYpLRDScxoE8WFzF01QC3rXxay2_RNq5kh20ohaL1VNNc-XONGy9GI6V5rGWq2HHCNb1AND1O8CuWB-_2ypzVb5f1LD2WKkMAP91igleiS1f_4HD6k9qCpcEDm7FWefCJl7Lk6oKV-X_tKMcpF51Hr3-Gjf-F_hjCVJNEl6T8lvfLfE3yv2tTXwxIkgBhx3c3EUQTAebY-gSmKX_P8JM5slc7LsyZa_3DvVYF71IdcUpQWOPnIKetYi_B7KwtSksOvZboynSjkygSsaaAO2C3YCkTDaSTaKfv-WGg5vyuT241hBEK53HMAVUz1J9lXe4ZcNaLKadl78HOFDZ8KOac837e2YFgtUEz62ANA0EhLX6u9m_6xFIvSXgXCHla8pIdfYdu8dXquVcCItPnQcDr7embZj0MnCb0E9uU3_oB5cUBLlYhrhcTCjd_ZzhirvVieOIATNj-9WbUcjnMPstAxLUsdgTu6_aNa2tXVWAM0OBOE8xF3sCwHLlMFyeZfQZy1aPUZKf-6TJ3KgInfNosJ9I5RX5_i-Y37u55SdBlUSEycrP5ZbDopLtMq99GvunoSNUBkiy2faM6Y-y5WcJ6yZglBs7qXuEuTqyVkz6bJ_xia6UJRlbbm3VpX-JbHdCKI8iTNL3caIm07tDmUJXw5rdSNC-PIhn6-rH1UkVgq8RNRBLwHIAseib_qkJDXk56egzEl4I0xGlggCBQqb94MvSSM_8rQui-JXgEYvR1LVjo1HYrY5THGjixQ2Tjb8Ax5cx0KUpIaGq-L_qzgd-KUfiDXcrcp-ATXdz14_r-DENr_gU--kWo-n3UkXedYGpHgdwGZ3wIt-Jc&cid=CAASJ-RoO9n3OorZyT-nY7YytV-6BLJlpsNdsUraJ3vTel8Kqqtgf_VEIQ&rfl=1%2Chttps%253A%252F%252Fscriptpastebin.com%252F%240 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.154.24.76 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-154-24-76.eu-west-1.compute.amazonaws.com Software / Resource Hash 1d32273d0f71d8816057016348094518b9c9566461671ad0cd2326ab21920ae7 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:54 GMT content-encoding gzip vary accept-encoding content-type application/javascript;charset=utf-8 access-control-allow-origin fw.adsafeprotected.com cache-control no-cache access-control-allow-credentials true expires Wed, 31 Dec 1969 23:59:59 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame 6A20	25 KB 10 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJesmlR4PHN-W3r9EGvxFxXvIR2436YZCeYjRRdaHtXqqb-LkB_j2C6NlfRLZfsk2g0qpI2tFKRPSfB8CWf1LPFPW9G7ytucuLe5owUOSjbceN0CA2TAXHCUQfbCitzCrsYkb5Th9Xw0rjWz95J7GlOsLQnQ&dbm_d=AKAmf-DkC1byw7z5ucytaKTWqOmIyTrEmEQK_gWcTVIJKJvyC_1-bqJz1MjbTorXQhR1I7AjjJwfKAq0uXbkO5In6uV2g6zpLvbucEUYTPmUb-zQicJGfHp5TqVGKsL-d1_icdUQIdzaXOOCIfLGRplO2g8Rt2Fsu6d1uBYykfi9Oi-nH8f5Yij6QqySau0FV-rgs-cmDGNumuhpjbATFjLht7Unl7Vje56jNjosbyTVHZrF8Ku8_SaEnRCkAXTvgOAPFhq_M44Ljk_IwQb6mRciTPkNOay86hcQXFCx6DxpCQTnT_-XDrsLaR3ATeUUv9QL1nvxkRcko-G4EHtpP2CYa1qqmiH1IEdgPQyW6TWAMKXBwvI2JlpBroeTBWBN9lqD3b8WpEKABtSh7vz6b-C7W42FJFpLwXwTRNZ7pf7cacNRE_e0dqDDORo0d6FFK8_cufAZzTrNKYntwCgDPjJK9fmFUF6XCo2Dggf-rwmN3faSua1W3HhrP6YoknA0x8ka_mTQjS8Vzgp3EnzOfc0CfGO4i5_PsmRYUiwPHPA2cPz1998CvBa8-_QfLvFEqZv0egRAuHTQOVE00EYXZQTaHd-OYaQn6K4VMG1OZc-1PWY-9qowqTLeIGQ5kzeTCJwijWo-WUXOGvVOTmhPp1vtjat9Vl2oA3bgm36Cpuqm_qf71zLLSKMmfUnQtN4GSUGSBhcDtsXJtkYDnHCsttVnMM62VePe5kurCcUM5FmYGKQeaFndRFF5cchU7xWs4XCpV917IfzEbtJfSLsheV9-1UF2u_kzcUEXq3BCZoILiOHYlVFjPDzGKvvFUIEfJj80rGIMRx8R5RrCbb43IkiN2ZpxuN9Lm8P6Nqj0BTvmUewQgctTkfOIW22JO0v8auvYMq-sgMXlhDqBvl51YNyzYPVxinmj4L9Qaj7i5MMTXOuB9UIq6IqUWLrSOB_e7tOAdzx1_e9Uzg3-A6wxi1wjEeay-8mB_eZ5WIF29Wjz__AcOoogb95NU88e3cxgniDoKFwaZZR-ldaadYTtwImhMIG5S92HB8fqyiZXzkHED7T-otuPG0fyZpwD6BPnztaY7Wq1mfJqyRwG0OF3nVm1eVub7PQBslxlkhV41Yo6SnYaraaot9ctz-ZDyNk6w52j5AdQ-9l6mb1wDNcyDaCli8lpzutt4RzxNQ_dMNScUuY1ze_09NGPze4mqmmGpX-D1IYlcnhTTFqW6l1tWBFUM_1Xm_Upg87dU5Kd1-LrF8DRQZZpsRYjgY6LU_LMdl-VuBIbFAG2IrCXOZHd6gRdT1b8chAwWFAWUOGw63T4B2rg5cWyX5w1K9H7Id5zwpkXick9r3Wbu7wIvaRvZee-lZMPapE9DvN9yrbPyvTM009zkeB7t28wXfc09_EeDGjqf5LSvrRw4o7wiNJLzCfnrsnvUOO0YTDj7VTC5eawzUOa6tiTXqiljzfbob6NcdtAELIp_ry9bzLlP5OKKRHKu1naGI3jPrSNHTAMobc9PJGqHiuL1k6D3jBb229VqMElepGz0-MijVGn81Nr-Y6nrkvuFyMxrtvCLZkHpRCQUr2Y83CoKJa04PAhbitswXAjjBTuo9hvNcttkvOSTyOygZWCFkny1l48a0yduHyvD6vPuVoq-9JmyhjITRjcGObCwjF5CE2LmgaZfcLrQu49Hv3IzJSYQrAR7XSfPoMku8lIRXkxmoW0h550pT-3L_4MZfYm6CUbGFk4BGFsqn6o4hW9c3WRkKfH5ncRAUXP1s_VuPG-hwKBqprty1fxy3aKaJyRkxtfBwt8LT25GDLE1ETPaznT3hfmb5pZlzcSCxzD5K7xtkyodGSV4JeUJthJzjz0ENc8mqCEcnqFqpykidrw5iP_Iz7eFIx2HR2J0j4MBIbL5oNvxvXR2JBCzOvRMf1PY-RhrT0iiVcSPmGL3Xr3qxlKVVWV8P-CA3X3-2OhLkIvkS9ZEYSHD-N4OFvyQJWmpCCPUY8IwgKe1u-gayplschtbjERFIqqpKnuz122DnCVRFNecuII9ZMIszT-1Dy_rwRpAeWzd0kfbyaM_X8cZjif_fxTqDUpxXSziMC-4JGEdUH4342zeliLHutxP2Crpt-QObYHDYDXlwUaGZ4Juh-1bIsSLbV7lvDFQRYWOKaZCQjD7w5ULsFRd7leVAG0gj1P5A2d9TgGnYLBj7ROFDZKHY_D0LpuxJXfgnP7PSBjc89rC_qiUY18KZQX2XHF_sYXwbk3FyXccGHBBXlxqPpFx7DZ9_0-qUEIHn2FAMTNEj_ZC3wjUWRduFyywQ0FdLkAMRH7rE3UF4W-vSEOe6nhorLehYwHQLw7u_yWZiA5MA6U02ofTW7DhF-Z0_-HVfR7rZT_rrKdn9CBQ1e_6Wb4yEeIsQ58-XDSgEUoOy11nk2EYJZzPVS78U1tau7i0TaTnbsqR8iIC4QYN4p-i8o1vzw8qs2kPZMYpLRDScxoE8WFzF01QC3rXxay2_RNq5kh20ohaL1VNNc-XONGy9GI6V5rGWq2HHCNb1AND1O8CuWB-_2ypzVb5f1LD2WKkMAP91igleiS1f_4HD6k9qCpcEDm7FWefCJl7Lk6oKV-X_tKMcpF51Hr3-Gjf-F_hjCVJNEl6T8lvfLfE3yv2tTXwxIkgBhx3c3EUQTAebY-gSmKX_P8JM5slc7LsyZa_3DvVYF71IdcUpQWOPnIKetYi_B7KwtSksOvZboynSjkygSsaaAO2C3YCkTDaSTaKfv-WGg5vyuT241hBEK53HMAVUz1J9lXe4ZcNaLKadl78HOFDZ8KOac837e2YFgtUEz62ANA0EhLX6u9m_6xFIvSXgXCHla8pIdfYdu8dXquVcCItPnQcDr7embZj0MnCb0E9uU3_oB5cUBLlYhrhcTCjd_ZzhirvVieOIATNj-9WbUcjnMPstAxLUsdgTu6_aNa2tXVWAM0OBOE8xF3sCwHLlMFyeZfQZy1aPUZKf-6TJ3KgInfNosJ9I5RX5_i-Y37u55SdBlUSEycrP5ZbDopLtMq99GvunoSNUBkiy2faM6Y-y5WcJ6yZglBs7qXuEuTqyVkz6bJ_xia6UJRlbbm3VpX-JbHdCKI8iTNL3caIm07tDmUJXw5rdSNC-PIhn6-rH1UkVgq8RNRBLwHIAseib_qkJDXk56egzEl4I0xGlggCBQqb94MvSSM_8rQui-JXgEYvR1LVjo1HYrY5THGjixQ2Tjb8Ax5cx0KUpIaGq-L_qzgd-KUfiDXcrcp-ATXdz14_r-DENr_gU--kWo-n3UkXedYGpHgdwGZ3wIt-Jc&cid=CAASJ-RoO9n3OorZyT-nY7YytV-6BLJlpsNdsUraJ3vTel8Kqqtgf_VEIQ&rfl=1%2Chttps%253A%252F%252Fscriptpastebin.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 738b0dff97289a490e0472cca7d25e291a7ea70c850bfee1e264e9ad87a4a97b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:55:06 GMT content-encoding gzip x-content-type-options nosniff age 228 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9790 x-xss-protection 0 server cafe etag 8169034061967891973 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Apr 2022 20:55:06 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/elements/html/ Frame 6A20	8 KB 3 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJesmlR4PHN-W3r9EGvxFxXvIR2436YZCeYjRRdaHtXqqb-LkB_j2C6NlfRLZfsk2g0qpI2tFKRPSfB8CWf1LPFPW9G7ytucuLe5owUOSjbceN0CA2TAXHCUQfbCitzCrsYkb5Th9Xw0rjWz95J7GlOsLQnQ&dbm_d=AKAmf-DkC1byw7z5ucytaKTWqOmIyTrEmEQK_gWcTVIJKJvyC_1-bqJz1MjbTorXQhR1I7AjjJwfKAq0uXbkO5In6uV2g6zpLvbucEUYTPmUb-zQicJGfHp5TqVGKsL-d1_icdUQIdzaXOOCIfLGRplO2g8Rt2Fsu6d1uBYykfi9Oi-nH8f5Yij6QqySau0FV-rgs-cmDGNumuhpjbATFjLht7Unl7Vje56jNjosbyTVHZrF8Ku8_SaEnRCkAXTvgOAPFhq_M44Ljk_IwQb6mRciTPkNOay86hcQXFCx6DxpCQTnT_-XDrsLaR3ATeUUv9QL1nvxkRcko-G4EHtpP2CYa1qqmiH1IEdgPQyW6TWAMKXBwvI2JlpBroeTBWBN9lqD3b8WpEKABtSh7vz6b-C7W42FJFpLwXwTRNZ7pf7cacNRE_e0dqDDORo0d6FFK8_cufAZzTrNKYntwCgDPjJK9fmFUF6XCo2Dggf-rwmN3faSua1W3HhrP6YoknA0x8ka_mTQjS8Vzgp3EnzOfc0CfGO4i5_PsmRYUiwPHPA2cPz1998CvBa8-_QfLvFEqZv0egRAuHTQOVE00EYXZQTaHd-OYaQn6K4VMG1OZc-1PWY-9qowqTLeIGQ5kzeTCJwijWo-WUXOGvVOTmhPp1vtjat9Vl2oA3bgm36Cpuqm_qf71zLLSKMmfUnQtN4GSUGSBhcDtsXJtkYDnHCsttVnMM62VePe5kurCcUM5FmYGKQeaFndRFF5cchU7xWs4XCpV917IfzEbtJfSLsheV9-1UF2u_kzcUEXq3BCZoILiOHYlVFjPDzGKvvFUIEfJj80rGIMRx8R5RrCbb43IkiN2ZpxuN9Lm8P6Nqj0BTvmUewQgctTkfOIW22JO0v8auvYMq-sgMXlhDqBvl51YNyzYPVxinmj4L9Qaj7i5MMTXOuB9UIq6IqUWLrSOB_e7tOAdzx1_e9Uzg3-A6wxi1wjEeay-8mB_eZ5WIF29Wjz__AcOoogb95NU88e3cxgniDoKFwaZZR-ldaadYTtwImhMIG5S92HB8fqyiZXzkHED7T-otuPG0fyZpwD6BPnztaY7Wq1mfJqyRwG0OF3nVm1eVub7PQBslxlkhV41Yo6SnYaraaot9ctz-ZDyNk6w52j5AdQ-9l6mb1wDNcyDaCli8lpzutt4RzxNQ_dMNScUuY1ze_09NGPze4mqmmGpX-D1IYlcnhTTFqW6l1tWBFUM_1Xm_Upg87dU5Kd1-LrF8DRQZZpsRYjgY6LU_LMdl-VuBIbFAG2IrCXOZHd6gRdT1b8chAwWFAWUOGw63T4B2rg5cWyX5w1K9H7Id5zwpkXick9r3Wbu7wIvaRvZee-lZMPapE9DvN9yrbPyvTM009zkeB7t28wXfc09_EeDGjqf5LSvrRw4o7wiNJLzCfnrsnvUOO0YTDj7VTC5eawzUOa6tiTXqiljzfbob6NcdtAELIp_ry9bzLlP5OKKRHKu1naGI3jPrSNHTAMobc9PJGqHiuL1k6D3jBb229VqMElepGz0-MijVGn81Nr-Y6nrkvuFyMxrtvCLZkHpRCQUr2Y83CoKJa04PAhbitswXAjjBTuo9hvNcttkvOSTyOygZWCFkny1l48a0yduHyvD6vPuVoq-9JmyhjITRjcGObCwjF5CE2LmgaZfcLrQu49Hv3IzJSYQrAR7XSfPoMku8lIRXkxmoW0h550pT-3L_4MZfYm6CUbGFk4BGFsqn6o4hW9c3WRkKfH5ncRAUXP1s_VuPG-hwKBqprty1fxy3aKaJyRkxtfBwt8LT25GDLE1ETPaznT3hfmb5pZlzcSCxzD5K7xtkyodGSV4JeUJthJzjz0ENc8mqCEcnqFqpykidrw5iP_Iz7eFIx2HR2J0j4MBIbL5oNvxvXR2JBCzOvRMf1PY-RhrT0iiVcSPmGL3Xr3qxlKVVWV8P-CA3X3-2OhLkIvkS9ZEYSHD-N4OFvyQJWmpCCPUY8IwgKe1u-gayplschtbjERFIqqpKnuz122DnCVRFNecuII9ZMIszT-1Dy_rwRpAeWzd0kfbyaM_X8cZjif_fxTqDUpxXSziMC-4JGEdUH4342zeliLHutxP2Crpt-QObYHDYDXlwUaGZ4Juh-1bIsSLbV7lvDFQRYWOKaZCQjD7w5ULsFRd7leVAG0gj1P5A2d9TgGnYLBj7ROFDZKHY_D0LpuxJXfgnP7PSBjc89rC_qiUY18KZQX2XHF_sYXwbk3FyXccGHBBXlxqPpFx7DZ9_0-qUEIHn2FAMTNEj_ZC3wjUWRduFyywQ0FdLkAMRH7rE3UF4W-vSEOe6nhorLehYwHQLw7u_yWZiA5MA6U02ofTW7DhF-Z0_-HVfR7rZT_rrKdn9CBQ1e_6Wb4yEeIsQ58-XDSgEUoOy11nk2EYJZzPVS78U1tau7i0TaTnbsqR8iIC4QYN4p-i8o1vzw8qs2kPZMYpLRDScxoE8WFzF01QC3rXxay2_RNq5kh20ohaL1VNNc-XONGy9GI6V5rGWq2HHCNb1AND1O8CuWB-_2ypzVb5f1LD2WKkMAP91igleiS1f_4HD6k9qCpcEDm7FWefCJl7Lk6oKV-X_tKMcpF51Hr3-Gjf-F_hjCVJNEl6T8lvfLfE3yv2tTXwxIkgBhx3c3EUQTAebY-gSmKX_P8JM5slc7LsyZa_3DvVYF71IdcUpQWOPnIKetYi_B7KwtSksOvZboynSjkygSsaaAO2C3YCkTDaSTaKfv-WGg5vyuT241hBEK53HMAVUz1J9lXe4ZcNaLKadl78HOFDZ8KOac837e2YFgtUEz62ANA0EhLX6u9m_6xFIvSXgXCHla8pIdfYdu8dXquVcCItPnQcDr7embZj0MnCb0E9uU3_oB5cUBLlYhrhcTCjd_ZzhirvVieOIATNj-9WbUcjnMPstAxLUsdgTu6_aNa2tXVWAM0OBOE8xF3sCwHLlMFyeZfQZy1aPUZKf-6TJ3KgInfNosJ9I5RX5_i-Y37u55SdBlUSEycrP5ZbDopLtMq99GvunoSNUBkiy2faM6Y-y5WcJ6yZglBs7qXuEuTqyVkz6bJ_xia6UJRlbbm3VpX-JbHdCKI8iTNL3caIm07tDmUJXw5rdSNC-PIhn6-rH1UkVgq8RNRBLwHIAseib_qkJDXk56egzEl4I0xGlggCBQqb94MvSSM_8rQui-JXgEYvR1LVjo1HYrY5THGjixQ2Tjb8Ax5cx0KUpIaGq-L_qzgd-KUfiDXcrcp-ATXdz14_r-DENr_gU--kWo-n3UkXedYGpHgdwGZ3wIt-Jc&cid=CAASJ-RoO9n3OorZyT-nY7YytV-6BLJlpsNdsUraJ3vTel8Kqqtgf_VEIQ&rfl=1%2Chttps%253A%252F%252Fscriptpastebin.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:55:04 GMT content-encoding gzip x-content-type-options nosniff age 230 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3159 x-xss-protection 0 server cafe etag 1394524276809619753 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Apr 2022 20:55:04 GMT
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 6A20	0 622 B	145ms 65ms	Ping image/gif	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssXtWCUXP3l-5mHsswJAlWI_LIlRBmln0ttS77WARzQOhzhADxOWspqeUTuocH26lS5Xs3n96xWFr7Pgm5wFEycbwAbSPXM4Cetwg6dsvb8IUOd9HEAYcjVjKJtK8EnOr_gxhfoJ2kRvKfFx_iS5QGRJJPcN3RbQ_syOB1REL8ixy7B4REuwE9hdmJtDomIJGAqMNrFRlpjEJCwVRGyQo453LU7j8k0IS2RFdHkeeHCDJFsFvFaSOjpXBOzBI5BziTSPfBS30eGjtkgMxebh1KznEcm3Bl2PeQplIRTMZL8isfc6RFqD0asHabdFN0HdM9cwHmSdolroX65VuyupvstWNb2jRvW20L0_uuXhTC8asvaPVJFgdE8RAmNG8QpGqQ62ESXuAmCVK4O-KvWldYpl_PTIZ27yTBHwxnsWO8P39w22-t8Lqj0Az9N06mxCKo0wug2m2NebUeUKQRepXnYIXeqHHAVqJsBgBHZtAsu0vTHOyna0CoT8m1MZxDNa6avH1EC3sLJog9Q9cmfud6Ryyg6TP4v0iTbfWjMnM8utTtYEMbYn9W11vzETgz9Bzj8sTfr3ld-EbbPPQ0ISn9scwCyQRPQZlhFkR1fTmI5p4poujFKUOMlgPDrf-muqbThvwGZbNWIqMIgeYFNxX5aHkpwz7h3cevIVrNHO_eUacYxv8XP1SVT4x3TKkgqSlZxED18qUlbwlBO8oxBIHFApPlh30GM83ZLvxiL6MZPItjojuDgI5RCvA3UuRnZWUuQ_3CDPnbYIIczPW9ZXWmed9c3HqsFsR3Cu--KRTNE3De9UQ7cl-i3t8xd6DmA_tn1yO_ScFAM-btaORgbBSkG4HZCTffZlj14oOmZnz0br-0m85x1Kk0iM0Ojxqh62rO67DyYEubiaTJSjVE7o6v810MppKEcPu2jgsz8e3In9Iu75JN4fQawSH4QVq-mJZZpu9RLobIJOcw3oOkqWjFM2xqoL69rkcZH7sFjqKz4L6v-oYUAxjoEbCnjXUUG0NKt_b3COiXtSc7-4Y_l9t_pqmF6P5S3nOQ_kc0H2yu3QUx8VVSGlvt618BfLcqw-RWEsMxW3BGqagBXrr8qyz570oyDc2UPn9bZaNvfEOKrXWt0ariA6UXeuJHCVjJV5g0IvRnRGADhmTiFGtHn5e_bNeMQ0v60sFacQ6EAPhyOWtOOv41Tcnb30jQ&sai=AMfl-YQW1VioZU1SstyxAWQpiJxb_fIzK9j7E_2i0JZMnKYjWIMnXrQG9b4cThO87K7tKVRy3horRjI8XjyNxmcRm6cRAt21oCEtvHwam9M8D6lvV_M5rXAYJef58H-tXR1aHH2ShlaPwZEb7HAei13Ik_3QR-Q3s7_y1F1KULs-xFPWiXwOyj8HR8Tb5q56FIX71oB5dwFosqJFXcVOb8nFipo1mnJ8Ouo&sig=Cg0ArKJSzHxXYh4olNp8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220406.66101&adurl= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJesmlR4PHN-W3r9EGvxFxXvIR2436YZCeYjRRdaHtXqqb-LkB_j2C6NlfRLZfsk2g0qpI2tFKRPSfB8CWf1LPFPW9G7ytucuLe5owUOSjbceN0CA2TAXHCUQfbCitzCrsYkb5Th9Xw0rjWz95J7GlOsLQnQ&dbm_d=AKAmf-DkC1byw7z5ucytaKTWqOmIyTrEmEQK_gWcTVIJKJvyC_1-bqJz1MjbTorXQhR1I7AjjJwfKAq0uXbkO5In6uV2g6zpLvbucEUYTPmUb-zQicJGfHp5TqVGKsL-d1_icdUQIdzaXOOCIfLGRplO2g8Rt2Fsu6d1uBYykfi9Oi-nH8f5Yij6QqySau0FV-rgs-cmDGNumuhpjbATFjLht7Unl7Vje56jNjosbyTVHZrF8Ku8_SaEnRCkAXTvgOAPFhq_M44Ljk_IwQb6mRciTPkNOay86hcQXFCx6DxpCQTnT_-XDrsLaR3ATeUUv9QL1nvxkRcko-G4EHtpP2CYa1qqmiH1IEdgPQyW6TWAMKXBwvI2JlpBroeTBWBN9lqD3b8WpEKABtSh7vz6b-C7W42FJFpLwXwTRNZ7pf7cacNRE_e0dqDDORo0d6FFK8_cufAZzTrNKYntwCgDPjJK9fmFUF6XCo2Dggf-rwmN3faSua1W3HhrP6YoknA0x8ka_mTQjS8Vzgp3EnzOfc0CfGO4i5_PsmRYUiwPHPA2cPz1998CvBa8-_QfLvFEqZv0egRAuHTQOVE00EYXZQTaHd-OYaQn6K4VMG1OZc-1PWY-9qowqTLeIGQ5kzeTCJwijWo-WUXOGvVOTmhPp1vtjat9Vl2oA3bgm36Cpuqm_qf71zLLSKMmfUnQtN4GSUGSBhcDtsXJtkYDnHCsttVnMM62VePe5kurCcUM5FmYGKQeaFndRFF5cchU7xWs4XCpV917IfzEbtJfSLsheV9-1UF2u_kzcUEXq3BCZoILiOHYlVFjPDzGKvvFUIEfJj80rGIMRx8R5RrCbb43IkiN2ZpxuN9Lm8P6Nqj0BTvmUewQgctTkfOIW22JO0v8auvYMq-sgMXlhDqBvl51YNyzYPVxinmj4L9Qaj7i5MMTXOuB9UIq6IqUWLrSOB_e7tOAdzx1_e9Uzg3-A6wxi1wjEeay-8mB_eZ5WIF29Wjz__AcOoogb95NU88e3cxgniDoKFwaZZR-ldaadYTtwImhMIG5S92HB8fqyiZXzkHED7T-otuPG0fyZpwD6BPnztaY7Wq1mfJqyRwG0OF3nVm1eVub7PQBslxlkhV41Yo6SnYaraaot9ctz-ZDyNk6w52j5AdQ-9l6mb1wDNcyDaCli8lpzutt4RzxNQ_dMNScUuY1ze_09NGPze4mqmmGpX-D1IYlcnhTTFqW6l1tWBFUM_1Xm_Upg87dU5Kd1-LrF8DRQZZpsRYjgY6LU_LMdl-VuBIbFAG2IrCXOZHd6gRdT1b8chAwWFAWUOGw63T4B2rg5cWyX5w1K9H7Id5zwpkXick9r3Wbu7wIvaRvZee-lZMPapE9DvN9yrbPyvTM009zkeB7t28wXfc09_EeDGjqf5LSvrRw4o7wiNJLzCfnrsnvUOO0YTDj7VTC5eawzUOa6tiTXqiljzfbob6NcdtAELIp_ry9bzLlP5OKKRHKu1naGI3jPrSNHTAMobc9PJGqHiuL1k6D3jBb229VqMElepGz0-MijVGn81Nr-Y6nrkvuFyMxrtvCLZkHpRCQUr2Y83CoKJa04PAhbitswXAjjBTuo9hvNcttkvOSTyOygZWCFkny1l48a0yduHyvD6vPuVoq-9JmyhjITRjcGObCwjF5CE2LmgaZfcLrQu49Hv3IzJSYQrAR7XSfPoMku8lIRXkxmoW0h550pT-3L_4MZfYm6CUbGFk4BGFsqn6o4hW9c3WRkKfH5ncRAUXP1s_VuPG-hwKBqprty1fxy3aKaJyRkxtfBwt8LT25GDLE1ETPaznT3hfmb5pZlzcSCxzD5K7xtkyodGSV4JeUJthJzjz0ENc8mqCEcnqFqpykidrw5iP_Iz7eFIx2HR2J0j4MBIbL5oNvxvXR2JBCzOvRMf1PY-RhrT0iiVcSPmGL3Xr3qxlKVVWV8P-CA3X3-2OhLkIvkS9ZEYSHD-N4OFvyQJWmpCCPUY8IwgKe1u-gayplschtbjERFIqqpKnuz122DnCVRFNecuII9ZMIszT-1Dy_rwRpAeWzd0kfbyaM_X8cZjif_fxTqDUpxXSziMC-4JGEdUH4342zeliLHutxP2Crpt-QObYHDYDXlwUaGZ4Juh-1bIsSLbV7lvDFQRYWOKaZCQjD7w5ULsFRd7leVAG0gj1P5A2d9TgGnYLBj7ROFDZKHY_D0LpuxJXfgnP7PSBjc89rC_qiUY18KZQX2XHF_sYXwbk3FyXccGHBBXlxqPpFx7DZ9_0-qUEIHn2FAMTNEj_ZC3wjUWRduFyywQ0FdLkAMRH7rE3UF4W-vSEOe6nhorLehYwHQLw7u_yWZiA5MA6U02ofTW7DhF-Z0_-HVfR7rZT_rrKdn9CBQ1e_6Wb4yEeIsQ58-XDSgEUoOy11nk2EYJZzPVS78U1tau7i0TaTnbsqR8iIC4QYN4p-i8o1vzw8qs2kPZMYpLRDScxoE8WFzF01QC3rXxay2_RNq5kh20ohaL1VNNc-XONGy9GI6V5rGWq2HHCNb1AND1O8CuWB-_2ypzVb5f1LD2WKkMAP91igleiS1f_4HD6k9qCpcEDm7FWefCJl7Lk6oKV-X_tKMcpF51Hr3-Gjf-F_hjCVJNEl6T8lvfLfE3yv2tTXwxIkgBhx3c3EUQTAebY-gSmKX_P8JM5slc7LsyZa_3DvVYF71IdcUpQWOPnIKetYi_B7KwtSksOvZboynSjkygSsaaAO2C3YCkTDaSTaKfv-WGg5vyuT241hBEK53HMAVUz1J9lXe4ZcNaLKadl78HOFDZ8KOac837e2YFgtUEz62ANA0EhLX6u9m_6xFIvSXgXCHla8pIdfYdu8dXquVcCItPnQcDr7embZj0MnCb0E9uU3_oB5cUBLlYhrhcTCjd_ZzhirvVieOIATNj-9WbUcjnMPstAxLUsdgTu6_aNa2tXVWAM0OBOE8xF3sCwHLlMFyeZfQZy1aPUZKf-6TJ3KgInfNosJ9I5RX5_i-Y37u55SdBlUSEycrP5ZbDopLtMq99GvunoSNUBkiy2faM6Y-y5WcJ6yZglBs7qXuEuTqyVkz6bJ_xia6UJRlbbm3VpX-JbHdCKI8iTNL3caIm07tDmUJXw5rdSNC-PIhn6-rH1UkVgq8RNRBLwHIAseib_qkJDXk56egzEl4I0xGlggCBQqb94MvSSM_8rQui-JXgEYvR1LVjo1HYrY5THGjixQ2Tjb8Ax5cx0KUpIaGq-L_qzgd-KUfiDXcrcp-ATXdz14_r-DENr_gU--kWo-n3UkXedYGpHgdwGZ3wIt-Jc&cid=CAASJ-RoO9n3OorZyT-nY7YytV-6BLJlpsNdsUraJ3vTel8Kqqtgf_VEIQ&rfl=1%2Chttps%253A%252F%252Fscriptpastebin.com%252F%240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 date Tue, 12 Apr 2022 20:58:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 6A20	41 KB 15 KB	74ms 32ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJesmlR4PHN-W3r9EGvxFxXvIR2436YZCeYjRRdaHtXqqb-LkB_j2C6NlfRLZfsk2g0qpI2tFKRPSfB8CWf1LPFPW9G7ytucuLe5owUOSjbceN0CA2TAXHCUQfbCitzCrsYkb5Th9Xw0rjWz95J7GlOsLQnQ&dbm_d=AKAmf-DkC1byw7z5ucytaKTWqOmIyTrEmEQK_gWcTVIJKJvyC_1-bqJz1MjbTorXQhR1I7AjjJwfKAq0uXbkO5In6uV2g6zpLvbucEUYTPmUb-zQicJGfHp5TqVGKsL-d1_icdUQIdzaXOOCIfLGRplO2g8Rt2Fsu6d1uBYykfi9Oi-nH8f5Yij6QqySau0FV-rgs-cmDGNumuhpjbATFjLht7Unl7Vje56jNjosbyTVHZrF8Ku8_SaEnRCkAXTvgOAPFhq_M44Ljk_IwQb6mRciTPkNOay86hcQXFCx6DxpCQTnT_-XDrsLaR3ATeUUv9QL1nvxkRcko-G4EHtpP2CYa1qqmiH1IEdgPQyW6TWAMKXBwvI2JlpBroeTBWBN9lqD3b8WpEKABtSh7vz6b-C7W42FJFpLwXwTRNZ7pf7cacNRE_e0dqDDORo0d6FFK8_cufAZzTrNKYntwCgDPjJK9fmFUF6XCo2Dggf-rwmN3faSua1W3HhrP6YoknA0x8ka_mTQjS8Vzgp3EnzOfc0CfGO4i5_PsmRYUiwPHPA2cPz1998CvBa8-_QfLvFEqZv0egRAuHTQOVE00EYXZQTaHd-OYaQn6K4VMG1OZc-1PWY-9qowqTLeIGQ5kzeTCJwijWo-WUXOGvVOTmhPp1vtjat9Vl2oA3bgm36Cpuqm_qf71zLLSKMmfUnQtN4GSUGSBhcDtsXJtkYDnHCsttVnMM62VePe5kurCcUM5FmYGKQeaFndRFF5cchU7xWs4XCpV917IfzEbtJfSLsheV9-1UF2u_kzcUEXq3BCZoILiOHYlVFjPDzGKvvFUIEfJj80rGIMRx8R5RrCbb43IkiN2ZpxuN9Lm8P6Nqj0BTvmUewQgctTkfOIW22JO0v8auvYMq-sgMXlhDqBvl51YNyzYPVxinmj4L9Qaj7i5MMTXOuB9UIq6IqUWLrSOB_e7tOAdzx1_e9Uzg3-A6wxi1wjEeay-8mB_eZ5WIF29Wjz__AcOoogb95NU88e3cxgniDoKFwaZZR-ldaadYTtwImhMIG5S92HB8fqyiZXzkHED7T-otuPG0fyZpwD6BPnztaY7Wq1mfJqyRwG0OF3nVm1eVub7PQBslxlkhV41Yo6SnYaraaot9ctz-ZDyNk6w52j5AdQ-9l6mb1wDNcyDaCli8lpzutt4RzxNQ_dMNScUuY1ze_09NGPze4mqmmGpX-D1IYlcnhTTFqW6l1tWBFUM_1Xm_Upg87dU5Kd1-LrF8DRQZZpsRYjgY6LU_LMdl-VuBIbFAG2IrCXOZHd6gRdT1b8chAwWFAWUOGw63T4B2rg5cWyX5w1K9H7Id5zwpkXick9r3Wbu7wIvaRvZee-lZMPapE9DvN9yrbPyvTM009zkeB7t28wXfc09_EeDGjqf5LSvrRw4o7wiNJLzCfnrsnvUOO0YTDj7VTC5eawzUOa6tiTXqiljzfbob6NcdtAELIp_ry9bzLlP5OKKRHKu1naGI3jPrSNHTAMobc9PJGqHiuL1k6D3jBb229VqMElepGz0-MijVGn81Nr-Y6nrkvuFyMxrtvCLZkHpRCQUr2Y83CoKJa04PAhbitswXAjjBTuo9hvNcttkvOSTyOygZWCFkny1l48a0yduHyvD6vPuVoq-9JmyhjITRjcGObCwjF5CE2LmgaZfcLrQu49Hv3IzJSYQrAR7XSfPoMku8lIRXkxmoW0h550pT-3L_4MZfYm6CUbGFk4BGFsqn6o4hW9c3WRkKfH5ncRAUXP1s_VuPG-hwKBqprty1fxy3aKaJyRkxtfBwt8LT25GDLE1ETPaznT3hfmb5pZlzcSCxzD5K7xtkyodGSV4JeUJthJzjz0ENc8mqCEcnqFqpykidrw5iP_Iz7eFIx2HR2J0j4MBIbL5oNvxvXR2JBCzOvRMf1PY-RhrT0iiVcSPmGL3Xr3qxlKVVWV8P-CA3X3-2OhLkIvkS9ZEYSHD-N4OFvyQJWmpCCPUY8IwgKe1u-gayplschtbjERFIqqpKnuz122DnCVRFNecuII9ZMIszT-1Dy_rwRpAeWzd0kfbyaM_X8cZjif_fxTqDUpxXSziMC-4JGEdUH4342zeliLHutxP2Crpt-QObYHDYDXlwUaGZ4Juh-1bIsSLbV7lvDFQRYWOKaZCQjD7w5ULsFRd7leVAG0gj1P5A2d9TgGnYLBj7ROFDZKHY_D0LpuxJXfgnP7PSBjc89rC_qiUY18KZQX2XHF_sYXwbk3FyXccGHBBXlxqPpFx7DZ9_0-qUEIHn2FAMTNEj_ZC3wjUWRduFyywQ0FdLkAMRH7rE3UF4W-vSEOe6nhorLehYwHQLw7u_yWZiA5MA6U02ofTW7DhF-Z0_-HVfR7rZT_rrKdn9CBQ1e_6Wb4yEeIsQ58-XDSgEUoOy11nk2EYJZzPVS78U1tau7i0TaTnbsqR8iIC4QYN4p-i8o1vzw8qs2kPZMYpLRDScxoE8WFzF01QC3rXxay2_RNq5kh20ohaL1VNNc-XONGy9GI6V5rGWq2HHCNb1AND1O8CuWB-_2ypzVb5f1LD2WKkMAP91igleiS1f_4HD6k9qCpcEDm7FWefCJl7Lk6oKV-X_tKMcpF51Hr3-Gjf-F_hjCVJNEl6T8lvfLfE3yv2tTXwxIkgBhx3c3EUQTAebY-gSmKX_P8JM5slc7LsyZa_3DvVYF71IdcUpQWOPnIKetYi_B7KwtSksOvZboynSjkygSsaaAO2C3YCkTDaSTaKfv-WGg5vyuT241hBEK53HMAVUz1J9lXe4ZcNaLKadl78HOFDZ8KOac837e2YFgtUEz62ANA0EhLX6u9m_6xFIvSXgXCHla8pIdfYdu8dXquVcCItPnQcDr7embZj0MnCb0E9uU3_oB5cUBLlYhrhcTCjd_ZzhirvVieOIATNj-9WbUcjnMPstAxLUsdgTu6_aNa2tXVWAM0OBOE8xF3sCwHLlMFyeZfQZy1aPUZKf-6TJ3KgInfNosJ9I5RX5_i-Y37u55SdBlUSEycrP5ZbDopLtMq99GvunoSNUBkiy2faM6Y-y5WcJ6yZglBs7qXuEuTqyVkz6bJ_xia6UJRlbbm3VpX-JbHdCKI8iTNL3caIm07tDmUJXw5rdSNC-PIhn6-rH1UkVgq8RNRBLwHIAseib_qkJDXk56egzEl4I0xGlggCBQqb94MvSSM_8rQui-JXgEYvR1LVjo1HYrY5THGjixQ2Tjb8Ax5cx0KUpIaGq-L_qzgd-KUfiDXcrcp-ATXdz14_r-DENr_gU--kWo-n3UkXedYGpHgdwGZ3wIt-Jc&cid=CAASJ-RoO9n3OorZyT-nY7YytV-6BLJlpsNdsUraJ3vTel8Kqqtgf_VEIQ&rfl=1%2Chttps%253A%252F%252Fscriptpastebin.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 11:47:02 GMT content-encoding gzip x-content-type-options nosniff age 33112 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 12 Apr 2023 11:47:02 GMT
GET H2	200	14009703448618914609 s0.2mdn.net/simgad/ Frame 6A20	37 KB 37 KB	100ms 21ms	Image image/jpeg	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/14009703448618914609 Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a4b2ac6507872c08905566f1c957e35798683da724ea8fd6f3931ae502053904 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 06 Apr 2022 16:49:32 GMT x-content-type-options nosniff age 533362 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37594 x-xss-protection 0 last-modified Tue, 14 Dec 2021 18:30:19 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 06 Apr 2023 16:49:32 GMT
GET DATA	200 OK	truncated / Frame 8611	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8206612ad46ffa513140e08f5a906ea5a0d33609c07497e330e44021abf47f63 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Content-Type image/png
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 8611	0 0	56ms 56ms	Fetch image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-67dn6YKyx9HXqV2Ve8xDcc0ZxiW17bJnw2ExpTNenbXbOzMSmA7zia9gHdOL-xU-noSP8rB2UGxfNN0R91VPy8DAqauAaEVSbiQQ8DyRY_13jaABWc8tVzUi7dS3QxCReXPiONssuPkdKPiER5Q_scxGy-BSF-hBJ6HPOMeH1yke_pSzTgWV0k2bfviuEAHqFBYQ71UmEEkMBgb6CzyH6y0YyNJwFmmcuNoE_ege4Wn87f9oS8A2lU6jVIDNJO8T9TcEQp1KkWFdsfxyjzETDnj4QbQgnL7MAoexOT6ssPsdXwBbJKxY3jke2R5l7cio-SxojL-nn4VNx1t78ax4Nso4ntHa&sai=AMfl-YRzwBzwg31ZUuyBmzA_CgmsvXMIEt-_cYy7XxTC2wp5a-RmeO_tayLM_8KJOD7ewGxQrHmSARy0eWX-j5S0_ZpwaICPyfjf_o75WsHmLm6b08ta4BW0zv6rJ_-km9M&sig=Cg0ArKJSzHVq2X_WM9IkEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Apr 2022 20:58:54 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Tue, 12 Apr 2022 20:58:54 GMT
GET H2	200	html_inpage_rendering_lib_200_275.js Show response s0.2mdn.net/879366/ Frame 2504	169 KB 59 KB	77ms 22ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ Origin https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 11:47:01 GMT content-encoding gzip x-content-type-options nosniff age 33113 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 60173 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:44:51 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 13 Apr 2022 11:47:01 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/elements/html/ Frame 2504	8 KB 3 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8c_wnvZ7c5RMsK-XueONGUyvPf5V4KsJZB4d6fnF-BtsJt26wr6jqUuaOQa9nJLPK1iLaEDQ3dklKfEohnuVY6Iqjss5KxJ5ri_lSI_Re2ehyuAjUPM7m8N92_nQncMKk-IqMh8pSXpqVAwOo_B32ERZKYg&dbm_d=AKAmf-DJI0h7w6_CZXXekZcI411ZiZtWhZ8J5wCl4ZH6v1TkDraa-HCOIULWNpcvHUkVFbykFeWUfKbvliG_KGlRX3UUqMmZKyiv17KuRmR3c57RkSyS_vDcBhHUbPs03eV_SgW2jFNRTH7cA9_Q50y3OoxFmCQ2824vo3zTcJI61rtl4cNYDQ3UxFuRjy5wcUbI48VSiRSsAE823JPY60PVujWCtlBUTY1cf1Ic9pBLHNw9TPu5iYVJ1zace7WMmkrueVbjiiPT1iUdvIRG0o-RFFaiAlr3Um7GllzjBf_5v-Myx9nU7atWR0ja-Hs_6fzkfvOo71cXIJffku91-04H7AsIsNsgJjqwf_z7HFlGX2_t1SivR8d_45dUeqcEx7XvVYtGMTCHGJaUX9crOlHBURbrkX8YKziHOg4ks-bjM1Ms9VbqgEfAzHJHal7UFf-vKSObJK84bfaUA-pM1pWBt1PYCOgkRjWgGYLlQStQa4gJuUzx5p3_7AF8zqqK3qv0jL_rcRZ_RNi0rX8uXF8FSt5IYUws7aVNsmlA9NCAgsfx20XJB7VOdyEzCBSGcinoiug7oGxzYPwUjUM2xu4pwSXkKjwhVc2GlQ0ZMwDKvKe0CfeKdYXNUOVF1XvsYIfCWhd2uPLTGhDQjguaH7sdx1-va9vQ1UTXlEvkMfD1jf8mLI_i2udH6ZmAjTh58wzYMX6tbQdIJbgmfVyllNITNdZS45G2Ahb6lAPYdrxRrjEmy5kBINZS6nYH6d0fZCp0wR65VfKbU-vF8uCYp_KHRggZhIegNtpK64GbyGT2LLi9w2k3PamdmV-sO6iGHozi9xXvYfkc7Z1C5PMwM_iz3Jx561USrw6xcXGXX4KmbIWtDjq8bhdnxtTWeeVVH-0nYi6EI8DdZKWMFCKxEiqjr2UKI1gK4VgD8lb2D1GeRZdHxqs-pz07ftIPDAK1g6kBI3ikw7E9szBukmrpftmgfL_9yW8mv2WQWkG4zSE9oFKnijNLRAnBY2F1SfA_UruKomuZsPf51TobWYGQWYcEMEGCxH5nGjR31xilHvxFY0RLcMQbroaPF3CTBdoZ8SxJNkLmlSv7izwwpV30yivfGKj_Er5cYfXYYXm8gpajM_UP9-5El7OaGCNME9xuyeQHSt3FwdrJO_TL3G3c_39O-LMPEs-eDE99g5NSS-z15r2hxq-Ser7JsEVM01J-zvlAtIGYR3pB1Mgs0tetRssk94zsVBPxN5Z3BWI6Xp7tVZREUIkyV2MAqT1DV2FI9i6EyHp1Jpur4KCPai8Dzvuh9EXRPNKWasqcGohorDKaRo0iAFGJxYBdXqe0oF4Z5xujq8FH4OXcvMnIvy01ACDihvw4xdl_w4d6apNCOZILExU98CRDAxcFhX7tAXY1xEh--py85TucZEsKBIXBp3sTbdxYn2UFVauds5xnPflyTBzcbUhPruzRAJscyqWyYWBTIWifN_vvBsywNhgdvs69Trggc7XsDPcKh_IRnwzoLaFtwhoQgeGsHye5DKpU7Spahgpuv3CbX-jbF-QDhdaSedx-E5uUc6xCwTRjPlVX6QZK4VirMVdAktZuk3UgaNHNRR3yTeYPrKc1uwsBVQWfpTnHHeVVOlqPDab8gODVuRHCs0pHT2Go4KFp_WRHibYxJgFC-cyDyFCjoJMnZC7z5SmNeX9lPAHIFIre1PkKLrGvXEu8aQqQFTw0yrI-Xcm0cgmf7tfSj0cW4poTX67X_6FEkOFXnJY6kvJ07mMC-C_tLbx9XnkTU3HlZ992Gas2bV1bN1h-d1fT1Z8qNLXVWmZltS7wPKamd7LBJtDdy6T-8yjlza_vy3yF32luvxIwDzYtVBNLKEBd0cFKwUDJq17Cy9tPfNRGhnNUId6HVUgukix3FP8Pva1kq00aSAHC1nFl_HnmFMIrEWmoWcUFMUn5EAQZBVhB5OIltv80BFzo8EFvDkUYWVV2tKpXdPsPKW38LWSImsISKSWLafSdrKKqmMbvh0THmR6iFtzlhkumGVo1ubakrQohWKUjGRICQmILSftgLAqgMVQpnj2goFW4Wk4FZ0CdeOZJSV11ioOGdJ3Igdpm8K1chi2hma0wy8HelcIMfHDNYPGz4Xwzh7jjM4j6hMzR43tiw3EB-FYvchiceTyT9MsI03FnZUWlzzreg4zXGdH1ABSlyYRSufR5h5r7h4YUW4d5mhtgFzkJ-K0PNebmC_61Mpnp06LVHcN4VRuDKY6hvwlREJtnpwjTGUSio5ZbwsLWkaGySMbixlnSBJLevqU4aG6OaR3pJMPzq95LE14aDJ0Ej77kVsQh-49LRQnio2hRZJQWX4n98a7gjOmJqCKlu0Mi3V5B1kqL36_f1ORSWdLX8_-G_yWTwuRD3bFmxpXsLqlfnT33QEimEOA6tzLV3-F0vvznq6pKIaOPMVO_3kpUHPBqO7UMruh5A979vDY1-RJIavtK90QQtsJgWwOsPzSTjvNqFAzv8BhrslmWWW3cfbtisuNf9HTJjb_gvEalDvqtJw6eal5ot5pi02DrbAZ1aUzLcn1yyRLW1jwAveO0m_cRBLuFdmLUwyW761XeuQzT85sMDjriq7QghyR2kGp6jdyHZwcrKccFHt60IxrQA8XYkNVrJP-ppgtg41xRyoAXcoRSYgf9BC2fZ2w1Sgn_e0dXtGSmdw_D_mHjB8u6oUvmUeM_CG625JtJbwGNDbZvBOrA9p1tpQddtKV_aVjhkHQjVX5mNQ3jCJBPWeW65nWUqx7nca-Ml9CC0wye5molbt0jGsXwcCHUgo88vTSzX1mYvQueheqLPHRb3q8AF5SrF0WxqkYmSHJUXEThAOoCfY6BjQo6NG9cyBK6YwxQ4ngzyHSN64TxP61oWEGQQpIgucufvzqL3LAzKh5iOl8gbb-kBZfhjCRkUXKR2RaeQQ4VHHuUQR9stKCIMZdaby_vIBaLT277nyzgLd4iDqKGnshxjPFbWCmtLilNNHFfbphuecnwOFs8dVadPncbx0-Vak8AsaAMr2fpV8pqkGmq4WXQelhYdGU0zwgOu33ZGxqA2cKJubH-tE4KSH1ClncA-iyoj5W3zS0pvSEvLpvWGXWOuHHNoLWjT3RJhVqyY96GEuhDxztWc8dMHAsTynNNYqYaqdW4TNEkGDIxWqkNud38UiKv5-A&cid=CAASJ-RoWv5N9NJ93WamOrdORcIaS9mN17xnOO3LEL2FA0hMmwv6lRn6Og&rfl=1%2Chttps%253A%252F%252Fscriptpastebin.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:55:04 GMT content-encoding gzip x-content-type-options nosniff age 230 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3159 x-xss-protection 0 server cafe etag 1394524276809619753 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Apr 2022 20:55:04 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame 2504	25 KB 10 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8c_wnvZ7c5RMsK-XueONGUyvPf5V4KsJZB4d6fnF-BtsJt26wr6jqUuaOQa9nJLPK1iLaEDQ3dklKfEohnuVY6Iqjss5KxJ5ri_lSI_Re2ehyuAjUPM7m8N92_nQncMKk-IqMh8pSXpqVAwOo_B32ERZKYg&dbm_d=AKAmf-DJI0h7w6_CZXXekZcI411ZiZtWhZ8J5wCl4ZH6v1TkDraa-HCOIULWNpcvHUkVFbykFeWUfKbvliG_KGlRX3UUqMmZKyiv17KuRmR3c57RkSyS_vDcBhHUbPs03eV_SgW2jFNRTH7cA9_Q50y3OoxFmCQ2824vo3zTcJI61rtl4cNYDQ3UxFuRjy5wcUbI48VSiRSsAE823JPY60PVujWCtlBUTY1cf1Ic9pBLHNw9TPu5iYVJ1zace7WMmkrueVbjiiPT1iUdvIRG0o-RFFaiAlr3Um7GllzjBf_5v-Myx9nU7atWR0ja-Hs_6fzkfvOo71cXIJffku91-04H7AsIsNsgJjqwf_z7HFlGX2_t1SivR8d_45dUeqcEx7XvVYtGMTCHGJaUX9crOlHBURbrkX8YKziHOg4ks-bjM1Ms9VbqgEfAzHJHal7UFf-vKSObJK84bfaUA-pM1pWBt1PYCOgkRjWgGYLlQStQa4gJuUzx5p3_7AF8zqqK3qv0jL_rcRZ_RNi0rX8uXF8FSt5IYUws7aVNsmlA9NCAgsfx20XJB7VOdyEzCBSGcinoiug7oGxzYPwUjUM2xu4pwSXkKjwhVc2GlQ0ZMwDKvKe0CfeKdYXNUOVF1XvsYIfCWhd2uPLTGhDQjguaH7sdx1-va9vQ1UTXlEvkMfD1jf8mLI_i2udH6ZmAjTh58wzYMX6tbQdIJbgmfVyllNITNdZS45G2Ahb6lAPYdrxRrjEmy5kBINZS6nYH6d0fZCp0wR65VfKbU-vF8uCYp_KHRggZhIegNtpK64GbyGT2LLi9w2k3PamdmV-sO6iGHozi9xXvYfkc7Z1C5PMwM_iz3Jx561USrw6xcXGXX4KmbIWtDjq8bhdnxtTWeeVVH-0nYi6EI8DdZKWMFCKxEiqjr2UKI1gK4VgD8lb2D1GeRZdHxqs-pz07ftIPDAK1g6kBI3ikw7E9szBukmrpftmgfL_9yW8mv2WQWkG4zSE9oFKnijNLRAnBY2F1SfA_UruKomuZsPf51TobWYGQWYcEMEGCxH5nGjR31xilHvxFY0RLcMQbroaPF3CTBdoZ8SxJNkLmlSv7izwwpV30yivfGKj_Er5cYfXYYXm8gpajM_UP9-5El7OaGCNME9xuyeQHSt3FwdrJO_TL3G3c_39O-LMPEs-eDE99g5NSS-z15r2hxq-Ser7JsEVM01J-zvlAtIGYR3pB1Mgs0tetRssk94zsVBPxN5Z3BWI6Xp7tVZREUIkyV2MAqT1DV2FI9i6EyHp1Jpur4KCPai8Dzvuh9EXRPNKWasqcGohorDKaRo0iAFGJxYBdXqe0oF4Z5xujq8FH4OXcvMnIvy01ACDihvw4xdl_w4d6apNCOZILExU98CRDAxcFhX7tAXY1xEh--py85TucZEsKBIXBp3sTbdxYn2UFVauds5xnPflyTBzcbUhPruzRAJscyqWyYWBTIWifN_vvBsywNhgdvs69Trggc7XsDPcKh_IRnwzoLaFtwhoQgeGsHye5DKpU7Spahgpuv3CbX-jbF-QDhdaSedx-E5uUc6xCwTRjPlVX6QZK4VirMVdAktZuk3UgaNHNRR3yTeYPrKc1uwsBVQWfpTnHHeVVOlqPDab8gODVuRHCs0pHT2Go4KFp_WRHibYxJgFC-cyDyFCjoJMnZC7z5SmNeX9lPAHIFIre1PkKLrGvXEu8aQqQFTw0yrI-Xcm0cgmf7tfSj0cW4poTX67X_6FEkOFXnJY6kvJ07mMC-C_tLbx9XnkTU3HlZ992Gas2bV1bN1h-d1fT1Z8qNLXVWmZltS7wPKamd7LBJtDdy6T-8yjlza_vy3yF32luvxIwDzYtVBNLKEBd0cFKwUDJq17Cy9tPfNRGhnNUId6HVUgukix3FP8Pva1kq00aSAHC1nFl_HnmFMIrEWmoWcUFMUn5EAQZBVhB5OIltv80BFzo8EFvDkUYWVV2tKpXdPsPKW38LWSImsISKSWLafSdrKKqmMbvh0THmR6iFtzlhkumGVo1ubakrQohWKUjGRICQmILSftgLAqgMVQpnj2goFW4Wk4FZ0CdeOZJSV11ioOGdJ3Igdpm8K1chi2hma0wy8HelcIMfHDNYPGz4Xwzh7jjM4j6hMzR43tiw3EB-FYvchiceTyT9MsI03FnZUWlzzreg4zXGdH1ABSlyYRSufR5h5r7h4YUW4d5mhtgFzkJ-K0PNebmC_61Mpnp06LVHcN4VRuDKY6hvwlREJtnpwjTGUSio5ZbwsLWkaGySMbixlnSBJLevqU4aG6OaR3pJMPzq95LE14aDJ0Ej77kVsQh-49LRQnio2hRZJQWX4n98a7gjOmJqCKlu0Mi3V5B1kqL36_f1ORSWdLX8_-G_yWTwuRD3bFmxpXsLqlfnT33QEimEOA6tzLV3-F0vvznq6pKIaOPMVO_3kpUHPBqO7UMruh5A979vDY1-RJIavtK90QQtsJgWwOsPzSTjvNqFAzv8BhrslmWWW3cfbtisuNf9HTJjb_gvEalDvqtJw6eal5ot5pi02DrbAZ1aUzLcn1yyRLW1jwAveO0m_cRBLuFdmLUwyW761XeuQzT85sMDjriq7QghyR2kGp6jdyHZwcrKccFHt60IxrQA8XYkNVrJP-ppgtg41xRyoAXcoRSYgf9BC2fZ2w1Sgn_e0dXtGSmdw_D_mHjB8u6oUvmUeM_CG625JtJbwGNDbZvBOrA9p1tpQddtKV_aVjhkHQjVX5mNQ3jCJBPWeW65nWUqx7nca-Ml9CC0wye5molbt0jGsXwcCHUgo88vTSzX1mYvQueheqLPHRb3q8AF5SrF0WxqkYmSHJUXEThAOoCfY6BjQo6NG9cyBK6YwxQ4ngzyHSN64TxP61oWEGQQpIgucufvzqL3LAzKh5iOl8gbb-kBZfhjCRkUXKR2RaeQQ4VHHuUQR9stKCIMZdaby_vIBaLT277nyzgLd4iDqKGnshxjPFbWCmtLilNNHFfbphuecnwOFs8dVadPncbx0-Vak8AsaAMr2fpV8pqkGmq4WXQelhYdGU0zwgOu33ZGxqA2cKJubH-tE4KSH1ClncA-iyoj5W3zS0pvSEvLpvWGXWOuHHNoLWjT3RJhVqyY96GEuhDxztWc8dMHAsTynNNYqYaqdW4TNEkGDIxWqkNud38UiKv5-A&cid=CAASJ-RoWv5N9NJ93WamOrdORcIaS9mN17xnOO3LEL2FA0hMmwv6lRn6Og&rfl=1%2Chttps%253A%252F%252Fscriptpastebin.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 738b0dff97289a490e0472cca7d25e291a7ea70c850bfee1e264e9ad87a4a97b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:55:06 GMT content-encoding gzip x-content-type-options nosniff age 228 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9790 x-xss-protection 0 server cafe etag 8169034061967891973 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Apr 2022 20:55:06 GMT
GET H2	200	html_inpage_rendering_lib_200_275.js Show response s0.2mdn.net/879366/ Frame 4C0D	169 KB 59 KB	90ms 45ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ Origin https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 11:47:01 GMT content-encoding gzip x-content-type-options nosniff age 33113 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 60173 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:44:51 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 13 Apr 2022 11:47:01 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/elements/html/ Frame 4C0D	8 KB 3 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CssE23CK9hFQIL3U5FgBX5LgS-JBXPON95xHcftdNx9OTER-kH19bJtMuR1JhLdV4GsojhBFJbK1GBaOuyaRCyl_PpeEWcijgFHQDAg9Iv1DpqxtkfH68x9qNegrXLjX8Z-dAGGRQMdg-QBQ09oev5lqEyJw&dbm_d=AKAmf-BJ51mZHa31l7ANtRXPRq6cYYr7sEAtC7N7TYTIZAOD7PuYOo5AImHcFMzKSm7bCdXJFQIbw8eOm-GKY0mwowVQZ8gfAIRd4eHtFb0TGL2TnXhf_2U5m-u1L_Xn9h_MeqVX6qpjXKkciUUqHabbUD10_5SNYNXn8xKL1CKlGtEq9iEFxV61EUpsZw2x22D-JWO31RtqNRyUXvW8h449JFuphEuJ-adg-5pVNQazQWKS9RbGjEDPzeFhTc_rXkCCA75Ot4G-wLTbYNt_jZsAoJvQzy8wteO1HQgq8jXRBRrbDZ43oJH7iLuH9yNmO9nspuouctsnm6nVqx3QclKWEDodf-FIob1-DCem0r_S6RAFJZGjA9w8uSm8Df7smPeDIdgE6ucjPi2Gs890S0tL_fxMwFbSmcEHp6HNDQYRXDjllHzxfNfPPPrMeW7eeeHTvO0yO5Glpvwty7xyoJG8LK2_DWnCZkEW4xDxEfz67xfaXDSTD38j33RrhhPxE1aOELJDZqlrYKRRZh5Fkxvc6N_UgRgQDVbwqrvFrCCbV6XOjTw3ITIBvizQXioraD6hMhYRnT9Unv_7w4Oxi08IjCfC8YaziqdVyOwTbx8wv8eklnvtMrpTnEyk2LjVdQeG0RYUkxyAJiub73MwRmGb0QTK4jIi5JAdhXChPdWgULJ3rxoX6CqHtNUDQKGGAbQwtxwjdP_TRimyrA53KECX6C6HYiob0dusdeDfGuPt1rHOyW6IFcYsJKvgMnt1IMddsRH0UgowKSwyqMAD8A8K0R0l5mKCiXDBzENgBhk84DHT8JmpcUuDFUN2Pj8eNH1Xnu6KxKhoFvsPFjckMLvS1sHHtiEVXQQl8WcEcBAGDFoDwiVc5T5KqppJwqoPaU3t2oS6uF0-I_C4lD2g98b_ulHB6_kfigXk2nsYPr--EXtOK4pabeSUu8P-3JVZbSv7tXerbzHye7DibnwFWikhZXU-lzCuomCAoolcomzoxCYFU2XZ0rU_Pr_DCV3o4faNQw0Vz6g72QVucru5BthBUIsa9m_fdsxtRCi2rKX0Y-F13JYluAI6t1Cwf5pLZ7Q97rpTBfTPSdITU9QZjsezaEXxBnnLZqL-hw7NFtRiw64Ge_zylPrTaM0qM0VSk3nQG7gowJAdR7rRO_vZEhJ11RYk6cUbjF6Hm0v96eJbw1WQkD5TJlANbHUErH6GM7jzQpvo8Cv2tUVhiB0yR17qommu8BFGwGX34yIDZnTluHOV3IkuvOpYdh-JTR6WHMMxTPfLJzk28IjLhAaCDwOIewQoXNc8O3oU62dFKa378wjS70bNgZbhnTwh_yxlvQzHzBUEkc4_L4kkTJ0IUJsCUtI82PVKuPbtlIqkwhUmRCLltAjyOKJYEZZ2xqG_D5k56apWW-YYAUF2UI5lfEZL-HfF2x_bVAWo5IfLnaSrvoRmLBQee5LC1E-wD9TyPleEInr6e21scp-gSLTVif4cP8doHKOO7dqm7GkBA-mKOUEkBUpGke3EVsLAgqZDZTW2jWPFQriLnY0TVOXteZoJ3FTFptzMCrckNTS-WzYRxG4QMD4yF81msWGgOOMTbK_o-ROWYkM9gPAULgpX-FCKNG7PF4Ur3dnHCyCnMAu1z6y_5TOwms5MxOY2uzIMD4WMTSKJwgrtstKkJx-2MZLTquHZroqx3NhEvBxPfl-uG1j17GanAycK7dM0uPlCChGcdt0MTlF6__v0hRtppJYfBm1TWmvOVzSe19LpCuFYQG_wYd81eOURAcuC_xvDz77DMq78tSZhTIWEgO0Dm1eGlIm-Fb8Zqom0waypOrehVePtJF_wKIaY-OvwCNT9Ezedq_fr5wp8h6ta57Q8kzHUfKEsVhnOXL6PG8iNUJf4NUyrOpfUnNNdy9MYH0GcnVAzZvPTQbXsBlvWyhwY_Pr1GA_JPtIJ_gMBgIb4NnugXVFjztQaSyi7yuNEKAsp_kdZgVv1uOIDZsGlnhUfHwXbdeCGeT3Y5khkjGKRWfTOixRhAd6vWzCpGYbzoFh3Lsrp-zFEasYiPV0dOjMp3FqM8w9xAF3R74fA_sbxk48XNBQJm5NX5kUvr54o9mrX49IrHaQV-gBPNu7MwLSn1lSwt8Blrr_rDmyQeArfHq7ZjEahFWiJORHWfcq_OOaBoHcPUN2eLtSnUQkz9nFfOgpTGcjTyt6YqED3KNhsoU112TJk9OOHwg1KpqXl1hJysrXwGwRtenQKPG3cqTqs0zMOe7E1FbnTRDmXR-EyO3LxK_a6QV1NM32d5FeMA2OOEJQrrUobiiQ2jrVGu6LNs68TelzcIix63Jj8TlBE8D8XObvwGDEArfhYXy4bXHoOpvN3VnMbMbDbDJsBvqoJmZ1gyKfEXqWUPqvI0rPQ5lZQJnNGDGqzyjjUYfVkfjXy7BbXR0SlKh00iJ5SkHDDmi7iB2Hz6m0uZES6JWAoZ2-4Pk3r-NloHSonv287lkbYB2IJITvlQdS1n-5SCRDOACup_Mcp_24BrgohlTJ3mccZBRU3-0ArBBD6ieabJ1mHhqsyKu9dMbfw3aQbQv9XPRf-dWc4Y-jvvQVB9OZkAJIAkewpWjwKeUhZOE2-NUjj_16v-nLZCEYCjJyBsobSaD-WQsxBXC-MUJCEzduzGcfKPYNUsBvGUpEOkPha-I2fjbotuJrpkdoBOuUOOpbA9W9EG4umHTVpU5LSg-Nqlm17bPI259N0hx5MCJEIhR-ABsCrRUzBYyGlcCyN3f7tLbJfG66g3U1i08nQr_YEkYZDi0QqqA7ZhlV4_uHSQ9w7OGi5_ljRzd54BzzmpGBm9EIsYFH-x0S2YXwaDHgrJKw1UxFCnweiQv0GFrWl-udzfIBn7pDC1HX1QjqBr4N5K6wJxjbEdzwSG7vZ4ybrA7xrHcSkl0So_zmQdu5s9w3pdvnDSea9EQfcXt36bWhbxy1W2k-eqLyGueW0n_Ufo1gdbrzE3InUr5dTaRXhkyDX1GjJemj6wzovXcE7pdA1udu2rb-n0ju63WlhFnwMvHlJrtrLTvJlmFqzaRabpg1asBF_BO51_VCP6-HHqED5chwOHESuYuQmvEtp7l9QPXqyOt2JLVOivvepcG0oBSkILAGwobfSB2JQhDgtN0KduBXE2kyP2ua35_Zax5f66AmV5a6_MoSnEq4&cid=CAASJ-RownfXqnP56e6AmPWEssVXYXL9Yf6viLjZuR0ryvI-Rv_tTMghIQ&rfl=1%2Chttps%253A%252F%252Fscriptpastebin.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:55:04 GMT content-encoding gzip x-content-type-options nosniff age 230 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3159 x-xss-protection 0 server cafe etag 1394524276809619753 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Apr 2022 20:55:04 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame 4C0D	25 KB 10 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CssE23CK9hFQIL3U5FgBX5LgS-JBXPON95xHcftdNx9OTER-kH19bJtMuR1JhLdV4GsojhBFJbK1GBaOuyaRCyl_PpeEWcijgFHQDAg9Iv1DpqxtkfH68x9qNegrXLjX8Z-dAGGRQMdg-QBQ09oev5lqEyJw&dbm_d=AKAmf-BJ51mZHa31l7ANtRXPRq6cYYr7sEAtC7N7TYTIZAOD7PuYOo5AImHcFMzKSm7bCdXJFQIbw8eOm-GKY0mwowVQZ8gfAIRd4eHtFb0TGL2TnXhf_2U5m-u1L_Xn9h_MeqVX6qpjXKkciUUqHabbUD10_5SNYNXn8xKL1CKlGtEq9iEFxV61EUpsZw2x22D-JWO31RtqNRyUXvW8h449JFuphEuJ-adg-5pVNQazQWKS9RbGjEDPzeFhTc_rXkCCA75Ot4G-wLTbYNt_jZsAoJvQzy8wteO1HQgq8jXRBRrbDZ43oJH7iLuH9yNmO9nspuouctsnm6nVqx3QclKWEDodf-FIob1-DCem0r_S6RAFJZGjA9w8uSm8Df7smPeDIdgE6ucjPi2Gs890S0tL_fxMwFbSmcEHp6HNDQYRXDjllHzxfNfPPPrMeW7eeeHTvO0yO5Glpvwty7xyoJG8LK2_DWnCZkEW4xDxEfz67xfaXDSTD38j33RrhhPxE1aOELJDZqlrYKRRZh5Fkxvc6N_UgRgQDVbwqrvFrCCbV6XOjTw3ITIBvizQXioraD6hMhYRnT9Unv_7w4Oxi08IjCfC8YaziqdVyOwTbx8wv8eklnvtMrpTnEyk2LjVdQeG0RYUkxyAJiub73MwRmGb0QTK4jIi5JAdhXChPdWgULJ3rxoX6CqHtNUDQKGGAbQwtxwjdP_TRimyrA53KECX6C6HYiob0dusdeDfGuPt1rHOyW6IFcYsJKvgMnt1IMddsRH0UgowKSwyqMAD8A8K0R0l5mKCiXDBzENgBhk84DHT8JmpcUuDFUN2Pj8eNH1Xnu6KxKhoFvsPFjckMLvS1sHHtiEVXQQl8WcEcBAGDFoDwiVc5T5KqppJwqoPaU3t2oS6uF0-I_C4lD2g98b_ulHB6_kfigXk2nsYPr--EXtOK4pabeSUu8P-3JVZbSv7tXerbzHye7DibnwFWikhZXU-lzCuomCAoolcomzoxCYFU2XZ0rU_Pr_DCV3o4faNQw0Vz6g72QVucru5BthBUIsa9m_fdsxtRCi2rKX0Y-F13JYluAI6t1Cwf5pLZ7Q97rpTBfTPSdITU9QZjsezaEXxBnnLZqL-hw7NFtRiw64Ge_zylPrTaM0qM0VSk3nQG7gowJAdR7rRO_vZEhJ11RYk6cUbjF6Hm0v96eJbw1WQkD5TJlANbHUErH6GM7jzQpvo8Cv2tUVhiB0yR17qommu8BFGwGX34yIDZnTluHOV3IkuvOpYdh-JTR6WHMMxTPfLJzk28IjLhAaCDwOIewQoXNc8O3oU62dFKa378wjS70bNgZbhnTwh_yxlvQzHzBUEkc4_L4kkTJ0IUJsCUtI82PVKuPbtlIqkwhUmRCLltAjyOKJYEZZ2xqG_D5k56apWW-YYAUF2UI5lfEZL-HfF2x_bVAWo5IfLnaSrvoRmLBQee5LC1E-wD9TyPleEInr6e21scp-gSLTVif4cP8doHKOO7dqm7GkBA-mKOUEkBUpGke3EVsLAgqZDZTW2jWPFQriLnY0TVOXteZoJ3FTFptzMCrckNTS-WzYRxG4QMD4yF81msWGgOOMTbK_o-ROWYkM9gPAULgpX-FCKNG7PF4Ur3dnHCyCnMAu1z6y_5TOwms5MxOY2uzIMD4WMTSKJwgrtstKkJx-2MZLTquHZroqx3NhEvBxPfl-uG1j17GanAycK7dM0uPlCChGcdt0MTlF6__v0hRtppJYfBm1TWmvOVzSe19LpCuFYQG_wYd81eOURAcuC_xvDz77DMq78tSZhTIWEgO0Dm1eGlIm-Fb8Zqom0waypOrehVePtJF_wKIaY-OvwCNT9Ezedq_fr5wp8h6ta57Q8kzHUfKEsVhnOXL6PG8iNUJf4NUyrOpfUnNNdy9MYH0GcnVAzZvPTQbXsBlvWyhwY_Pr1GA_JPtIJ_gMBgIb4NnugXVFjztQaSyi7yuNEKAsp_kdZgVv1uOIDZsGlnhUfHwXbdeCGeT3Y5khkjGKRWfTOixRhAd6vWzCpGYbzoFh3Lsrp-zFEasYiPV0dOjMp3FqM8w9xAF3R74fA_sbxk48XNBQJm5NX5kUvr54o9mrX49IrHaQV-gBPNu7MwLSn1lSwt8Blrr_rDmyQeArfHq7ZjEahFWiJORHWfcq_OOaBoHcPUN2eLtSnUQkz9nFfOgpTGcjTyt6YqED3KNhsoU112TJk9OOHwg1KpqXl1hJysrXwGwRtenQKPG3cqTqs0zMOe7E1FbnTRDmXR-EyO3LxK_a6QV1NM32d5FeMA2OOEJQrrUobiiQ2jrVGu6LNs68TelzcIix63Jj8TlBE8D8XObvwGDEArfhYXy4bXHoOpvN3VnMbMbDbDJsBvqoJmZ1gyKfEXqWUPqvI0rPQ5lZQJnNGDGqzyjjUYfVkfjXy7BbXR0SlKh00iJ5SkHDDmi7iB2Hz6m0uZES6JWAoZ2-4Pk3r-NloHSonv287lkbYB2IJITvlQdS1n-5SCRDOACup_Mcp_24BrgohlTJ3mccZBRU3-0ArBBD6ieabJ1mHhqsyKu9dMbfw3aQbQv9XPRf-dWc4Y-jvvQVB9OZkAJIAkewpWjwKeUhZOE2-NUjj_16v-nLZCEYCjJyBsobSaD-WQsxBXC-MUJCEzduzGcfKPYNUsBvGUpEOkPha-I2fjbotuJrpkdoBOuUOOpbA9W9EG4umHTVpU5LSg-Nqlm17bPI259N0hx5MCJEIhR-ABsCrRUzBYyGlcCyN3f7tLbJfG66g3U1i08nQr_YEkYZDi0QqqA7ZhlV4_uHSQ9w7OGi5_ljRzd54BzzmpGBm9EIsYFH-x0S2YXwaDHgrJKw1UxFCnweiQv0GFrWl-udzfIBn7pDC1HX1QjqBr4N5K6wJxjbEdzwSG7vZ4ybrA7xrHcSkl0So_zmQdu5s9w3pdvnDSea9EQfcXt36bWhbxy1W2k-eqLyGueW0n_Ufo1gdbrzE3InUr5dTaRXhkyDX1GjJemj6wzovXcE7pdA1udu2rb-n0ju63WlhFnwMvHlJrtrLTvJlmFqzaRabpg1asBF_BO51_VCP6-HHqED5chwOHESuYuQmvEtp7l9QPXqyOt2JLVOivvepcG0oBSkILAGwobfSB2JQhDgtN0KduBXE2kyP2ua35_Zax5f66AmV5a6_MoSnEq4&cid=CAASJ-RownfXqnP56e6AmPWEssVXYXL9Yf6viLjZuR0ryvI-Rv_tTMghIQ&rfl=1%2Chttps%253A%252F%252Fscriptpastebin.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 738b0dff97289a490e0472cca7d25e291a7ea70c850bfee1e264e9ad87a4a97b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:55:06 GMT content-encoding gzip x-content-type-options nosniff age 228 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9790 x-xss-protection 0 server cafe etag 8169034061967891973 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Apr 2022 20:55:06 GMT
GET H2	200	vbl.gif pre.glotgrx.com/ Frame 0F49	26 B 84 B	28ms 28ms	Image image/gif	2606:4700::6810:79c3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pre.glotgrx.com/vbl.gif?cb=1649797134668&rnd=kxuwk14q8brf&ifm=2&uai=2&cid=1069&s=scriptpastebin.com&p=scriptpastebin.com&x=4994360772&adtg=protag-before_content&ats=0&atf=&nsi=&si=&nci=2827340060&nai=4994360772&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh= Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:79c3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:54 GMT cf-cache-status HIT last-modified Sat, 05 Mar 2022 11:39:33 GMT server cloudflare age 3093 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif cache-control public, max-age=7200 accept-ranges bytes cf-ray 6faee1fbcd0d9055-FRA content-length 26 expires Tue, 12 Apr 2022 22:58:54 GMT
GET H2	200	nflrc.gif pre.glotgrx.com/ Frame 0F49	26 B 84 B	35ms 35ms	Image image/gif	2606:4700::6810:79c3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pre.glotgrx.com/nflrc.gif?cb=1649797134655720&ver=1.2r81&qid=73533313f553633313f593630313&p=scriptpastebin.com&s=scriptpastebin.com&x=4994360772&cid=1069&od1=&od2=&adtg=protag-before_content&nci=2827340060&nai=4994360772&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=kxuwk14q8brf&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&w=468&h=280&lat=&lon=&ci=138343422777&1=27dec25a2c8d270f41761338362fff9f&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1069&ifm=2&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=0&icp=&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-28-p-fl-18-s-fl-18-x-fl-10-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-21-nci-fl-10-nai-fl-10-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-w-fl-3-h-fl-3-lat-fl-0-lon-fl-0-ci-fl-12-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1x1&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=20 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:79c3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:54 GMT cf-cache-status HIT last-modified Sat, 05 Mar 2022 11:39:33 GMT server cloudflare age 3092 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif cache-control public, max-age=7200 accept-ranges bytes cf-ray 6faee1fbcd119055-FRA content-length 26 expires Tue, 12 Apr 2022 22:58:54 GMT
GET H3	200	bridge3.510.0_en.html Show response imasdk.googleapis.com/js/core/ Frame 390D	631 KB 205 KB	49ms 21ms	Document text/html	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.510.0_en.html Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3f4ab73fcb25dfeb952f72dfba4b5bb1e58256b96b745936b9fe4d50e032287e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://scriptpastebin.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes age 352453 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 209820 content-type text/html cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" cross-origin-resource-policy cross-origin date Fri, 08 Apr 2022 19:04:41 GMT expires Sat, 08 Apr 2023 19:04:41 GMT last-modified Fri, 08 Apr 2022 19:01:15 GMT report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	client.js Show response s0.2mdn.net/instream/video/	44 KB 16 KB	57ms 29ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/instream/video/client.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:54 GMT content-encoding gzip x-content-type-options nosniff server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript cache-control private, max-age=900 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16746 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 20:58:54 GMT
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	42ms 42ms	Script application/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=scriptpastebin.com Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Apr 2022 20:58:54 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	30ms 29ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=scriptpastebin.com Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Apr 2022 20:58:54 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	vbl.gif pre.glotgrx.com/ Frame A2E4	26 B 84 B	45ms 44ms	Image image/gif	2606:4700::6810:79c3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pre.glotgrx.com/vbl.gif?cb=1649797134728&rnd=yvynhq4llnn0&ifm=2&uai=2&cid=1069&s=scriptpastebin.com&p=scriptpastebin.com&x=4404325371&adtg=protag-in_content&ats=0&atf=&nsi=&si=&nci=2101210293&nai=4404325371&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh= Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:79c3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:54 GMT cf-cache-status HIT last-modified Sat, 05 Mar 2022 11:39:33 GMT server cloudflare age 3093 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif cache-control public, max-age=7200 accept-ranges bytes cf-ray 6faee1fc2dbb9055-FRA content-length 26 expires Tue, 12 Apr 2022 22:58:54 GMT
GET H2	200	nflrc.gif pre.glotgrx.com/ Frame A2E4	26 B 84 B	44ms 44ms	Image image/gif	2606:4700::6810:79c3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pre.glotgrx.com/nflrc.gif?cb=1649797134715853&ver=1.2r81&qid=73533313f553633313f593630313&p=scriptpastebin.com&s=scriptpastebin.com&x=4404325371&cid=1069&od1=&od2=&adtg=protag-in_content&nci=2101210293&nai=4404325371&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=yvynhq4llnn0&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&w=336&h=280&lat=&lon=&ci=&1=27dec25a2c8d270f41761338362fff9f&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1069&ifm=2&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=0&icp=&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-28-p-fl-18-s-fl-18-x-fl-10-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-17-nci-fl-10-nai-fl-10-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-w-fl-3-h-fl-3-lat-fl-0-lon-fl-0-ci-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1x1&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=21 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:79c3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:54 GMT cf-cache-status HIT last-modified Sat, 05 Mar 2022 11:39:33 GMT server cloudflare age 3092 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif cache-control public, max-age=7200 accept-ranges bytes cf-ray 6faee1fc2dbd9055-FRA content-length 26 expires Tue, 12 Apr 2022 22:58:54 GMT
GET H2	206	burning-man.mp4 media.proadscdn.com/global/whitelabel-videos/	719 KB 0	48ms 37ms	Media video/mp4	2606:4700:20::ac43:4ad8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://media.proadscdn.com/global/whitelabel-videos/burning-man.mp4 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4ad8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://scriptpastebin.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Range bytes=0- Response headers date Tue, 12 Apr 2022 20:58:54 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1344614 Content-Range bytes 0-9433767/9433768 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 9433768 last-modified Mon, 14 Sep 2020 09:45:11 GMT server cloudflare etag "8ff2a8-5af42e3fa8b4e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8QUz%2BPWGYnFFCymNlKfbQbLBRCz0i%2Fo%2BMSDv8naHtLrSoZbSYvlQtRDsECprdWlnszcgr9l8A%2Ffct1Qu6cJlGXtnC2YKaFpgB3b04eRD3hXu3r9PbJOK88CyXn%2FM73%2FmxcnLzThXBB8InXFhisKugxw%3D"}],"group":"cf-nel","max_age":604800} content-type video/mp4 cache-control max-age=2678400 cf-ray 6faee1fc49bc9bc4-FRA expires Mon, 11 Apr 2022 07:28:40 GMT
GET H3	200	omweb-v1.js Show response pagead2.googlesyndication.com/omsdk/releases/live/ Frame 46EC	37 KB 13 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js Requested by Host: srcdoc URL: about:srcdoc Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:43:45 GMT content-encoding gzip x-content-type-options nosniff age 909 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12861 x-xss-protection 0 last-modified Tue, 26 Oct 2021 20:08:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="omsdk-team-release-policy" vary Accept-Encoding report-to {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Tue, 12 Apr 2022 21:43:45 GMT
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 6A20	0 26 B	100ms 70ms	Ping image/gif	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssXtWCUXP3l-5mHsswJAlWI_LIlRBmln0ttS77WARzQOhzhADxOWspqeUTuocH26lS5Xs3n96xWFr7Pgm5wFEycbwAbSPXM4Cetwg6dsvb8IUOd9HEAYcjVjKJtK8EnOr_gxhfoJ2kRvKfFx_iS5QGRJJPcN3RbQ_syOB1REL8ixy7B4REuwE9hdmJtDomIJGAqMNrFRlpjEJCwVRGyQo453LU7j8k0IS2RFdHkeeHCDJFsFvFaSOjpXBOzBI5BziTSPfBS30eGjtkgMxebh1KznEcm3Bl2PeQplIRTMZL8isfc6RFqD0asHabdFN0HdM9cwHmSdolroX65VuyupvstWNb2jRvW20L0_uuXhTC8asvaPVJFgdE8RAmNG8QpGqQ62ESXuAmCVK4O-KvWldYpl_PTIZ27yTBHwxnsWO8P39w22-t8Lqj0Az9N06mxCKo0wug2m2NebUeUKQRepXnYIXeqHHAVqJsBgBHZtAsu0vTHOyna0CoT8m1MZxDNa6avH1EC3sLJog9Q9cmfud6Ryyg6TP4v0iTbfWjMnM8utTtYEMbYn9W11vzETgz9Bzj8sTfr3ld-EbbPPQ0ISn9scwCyQRPQZlhFkR1fTmI5p4poujFKUOMlgPDrf-muqbThvwGZbNWIqMIgeYFNxX5aHkpwz7h3cevIVrNHO_eUacYxv8XP1SVT4x3TKkgqSlZxED18qUlbwlBO8oxBIHFApPlh30GM83ZLvxiL6MZPItjojuDgI5RCvA3UuRnZWUuQ_3CDPnbYIIczPW9ZXWmed9c3HqsFsR3Cu--KRTNE3De9UQ7cl-i3t8xd6DmA_tn1yO_ScFAM-btaORgbBSkG4HZCTffZlj14oOmZnz0br-0m85x1Kk0iM0Ojxqh62rO67DyYEubiaTJSjVE7o6v810MppKEcPu2jgsz8e3In9Iu75JN4fQawSH4QVq-mJZZpu9RLobIJOcw3oOkqWjFM2xqoL69rkcZH7sFjqKz4L6v-oYUAxjoEbCnjXUUG0NKt_b3COiXtSc7-4Y_l9t_pqmF6P5S3nOQ_kc0H2yu3QUx8VVSGlvt618BfLcqw-RWEsMxW3BGqagBXrr8qyz570oyDc2UPn9bZaNvfEOKrXWt0ariA6UXeuJHCVjJV5g0IvRnRGADhmTiFGtHn5e_bNeMQ0v60sFacQ6EAPhyOWtOOv41Tcnb30jQ&sai=AMfl-YQW1VioZU1SstyxAWQpiJxb_fIzK9j7E_2i0JZMnKYjWIMnXrQG9b4cThO87K7tKVRy3horRjI8XjyNxmcRm6cRAt21oCEtvHwam9M8D6lvV_M5rXAYJef58H-tXR1aHH2ShlaPwZEb7HAei13Ik_3QR-Q3s7_y1F1KULs-xFPWiXwOyj8HR8Tb5q56FIX71oB5dwFosqJFXcVOb8nFipo1mnJ8Ouo&sig=Cg0ArKJSzHxXYh4olNp8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=187&vt=11&dtpt=186&dett=2&cstd=0&cisv=r20220406.66101&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJesmlR4PHN-W3r9EGvxFxXvIR2436YZCeYjRRdaHtXqqb-LkB_j2C6NlfRLZfsk2g0qpI2tFKRPSfB8CWf1LPFPW9G7ytucuLe5owUOSjbceN0CA2TAXHCUQfbCitzCrsYkb5Th9Xw0rjWz95J7GlOsLQnQ&dbm_d=AKAmf-DkC1byw7z5ucytaKTWqOmIyTrEmEQK_gWcTVIJKJvyC_1-bqJz1MjbTorXQhR1I7AjjJwfKAq0uXbkO5In6uV2g6zpLvbucEUYTPmUb-zQicJGfHp5TqVGKsL-d1_icdUQIdzaXOOCIfLGRplO2g8Rt2Fsu6d1uBYykfi9Oi-nH8f5Yij6QqySau0FV-rgs-cmDGNumuhpjbATFjLht7Unl7Vje56jNjosbyTVHZrF8Ku8_SaEnRCkAXTvgOAPFhq_M44Ljk_IwQb6mRciTPkNOay86hcQXFCx6DxpCQTnT_-XDrsLaR3ATeUUv9QL1nvxkRcko-G4EHtpP2CYa1qqmiH1IEdgPQyW6TWAMKXBwvI2JlpBroeTBWBN9lqD3b8WpEKABtSh7vz6b-C7W42FJFpLwXwTRNZ7pf7cacNRE_e0dqDDORo0d6FFK8_cufAZzTrNKYntwCgDPjJK9fmFUF6XCo2Dggf-rwmN3faSua1W3HhrP6YoknA0x8ka_mTQjS8Vzgp3EnzOfc0CfGO4i5_PsmRYUiwPHPA2cPz1998CvBa8-_QfLvFEqZv0egRAuHTQOVE00EYXZQTaHd-OYaQn6K4VMG1OZc-1PWY-9qowqTLeIGQ5kzeTCJwijWo-WUXOGvVOTmhPp1vtjat9Vl2oA3bgm36Cpuqm_qf71zLLSKMmfUnQtN4GSUGSBhcDtsXJtkYDnHCsttVnMM62VePe5kurCcUM5FmYGKQeaFndRFF5cchU7xWs4XCpV917IfzEbtJfSLsheV9-1UF2u_kzcUEXq3BCZoILiOHYlVFjPDzGKvvFUIEfJj80rGIMRx8R5RrCbb43IkiN2ZpxuN9Lm8P6Nqj0BTvmUewQgctTkfOIW22JO0v8auvYMq-sgMXlhDqBvl51YNyzYPVxinmj4L9Qaj7i5MMTXOuB9UIq6IqUWLrSOB_e7tOAdzx1_e9Uzg3-A6wxi1wjEeay-8mB_eZ5WIF29Wjz__AcOoogb95NU88e3cxgniDoKFwaZZR-ldaadYTtwImhMIG5S92HB8fqyiZXzkHED7T-otuPG0fyZpwD6BPnztaY7Wq1mfJqyRwG0OF3nVm1eVub7PQBslxlkhV41Yo6SnYaraaot9ctz-ZDyNk6w52j5AdQ-9l6mb1wDNcyDaCli8lpzutt4RzxNQ_dMNScUuY1ze_09NGPze4mqmmGpX-D1IYlcnhTTFqW6l1tWBFUM_1Xm_Upg87dU5Kd1-LrF8DRQZZpsRYjgY6LU_LMdl-VuBIbFAG2IrCXOZHd6gRdT1b8chAwWFAWUOGw63T4B2rg5cWyX5w1K9H7Id5zwpkXick9r3Wbu7wIvaRvZee-lZMPapE9DvN9yrbPyvTM009zkeB7t28wXfc09_EeDGjqf5LSvrRw4o7wiNJLzCfnrsnvUOO0YTDj7VTC5eawzUOa6tiTXqiljzfbob6NcdtAELIp_ry9bzLlP5OKKRHKu1naGI3jPrSNHTAMobc9PJGqHiuL1k6D3jBb229VqMElepGz0-MijVGn81Nr-Y6nrkvuFyMxrtvCLZkHpRCQUr2Y83CoKJa04PAhbitswXAjjBTuo9hvNcttkvOSTyOygZWCFkny1l48a0yduHyvD6vPuVoq-9JmyhjITRjcGObCwjF5CE2LmgaZfcLrQu49Hv3IzJSYQrAR7XSfPoMku8lIRXkxmoW0h550pT-3L_4MZfYm6CUbGFk4BGFsqn6o4hW9c3WRkKfH5ncRAUXP1s_VuPG-hwKBqprty1fxy3aKaJyRkxtfBwt8LT25GDLE1ETPaznT3hfmb5pZlzcSCxzD5K7xtkyodGSV4JeUJthJzjz0ENc8mqCEcnqFqpykidrw5iP_Iz7eFIx2HR2J0j4MBIbL5oNvxvXR2JBCzOvRMf1PY-RhrT0iiVcSPmGL3Xr3qxlKVVWV8P-CA3X3-2OhLkIvkS9ZEYSHD-N4OFvyQJWmpCCPUY8IwgKe1u-gayplschtbjERFIqqpKnuz122DnCVRFNecuII9ZMIszT-1Dy_rwRpAeWzd0kfbyaM_X8cZjif_fxTqDUpxXSziMC-4JGEdUH4342zeliLHutxP2Crpt-QObYHDYDXlwUaGZ4Juh-1bIsSLbV7lvDFQRYWOKaZCQjD7w5ULsFRd7leVAG0gj1P5A2d9TgGnYLBj7ROFDZKHY_D0LpuxJXfgnP7PSBjc89rC_qiUY18KZQX2XHF_sYXwbk3FyXccGHBBXlxqPpFx7DZ9_0-qUEIHn2FAMTNEj_ZC3wjUWRduFyywQ0FdLkAMRH7rE3UF4W-vSEOe6nhorLehYwHQLw7u_yWZiA5MA6U02ofTW7DhF-Z0_-HVfR7rZT_rrKdn9CBQ1e_6Wb4yEeIsQ58-XDSgEUoOy11nk2EYJZzPVS78U1tau7i0TaTnbsqR8iIC4QYN4p-i8o1vzw8qs2kPZMYpLRDScxoE8WFzF01QC3rXxay2_RNq5kh20ohaL1VNNc-XONGy9GI6V5rGWq2HHCNb1AND1O8CuWB-_2ypzVb5f1LD2WKkMAP91igleiS1f_4HD6k9qCpcEDm7FWefCJl7Lk6oKV-X_tKMcpF51Hr3-Gjf-F_hjCVJNEl6T8lvfLfE3yv2tTXwxIkgBhx3c3EUQTAebY-gSmKX_P8JM5slc7LsyZa_3DvVYF71IdcUpQWOPnIKetYi_B7KwtSksOvZboynSjkygSsaaAO2C3YCkTDaSTaKfv-WGg5vyuT241hBEK53HMAVUz1J9lXe4ZcNaLKadl78HOFDZ8KOac837e2YFgtUEz62ANA0EhLX6u9m_6xFIvSXgXCHla8pIdfYdu8dXquVcCItPnQcDr7embZj0MnCb0E9uU3_oB5cUBLlYhrhcTCjd_ZzhirvVieOIATNj-9WbUcjnMPstAxLUsdgTu6_aNa2tXVWAM0OBOE8xF3sCwHLlMFyeZfQZy1aPUZKf-6TJ3KgInfNosJ9I5RX5_i-Y37u55SdBlUSEycrP5ZbDopLtMq99GvunoSNUBkiy2faM6Y-y5WcJ6yZglBs7qXuEuTqyVkz6bJ_xia6UJRlbbm3VpX-JbHdCKI8iTNL3caIm07tDmUJXw5rdSNC-PIhn6-rH1UkVgq8RNRBLwHIAseib_qkJDXk56egzEl4I0xGlggCBQqb94MvSSM_8rQui-JXgEYvR1LVjo1HYrY5THGjixQ2Tjb8Ax5cx0KUpIaGq-L_qzgd-KUfiDXcrcp-ATXdz14_r-DENr_gU--kWo-n3UkXedYGpHgdwGZ3wIt-Jc&cid=CAASJ-RoO9n3OorZyT-nY7YytV-6BLJlpsNdsUraJ3vTel8Kqqtgf_VEIQ&rfl=1%2Chttps%253A%252F%252Fscriptpastebin.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Apr 2022 20:58:54 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 26EC	22 KB 8 KB	35ms 34ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes age 33112 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 12 Apr 2022 11:47:02 GMT expires Wed, 12 Apr 2023 11:47:02 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	main.gr.19.8.299.js Show response static.adsafeprotected.com/ Frame 6A20	189 KB 60 KB	145ms 28ms	Script application/javascript	2600:9000:2156:8a00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/main.gr.19.8.299.js Requested by Host: fw.adsafeprotected.com URL: https://fw.adsafeprotected.com/rjss/st/1005663/62077108/skeleton.js?ias_dspID=3&ias_campId=25770367&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=15622086937&bidurl=https://scriptpastebin.com/1900/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gsOhwep8ExR1uFCGjN7vC6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:8a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 07 Mar 2022 20:37:01 GMT content-encoding gzip age 3111714 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 01 Mar 2022 19:11:01 GMT server AmazonS3 etag W/"587738d3e44b43a2620f42eb51d89fbf" vary Accept-Encoding x-amz-version-id kp2GPcLunARmvxyYiu0RKpd0_UaoR.nW via 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront) cache-control max-age=315360000 x-amz-cf-pop FRA50-C1 content-type application/javascript x-amz-cf-id OmOMQ1V6ucVUZT_LXR5uBCxQJZZND0edI_V8fhDdwcS02B_jlNzFKQ==
GET H3	200	nl-NL_COMBI_Prospecting_SA_336x280.html Show response s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/ Frame 560A	2 KB 879 B	29ms 28ms	Document text/html	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e3be802626d9bbd65041690b65ea9a74d72c582b907ff187e1cc1605d089f468 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=86400 content-encoding gzip content-length 852 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Tue, 12 Apr 2022 20:58:54 GMT expires Wed, 13 Apr 2022 20:58:54 GMT last-modified Thu, 16 Sep 2021 08:10:02 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 2504	0 27 B	125ms 124ms	Ping image/gif	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssSvCE4xttd6pDzMUakAPGDfbnvWtXytZMhLutwzSMFH-pwYe4m8Dm86bugqXRI2S-XIZ73qnsuY5sLRgBJnAo0b9jRIqaEkPvyPtmL0ILGP-CqaBO1S7ay9oSnWoQKoqY0uAy4YUu26KfjbM1MOxiUUotGRi1mOBgYSqkeZtzPmp9z-GyXveHzVUY6yPHJxy7gSYHFqYKOSE8MCM57yyZot9oZvCgfX1nqGwEz0LAMFiMXJtFVXV6EnwTFDRhpPAne3i4OU1df4Xp1RVyxpT4P9lH4o46KQn1-sl6fjCaIslexHqNFBq8oN0PkvEVgJkli_EZSQKVMKEq8thwJHcB3kR-obTVH6uYy83ickwmi4DLf3pg63VTJXlNtM3A1t5I5YJRW1SwPsasIyLZIy_roeSkuSSFxvVr9K5OQaTDqeoH3ZZM_xOI8U2sZwKPE_qQroK5NDMCMOPlqmbFUjmHz4cmf4jhP1wBgQobZvLYRNqoKK9j0GxkOC6tCzy-lgn4Jne6rDYxFxK7itF29xr0Ux7xSG8SwjSt0VZUhZZooV6sJLuX1QKdX7HroTtPJ6mtVm9XwS9ssfyuVg47RkzA_SlNN_slHt_B15ZQQ3xQNRlwELBxGY_PcxZ7D_tm-S2X6Yx3MynCZP_NqpA-BGfvilmKfUVStbE6Mj5ODg3jUvdJjrj_QVqjteP-si9tmgapRXgZ5Ea7TWdDYlQFDEdzkweT7Sh2479mpmuYe56wCFM34Eai9YRhoDLR5wQHMHIXA6drQsmdhgSIGB0DVVk3xlOEadDz438wFcnRlH7NuAazBqI9eY_zqAn9buOy5BE9VcuGEX1Lhar692-B8k3rZISTcksxzOnMPOIZYTlgQbNRtYHQI0vTmAxGdpIqFcueqpQXu52mTXiP-9z1ZCyHeYpzLWhPQeDFw7rtJpx-S_ql3jPKuXSIrjdexZL-Ak70mPRJCOVbsYoGtA18duPGXgf6lM0tHyeoo3QPlbAKj6_zYLstE-qmbO9mlDQgn1eroMkcOreZjGogg8bD-OeFfHftImsRnOnXVY_x44I2p6WLTYfuq0at_SnW3XAZuTHrBis8a8Ub_YatBM3Ni4VfNhpOp37sqt0xgnX2AlYElD-TvnOWWhfqGEm8JGStxNXVrUv3BG84v-DDl9_Lc39Ez11uITq0iDv_ab2Lyks2AZp0-9peDeWbf9tWCDZ4jnx6NYihjaD72kjVNhsOSYIHb9g&sai=AMfl-YSweanYRJarEUOhzAf89dQnL6ikqGVkw01oeY5aPdBh0-Ri_84tdSg1YV3ApsfzyLhoZNMVF_gvpJSSpqwWJUj2-zeEbDHI9tSaod6trhBKQCN4XlnOVBHL1RIm_0tSrJ_bd1APFPXS0ru-SPAwi1i6CehoOJZiPMAAffXIBdt9OrIZ2tUpMDl6JAzl_BXS9EMQqNsTqswN0vL47XLzuNg9Rl7QPnk&sig=Cg0ArKJSzE-fXsf7-VToEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=175&cbvp=1&cstd=170&cisv=r20220406.90894&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl= Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 date Tue, 12 Apr 2022 20:58:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	200	pixel.gif opt.objectiveportal.com/ Frame 2504	35 B 528 B	282ms 29ms	Image image/gif	195.201.152.90 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://opt.objectiveportal.com/pixel.gif?customer=COO&brand=COO&domain=NL&process=banner&campaignid=26061147&placementid=306016553&che=2500662047&cmsiteid=1707040&adid=499009830&crid=152861241&gvalue=ct=DE&st=&city=5687&dma=0&zp=40629&bw=4&keyvalue=0&line_item_id=51579983&creativeid=&exchangeid=&insertionorderid=&sourceurl=&universalsiteid=&auctionid=&gdpr=&gdpr_consent=&gdpr_pd= Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.152.90 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.90.152.201.195.clients.your-server.de Software nginx / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Content-Security-Policy frame-ancestors *.objectiveportal.com objectiveportal.com Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:55 GMT referrer-policy strict-origin-when-cross-origin server nginx etag 5e4ff2c6-25de-444f-a561-5b827c18e5ab x-frame-options DENY content-type image/gif cache-control max-age=0, no-cache, no-store, must-revalidate content-security-policy frame-ancestors *.objectiveportal.com objectiveportal.com strict-transport-security max-age=63072000; includeSubdomains content-length 35 x-content-type-options nosniff
GET H3	200	nl-NL_COMBI_Prospecting_SA_336x280.html Show response s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/ Frame D1DD	2 KB 879 B	44ms 43ms	Document text/html	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e3be802626d9bbd65041690b65ea9a74d72c582b907ff187e1cc1605d089f468 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=86400 content-encoding gzip content-length 852 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Tue, 12 Apr 2022 20:58:54 GMT expires Wed, 13 Apr 2022 20:58:54 GMT last-modified Thu, 16 Sep 2021 08:10:02 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 4C0D	0 27 B	146ms 145ms	Ping image/gif	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssZfFBK9KOCS_j97hsnX2Vwl8q-NlnN9p-wyqVOP36eMszyyCdXAMNx7ep0VzUaFvuAs8pOYYz8rQQANaD7bVXuBI-gmcFHQ2zQ1UEL9LnhE0jP7h7FkxqDWbf_8EBMpOR1a9WtQ5SKytZu_Megi3ZvzVUE1nhl1V0mfajg-bF7rOc2gcER_hbQ81bC1C7lvZviY0dTRdU-8iXZYk2P8zuLydhp598T5vq79kJ-ru_0le2sQxdGNGTZ--pUfeiqRpZVwt-_seB33NhgCoEnnWPJWar-grXMYkiarDy_9MRe0jzil6u_r9jiV9vgSjcJT8MDQ37KdO7TRVQ0sajI6e0cPqzk1ZvQCuHN94hc2mqeabCwRgEaLgzv9-1tnmMsmNR3J_YuKHCq-MmKrB4Rk20W1j9K8BYtCsDuPuqTZE0b_zHK1rtPaz9G8hqC5zhwvp5CBll-P6IsOGYYnbHEcz-zMil1iy_PHdBeckQFSwgI4S4oUHU2aj6YKQ6dSX_RZJKCWs_pTNMJA3lktrInAQ8Y2RTN3cicWR-XgAwdUT9JfqPIvIKkB-cByttcqrGGA40t9iSZJfNlsRNjmwNfIfzUpEb7wzRAv50-YL22NiMI8_tQPWS9NvY2isjD4_8Z1ypC7s8ZePHCNdXw0zkLzd6mHF3pAiuI5JZ4zyk7WOnlDXHG33lan68gkde8nRQfUuvQbtqKi03hCd8Jsr-N8ZXrszToaauCTPeD7f_SVdTY9bP1Hhn6j2j6jujnEtrIBmvkvcnYTaB5WotfqibKuoXbw6wf75SgKVykuZtvSqIb6KZVHb_vd3HTU5rQwRs-aP9qk37LteVrGBssc4bi4lIbZKbhTuOOJEYDd8artbsyySa6P_lxJIxi6HJUDRDORaGgHVGjMX0GLwDEaIo2rS03U1OiD3HesReEvSjl7K1WNBIcUnHSmPSj0xMZ2l9XdzwWInwurX0ZMhOuRGpWd_Kk1Wv35qz_srnG-FpzCPTZrdSmM-4rSmornJ3d8tzSJnqtObKAbzxAqu8jZut2Q0BGaOgnHm5-0YsoSxYOy2kOTu3EWeoFGMDLZ0t6Q-q1Fexce-br6NtdbRrHTBEAtJC-Js_z5lhA_CzOZUtZzET0tAYOah9hy_6DGpK0NiYWD3J0-3CJCD1HVbtjmHuQZXmhOGXKyb-s4zMCxoQYYKzUBgAoOTKRibCF7wpUOYjR6iBaaLV03niwm_ZdRKmtoybHTw&sai=AMfl-YRYKBg0K8ptUdw9kI53qfitrJcTpfkVQwoKX1eDM9ltwZqgR69gtKa5KlTfu9_tVPB5ULT0mLTiIipX_6cm9Jg09AFOafsPNjclZo6EbQfNpo7EAEepzr_y9MFdWr9mqG25p_QQ8w6cjTANyqjLhk1wUuZ36RouJUf6xCM57iWQdqgRX3WfC1Bkq7pMjruKBf0wKbXmpO9eb4KkNpQu0-3IyQ8JYMI&sig=Cg0ArKJSzDNPQeJBfo9mEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=184&cbvp=1&cstd=181&cisv=r20220406.64441&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl= Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 date Tue, 12 Apr 2022 20:58:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	200	pixel.gif opt.objectiveportal.com/ Frame 4C0D	35 B 528 B	264ms 29ms	Image image/gif	195.201.152.90 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://opt.objectiveportal.com/pixel.gif?customer=COO&brand=COO&domain=NL&process=banner&campaignid=26061147&placementid=306016553&che=800306345&cmsiteid=1707040&adid=499009830&crid=152861241&gvalue=ct=DE&st=&city=5687&dma=0&zp=40629&bw=4&keyvalue=0&line_item_id=51579983&creativeid=&exchangeid=&insertionorderid=&sourceurl=&universalsiteid=&auctionid=&gdpr=&gdpr_consent=&gdpr_pd= Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.152.90 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.90.152.201.195.clients.your-server.de Software nginx / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Content-Security-Policy frame-ancestors *.objectiveportal.com objectiveportal.com Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:55 GMT referrer-policy strict-origin-when-cross-origin server nginx etag bbca2729-b227-4c75-968f-392a51216bda x-frame-options DENY content-type image/gif cache-control max-age=0, no-cache, no-store, must-revalidate content-security-policy frame-ancestors *.objectiveportal.com objectiveportal.com strict-transport-security max-age=63072000; includeSubdomains content-length 35 x-content-type-options nosniff
GET DATA	200 OK	truncated / Frame 6A20	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5630c93c0e8d244e6a9d4a1334373155aa827a66e7574c6266e2992b7b55478d Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Content-Type image/png
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 2504	41 KB 15 KB	59ms 58ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 11:47:02 GMT content-encoding gzip x-content-type-options nosniff age 33112 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 12 Apr 2023 11:47:02 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 4C0D	41 KB 15 KB	50ms 50ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 11:47:02 GMT content-encoding gzip x-content-type-options nosniff age 33112 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 12 Apr 2023 11:47:02 GMT
GET DATA	200 OK	truncated / Frame 2504	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a03af7be992ff5f1236364602eb0d8547de7b3ad828ffb902cf430d583dd1c83 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 4C0D	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d685c52d5afbb731be8fa7123c9bc352d55128a7a7d38654bae01e3028facad1 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Content-Type image/png
GET H3	200	mastery-300x169.png scriptpastebin.com/wp-content/uploads/2022/04/	69 KB 69 KB	322ms 320ms	Image image/png	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://scriptpastebin.com/wp-content/uploads/2022/04/mastery-300x169.png Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Security QUIC, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash e05a0933a3f0afe18b0d57be43cb8139460184ef963ba1a62501fe78fba2c01b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:55 GMT x-content-type-options nosniff last-modified Wed, 06 Apr 2022 14:15:57 GMT server LiteSpeed x-powered-by Niagahoster strict-transport-security max-age=31536000 content-type image/png cache-control public, max-age=10368000 accept-ranges bytes vary User-Agent content-length 70858 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H3	200	bloxfthunder-300x169.png scriptpastebin.com/wp-content/uploads/2022/04/	63 KB 63 KB	332ms 331ms	Image image/png	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://scriptpastebin.com/wp-content/uploads/2022/04/bloxfthunder-300x169.png Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Security QUIC, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash c982c62266542d970d4942264051729696c963e60f9d6b9d86d9f0c01b16cce4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:55 GMT x-content-type-options nosniff last-modified Wed, 06 Apr 2022 17:58:15 GMT server LiteSpeed x-powered-by Niagahoster strict-transport-security max-age=31536000 content-type image/png cache-control public, max-age=10368000 accept-ranges bytes vary User-Agent content-length 64601 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H3	200	aopgbest-300x169.png scriptpastebin.com/wp-content/uploads/2022/04/	54 KB 54 KB	413ms 412ms	Image image/png	45.143.81.187 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://scriptpastebin.com/wp-content/uploads/2022/04/aopgbest-300x169.png Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Security QUIC, , AES_128_GCM Server 45.143.81.187 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS srv144.niagahoster.com Software LiteSpeed / Niagahoster Resource Hash 2a96f77255f2d1fe278973cc70f06321a38f5a0c8c11c6b53415dded58de2746 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/1900/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:55 GMT x-content-type-options nosniff last-modified Wed, 06 Apr 2022 14:02:08 GMT server LiteSpeed x-powered-by Niagahoster strict-transport-security max-age=31536000 content-type image/png cache-control public, max-age=10368000 accept-ranges bytes vary User-Agent content-length 55239 x-xss-protection 1; mode=block; expires max-age=A10368000, public
GET H3	200	Enabler_01_246.js Show response s0.2mdn.net/879366/ Frame 560A	116 KB 39 KB	28ms 28ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_246.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 11:23:14 GMT content-encoding gzip x-content-type-options nosniff age 34540 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 40237 x-xss-protection 0 last-modified Wed, 30 Jun 2021 20:54:51 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 13 Apr 2022 11:23:14 GMT
GET H3	200	Enabler_01_246.js Show response s0.2mdn.net/879366/ Frame D1DD	116 KB 39 KB	49ms 49ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_246.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 11:23:14 GMT content-encoding gzip x-content-type-options nosniff age 34540 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 40237 x-xss-protection 0 last-modified Wed, 30 Jun 2021 20:54:51 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 13 Apr 2022 11:23:14 GMT
GET H3	206	burning-man.mp4 media.proadscdn.com/global/whitelabel-videos/	189 KB 189 KB	122ms 34ms	Media video/mp4	2606:4700:20::681a:737 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://media.proadscdn.com/global/whitelabel-videos/burning-man.mp4 Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ae5e4caf4ec051850b9cf1bb2e7f5be8e1ef438393577d986c2edd55b4b5487 Request headers Referer https://scriptpastebin.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Range bytes=9240576- Response headers date Tue, 12 Apr 2022 20:58:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1076046 Content-Range bytes 9240576-9433767/9433768 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 193192 last-modified Mon, 14 Sep 2020 09:45:11 GMT server cloudflare etag "8ff2a8-5af42e3fa8b4e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcD5We5bG8NohsbPxOKYgr4dYTvWUE%2FFdhMSIfgmhjw8NM4kCp7YcnCMFAeoVLg%2BVy7cXlz%2FhB9Z5P5LrlPh%2B3CKun3Obr4zJ00Sk5g28TEns9JN%2BQmUAsqWsUNsoXFHxck6rqcUKUStbqcev7JMLgM%3D"}],"group":"cf-nel","max_age":604800} content-type video/mp4 cache-control max-age=2678400 cf-ray 6faee1fe4828698f-FRA expires Thu, 14 Apr 2022 10:04:49 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 1412	22 KB 8 KB	81ms 81ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes age 33112 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 12 Apr 2022 11:47:02 GMT expires Wed, 12 Apr 2023 11:47:02 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 90E3	22 KB 8 KB	45ms 45ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes age 33113 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 12 Apr 2022 11:47:02 GMT expires Wed, 12 Apr 2023 11:47:02 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response pubads.g.doubleclick.net/gampad/ Frame 390D	99 KB 21 KB	466ms 461ms	XHR text/xml	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubads.g.doubleclick.net/gampad/ads?description_url=https%3A%2F%2Fscriptpastebin.com%2F1900%2F&env=vp&vpmute=0&vpa=click&gdfp_req=1&iu=%2F162717810%2C22714479765%2Fscriptpastebin.com%2Fpro_video&output=xml_vast4&sz=640x480&unviewed_position_start=1&vad_type=linear&cust_params=domain%3Dscriptpastebin.com%26subdomain%3Dscriptpastebin.com%26site%3Dscript.protag%26protag_video%7BmyEqual%7Dvideo%26pa_player%3Dcombined&sdkv=h.3.510.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2921993308&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.510.0&sid=F7CB7561-D327-42AE-AA12-34705D1777CB&a3p=EhgKCnB1YmNpZC5vcmcY2e_J_IEwRQAAAAASlgIKDmVzcC5jcml0ZW8uY29tEvcBTFFiemsxOUhOVXQ1UldKamJVUk1XSHBaVFdKQlQycHVlazlQYmt0MlNGVnFNelIzVEZkTGQyeFNTR1YzUjNWbUpUSkNUbUl5UzFwNlpEUnJWVU5IU2taUllqVTVjbHBMZG5SdlZVOVpkVmN3TWxsTWNFZEVZM0pKVUdGSWJYbEZNMm8wTjBjelEwbFZSRkZ6TjFOUVZFUkRjalIwUlVFeWJXZE9SMHhIWkZCT0pUSkdaR1I0UmtSeFdrRnlTSFp5YkdOTlRtMWhaMlZ1VVdNMk5UWkVPV3B1U1ZGb1EyUkhTM2RsU0ZBeEpUSkNRbWh5Um04bE0wURiP8Mn8gTBFAAAAABJBCgVvcGVueBIsZXlKcElqb2lRbFphU0cxRmJFcFJTR2t2VFROaWRXMUlSVVJvVVQwOUluMD0Yxe3J_IEwRQAAAAA.&nel=0&eid=44758348%2C44761692&url=https%3A%2F%2Fscriptpastebin.com%2F1900%2F&dt=1649797134994&cookie=ID%3D0803afc836e54fae-22e054a874cd0042%3AT%3D1649797133%3AS%3DALNI_MZnqnazjBBwibMEMytf9YjruEbcvw&correlator=4141984779851285&scor=2780516260897857&ged=ve4_td3_tt0_pd3_la3000_er543.1034.695.1034_vi0.0.1200.1600_vp0_eb16491 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.510.0_en.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 8f7d288846bdac7b0fd342a53e93840ae81168e8439101f5aa7f902bedea84ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:55 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20852 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/xml; charset=UTF-8 access-control-allow-origin https://imasdk.googleapis.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	287vsxWa92ZzAf4Hva6mMSSE5qc9GsoRRsyFmqSdVGI.js Show response pagead2.googlesyndication.com/bg/ Frame 26EC	36 KB 14 KB	37ms 35ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/287vsxWa92ZzAf4Hva6mMSSE5qc9GsoRRsyFmqSdVGI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dbceefb3159af7667301fe07bdaea6312484e6a73d1aca1146cc859aa49d5462 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 14:41:18 GMT content-encoding br x-content-type-options nosniff age 22657 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13808 x-xss-protection 0 last-modified Mon, 04 Apr 2022 12:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 12 Apr 2023 14:41:18 GMT
GET H3	200	combicontroller.js Show response s0.2mdn.net/creatives/assets/4171301/ Frame 560A	32 KB 5 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4171301/combicontroller.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf109ffb3bd1f52f298bd02f6f21e9a9dbc0c6f6989a1d5fe4159afa672cb8d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:50:51 GMT content-encoding gzip x-content-type-options nosniff age 484 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4796 x-xss-protection 0 last-modified Mon, 13 Dec 2021 11:38:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:05:51 GMT
GET H3	200	combicontroller.js Show response s0.2mdn.net/creatives/assets/4171301/ Frame D1DD	32 KB 5 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4171301/combicontroller.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf109ffb3bd1f52f298bd02f6f21e9a9dbc0c6f6989a1d5fe4159afa672cb8d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:50:51 GMT content-encoding gzip x-content-type-options nosniff age 484 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4796 x-xss-protection 0 last-modified Mon, 13 Dec 2021 11:38:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:05:51 GMT
GET H3	200	287vsxWa92ZzAf4Hva6mMSSE5qc9GsoRRsyFmqSdVGI.js Show response pagead2.googlesyndication.com/bg/ Frame 90E3	36 KB 14 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/287vsxWa92ZzAf4Hva6mMSSE5qc9GsoRRsyFmqSdVGI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dbceefb3159af7667301fe07bdaea6312484e6a73d1aca1146cc859aa49d5462 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 14:41:18 GMT content-encoding br x-content-type-options nosniff age 22657 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13808 x-xss-protection 0 last-modified Mon, 04 Apr 2022 12:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 12 Apr 2023 14:41:18 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 560A	7 KB 5 KB	64ms 36ms	XHR application/json	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_246.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c998280ff591d1f4dd89def9d9d75a9e60d6169d2577ac9a1400fe01a17504d9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Apr 2022 20:58:55 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5590 x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame D1DD	7 KB 5 KB	60ms 32ms	XHR application/json	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_246.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3be68658a80a9fb0d70d3a72ca90168c720fc0d524f090e8b94d5f75dc9b7dec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Apr 2022 20:58:55 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5533 x-xss-protection 0
GET H3	200	287vsxWa92ZzAf4Hva6mMSSE5qc9GsoRRsyFmqSdVGI.js Show response pagead2.googlesyndication.com/bg/ Frame 1412	36 KB 14 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/287vsxWa92ZzAf4Hva6mMSSE5qc9GsoRRsyFmqSdVGI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dbceefb3159af7667301fe07bdaea6312484e6a73d1aca1146cc859aa49d5462 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 14:41:18 GMT content-encoding br x-content-type-options nosniff age 22657 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13808 x-xss-protection 0 last-modified Mon, 04 Apr 2022 12:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 12 Apr 2023 14:41:18 GMT
GET H3	200	cbBdsV2.js Show response s0.2mdn.net/creatives/assets/3781309/ Frame D1DD	23 KB 5 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/4171301/combicontroller.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a616df7c846d173f15d8c4d97b57857fe716c80e88c95e6fef92e1626b13977a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:45:01 GMT content-encoding gzip x-content-type-options nosniff age 834 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4992 x-xss-protection 0 last-modified Wed, 15 Sep 2021 11:34:00 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:00:01 GMT
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 4C0D	0 26 B	58ms 58ms	Ping image/gif	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssZfFBK9KOCS_j97hsnX2Vwl8q-NlnN9p-wyqVOP36eMszyyCdXAMNx7ep0VzUaFvuAs8pOYYz8rQQANaD7bVXuBI-gmcFHQ2zQ1UEL9LnhE0jP7h7FkxqDWbf_8EBMpOR1a9WtQ5SKytZu_Megi3ZvzVUE1nhl1V0mfajg-bF7rOc2gcER_hbQ81bC1C7lvZviY0dTRdU-8iXZYk2P8zuLydhp598T5vq79kJ-ru_0le2sQxdGNGTZ--pUfeiqRpZVwt-_seB33NhgCoEnnWPJWar-grXMYkiarDy_9MRe0jzil6u_r9jiV9vgSjcJT8MDQ37KdO7TRVQ0sajI6e0cPqzk1ZvQCuHN94hc2mqeabCwRgEaLgzv9-1tnmMsmNR3J_YuKHCq-MmKrB4Rk20W1j9K8BYtCsDuPuqTZE0b_zHK1rtPaz9G8hqC5zhwvp5CBll-P6IsOGYYnbHEcz-zMil1iy_PHdBeckQFSwgI4S4oUHU2aj6YKQ6dSX_RZJKCWs_pTNMJA3lktrInAQ8Y2RTN3cicWR-XgAwdUT9JfqPIvIKkB-cByttcqrGGA40t9iSZJfNlsRNjmwNfIfzUpEb7wzRAv50-YL22NiMI8_tQPWS9NvY2isjD4_8Z1ypC7s8ZePHCNdXw0zkLzd6mHF3pAiuI5JZ4zyk7WOnlDXHG33lan68gkde8nRQfUuvQbtqKi03hCd8Jsr-N8ZXrszToaauCTPeD7f_SVdTY9bP1Hhn6j2j6jujnEtrIBmvkvcnYTaB5WotfqibKuoXbw6wf75SgKVykuZtvSqIb6KZVHb_vd3HTU5rQwRs-aP9qk37LteVrGBssc4bi4lIbZKbhTuOOJEYDd8artbsyySa6P_lxJIxi6HJUDRDORaGgHVGjMX0GLwDEaIo2rS03U1OiD3HesReEvSjl7K1WNBIcUnHSmPSj0xMZ2l9XdzwWInwurX0ZMhOuRGpWd_Kk1Wv35qz_srnG-FpzCPTZrdSmM-4rSmornJ3d8tzSJnqtObKAbzxAqu8jZut2Q0BGaOgnHm5-0YsoSxYOy2kOTu3EWeoFGMDLZ0t6Q-q1Fexce-br6NtdbRrHTBEAtJC-Js_z5lhA_CzOZUtZzET0tAYOah9hy_6DGpK0NiYWD3J0-3CJCD1HVbtjmHuQZXmhOGXKyb-s4zMCxoQYYKzUBgAoOTKRibCF7wpUOYjR6iBaaLV03niwm_ZdRKmtoybHTw&sai=AMfl-YRYKBg0K8ptUdw9kI53qfitrJcTpfkVQwoKX1eDM9ltwZqgR69gtKa5KlTfu9_tVPB5ULT0mLTiIipX_6cm9Jg09AFOafsPNjclZo6EbQfNpo7EAEepzr_y9MFdWr9mqG25p_QQ8w6cjTANyqjLhk1wUuZ36RouJUf6xCM57iWQdqgRX3WfC1Bkq7pMjruKBf0wKbXmpO9eb4KkNpQu0-3IyQ8JYMI&sig=Cg0ArKJSzDNPQeJBfo9mEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=519&vt=11&dtpt=335&dett=3&cstd=181&cisv=r20220406.64441&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl= Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Apr 2022 20:58:55 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	cbBdsV2.js Show response s0.2mdn.net/creatives/assets/3781309/ Frame 560A	23 KB 5 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/4171301/combicontroller.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a616df7c846d173f15d8c4d97b57857fe716c80e88c95e6fef92e1626b13977a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:45:01 GMT content-encoding gzip x-content-type-options nosniff age 834 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4992 x-xss-protection 0 last-modified Wed, 15 Sep 2021 11:34:00 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:00:01 GMT
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 2504	0 26 B	57ms 56ms	Ping image/gif	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssSvCE4xttd6pDzMUakAPGDfbnvWtXytZMhLutwzSMFH-pwYe4m8Dm86bugqXRI2S-XIZ73qnsuY5sLRgBJnAo0b9jRIqaEkPvyPtmL0ILGP-CqaBO1S7ay9oSnWoQKoqY0uAy4YUu26KfjbM1MOxiUUotGRi1mOBgYSqkeZtzPmp9z-GyXveHzVUY6yPHJxy7gSYHFqYKOSE8MCM57yyZot9oZvCgfX1nqGwEz0LAMFiMXJtFVXV6EnwTFDRhpPAne3i4OU1df4Xp1RVyxpT4P9lH4o46KQn1-sl6fjCaIslexHqNFBq8oN0PkvEVgJkli_EZSQKVMKEq8thwJHcB3kR-obTVH6uYy83ickwmi4DLf3pg63VTJXlNtM3A1t5I5YJRW1SwPsasIyLZIy_roeSkuSSFxvVr9K5OQaTDqeoH3ZZM_xOI8U2sZwKPE_qQroK5NDMCMOPlqmbFUjmHz4cmf4jhP1wBgQobZvLYRNqoKK9j0GxkOC6tCzy-lgn4Jne6rDYxFxK7itF29xr0Ux7xSG8SwjSt0VZUhZZooV6sJLuX1QKdX7HroTtPJ6mtVm9XwS9ssfyuVg47RkzA_SlNN_slHt_B15ZQQ3xQNRlwELBxGY_PcxZ7D_tm-S2X6Yx3MynCZP_NqpA-BGfvilmKfUVStbE6Mj5ODg3jUvdJjrj_QVqjteP-si9tmgapRXgZ5Ea7TWdDYlQFDEdzkweT7Sh2479mpmuYe56wCFM34Eai9YRhoDLR5wQHMHIXA6drQsmdhgSIGB0DVVk3xlOEadDz438wFcnRlH7NuAazBqI9eY_zqAn9buOy5BE9VcuGEX1Lhar692-B8k3rZISTcksxzOnMPOIZYTlgQbNRtYHQI0vTmAxGdpIqFcueqpQXu52mTXiP-9z1ZCyHeYpzLWhPQeDFw7rtJpx-S_ql3jPKuXSIrjdexZL-Ak70mPRJCOVbsYoGtA18duPGXgf6lM0tHyeoo3QPlbAKj6_zYLstE-qmbO9mlDQgn1eroMkcOreZjGogg8bD-OeFfHftImsRnOnXVY_x44I2p6WLTYfuq0at_SnW3XAZuTHrBis8a8Ub_YatBM3Ni4VfNhpOp37sqt0xgnX2AlYElD-TvnOWWhfqGEm8JGStxNXVrUv3BG84v-DDl9_Lc39Ez11uITq0iDv_ab2Lyks2AZp0-9peDeWbf9tWCDZ4jnx6NYihjaD72kjVNhsOSYIHb9g&sai=AMfl-YSweanYRJarEUOhzAf89dQnL6ikqGVkw01oeY5aPdBh0-Ri_84tdSg1YV3ApsfzyLhoZNMVF_gvpJSSpqwWJUj2-zeEbDHI9tSaod6trhBKQCN4XlnOVBHL1RIm_0tSrJ_bd1APFPXS0ru-SPAwi1i6CehoOJZiPMAAffXIBdt9OrIZ2tUpMDl6JAzl_BXS9EMQqNsTqswN0vL47XLzuNg9Rl7QPnk&sig=Cg0ArKJSzE-fXsf7-VToEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=529&vt=11&dtpt=354&dett=3&cstd=170&cisv=r20220406.90894&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl= Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Apr 2022 20:58:55 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame D1DD	17 KB 6 KB	40ms 40ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_246.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:55 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 12 Apr 2022 20:58:55 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 560A	17 KB 6 KB	47ms 46ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_246.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:55 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 12 Apr 2022 20:58:55 GMT
GET H3	200	3.7.1_gsap.min.js Show response s0.2mdn.net/creatives/assets/4295748/ Frame D1DD	62 KB 24 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4295748/3.7.1_gsap.min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 09458e08710a883974bd9b8856da1bfc29e3207022650b2ff3e9b98c1f4f5961 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:51:38 GMT content-encoding gzip x-content-type-options nosniff age 437 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24899 x-xss-protection 0 last-modified Wed, 15 Sep 2021 11:28:49 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:06:38 GMT
GET H3	200	cbstyle.css s0.2mdn.net/creatives/assets/3758114/ Frame D1DD	22 KB 4 KB	21ms 21ms	Stylesheet text/css	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 33046c5503c88fda21c5f1e1dd91c21e68878b452e63469657e96fe55de5938f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:56:10 GMT content-encoding gzip x-content-type-options nosniff age 165 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4281 x-xss-protection 0 last-modified Wed, 16 Mar 2022 09:24:02 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:11:10 GMT
GET H3	200	cbLib.js Show response s0.2mdn.net/creatives/assets/3781309/ Frame D1DD	42 KB 10 KB	28ms 28ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3781309/cbLib.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e1e588cef67f249a6f67075a6c460dde7dcca71eaeadc71ccfd565ac2dac17b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:44:17 GMT content-encoding gzip x-content-type-options nosniff age 878 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10434 x-xss-protection 0 last-modified Wed, 29 Dec 2021 08:43:16 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 20:59:17 GMT
GET H3	200	cbResourceList.js Show response s0.2mdn.net/creatives/assets/3781309// Frame D1DD	57 KB 7 KB	41ms 41ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3781309//cbResourceList.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f616475905ad2cb72079932eed2d8a99771d66b9e449682971df47829fd79000 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:49:52 GMT content-encoding gzip x-content-type-options nosniff age 543 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7339 x-xss-protection 0 last-modified Thu, 07 Apr 2022 06:55:52 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:04:52 GMT
GET H3	200	moduleList.js Show response s0.2mdn.net/creatives/assets/3781309/ Frame D1DD	8 KB 1021 B	42ms 41ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3781309/moduleList.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9261fc374ad402a8ca48b414850f314f0098b30776695dffa52c4e20eae9f3eb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:49:25 GMT content-encoding gzip x-content-type-options nosniff age 570 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 993 x-xss-protection 0 last-modified Thu, 17 Mar 2022 14:00:49 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:04:25 GMT
GET H3	200	AssetsList.js Show response s0.2mdn.net/creatives/assets/3757766/ Frame D1DD	1 KB 330 B	40ms 40ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3757766/AssetsList.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 02159cd3570c28fb35026c7708464a7fa408568bd8c56c75c50152fc7e624214 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:49:25 GMT content-encoding gzip x-content-type-options nosniff age 570 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 302 x-xss-protection 0 last-modified Mon, 04 Jan 2021 11:52:16 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:04:25 GMT
GET H3	200	3.7.1_gsap.min.js Show response s0.2mdn.net/creatives/assets/4295748/ Frame 560A	62 KB 24 KB	31ms 31ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4295748/3.7.1_gsap.min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 09458e08710a883974bd9b8856da1bfc29e3207022650b2ff3e9b98c1f4f5961 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:51:38 GMT content-encoding gzip x-content-type-options nosniff age 437 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24899 x-xss-protection 0 last-modified Wed, 15 Sep 2021 11:28:49 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:06:38 GMT
GET H3	200	cbstyle.css s0.2mdn.net/creatives/assets/3758114/ Frame 560A	22 KB 4 KB	22ms 21ms	Stylesheet text/css	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 33046c5503c88fda21c5f1e1dd91c21e68878b452e63469657e96fe55de5938f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:56:10 GMT content-encoding gzip x-content-type-options nosniff age 165 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4281 x-xss-protection 0 last-modified Wed, 16 Mar 2022 09:24:02 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:11:10 GMT
GET H3	200	cbLib.js Show response s0.2mdn.net/creatives/assets/3781309/ Frame 560A	42 KB 10 KB	36ms 36ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3781309/cbLib.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e1e588cef67f249a6f67075a6c460dde7dcca71eaeadc71ccfd565ac2dac17b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:44:17 GMT content-encoding gzip x-content-type-options nosniff age 878 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10434 x-xss-protection 0 last-modified Wed, 29 Dec 2021 08:43:16 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 20:59:17 GMT
GET H3	200	cbResourceList.js Show response s0.2mdn.net/creatives/assets/3781309// Frame 560A	57 KB 7 KB	41ms 40ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3781309//cbResourceList.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f616475905ad2cb72079932eed2d8a99771d66b9e449682971df47829fd79000 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:49:52 GMT content-encoding gzip x-content-type-options nosniff age 543 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7339 x-xss-protection 0 last-modified Thu, 07 Apr 2022 06:55:52 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:04:52 GMT
GET H3	200	moduleList.js Show response s0.2mdn.net/creatives/assets/3781309/ Frame 560A	8 KB 1021 B	43ms 42ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3781309/moduleList.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9261fc374ad402a8ca48b414850f314f0098b30776695dffa52c4e20eae9f3eb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:49:25 GMT content-encoding gzip x-content-type-options nosniff age 570 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 993 x-xss-protection 0 last-modified Thu, 17 Mar 2022 14:00:49 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:04:25 GMT
GET H3	200	AssetsList.js Show response s0.2mdn.net/creatives/assets/3757766/ Frame 560A	1 KB 330 B	43ms 43ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3757766/AssetsList.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 02159cd3570c28fb35026c7708464a7fa408568bd8c56c75c50152fc7e624214 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:49:25 GMT content-encoding gzip x-content-type-options nosniff age 570 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 302 x-xss-protection 0 last-modified Mon, 04 Jan 2021 11:52:16 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:04:25 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 26EC	0 20 B	58ms 57ms	Image image/gif	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZ8Q3DuhVYqWOGJH13wPyu7vYAwAAAAA4AeAEAg&bg=!MjGlMXXNAAZAkm7qYJI7ACkAdvg8WimvN1MQVzIhzqlG3IEw05ArUffflABmqD0pVpBO-SBGrAuqiwIAAAChUgAAAAFoAQcKAG9dOElId7OHCopt11PLR9vRB-Qorl6zv-X4w2H8rcr-e_aG9nldMrSZucDef55TivmjQPpOfeGydiUt9FPg-hyiPWWiwBVf2IrOXFZVvqzlmzMqzrjiXh_WnV_XUw-U3n48tgcU1VspJF71oJn8XbmZAuz2vmbNFlN1kQdSrr-iVY5wawgFj94Pi8yg7d8TwJEEvhEsR6ei3jeR1C5-hoP2yo10C_kjt2WbeDd8e-nkSmjy8ksSPDXBO5mYA4CuuuaxhAVDLehLplrvrdJWuJig69Frs9QawxZAzFxunWWKaYcm_xoxmnfM6Lht7-9eTkpB9kvmVDEQ3gxGBwLitD4F790ElTtDGQsTlceOf0JkhYVTy1Pcz5gMT2bT24ak_PxLZmHEoL9WkegONdbp4r5OHP3d1QBXaRZiWm0ftQIOQl98UWw2VspW7OGhygvO6HcdIr7TckNypkotbti7cRhxZKz6r9Qws3UdbVk-PiEac6Mp76WWz-ZUASFookD98g3KaVRuKYJLsRIwesTgkxjmN4Yr2iE86PKocORWo-yTj_yJrwQHVfYKSUbZH3i9hmM9kpiEVXlQ0fRv_ZdsmaHzW_H4nduhS-lSlv8qLtyDXN68xyZDQHOMbHaCJYoZz97HQin8qLeXE2n-UZFkRoAAQasC9uHAZ1DHVfOsfLuIXahIK2ScYDKtNJecsjCpWL-9SyhawlYqHL1ltbWNRd7kXnOaPF-COK7oGRc3Nm5BIIdnI2ZDxKlWaM5dunAqXR-JV6nCqG91B4ahT_IYXN3eDMlfwRof9KpLNX2mQqV678197ThafIx6OSHEdXvk8Y8kU4OX0btTAiLJ3iPjoqsDcx4SoKEvYzvufe2YrfLE7R46umogw-yAdcOAh_UYMexduLT9Mc9jJWskkzg0Eh1VPNU_wM7GJezegh4DyZYRqnBl0jEBfA3vhyyMi1HYRl0cUbgDgBaNN1zLqkHItU9vzJcL7wAWoi16DeP0kVA-ZOZ9QtmZh8N_nvmvRMl4JqPtIOofdYmcKRKC2GkxJIpMQ926Bkx7PLC20WsPHX4MY1c4CFZHJiAvSzsB5TJ47yCtwUMqqLo_by-phJk128SyyTzOOOozXH1rdWOxVpCALwAXMJ_CovMlpjqqG1Mz Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:55 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	dobraslab-medium-webfont.woff s0.2mdn.net/creatives/assets/3512464/ Frame D1DD	11 KB 11 KB	21ms 20ms	Font font/woff	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3512464/dobraslab-medium-webfont.woff Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3304ebafae2f97adb0f5d016454298a110bc449f68cda9c1afa3e01a325963e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css Origin https://s0.2mdn.net accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:48:32 GMT x-content-type-options nosniff age 623 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11356 x-xss-protection 0 last-modified Tue, 15 Oct 2019 14:21:22 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:03:32 GMT
GET H3	200	dobraslab-book-webfont.woff s0.2mdn.net/creatives/assets/3512464/ Frame D1DD	28 KB 28 KB	21ms 21ms	Font font/woff	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3512464/dobraslab-book-webfont.woff Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0129fef24101a11eaa58cb3eab025b451acc53fb30a6dcd6cce7237b07427e2f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css Origin https://s0.2mdn.net accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:52:52 GMT x-content-type-options nosniff age 363 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28524 x-xss-protection 0 last-modified Tue, 15 Oct 2019 14:21:00 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:07:52 GMT
GET H3	200	aebl____-webfont.woff s0.2mdn.net/creatives/assets/3512464/ Frame D1DD	20 KB 20 KB	24ms 24ms	Font font/woff	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3512464/aebl____-webfont.woff Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 609c9c8da515ce83f6dadac3fc67c7d3b9dd8ad6898eb9dda19c0b20b9a906a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css Origin https://s0.2mdn.net accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:52:41 GMT x-content-type-options nosniff age 374 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20060 x-xss-protection 0 last-modified Tue, 15 Oct 2019 14:21:37 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:07:41 GMT
GET H3	200	OpenSans-Regular.ttf s0.2mdn.net/creatives/assets/3512464/ Frame D1DD	95 KB 58 KB	25ms 25ms	Font font/ttf	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3512464/OpenSans-Regular.ttf Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css Origin https://s0.2mdn.net accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:48:33 GMT content-encoding gzip x-content-type-options nosniff age 622 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 59331 x-xss-protection 0 last-modified Tue, 15 Oct 2019 14:29:46 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/ttf access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:03:33 GMT
GET H3	200	287vsxWa92ZzAf4Hva6mMSSE5qc9GsoRRsyFmqSdVGI.js Show response pagead2.googlesyndication.com/bg/ Frame 4BB5	36 KB 14 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/287vsxWa92ZzAf4Hva6mMSSE5qc9GsoRRsyFmqSdVGI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dbceefb3159af7667301fe07bdaea6312484e6a73d1aca1146cc859aa49d5462 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 14:41:18 GMT content-encoding br x-content-type-options nosniff age 22657 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13808 x-xss-protection 0 last-modified Mon, 04 Apr 2022 12:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 12 Apr 2023 14:41:18 GMT
GET H3	200	dobraslab-medium-webfont.woff s0.2mdn.net/creatives/assets/3512464/ Frame 560A	11 KB 11 KB	21ms 20ms	Font font/woff	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3512464/dobraslab-medium-webfont.woff Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3304ebafae2f97adb0f5d016454298a110bc449f68cda9c1afa3e01a325963e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css Origin https://s0.2mdn.net accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:48:32 GMT x-content-type-options nosniff age 623 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11356 x-xss-protection 0 last-modified Tue, 15 Oct 2019 14:21:22 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:03:32 GMT
GET H3	200	dobraslab-book-webfont.woff s0.2mdn.net/creatives/assets/3512464/ Frame 560A	28 KB 28 KB	22ms 21ms	Font font/woff	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3512464/dobraslab-book-webfont.woff Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0129fef24101a11eaa58cb3eab025b451acc53fb30a6dcd6cce7237b07427e2f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css Origin https://s0.2mdn.net accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:52:52 GMT x-content-type-options nosniff age 363 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28524 x-xss-protection 0 last-modified Tue, 15 Oct 2019 14:21:00 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:07:52 GMT
GET H3	200	aebl____-webfont.woff s0.2mdn.net/creatives/assets/3512464/ Frame 560A	20 KB 20 KB	24ms 23ms	Font font/woff	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3512464/aebl____-webfont.woff Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 609c9c8da515ce83f6dadac3fc67c7d3b9dd8ad6898eb9dda19c0b20b9a906a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css Origin https://s0.2mdn.net accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:52:41 GMT x-content-type-options nosniff age 374 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20060 x-xss-protection 0 last-modified Tue, 15 Oct 2019 14:21:37 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:07:41 GMT
GET H3	200	OpenSans-Regular.ttf s0.2mdn.net/creatives/assets/3512464/ Frame 560A	95 KB 58 KB	25ms 24ms	Font font/ttf	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3512464/OpenSans-Regular.ttf Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css Origin https://s0.2mdn.net accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:48:33 GMT content-encoding gzip x-content-type-options nosniff age 622 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 59331 x-xss-protection 0 last-modified Tue, 15 Oct 2019 14:29:46 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/ttf access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:03:33 GMT
GET H3	200	287vsxWa92ZzAf4Hva6mMSSE5qc9GsoRRsyFmqSdVGI.js Show response pagead2.googlesyndication.com/bg/ Frame 2C8C	36 KB 14 KB	23ms 21ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/287vsxWa92ZzAf4Hva6mMSSE5qc9GsoRRsyFmqSdVGI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dbceefb3159af7667301fe07bdaea6312484e6a73d1aca1146cc859aa49d5462 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 14:41:18 GMT content-encoding br x-content-type-options nosniff age 22657 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13808 x-xss-protection 0 last-modified Mon, 04 Apr 2022 12:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 12 Apr 2023 14:41:18 GMT
GET H3	200	productCardV2.js Show response s0.2mdn.net/creatives/assets/4189440/ Frame D1DD	79 KB 9 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4189440/productCardV2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2931ae78978d2073ec400048c0e9e20c1489227a7e0051424d93069305438240 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:50:24 GMT content-encoding gzip x-content-type-options nosniff age 511 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9172 x-xss-protection 0 last-modified Mon, 13 Dec 2021 11:38:44 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:05:24 GMT
GET H3	200	carouselV2.js Show response s0.2mdn.net/creatives/assets/4189254/ Frame D1DD	67 KB 9 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4189254/carouselV2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0cedb8ab471db3d9644bf899bad54d2115018fea00a240c6e7f3a7d7118938da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:50:11 GMT content-encoding gzip x-content-type-options nosniff age 524 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9139 x-xss-protection 0 last-modified Tue, 30 Nov 2021 09:46:43 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:05:11 GMT
GET H3	200	storyCard.js Show response s0.2mdn.net/creatives/assets/4190428/ Frame D1DD	36 KB 5 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4190428/storyCard.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eae3117fbecd737f6da17f9540e797ff1a8137c096b0bb62efdc1dab8abc13b7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:50:12 GMT content-encoding gzip x-content-type-options nosniff age 523 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4586 x-xss-protection 0 last-modified Tue, 30 Nov 2021 09:47:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:05:12 GMT
GET H3	200	uspCtaV2.js Show response s0.2mdn.net/creatives/assets/3782491/ Frame D1DD	8 KB 2 KB	25ms 24ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3782491/uspCtaV2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8f9c57c81d47ce90d89f07b6fa259e7b6ab9e7d843ab8608950e3d2d9bad3da3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:54:57 GMT content-encoding gzip x-content-type-options nosniff age 238 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1550 x-xss-protection 0 last-modified Mon, 01 Mar 2021 09:59:04 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:09:57 GMT
GET H3	200	design.css s0.2mdn.net/creatives/assets/4171301/ Frame D1DD	20 KB 2 KB	24ms 23ms	Stylesheet text/css	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4171301/design.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5e40e0fd53a62acaaf66ea6b7dc6cd45b3a847bf9a91196b1154f807ee37f18c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:50:05 GMT content-encoding gzip x-content-type-options nosniff age 530 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2206 x-xss-protection 0 last-modified Mon, 13 Dec 2021 11:38:16 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:05:05 GMT
GET H3	200	NL_NL_DISPLAY_PROS_SA_COMBIBANNER.js Show response s0.2mdn.net/creatives/assets/3782500/ Frame D1DD	17 KB 2 KB	29ms 27ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3782500/NL_NL_DISPLAY_PROS_SA_COMBIBANNER.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c8ea41cbf2597780c129022e870dc74dae81a85bd31fba91d6b52a3e92a5208e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:50:24 GMT content-encoding gzip x-content-type-options nosniff age 511 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1996 x-xss-protection 0 last-modified Thu, 17 Mar 2022 13:59:46 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:05:24 GMT
GET H3	200	factSloganSplashV3.css s0.2mdn.net/creatives/assets/3782803/ Frame D1DD	4 KB 753 B	28ms 26ms	Stylesheet text/css	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3782803/factSloganSplashV3.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e802095e892c6b9193c1918d778b61eae8d12e27f5320abadd90436202ee2053 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:52:14 GMT content-encoding gzip x-content-type-options nosniff age 401 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 717 x-xss-protection 0 last-modified Mon, 13 Dec 2021 13:38:17 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:07:14 GMT
GET H3	200	factSloganSplashV3.js Show response s0.2mdn.net/creatives/assets/3782803/ Frame D1DD	34 KB 4 KB	29ms 28ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3782803/factSloganSplashV3.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d3d299014ce8d6ecffad10d6459bc2f72b6d09c2007c9132bf32336b37527eeb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:51:26 GMT content-encoding gzip x-content-type-options nosniff age 449 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4430 x-xss-protection 0 last-modified Mon, 13 Dec 2021 13:38:20 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:06:26 GMT
GET H3	200	productCardV2.js Show response s0.2mdn.net/creatives/assets/4189440/ Frame 560A	79 KB 9 KB	26ms 25ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4189440/productCardV2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2931ae78978d2073ec400048c0e9e20c1489227a7e0051424d93069305438240 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:50:24 GMT content-encoding gzip x-content-type-options nosniff age 511 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9172 x-xss-protection 0 last-modified Mon, 13 Dec 2021 11:38:44 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:05:24 GMT
GET H3	200	carouselV2.js Show response s0.2mdn.net/creatives/assets/4189254/ Frame 560A	67 KB 9 KB	26ms 25ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4189254/carouselV2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0cedb8ab471db3d9644bf899bad54d2115018fea00a240c6e7f3a7d7118938da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:50:11 GMT content-encoding gzip x-content-type-options nosniff age 524 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9139 x-xss-protection 0 last-modified Tue, 30 Nov 2021 09:46:43 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:05:11 GMT
GET H3	200	storyCard.js Show response s0.2mdn.net/creatives/assets/4190428/ Frame 560A	36 KB 5 KB	29ms 27ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4190428/storyCard.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eae3117fbecd737f6da17f9540e797ff1a8137c096b0bb62efdc1dab8abc13b7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:50:12 GMT content-encoding gzip x-content-type-options nosniff age 523 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4586 x-xss-protection 0 last-modified Tue, 30 Nov 2021 09:47:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:05:12 GMT
GET H3	200	uspCtaV2.js Show response s0.2mdn.net/creatives/assets/3782491/ Frame 560A	8 KB 2 KB	29ms 28ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3782491/uspCtaV2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8f9c57c81d47ce90d89f07b6fa259e7b6ab9e7d843ab8608950e3d2d9bad3da3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:54:57 GMT content-encoding gzip x-content-type-options nosniff age 238 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1550 x-xss-protection 0 last-modified Mon, 01 Mar 2021 09:59:04 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:09:57 GMT
GET H3	200	design.css s0.2mdn.net/creatives/assets/4171301/ Frame 560A	20 KB 2 KB	26ms 26ms	Stylesheet text/css	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4171301/design.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5e40e0fd53a62acaaf66ea6b7dc6cd45b3a847bf9a91196b1154f807ee37f18c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:50:05 GMT content-encoding gzip x-content-type-options nosniff age 530 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2206 x-xss-protection 0 last-modified Mon, 13 Dec 2021 11:38:16 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:05:05 GMT
GET H3	200	NL_NL_DISPLAY_PROS_SA_COMBIBANNER.js Show response s0.2mdn.net/creatives/assets/3782500/ Frame 560A	17 KB 2 KB	29ms 28ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3782500/NL_NL_DISPLAY_PROS_SA_COMBIBANNER.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c8ea41cbf2597780c129022e870dc74dae81a85bd31fba91d6b52a3e92a5208e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:50:24 GMT content-encoding gzip x-content-type-options nosniff age 511 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1996 x-xss-protection 0 last-modified Thu, 17 Mar 2022 13:59:46 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:05:24 GMT
GET H3	200	factSloganSplashV3.css s0.2mdn.net/creatives/assets/3782803/ Frame 560A	4 KB 753 B	27ms 26ms	Stylesheet text/css	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3782803/factSloganSplashV3.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e802095e892c6b9193c1918d778b61eae8d12e27f5320abadd90436202ee2053 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:52:14 GMT content-encoding gzip x-content-type-options nosniff age 401 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 717 x-xss-protection 0 last-modified Mon, 13 Dec 2021 13:38:17 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:07:14 GMT
GET H3	200	factSloganSplashV3.js Show response s0.2mdn.net/creatives/assets/3782803/ Frame 560A	34 KB 4 KB	29ms 28ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3782803/factSloganSplashV3.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d3d299014ce8d6ecffad10d6459bc2f72b6d09c2007c9132bf32336b37527eeb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:51:26 GMT content-encoding gzip x-content-type-options nosniff age 449 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4430 x-xss-protection 0 last-modified Mon, 13 Dec 2021 13:38:20 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:06:26 GMT
GET H2	200	skeleton.js Show response static.adsafeprotected.com/ Frame 6A20 Redirect Chain https://fw.adsafeprotected.com/rfw/st/1005663/62077108/skeleton.js?ias_dspID=3&ias_campId=25770367&ias_pubId=pub-2393320645055022&ias_chanId=1&ias_placementId=15622086937&bidurl=https://scriptpaste... https://static.adsafeprotected.com/skeleton.js	17 B 466 B	20ms 20ms	Script application/javascript	2600:9000:2156:8a00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/skeleton.js Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Server 2600:9000:2156:8a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 15 Feb 2022 13:58:04 GMT via 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront) age 4863652 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 17 last-modified Mon, 17 Aug 2020 23:54:35 GMT server AmazonS3 etag "53fab767ecbd3bf07990b10246befbd4" x-amz-version-id nylqTweorRThFHMBJSrf_fHcWx3KVKN3 cache-control max-age=315360000 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type application/javascript x-amz-cf-id PsLoULPUMUXlKVzpMb3myKst558kKvBQNPC0Y9fzux6YYDhqfk6Dtg== Redirect headers pragma no-cache date Tue, 12 Apr 2022 20:58:55 GMT x-server-name app07.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://static.adsafeprotected.com/skeleton.js cache-control no-cache content-length 0 server nginx
GET H2	200	sca.17.5.12.js Show response static.adsafeprotected.com/ Frame 7AAC	80 KB 21 KB	26ms 26ms	Script application/javascript	2600:9000:2156:8a00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.5.12.js Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:8a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 15 Feb 2022 13:58:04 GMT content-encoding gzip age 4863652 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Thu, 19 Aug 2021 16:31:24 GMT server AmazonS3 etag W/"9304f57298c3834ff107ea7ccb547996" vary Accept-Encoding x-amz-version-id 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja via 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront) cache-control max-age=315360000 x-amz-cf-pop FRA50-C1 content-type application/javascript x-amz-cf-id qKmg5kJTb7UwljPdhktned0WluNBKVtkfaBGurRVYktR4F2LW4Zq2A==
GET H2	200	dt dt.adsafeprotected.com/ Frame 6A20	43 B 216 B	338ms 98ms	Image image/gif	35.168.40.235 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1005663&asId=8ce3a67a-1304-389f-db8f-070df891bc1c&tv=%7Bc:9BG1ua,pingTime:-3,time:626,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:581%7D,%7Bpiv:0,vs:o,r:l,t:625%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:626,n:625,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:581,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B54~1,0~0%5D,as:%5B54~728.90%5D%7D%7D,%7Bsl:o,t:625,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t2PiE6c+11%7C12%7C13%7C14%7C15%7C16%7C17*.1005663-62077108%7C171%7C172%7C18%7C191%7C1921%7C1931%7C1a%7C1b%7C1c%7C1d1%7C1d21%7C1d3%7C1e%7C1f%7C1g1,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.168.40.235 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-168-40-235.compute-1.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:55 GMT x-server-name dt02.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H2	200	dt dt.adsafeprotected.com/ Frame 6A20	43 B 215 B	337ms 99ms	Image image/gif	35.168.40.235 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1005663&asId=8ce3a67a-1304-389f-db8f-070df891bc1c&tv=%7Bc:9BG1ub,pingTime:-6,time:627,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:627,n:625,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:581,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B54~1,0~0%5D,as:%5B54~728.90%5D%7D%7D,%7Bsl:o,t:625,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t2PiE6c+11%7C12%7C13%7C14%7C15%7C16%7C17*.1005663-62077108%7C171%7C172%7C18%7C191%7C1921%7C1931%7C1a%7C1b%7C1c%7C1d1%7C1d21%7C1d3%7C1e%7C1f%7C1g1,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs%7D&tpiLookup=ao:scriptpastebin.com*&br=c Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.168.40.235 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-168-40-235.compute-1.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:55 GMT x-server-name dt05.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 90E3	0 20 B	56ms 56ms	Image image/gif	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCVGdDuhVYuDmGJKy3gPJ0KaoAgAAAAA4AeAEAg&bg=!Tk2lTQnNAAZAkm7qYJI7ACkAdvg8Wkt2ZsIenfaW4Z5Tt0ZbHKt4kHkQjlo5oSOHkpf1czzoGoj2YAIAAADAUgAAAAFoAQcKAIdI3-pvfhiBj3fi1mjJ73RAFF1XQOZZOYffA793XehdgD_yB-jyvqXPxMfAPBQlLMYf5wKKnh3ZPJEBLqNKHSt6YrkHkQyYQ3VHn2GpOg7XdR0hCvnKCpi7_HcDEMYHcqtogppaoXYNxv6Wo8Fn-2lYkCaBMfABizHlBk1oybebjLlWTjT61wSZAvRU1lwMW2jCHQ-iPuxWAWPkgQzkO78zMcsYvmBm6NKBSMqeNYOwjtTarFjkb2kp7KB6vJ6D5Tw-QFU7lEI4Yy2iUCsuTKeDAxaYWAgdvtBYZAJRr-R_PdlpeyXNnj4x7BQ0retosM0OGxKdwG2LQiuz3T-Ehwcvi6xqT-dPYnLbgzyrqhvGVcj7BOmKqwvC4FZzpiHJT5Fu5Ant_zzFRlBIYU53dPrfP7DZ5Sp7S07GZNWwUaNlPVgMei-lZnBu1hmqp2g6P8_u1ifuNuPU64JnEledeS67yJJb30Gb65REKM-IdFKLfKEohCmrrebgNUURZ3hvPoQsB9FjSe5T2Hc46pJnzjdKRQEiY_TjGVwjdl135CAOWRN6SvcAvJSOn8L5qYSmKfMWgcYMZOyTLHN-7xoC9aZxsvOsfmk6uSCbwMKJq9u1I-2DrR2asfeXc8mBolrYT_n6S2Ud7gV2K52PmTyh4G8lGwIg8ZGwVP_n61dC0Ww5H2hreotU6usexkwPbpBwWTScS3cu9onHFXP8XCYa8uwqRjtDCpdvIexcTn6JkgrGmjcS4RiLIt_2wHNt3udiEj86HYbsVRPCjsH_vIW0zH0tWmq9jxNS8DeJ9esfmBLWbgy2-5IyYMFGCwcCu8taB-GO8LXlCrYzD63VeAkLYKMdlsFrZOAeE0sWfnMFQGKNTcuapIZjBEhh0OL1K_hInbEvIFCwh0b8FIV2DXhjTrBx7glK4KJrOHXhrgJFYwqVBSiiPeCqwkPDXMwqUAUFVPqU7PfS-LsS0knjeC8DX3WwCn03ojiNL3uLjmPHhXZvUMhAU8mJa1BWG07b36mfc4GTF7gKBdELVlXVKA6P0_jSbzzqPRUgwEN4layrISeqe_uIrI9Nj7F4rQ5glSadYCPLP1sFLDgzcqaEaJc2IiXRXeXX7gJaaNr1aZDuuOU-ZeGRbRxjF45QsCLe2q1pquVYc_QwB5F6bn2_UVZgJfgfMTlCsEnbKUvh1t5gzgY Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:55 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 6A20	43 B 215 B	296ms 99ms	Image image/gif	35.168.40.235 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1005663&asId=8ce3a67a-1304-389f-db8f-070df891bc1c&tv=%7Bc:9BG1uR,pingTime:-2,time:669,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:503,beZ:503,mfA:1071,cmA:1072,inA:1072,inZ:1076,prA:1076,prZ:1080,si:1085,poA:1085,poZ:1098,cmZ:1098,mfZ:1098,loA:1129,loZ:1131,ltA:1171,ltZ:1171%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:581%7D,%7Bpiv:0,vs:o,r:l,t:625%7D,%7Bpiv:100,vs:i,r:,t:668%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1,o:668,n:625,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:581,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B54~1,0~0%5D,as:%5B54~728.90%5D%7D%7D,%7Bsl:o,t:625,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B43~0%5D,as:%5B43~728.90%5D%7D%7D,%7Bsl:i,t:668,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t2PiE6c+11%7C12%7C13%7C14%7C15%7C16%7C17*.1005663-62077108%7C171%7C172%7C18%7C191%7C1921%7C1931%7C1a%7C1b%7C1c%7C1d1%7C1d21%7C1d3%7C1e%7C1f%7C1g1,idMap:17*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:86,readyFired:true%7D&br=c Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.168.40.235 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-168-40-235.compute-1.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:55 GMT x-server-name dt07.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3	200	productCardV2.css s0.2mdn.net/creatives/assets/4189440/ Frame D1DD	94 KB 8 KB	21ms 20ms	Stylesheet text/css	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4189440/productCardV2.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fd4671fecf39287c46760543309a7674b7f3cd3a51bef036b41d3c9d97ffb757 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:50:52 GMT content-encoding gzip x-content-type-options nosniff age 483 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7685 x-xss-protection 0 last-modified Wed, 01 Dec 2021 10:26:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:05:52 GMT
GET H3	200	uspCtaV2.css s0.2mdn.net/creatives/assets/3782491/ Frame D1DD	5 KB 794 B	21ms 21ms	Stylesheet text/css	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3782491/uspCtaV2.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a34f0ac0e0bae229e0913698c55cf65d12b30bb97c62e0bd6c8691dbbf2f9857 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:51:26 GMT content-encoding gzip x-content-type-options nosniff age 449 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 758 x-xss-protection 0 last-modified Tue, 08 Jun 2021 14:10:35 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:06:26 GMT
GET H3	200	productCardV2.css s0.2mdn.net/creatives/assets/4189440/ Frame 560A	94 KB 8 KB	20ms 20ms	Stylesheet text/css	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4189440/productCardV2.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fd4671fecf39287c46760543309a7674b7f3cd3a51bef036b41d3c9d97ffb757 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:50:52 GMT content-encoding gzip x-content-type-options nosniff age 483 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7685 x-xss-protection 0 last-modified Wed, 01 Dec 2021 10:26:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:05:52 GMT
GET H3	200	storyCard.css s0.2mdn.net/creatives/assets/4190428/ Frame D1DD	22 KB 2 KB	21ms 20ms	Stylesheet text/css	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4190428/storyCard.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eddc21ba3e9ace541d8a264afd4f0ccd30d6da548510e6eb9a55ddfa137d6527 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:50:52 GMT content-encoding gzip x-content-type-options nosniff age 483 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2242 x-xss-protection 0 last-modified Thu, 17 Jun 2021 20:19:40 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:05:52 GMT
GET H3	200	carouselV2.css s0.2mdn.net/creatives/assets/4189254/ Frame D1DD	14 KB 2 KB	21ms 21ms	Stylesheet text/css	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4189254/carouselV2.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a5c306efa9dcc84aed1fc2f68c5607e5bad60882a24f8d321212fe5ecb01df7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:50:52 GMT content-encoding gzip x-content-type-options nosniff age 483 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1544 x-xss-protection 0 last-modified Thu, 17 Jun 2021 20:19:43 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:05:52 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1412	0 20 B	55ms 55ms	Image image/gif	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8F9KDuhVYt2rGIGQrATs4rSQAQAAAAA4AeAEAg&bg=!19Sl1JDNAAZAkm7qYJI7ACkAdvg8Wi1c78BJbL8632wt9Bx35U_yP6RrNNfMWxzO7Wu822Nmrpf17AIAAADmUgAAAANoAQcKAJ7nmA87jnMsuJ4BGxRFY1uCNfppujPyVHsYWXGwehf3Whr3aNlFdzw6zWRoJdSOmNywYp-bkfRNx_R0ZtG_oA7QJu5IZO3Ps0ee3pjRHa2fsUxZ6uhaSd6uaYpRlozHpcptWOkVMyAzlf6fYOpgYrLYHikVo50SBVEDFGs-i7xQ10Cn27j-gDj-aGSMh_nOsBl2n3KyFhgKiF3YpWRUspkC-1NOwLcq5vr7m0lSLyyGcMqaKg5gTZWI4SgrTy50XBOgF8LuGL_0Gx8LYn8_p2al6aYXULMIFOnbSLNe4fhFBlSvbetYAkJR8w4_1fg4ybg-514AR1yOcpJtL1c_F3vjO9UXzX0rBx3yL660Co_YNqf1letQoqK2RtVnLmHyDX_etGS5p8W8zNFGXxQ5SQts6ayXCmYT3BCDqnW3a14VkhPg2bLCqd-CIC22GvfejP5GndUTBiEUxy6cPEWgr4f5uSUxhPPa-_8K6sNbyU72QIiv-c5iGeSmhd89eoEgsn8uXcUNDMARzY1ENrIh-Usvoil294GRMj40teVzHqmssGKozX-CzgSrGoKgZHVSy6HOSGX15X1BAeulMnZqsrhfSWTr5AO9_Z-CnJ4O6uyexLgI7ZKVyAt2VO_hamhTfcqm-oM99mZoxTMCHL9W3ZPUOCAUU9810KOdz3BhbZ7v2OpUt5hJCbBQA2yP8e_50n4xRvnBzvXj2LZSgi4Au88VSXIM-WLXH52WOoO3GqW9l48NfEgc0i7Z-aus1efO_IEpZThOOS_tXW9bnMrohMXhUs-aN5talY09R5ZPdWC2B7fy-oTW_EnsXNzHzqOvhdIwzdfMbKGYFiY7OD2xdU23ohf4GQg108Y67Gk7wRIy2p6FiUMjNV_EF7B_8Be3JZlx3Ll6yGpWSRZuLTh65XlMbL-yP-SzSlB2keaH76WC-nclkF2ShjF3TVVxpCiMvnyZqYvIR7s7Zc_UD3msbxRNjicz8lPz5OgZJl9ARJyB-ZKA_kWEeye2NMYjCnOl4dfyHK88vnqu1BwRZvZyS4FdTxSu8DJ3RXQKWDjzCtSlIr1ha7ZxIgqZX-yHl3rnyLWWL-GN_rRr2PESlMOt8BqoP4YLZ-qZRKoXoZmmpEIuT15Z5avO5NtPan6buB2YXtKXUVWWor2wy4omf7CgrsOPqSidl5bN2A489aFqReB5R2A1STM8MImpQ3nG9aSVwA9B4RYtXdVJvN6kScM Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:55 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	carouselV2.css s0.2mdn.net/creatives/assets/4189254/ Frame 560A	14 KB 2 KB	20ms 20ms	Stylesheet text/css	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4189254/carouselV2.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a5c306efa9dcc84aed1fc2f68c5607e5bad60882a24f8d321212fe5ecb01df7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:50:52 GMT content-encoding gzip x-content-type-options nosniff age 483 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1544 x-xss-protection 0 last-modified Thu, 17 Jun 2021 20:19:43 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:05:52 GMT
GET H3	200	uspCtaV2.css s0.2mdn.net/creatives/assets/3782491/ Frame 560A	5 KB 794 B	21ms 21ms	Stylesheet text/css	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3782491/uspCtaV2.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a34f0ac0e0bae229e0913698c55cf65d12b30bb97c62e0bd6c8691dbbf2f9857 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:51:26 GMT content-encoding gzip x-content-type-options nosniff age 449 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 758 x-xss-protection 0 last-modified Tue, 08 Jun 2021 14:10:35 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:06:26 GMT
GET H3	200	storyCard.css s0.2mdn.net/creatives/assets/4190428/ Frame 560A	22 KB 2 KB	21ms 21ms	Stylesheet text/css	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4190428/storyCard.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eddc21ba3e9ace541d8a264afd4f0ccd30d6da548510e6eb9a55ddfa137d6527 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:50:52 GMT content-encoding gzip x-content-type-options nosniff age 483 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2242 x-xss-protection 0 last-modified Thu, 17 Jun 2021 20:19:40 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:05:52 GMT
GET H3	200	CB-logo.svg s0.2mdn.net/creatives/assets/3782689/ Frame D1DD	5 KB 1 KB	21ms 20ms	Image image/svg+xml	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/3782689/CB-logo.svg Requested by Host: scriptpastebin.com URL: https://scriptpastebin.com/1900/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c1e6e3f592d8c8b63e2b543ac0ccbae369ddb4604066dc97420c7a1d586ba8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=Y3LfQqpKfo&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:57:58 GMT content-encoding gzip x-content-type-options nosniff age 57 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1492 x-xss-protection 0 last-modified Fri, 12 Jun 2020 07:30:57 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:12:58 GMT
POST H3	200	log_event Show response www.youtube.com/youtubei/v1/ Frame B390	28 B 54 B	35ms 35ms	XHR application/json	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/1e29bfc0/www-embed-player.vflset/www-embed-player.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type application/json X-YouTube-Utc-Offset 0 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/Z0InFRKwuXk X-YouTube-Client-Version 1.20220410.00.00 X-YouTube-Time-Zone Etc/Unknown X-Goog-Visitor-Id Cgs3SEI3QWVrdEpWOCiM0NeSBg%3D%3D X-YouTube-Ad-Signals dt=1649797133088&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image Response headers date Tue, 12 Apr 2022 20:58:55 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31 x-xss-protection 0 expires Tue, 12 Apr 2022 20:58:55 GMT
GET H3	200	CB-logo.svg s0.2mdn.net/creatives/assets/3782689/ Frame 560A	5 KB 1 KB	20ms 20ms	Image image/svg+xml	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/3782689/CB-logo.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/3781309/cbLib.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c1e6e3f592d8c8b63e2b543ac0ccbae369ddb4604066dc97420c7a1d586ba8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61811213/20210916011002575/nl-NL_COMBI_Prospecting_SA_336x280.html?e=69&leftOffset=0&topOffset=0&c=D8AWKICAWW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:57:58 GMT content-encoding gzip x-content-type-options nosniff age 57 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1492 x-xss-protection 0 last-modified Fri, 12 Jun 2020 07:30:57 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Apr 2022 21:12:58 GMT
GET H2	200	vast Show response bid.g.doubleclick.net/dbm/ Frame 390D	23 KB 15 KB	109ms 51ms	XHR text/xml	108.177.15.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DwuFpVK94cT_95L_fUfDOUn0WbtbYN5vbzd7e42izTJwbEPn96pD6OTfFj8qW5QFUxRsu-tMbgKqhYtVCRhEKh6RzGTA&dbm_d=AKAmf-CDu4JsHUF-zY-3WOODdQeoo7U2DZ280K6cVeAFvQJPHqW12BDuV90m_JNIm399TghPwYPlFbR8Aeg5-HcxTRjiyf1PxekEW3M0UVLW74QWLbVhItAeFqE40q1F-3r7RtCenORdSGY3W0oiLtQmEkzNqk2YMB1lVkZepKys5waV4pbT6c3KXQdPHkiB5NzEAy-NMGdbg6zcEthjgfq7Cbhj-mvrYTAroXZ0_aL7qR9-ej53KpXyFYGM0tdue0f48s24Q81ogvS3TTlmkIENcyiZ7DNEzFjnltReLaZq59-mxHvTd0PMHWlFXPBw9zeVa-qylUoDElTYo1-VbPHc2P4skl1sOxtBX5Zb5hw3IdRgw9DNyrnKFcSBPbslfRqAn0q0iiUGkhzUxffkIqtTDYRksWMK3_tS1ytBCT7ytTKUotpnxetMckMl0nRtR41M2apeD_OCX0g9j5-rpgv2Npq06H4YQPuzfherVYPhBNGPEsN7T8DcfXwRfi9YweEnajAgclcwwgPMnvEKfCAYYgCNwgaKys4xlHi3knN_RqnjoLmT3WoQyct0LEVZP7iX30Zmy1rysKuen8z4XxNzXTgjiZFgnO5bhVCyi0L8ppXvq44SGg6-xziJBZn7Zh_w3iWKvNkX5OzJ5yY94aAwOOaIYPKOXeOqvUD703S_1ThokLdVV_n_FuwSjd-v3EewrbjYrJVSPKQ6gwBvqre4v7JkjAFTwwHgRs5jleiyWc07sBGwoMwrZJ99Whk89EK2edbDd3tfzyWDHHVkBNrZVepUlXd506fP6yQM-iWqpRvEJ7mvF4ppInNvCVG2Fo9FYYAaMJKmFXL1A-EaFJqekSIOKGXl5c9IuQFn3I2nMuUSEL8ZT5mxifLZF9mlvUKHduyA_4CTPzSgh1L9rnEg-N3FotnLgHhp7eMZVk5aLvCjs9GOuMAXQ6AkPZUHuJ8PQ0Ooclzz6f4zdH0hvviQmPEJaJMt8aiqsqBunsP9pm8bS97nNs3PFx5Eeh05n8NzJwBMTsAhP62MQqSc-kLx-WwncjUF57YmQiS9C35H8jd0akRPAABR05bQ_uy3FVvOUpsQdU-8NG3AEOIxg4Zr59u3PCJQ_-uphuOjlVFwQlA4c88qaJ-_sQuPkH1xHf-T6O8rrzhWaYm3PxSsvL_tcb2wUiVRIKyxKGLFn08pNZ_1F4yc7LT4-FHho1j-xV-X7_yiYFGnTAIjOdSFk02sJLY2Kn3cfNWaGPUd05I3zWNX2Q5ZmYVtDCALYYT-UXivXlni9RidaeFLJTv0od8nJpzOITGQwPZbdqiuoGaXan95FrqJN50JMA9iOy-XnjOoMbPotZYylXa31lNhx1VAIAfURkgDGNHi3DFmARHqvhwxponOMTsxeB9hjk22toiqULxkAX7e7_7HcGJhP_y-N4ZhBd9azMEOON041F-aLcjTB2ZbiIK91ITQdR5h3k7iL-qhwvUeXLfMB47FREX4ouAb-05BPb9DfprNhOfDqDvghzIcLS7de9QN8eHqC4fc0dah5uBmcevn3x1CHN5iZp6rK4ZOW6cA1lOAV8pq2mtu8QT0Ea34gD16nzh5AHzxQ9zUO26azqQxhFi33LxbOuA9VrpAv5gqhtgXQsftf2rlKv_aje1LCyg_dsWN07791f66kwVzfmeBKcHGqr0aA6kByO34-pBsI4EVTw__yylOJCGKpkyIR1beI4dorBOeXiXGJ-eS4xpp8ccDza5dY29n8IK6l7h0eaIGwii48suGyLMI253QFuZ1uYqPhK0tsQ622lbNr1E30zN6FRojUUq_i6Fk7leXevTMhJhP6MIL8WkRQK_l9aEXX-_vNJxNgO1Cl7gQd7Do-SL_rcHiYjz2-z1D95jMMduzqRuVJn3e7NwQM_6yQ5AaACNWBryGLbp32M1GyUBjy_R6perJ0_Ii4Drj1CefeDQk6ZWlxyFXGeh39rv5lWRh423ELWtJtXv95gVHLF_KVgIfFiOqcZ6uKs93iNgmRLdha7yyWSLnjDoonObbVesuSJR5zEakUXnQ15Ms2RojWZynd2nKWZ_9kKw10D9AQSvetOCjAymC50xNtF5B-zA75M3RQluGR9Ka641Hq-VhSpD0nyz39y-PYwCJwWnTy1-uqkVDf49ONeWXnt0kkauT0RPIEV0fPD6e73LkwJQ8kp3qNCpcYpjDP1G3m2KFHhUijgZO7yMf_7TUJ4zN21FTgTsr-LmqcdMjB577W3hAIAOp4O2h9XDr4mHnbOxMjh-GBfWLh2TuCHLt87rLtqQau_MnzEnGZwgqEXJtoEAgT1EsujvyqYaa5q3AczAoGfhhOB10dkCRclQItQbEG9KXkOUSFACrGUdjRC6gs8EklQY4oB_T63bU57NHivShCmBRZWCavfh5_EIudMsomAM_tcPs1Jgmh_qAx5sdSqVfOlqekHljmeDzOnbS0gGKbvymNa0gWUCbVWOiojxNNK2N-Dv70jI8dz0cbGlv1ibMiqXROj1pRDSrUhPEaMWkPy_4VjnLdG9AEvW8S0gHG-cwZmcq9484WLuknvISV3wTS2trIKiejdH-d5sq5WxY1veBaB6VBAbjkk6fMHz9c9nug6jjGQmk7sn0n3aip5kXFWpNFsqtiXNrBmldK9G1PV14uS4hf9ND3YxouIxGNxT6jrwOZmp11aErPAAruaUVRR4ecco_ahAqtGbOhcZqFjqzbGruw2tDqD3gemZKmqEwFzIUam_z5WLqApRRlNUU9u_whxZYXIJsTEoXuKOdjTjwyw62kG8zN2dhPu7afzS-u7CwYo2aIHb5KKEs9ygVyJsSZlacGkf_SLN73tSljRS0evTUd2EltDcUJC8ytRaY5lKzIucsXz8OYvthnYeU1MdvW3s8LC8MCmHtHYnHvpkTqrZZXxvVkNKg7JxdRNWJt-2oDkFNUF1KKpnzvf9qaLImOU8SzVgW-ds70PDqK9eaYtwKE7uTPZRccfRn0JwDKBRtWCtBq0MFObxovjoYmftX_Tzc1z_bTOTEqvV5fuu2lYar-DjoowdlD9K3IYzDyv5e4gUroQMFa1lTqW-_c7PXmlQwXGZX-DMtVDaNCRZBZWwKHHQcNCYJHUYr_te-8gldG2YtrVVSbkjcT8OeBDG5gBAxOmZ9jwnYzkrW_c-NkWF8fHpbO5tQ_0mrjGTnfc3mR5kx75KSAtWjZpiwoSNgG6mc_KJtO9siDapVii2u3r84sGgOafc_OWVwHZMb2RjHsXb8xQOtKGSxpHeHaIHaAZYgrkSkPauYGsQiP5giLs6IBh1oMbGzPRyB5CscEu6uF9O1bNDaQ0cmS26nwntbsqdoeW-5XtHc3LffjIavH-01a7GgCJP_iYxbAltuJqs67dVWFgLsJVREmIURNlmIELyWIotDu5k6Aw&cid=CAASJORoOexKPOP0Ah8YBlegKmtLdxZrlVTM5s5N11Gkfn_QQ6oJlQ&vpa=click&vpmute=0&sdkv=h.3.510.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2921993308&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.510.0&sid=F7CB7561-D327-42AE-AA12-34705D1777CB&a3p=EhgKCnB1YmNpZC5vcmcY2e_J_IEwRQAAAAASlgIKDmVzcC5jcml0ZW8uY29tEvcBTFFiemsxOUhOVXQ1UldKamJVUk1XSHBaVFdKQlQycHVlazlQYmt0MlNGVnFNelIzVEZkTGQyeFNTR1YzUjNWbUpUSkNUbUl5UzFwNlpEUnJWVU5IU2taUllqVTVjbHBMZG5SdlZVOVpkVmN3TWxsTWNFZEVZM0pKVUdGSWJYbEZNMm8wTjBjelEwbFZSRkZ6TjFOUVZFUkRjalIwUlVFeWJXZE9SMHhIWkZCT0pUSkdaR1I0UmtSeFdrRnlTSFp5YkdOTlRtMWhaMlZ1VVdNMk5UWkVPV3B1U1ZGb1EyUkhTM2RsU0ZBeEpUSkNRbWh5Um04bE0wURiP8Mn8gTBFAAAAABJBCgVvcGVueBIsZXlKcElqb2lRbFphU0cxRmJFcFJTR2t2VFROaWRXMUlSVVJvVVQwOUluMD0Yxe3J_IEwRQAAAAA.&nel=0&eid=44758348%2C44761692&url=https%3A%2F%2Fscriptpastebin.com%2F1900%2F&dt=1649797135568&ged=ve4_td4_tt1_pd4_la4000_er543.1034.695.1034_vi0.0.1200.1600_vp0_ts1_eb16491 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.510.0_en.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.177.15.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wr-in-f155.1e100.net Software cafe / Resource Hash 192d515d9f56f179de270976f742af8fed6a1c4cf7b6f52928c25740a4e6f2c7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:55 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15117 x-xss-protection 0 pragma no-cache server cafe content-type text/xml; charset=UTF-8 access-control-allow-origin https://imasdk.googleapis.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	14 KB 10 KB	37ms 35ms	XHR application/json	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022040701&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 801a0a9035b45284ba005c938bb740c6e9f7405b968d797b32dd91e830b9cbc8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Apr 2022 20:58:55 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10522 x-xss-protection 0
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	48ms 47ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:55 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 12 Apr 2022 20:58:55 GMT
GET H/1.1	200 OK	skeleton.js Show response vast.adsafeprotected.com/vast/fwjsvid/st/781848/61320701/ Frame 390D	10 KB 4 KB	229ms 69ms	XHR text/xml	34.248.118.12 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vast.adsafeprotected.com/vast/fwjsvid/st/781848/61320701/skeleton.js?includeFlash=false&ias_dspId=3&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=v4~~&originalVast=https://ad.doubleclick.net/ddm/pfadx/N7442.1972103DOUBLECLICKBIDMANAG/B26133829.308814164%3Bsz%3D0x0%3BAUCTIONID%3DABAjH0ipKd3OUFtW0AuCKl0wpsx5%3BEXCHANGEID%3D1%3BSELLERID%3D1645269543108%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.3.510.0%3Bdc_osd%3D2%3Bdc_frm%3D0%3Bdc_adk%3D2921993308%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://scriptpastebin.com/1900/%3Bdc_vast%3D4%3Bnel%3D0%3Bdc_ves%3DdGltZXN0YW1wOiAxNjQ5Nzk3MTM1NjU4Cg%3Bdc_cid%3D167142322%3Bdc_adid%3D502840068%3Bdc_vpaid%3D0%3B Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.510.0_en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.248.118.12 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-248-118-12.eu-west-1.compute.amazonaws.com Software / Resource Hash a684e2d1200405f87f12481f90024f15dee290efc780b924f5dd026d6b895285 Request headers accept-language nl-NL,nl;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Tue, 12 Apr 2022 20:58:55 GMT Content-Encoding gzip Vary Origin Content-Type text/xml; charset=UTF-8 Access-Control-Allow-Origin https://imasdk.googleapis.com Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Length 3350
GET H2	200	dt dt.adsafeprotected.com/ Frame 6A20	43 B 215 B	99ms 99ms	Image image/gif	35.168.40.235 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1005663&asId=8ce3a67a-1304-389f-db8f-070df891bc1c&tv=%7Bc:9BG1zH,pingTime:-10,time:969,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDAuMC40ODk2Ljc1IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1649797135752%7C%7C42ba487cc98cd76b76bc5512323a4983%7C%7Ceb4f03ab9dc867f6a5bdb2294b85db99%7C%7Ce1e372ff90e3146d48d729130acb2353%7C%7C0754251f83362a12bb6877733832e77d%7C%7C90578d1dd2695eb911bac0fc11b79231%7C%7Cd60b6c88b158114ba9a8703d561f9f0a%7C%7C12a3181a199cabbe33d50cf990b18c60%7C%7C1629390669%7D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.168.40.235 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-168-40-235.compute-1.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:55 GMT x-server-name dt17.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9860	13 KB 5 KB	31ms 31ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://scriptpastebin.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes age 335 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 12 Apr 2022 20:53:20 GMT expires Wed, 12 Apr 2023 20:53:20 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 14F9	783 B 535 B	31ms 31ms	Document text/html	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 19c8cec50a1993055026548ab20668bace7a832369f9d5f98b14926c86db03fb Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Lr3MI5pLQipR4aSW5AFm7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://scriptpastebin.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=300 content-encoding gzip content-length 513 content-security-policy script-src 'report-sample' 'nonce-Lr3MI5pLQipR4aSW5AFm7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 12 Apr 2022 20:58:55 GMT expires Tue, 12 Apr 2022 20:58:55 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 14F9	0 0	62ms 62ms	Image text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022040701&jk=3693338721605987&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers
GET H3	200	287vsxWa92ZzAf4Hva6mMSSE5qc9GsoRRsyFmqSdVGI.js Show response pagead2.googlesyndication.com/bg/ Frame 9860	36 KB 14 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/287vsxWa92ZzAf4Hva6mMSSE5qc9GsoRRsyFmqSdVGI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dbceefb3159af7667301fe07bdaea6312484e6a73d1aca1146cc859aa49d5462 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 14:41:18 GMT content-encoding br x-content-type-options nosniff age 22657 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13808 x-xss-protection 0 last-modified Mon, 04 Apr 2022 12:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 12 Apr 2023 14:41:18 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 6A20	42 B 64 B	58ms 58ms	Fetch image/gif	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstw_bJAVF6TVAMojUVT1odn55Ujo49W2jqz33ljAqdmSVurPEounqY0rM-AVyHrWZf2tdXInRa0B22pa2kVuPEX3nkzxCXqgIXGbsmz0I0hEjRFk2Znbg&sai=AMfl-YTkj5XyQfhkMs9blVtb5sHKNxmgZK-MonvSg0pXOKpLaEM0GBqJHJ7SdWnj3YW1PyMBltz9v7Se_XejgYlbGc0OE2Y25jQJmU9HO4N516aC1uK67y5G_U1G2bIDosA&sig=Cg0ArKJSzLwKGCvEqrBXEAE&cid=CAASJ-RoO9n3OorZyT-nY7YytV-6BLJlpsNdsUraJ3vTel8Kqqtgf_VEIQ&id=lidar2&mcvt=1000&p=165,235,255,963&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220411&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2661619351&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649797134281&rpt=526&isd=0&lsd=0&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:55 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 9860	0 9 B	31ms 31ms	Image text/plain	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?BZ9z7A Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:55 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	55ms 55ms	Image image/gif	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022040701&jk=3693338721605987&bg=!iYqlis7NAAZAkm7qYJI7ACkAdvg8Wp_b7k8JzlcAcYUrMnOYUdNd7xmgwHQp5ox2FfjlWPe8N0fbLQIAAABHUgAAAANoAQeZAqrJYVv89s4oqnT9bCP4WQWv5iy6JXQmuia_bCnaulzB9FiJff86XksMVQiC-DUwcik-4o0kG9f6lNIgp4C0DX2vzV6QoifXjx5Gvk0gG-UDosoYqoOmHZGt3VKVMs-Q9K9sWMV20pQe0LIT4xpRueC5Imm5aTo-1rvoMOH5WseqSm2fbY0os6Q9YryGz8WoAVekPrf3kCT3iJYiemlkiRaTj-c8jCI4ezbUGTPCpo7WbTrKQlX1t8iBNJAS_6dVi-q1gvr0ypc3Me43iRqdS-qaTHrt52JUY1zJHt64GTsboltwuvKRr-kEeHDo2JMukaUIj-U9W_RxfLW9opc8CZ87_V3nOw0k5Ci87EpCh_7KbT9qdDrwAb81XfR-s6kyM9GUiWPWVZ33AMnn93zXuqjWkytqjmEx5Bchpp0SeJJzUlP_57fH3Y7gCBSbvVxMhPdiTeET_vEac8xVx8dmm1Pz2JuPs32okrYIQMcx2m4USVTE4sDPjtCVJAZhLoom8mJE0SG2ywuOQ7SKbPJtdXZD43dm3a9h2p1VrdvgNljI8kbFgpVOlRIDeqWqa7ioYi7YN2q_8ltZ8DDGmszJRJ2n46m-tCFe07TsM5KL_zgrM0kpODKWPmjV51S66MGOjH5BnSxZCrQvr5kWzWYrN1kqLTtiAUS7ykSSPOAgwsd4A40wiRMxmy71ENsQlxqRYf56hK7OyjZV_SPCm4yH7DmSvikFym897475EDu_dZQj1yoiMoHceTcIB5vaKibOTXEoMQTKljWk20iM8bcqFVV-Az2lF2cRKCf942saLljGP9_HWnA_E37KzgIBGaVihfHUCcWpSJtuQUtZBrk17BnCHB5_PR3vs1AABmRa1oiFXrbChN5oiPv1796eyW0tdmLS3AbvUFBreWGd Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 6A20	43 B 215 B	99ms 98ms	Image image/gif	35.168.40.235 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1005663&asId=8ce3a67a-1304-389f-db8f-070df891bc1c&tv=%7Bc:9BG1KZ,pingTime:1,time:1669,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:581%7D,%7Bpiv:0,vs:o,r:l,t:625%7D,%7Bpiv:100,vs:i,r:,t:668%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:668,n:625,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:581,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B54~1,0~0%5D,as:%5B54~728.90%5D%7D%7D,%7Bsl:o,t:625,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B43~0%5D,as:%5B43~728.90%5D%7D%7D,%7Bsl:i,t:668,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:116,fm:t2PiE6c+11%7C12%7C13%7C14%7C15%7C16%7C17*.1005663-62077108%7C171%7C172%7C18%7C191%7C1921%7C1931%7C1a%7C1b%7C1c%7C1d1%7C1d21%7C1d3%7C1e%7C1f%7C1g1,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.168.40.235 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-168-40-235.compute-1.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:56 GMT x-server-name dt02.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H2	200	dt dt.adsafeprotected.com/ Frame 6A20	43 B 215 B	99ms 99ms	Image image/gif	35.168.40.235 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1005663&asId=8ce3a67a-1304-389f-db8f-070df891bc1c&tv=%7Bc:9BG1L0,pingTime:1,time:1670,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:581%7D,%7Bpiv:0,vs:o,r:l,t:625%7D,%7Bpiv:100,vs:i,r:,t:668%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:668,n:625,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:581,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B54~1,0~0%5D,as:%5B54~728.90%5D%7D%7D,%7Bsl:o,t:625,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B43~0%5D,as:%5B43~728.90%5D%7D%7D,%7Bsl:i,t:668,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:116,fm:t2PiE6c+11%7C12%7C13%7C14%7C15%7C16%7C17*.1005663-62077108%7C171%7C172%7C18%7C191%7C1921%7C1931%7C1a%7C1b%7C1c%7C1d1%7C1d21%7C1d3%7C1e%7C1f%7C1g1,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.168.40.235 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-168-40-235.compute-1.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:58:56 GMT x-server-name dt05.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	41ms 41ms	Script application/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=scriptpastebin.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Apr 2022 20:58:59 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	29ms 29ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=scriptpastebin.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Apr 2022 20:58:59 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	119 KB 32 KB	503ms 503ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3693338721605987&correlator=251960035278002&eid=31065713%2C31065659%2C44755509&output=ldjh&gdfp_req=1&vrg=2022040701&ptt=17&impl=fifs&iu_parts=162717810%3A22714479765%2Cscriptpastebin.com%2Cinterstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=8&adks=1498239395&sfv=1-0-38&ecs=20220412&ists=1&fas=8&fsapi=false&prev_scp=env%3Dprod%26site%3Dscriptpastebin.com%26referrer%3D-%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fscriptpastebin.com%252F1900%252F%26utm_campaign%3D-%26utm_source%3D-%26utm_medium%3D-%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D62%26protag_minutes%3D58%26protag_hours%3D20%26protag_day%3D2%26protag_interstitial%3Dinterstitial%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-interstitial&sc=1&cookie=ID%3D0803afc836e54fae%3AT%3D1649797133%3AS%3DALNI_MZ7Lk0OhEbc8lpcMAJqS6zVCUbVcQ&abxe=1&dt=1649797139265&lmt=1649772465&dlt=1649797132044&idt=896&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fscriptpastebin.com%2F1900%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AGkb-H9CjyoAPzsCTj3UjG943ku7BXwUrB8blXPj4AzfibvVkoT2EGjzZwBcd_y8iwAgwSTJmbEOAGByZSVySHfUiFbptQ%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1764676294.1649797133&ga_sid=1649797133&ga_hid=1915100491&ga_fc=true&btvi=-1&a3p=EhgKCnB1YmNpZC5vcmcY2e_J_IEwRQAAAAASlgIKDmVzcC5jcml0ZW8uY29tEvcBTFFiemsxOUhOVXQ1UldKamJVUk1XSHBaVFdKQlQycHVlazlQYmt0MlNGVnFNelIzVEZkTGQyeFNTR1YzUjNWbUpUSkNUbUl5UzFwNlpEUnJWVU5IU2taUllqVTVjbHBMZG5SdlZVOVpkVmN3TWxsTWNFZEVZM0pKVUdGSWJYbEZNMm8wTjBjelEwbFZSRkZ6TjFOUVZFUkRjalIwUlVFeWJXZE9SMHhIWkZCT0pUSkdaR1I0UmtSeFdrRnlTSFp5YkdOTlRtMWhaMlZ1VVdNMk5UWkVPV3B1U1ZGb1EyUkhTM2RsU0ZBeEpUSkNRbWh5Um04bE0wURiP8Mn8gTBFAAAAABJBCgVvcGVueBIsZXlKcElqb2lRbFphU0cxRmJFcFJTR2t2VFROaWRXMUlSVVJvVVQwOUluMD0Yxe3J_IEwRQAAAAA.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 7404f3073e3a02173c9d2ff40e31ce85e927a51ac144cebb6561a115489c135b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:59 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32903 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://scriptpastebin.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pubads_impl_page_level_ads_2022040701.js Show response securepubads.g.doubleclick.net/gpt/	35 KB 13 KB	31ms 31ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022040701.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software sffe / Resource Hash e695b86d7908469ff205559b0016c2cf52fabca49f1a436155502ce7b295cbe5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://scriptpastebin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 07 Apr 2022 10:39:56 GMT content-encoding gzip x-content-type-options nosniff age 469143 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13269 x-xss-protection 0 last-modified Thu, 07 Apr 2022 08:34:53 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 07 Apr 2023 10:39:56 GMT
GET H3	200	container.html Show response c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6639	6 KB 3 KB	21ms 21ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://scriptpastebin.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes age 6 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 12 Apr 2022 20:58:53 GMT expires Wed, 12 Apr 2023 20:58:53 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	css2 fonts.googleapis.com/ Frame 6639	4 KB 1 KB	78ms 29ms	Stylesheet text/css	2a00:1450:4001:811::200a
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a -, , ASN (), Reverse DNS Software ESF / Resource Hash ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 12 Apr 2022 20:14:41 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 12 Apr 2022 20:58:59 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 12 Apr 2022 20:58:59 GMT
GET H2	200	css fonts.googleapis.com/ Frame B870	8 KB 965 B	67ms 29ms	Stylesheet text/css	2a00:1450:4001:811::200a
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a -, , ASN (), Reverse DNS Software ESF / Resource Hash 1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 12 Apr 2022 20:10:59 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 12 Apr 2022 20:58:59 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 12 Apr 2022 20:58:59 GMT
GET H3	200	load_preloaded_resource_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame B870	2 KB 904 B	31ms 31ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/load_preloaded_resource_fy2019.js Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:48:25 GMT content-encoding gzip x-content-type-options nosniff age 634 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 877 x-xss-protection 0 server cafe etag 13035868154101442325 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Apr 2022 20:48:25 GMT
GET H3	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame B870	19 KB 8 KB	31ms 31ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite_fy2019.js Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:55:55 GMT content-encoding gzip x-content-type-options nosniff age 184 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8000 x-xss-protection 0 server cafe etag 3330746967810570135 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Apr 2022 20:55:55 GMT
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame B870	3 KB 1 KB	31ms 31ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:55:19 GMT content-encoding gzip x-content-type-options nosniff age 220 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Apr 2022 20:55:19 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame B870	119 KB 36 KB	67ms 39ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:59 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36908 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1649677559247379" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 12 Apr 2022 20:58:59 GMT
GET H3	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame B870	15 KB 6 KB	32ms 31ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:54:50 GMT content-encoding gzip x-content-type-options nosniff age 249 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6409 x-xss-protection 0 server cafe etag 15284592792851369840 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Apr 2022 20:54:50 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame B870	0 0	30ms 29ms	Image text/html	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaT9oJJTbqjzC1DgItP9lj2E1htXF5AVXxN2ELQ4bS_IDjHTzHs3Hn3InIZ8JRFbvwKotcXVpA8TCvCyxIGOvHfXauXZxg Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers
GET H3	200	63f6484ee989c3eda25e621c99817b87.js Show response www.gstatic.com/mysidia/ Frame B870	29 KB 12 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/63f6484ee989c3eda25e621c99817b87.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7a720f8796831a3b027a81207b8a12aa740a58873e0eb6680c72b8ca90483cd2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 13:53:23 GMT content-encoding gzip x-content-type-options nosniff age 25536 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11974 x-xss-protection 0 last-modified Tue, 05 Apr 2022 23:59:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Mon, 11 Jul 2022 13:53:23 GMT
GET H3	200	interstitial_ad_frame_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220406/r20110914/elements/html/ Frame 6639	19 KB 8 KB	33ms 33ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/elements/html/interstitial_ad_frame_fy2019.js Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1028dcd47e9f60f8efc41d203e597cba9e2d18649729482a997d649573c24ac3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 19:48:01 GMT content-encoding gzip x-content-type-options nosniff age 4258 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8273 x-xss-protection 0 server cafe etag 12922110104593084955 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Apr 2022 19:48:01 GMT
GET H3	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 6639	205 B 229 B	21ms 21ms	Image image/png	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:38:19 GMT x-content-type-options nosniff age 1240 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 205 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 12 Apr 2023 20:38:19 GMT
GET H3	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 6639	604 B 628 B	21ms 21ms	Image image/png	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:20:40 GMT x-content-type-options nosniff age 2299 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 604 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 12 Apr 2023 20:20:40 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 8DA7	143 B 163 B	22ms 21ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 3044 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 date Tue, 12 Apr 2022 20:08:15 GMT server cafe x-content-type-options nosniff x-xss-protection 0
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 97CD	1 KB 749 B	20ms 20ms	Document text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 27167 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=86400 content-encoding gzip content-length 724 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 12 Apr 2022 13:26:12 GMT etag 48472445140208031 expires Wed, 13 Apr 2022 13:26:12 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET		img sync.mathtag.com/sync/ Frame 97CD	0 0
GET H2	200	i.match s.tribalfusion.com/z/ Frame 97CD Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESEEyHycx3me6UMNuw9q8UPzg&google_cver=1&google_push=AYg5qPKfKnAI4yuEjxA-PSRyCbEsCcm3mQCsxg0DE-5Ak_qJBKdGZMx3xrda8GM0putP5IO1M7Pqkx26YnMclxOUM0_ar9HfKTpf&... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEyHycx3me6UMNuw9q8UPzg&google_cver=1&google_push=AYg5qPKfKnAI4yuEjxA-PSRyCbEsCcm3mQCsxg0DE-5Ak_qJBKdGZMx3xrda8GM0putP5IO1M7Pqkx26YnMclxOUM0_ar9HfKTp...	43 B 414 B	210ms 193ms	Image image/gif	2606:4700::6812:c05
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEyHycx3me6UMNuw9q8UPzg&google_cver=1&google_push=AYg5qPKfKnAI4yuEjxA-PSRyCbEsCcm3mQCsxg0DE-5Ak_qJBKdGZMx3xrda8GM0putP5IO1M7Pqkx26YnMclxOUM0_ar9HfKTpf&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKfKnAI4yuEjxA-PSRyCbEsCcm3mQCsxg0DE-5Ak_qJBKdGZMx3xrda8GM0putP5IO1M7Pqkx26YnMclxOUM0_ar9HfKTpf%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Protocol H2 Server 2606:4700::6812:c05 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language nl-NL,nl;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:59:00 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6faee21e4e629bac-FRA p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Tue, 12 Apr 2022 20:59:00 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 23278 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6faee21d0bcb9bac-FRA p3p CP="NOI DEVo TAIa OUR BUS" location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEyHycx3me6UMNuw9q8UPzg&google_cver=1&google_push=AYg5qPKfKnAI4yuEjxA-PSRyCbEsCcm3mQCsxg0DE-5Ak_qJBKdGZMx3xrda8GM0putP5IO1M7Pqkx26YnMclxOUM0_ar9HfKTpf&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKfKnAI4yuEjxA-PSRyCbEsCcm3mQCsxg0DE-5Ak_qJBKdGZMx3xrda8GM0putP5IO1M7Pqkx26YnMclxOUM0_ar9HfKTpf%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 cache-control no-cache, private content-type text/html alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	google match.adsrvr.org/track/cmf/ Frame 97CD	70 B 265 B	136ms 32ms	Image image/gif	35.71.131.137
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFbhc_Rbqithxo2QSVzSOMk&google_cver=1&google_push=AYg5qPK4BcivnpA2XWF_TIFFpj73MJ7YHmtUBjjChOWmV_34K7ARjU-i_PjHi9EZXSwC5nIxnQCdqW4JzAl6u6NXLkvYAd3UE1A Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 -, , ASN (), Reverse DNS Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:59:00 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H3	200	pixel cm.g.doubleclick.net/ Frame 97CD Redirect Chain https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGTH7VE_w2bvn37F-hZ5YWI&google_cver=1&google_push=AYg5qPIWhvtmKyFDOY4NX4j4AOYDYZrkHprgxHaHnN5OEVThwoyi1FBpzDDjNkXHeR9I3v41vlEZpZ4DW1e-GjbXTcOQ-7u... https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIWhvtmKyFDOY4NX4j4AOYDYZrkHprgxHaHnN5OEVThwoyi1FBpzDDjNkXHeR9I3v41vlEZpZ4DW1e-GjbXTcOQ-7uPtJgh&google_hm=ODcyMzQ5MzcwMjgyNzk0Mj...	170 B 188 B	42ms 42ms	Image image/png	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIWhvtmKyFDOY4NX4j4AOYDYZrkHprgxHaHnN5OEVThwoyi1FBpzDDjNkXHeR9I3v41vlEZpZ4DW1e-GjbXTcOQ-7uPtJgh&google_hm=ODcyMzQ5MzcwMjgyNzk0MjMyMQ%3D%3D Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:59:00 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Tue, 12 Apr 2022 20:59:00 GMT referrer-policy strict-origin-when-cross-origin server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=31536000 location https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIWhvtmKyFDOY4NX4j4AOYDYZrkHprgxHaHnN5OEVThwoyi1FBpzDDjNkXHeR9I3v41vlEZpZ4DW1e-GjbXTcOQ-7uPtJgh&google_hm=ODcyMzQ5MzcwMjgyNzk0MjMyMQ%3D%3D x-xss-protection 1; mode=block content-length 0 x-content-type-options nosniff
GET H3	200	pixel cm.g.doubleclick.net/ Frame 97CD Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMHslJR8VClCbKOiezkKmMo&google_cver=1&google_push=AYg5qPK8rg1FbvUBJvUo2zbpy5qQUnb7BmO-1PtE54gOuB9Gq8vddCX9GLo8DSxrqW5JB3q3TFOS0WI5... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMHslJR8VClCbKOiezkKmMo&google_cver=1&google_push=AYg5qPK8rg1FbvUBJvUo2zbpy5qQUnb7BmO-1PtE54gOuB9Gq8vddCX9GLo8DSxrqW5JB3q3TFO... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc1NTIyMzU3MDc5MjA0MDIxNQ&google_push=AYg5qPK8rg1FbvUBJvUo2zbpy5qQUnb7BmO-1PtE54gOuB9Gq8vddCX9GLo8DSxrqW5JB3q3TFOS0W...	170 B 188 B	42ms 42ms	Image image/png	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc1NTIyMzU3MDc5MjA0MDIxNQ&google_push=AYg5qPK8rg1FbvUBJvUo2zbpy5qQUnb7BmO-1PtE54gOuB9Gq8vddCX9GLo8DSxrqW5JB3q3TFOS0WI5AvP_GKz-weJcI4_T7PF8 Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:59:00 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 12 Apr 2022 20:59:00 GMT server nginx location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc1NTIyMzU3MDc5MjA0MDIxNQ&google_push=AYg5qPK8rg1FbvUBJvUo2zbpy5qQUnb7BmO-1PtE54gOuB9Gq8vddCX9GLo8DSxrqW5JB3q3TFOS0WI5AvP_GKz-weJcI4_T7PF8 access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H3	200	pixel cm.g.doubleclick.net/ Frame 97CD Redirect Chain https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEBOiUTW8tz_Sam4UUWOUx68&google_cver=1&google_push=AYg5qPL5VbbLgtUSL4qLrqNPFjaIGcv1fIHsCDierOsTWIghPV9Wpk1U_atrb_YO2KFq2aP1he01iVBbLzuGW... https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEBOiUTW8tz_Sam4UUWOUx68&google_push=AYg5qPL5VbbLgtUSL4qLrqNPFjaIGcv1fIHsCDierOsTWIghPV9Wpk1U_atrb_YO2KFq2aP1he01iVBbLzuGW... https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPL5VbbLgtUSL4qLrqNPFjaIGcv1fIHsCDierOsTWIghPV9Wpk1U_atrb_YO2KFq2aP1he01iVBbLzuGWQFn0yAB_gJe0Ys&google_hm=b0xBTjVEYnZIUEpDTWtaU...	170 B 188 B	43ms 43ms	Image image/png	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPL5VbbLgtUSL4qLrqNPFjaIGcv1fIHsCDierOsTWIghPV9Wpk1U_atrb_YO2KFq2aP1he01iVBbLzuGWQFn0yAB_gJe0Ys&google_hm=b0xBTjVEYnZIUEpDTWtaUkNwb0c= Protocol H3 Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Tue, 12 Apr 2022 20:59:00 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 12 Apr 2022 20:59:00 GMT P3p CP="We do not support P3P header." Location https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPL5VbbLgtUSL4qLrqNPFjaIGcv1fIHsCDierOsTWIghPV9Wpk1U_atrb_YO2KFq2aP1he01iVBbLzuGWQFn0yAB_gJe0Ys&google_hm=b0xBTjVEYnZIUEpDTWtaUkNwb0c= Cache-Control no-cache, no-store, must-revalidate Content-Type text/html; charset=utf-8 Content-Length 235 Expires Thu, 01 Dec 1994 16:00:00 GMT
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 97CD	0 12 B	41ms 40ms	Image text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IA-clvRhzu3l3ZXbhMNyzu5yGZYdGUDR2ATn4ogShYmmhuV8WBbNLprLG6JLYUEw Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 12 Apr 2022 20:58:59 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 8DA7 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 16 B	79ms 78ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com URL: https://c511acec3c7d54f2ca5b7b4b14a74de0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 date Tue, 12 Apr 2022 20:59:00 GMT expires Tue, 12 Apr 2022 20:59:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 date Tue, 12 Apr 2022 20:58:59 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe x-content-type-options nosniff x-xss-protection 0
GET		dt dt.adsafeprotected.com/ Frame 6A20	0 0
GET		dt dt.adsafeprotected.com/ Frame 6A20	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

sync.mathtag.com

URL

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENiJ6LdrnHhhBYPHvaK40vs&google_cver=1&google_push=AYg5qPILL_bUGJdNXhuaNWBIJhmgih6GwnSoPt7NKBRRA8d-B_lvD7klUtPrGCDEYgt1SJ2o8fHRzAeapYY2lj64TmarBJa3rl9h

Domain

dt.adsafeprotected.com

URL

https://dt.adsafeprotected.com/dt?advEntityId=1005663&asId=8ce3a67a-1304-389f-db8f-070df891bc1c&tv=%7Bc:9BG2Nv,pingTime:5,time:5669,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:581%7D,%7Bpiv:0,vs:o,r:l,t:625%7D,%7Bpiv:100,vs:i,r:,t:668%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:668,n:625,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:581,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B54~1,0~0%5D,as:%5B54~728.90%5D%7D%7D,%7Bsl:o,t:625,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B43~0%5D,as:%5B43~728.90%5D%7D%7D,%7Bsl:i,t:668,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:102,fm:t2PiE6c+11%7C12%7C13%7C14%7C15%7C16%7C17*.1005663-62077108%7C171%7C172%7C18%7C191%7C1921%7C1931%7C1a%7C1b%7C1c%7C1d1%7C1d21%7C1d3%7C1e%7C1f%7C1g1,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c

Domain

dt.adsafeprotected.com

URL

https://dt.adsafeprotected.com/dt?advEntityId=1005663&asId=8ce3a67a-1304-389f-db8f-070df891bc1c&tv=%7Bc:9BG2Nw,pingTime:5,time:5670,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:581%7D,%7Bpiv:0,vs:o,r:l,t:625%7D,%7Bpiv:100,vs:i,r:,t:668%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5002,o:668,n:625,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:581,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B54~1,0~0%5D,as:%5B54~728.90%5D%7D%7D,%7Bsl:o,t:625,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B43~0%5D,as:%5B43~728.90%5D%7D%7D,%7Bsl:i,t:668,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:102,fm:t2PiE6c+11%7C12%7C13%7C14%7C15%7C16%7C17*.1005663-62077108%7C171%7C172%7C18%7C191%7C1921%7C1931%7C1a%7C1b%7C1c%7C1d1%7C1d21%7C1d3%7C1e%7C1f%7C1g1,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c