www.mpyit.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.mpyit.com/80658.html
Submission: On January 24 via manual (January 24th 2024, 5:03:57 pm UTC) from US — Scanned from NL

Summary HTTP 137 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 25 IPs in 8 countries across 23 domains to perform 137 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mpyit.com.
TLS certificate: Issued by GTS CA 1P5 on January 14th 2024. Valid for: 3 months.

This is the only time www.mpyit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	203.107.86.226 203.107.86.226	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
13	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2404:2280:1cc... 2404:2280:1cc:0:3::2a	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
2 13	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
20	2404:2280:1cc... 2404:2280:1cc:0:3::e	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2800:3f0:4002... 2800:3f0:4002:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:ff0:1234... 2a00:ff0:1234:3::10	41494 (ASOCIATIA...) (ASOCIATIA-INTERLAN InterLAN Services)
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 5	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
1	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 2	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
137	25

27 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.mpyit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
renwai.ren	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 203.107.86.226 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:2280:1cc:0:3::2a (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

www.aiviy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2404:2280:1cc:0:3::e (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

cdn.aiviysoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2800:3f0:4002:80b::2003 (Argentina)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:ff0:1234:3::10 (Romania)

ASN41494 (ASOCIATIA-INTERLAN InterLAN Services, RO)

rr5---sn-pouxga5o-vu2s.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	527 KB
20	aiviysoft.com cdn.aiviysoft.com	854 KB
18	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	151 KB
16	mpyit.com www.mpyit.com	98 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	180 KB
11	renwai.ren renwai.ren	655 KB
5	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 mts0.google.com — Cisco Umbrella Rank: 4031	30 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	5 KB
4	51.la sdk.51.la — Cisco Umbrella Rank: 71106 collect-v6.51.la — Cisco Umbrella Rank: 73269	27 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	194 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1376	451 B
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 10853	12 KB
2	aiviy.com www.aiviy.com	4 KB
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 7224	622 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 373	235 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 722	187 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 856	713 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 716	541 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	464 B
1	googlevideo.com rr5---sn-pouxga5o-vu2s.googlevideo.com — Cisco Umbrella Rank: 931372	415 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2029	253 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	84 KB
137	23

	Domain	Requested by
20	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
20	cdn.aiviysoft.com	www.mpyit.com
16	www.mpyit.com	www.mpyit.com
13	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
13	pagead2.googlesyndication.com	www.mpyit.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	renwai.ren	www.mpyit.com renwai.ren
9	www.gstatic.com	googleads.g.doubleclick.net
5	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
4	www.googleadservices.com	www.mpyit.com googleads.g.doubleclick.net
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	csi.gstatic.com	www.gstatic.com
2	fonts.gstatic.com	fonts.googleapis.com
2	hm.baidu.com	www.mpyit.com
2	collect-v6.51.la	sdk.51.la
2	www.aiviy.com	www.mpyit.com www.aiviy.com
2	sdk.51.la	www.mpyit.com renwai.ren
1	ius.ctnsnet.com	1 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	rr5---sn-pouxga5o-vu2s.googlevideo.com	googleads.g.doubleclick.net
1	mts0.google.com	googleads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.mpyit.com
137	29

This site contains links to these domains. Also see Links.

Domain
mpyit.com
renwai.ren
www.404le.com
docs.qq.com
www.aiviy.com

Subject Issuer	Validity	Valid
mpyit.com GTS CA 1P5	`2024-01-14` - `2024-04-13`	3 months	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2023-04-20` - `2024-05-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
renwai.ren GTS CA 1P5	`2023-12-08` - `2024-03-07`	3 months	crt.sh
aiviy.com Encryption Everywhere DV TLS CA - G2	`2023-10-19` - `2024-10-19`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2023-07-06` - `2024-08-06`	a year	crt.sh
cdn.aiviysoft.com Encryption Everywhere DV TLS CA - G2	`2023-09-08` - `2024-09-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.googlevideo.com GTS CA 1C3	`2024-01-16` - `2024-03-26`	2 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.sitescout.com GeoTrust TLS RSA CA G1	`2024-01-15` - `2025-02-01`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://www.mpyit.com/80658.html
Frame ID: 52BE0BC5356F931DE8681677E173D523
Requests: 56 HTTP requests in this frame

Frame: https://renwai.ren/cdn/html/shizhong/
Frame ID: 4AF4BB5CDF8D53652BD23A1E6C6076EC
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: 71AF3D04241EF2D64C0A1DD609CA6F8D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2668681575267517&output=html&adk=1812271804&adf=3025194257&lmt=1706115831&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.mpyit.com%2F80658.html&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706115831081&bpp=2&bdt=2204&idt=289&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7179723328677&frm=20&pv=2&ga_vid=557937139.1706115831&ga_sid=1706115831&ga_hid=2106798743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080589%2C95320377%2C95320890%2C95321627%2C95322163&oid=2&pvsid=1337645844093410&tmod=199813434&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=301
Frame ID: BF241D6C133CB689A9263229A4B47900
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2668681575267517&output=html&h=280&adk=4144480424&adf=1704617392&pi=t.aa~a.966808166~rp.4&daaos=1706043846423~1706043846423&w=1200&fwrn=4&fwrnh=100&lmt=1706115832&rafmt=1&to=qs&pwprc=3502903349&format=1200x280&url=https%3A%2F%2Fwww.mpyit.com%2F80658.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706115832266&bpp=2&bdt=3389&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7179723328677&frm=20&pv=1&ga_vid=557937139.1706115831&ga_sid=1706115831&ga_hid=2106798743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080589%2C95320377%2C95320890%2C95321627%2C95322163&oid=2&pvsid=1337645844093410&tmod=199813434&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=7
Frame ID: B2132E74A6B570748496FDC02418F06E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2668681575267517&output=html&h=240&adk=923897621&adf=2151592350&pi=t.aa~a.4238640646~rp.4&daaos=1706043846423~1706043846423&w=270&fwrn=4&fwrnh=100&lmt=1706115832&rafmt=1&to=qs&pwprc=3502903349&format=270x240&url=https%3A%2F%2Fwww.mpyit.com%2F80658.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706115832266&bpp=1&bdt=3389&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7179723328677&frm=20&pv=1&ga_vid=557937139.1706115831&ga_sid=1706115831&ga_hid=2106798743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1170&ady=1219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080589%2C95320377%2C95320890%2C95321627%2C95322163&oid=2&pvsid=1337645844093410&tmod=199813434&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=11
Frame ID: 24E9AA214182D97A6DF07EA521214241
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2668681575267517&output=html&h=60&adk=2499841291&adf=54630664&pi=t.aa~a.1182920990~rp.3&daaos=1706043846423~1706043846423&w=1200&fwrn=4&fwrnh=100&lmt=1706115832&rafmt=1&to=qs&pwprc=3502903349&format=1200x60&url=https%3A%2F%2Fwww.mpyit.com%2F80658.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706115832266&bpp=1&bdt=3389&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C270x240&nras=4&correlator=7179723328677&frm=20&pv=1&ga_vid=557937139.1706115831&ga_sid=1706115831&ga_hid=2106798743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2030&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080589%2C95320377%2C95320890%2C95321627%2C95322163&oid=2&pvsid=1337645844093410&tmod=199813434&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13
Frame ID: 793BAA4E865F979F482C4F94B2CB806C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 34EDA836CD322114D9A2B2CE89CB9E0B
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: AEE12C982C355E463A0A076CB80AE3B0
Requests: 15 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 411703FB5FAD59D959A547158F68DDA1
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5E03059DBC4D683090ADAB0C2A968848
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 595C89DBEFB9C6B8E5935AD362836F99
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: E6CA1082C4D88C8F7C4C6E637D04DF81
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: 3916BAAB76C6ABAB3F63EBB80FD39F90
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EE014B450A65208D42E076C418E8AA8B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: A03010215586F92B41953987C323940C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1CB94CF1BF3B112F72888F59303269EF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9CB03C283D68BC9D9FE903AAAC075F62
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

fch1993 WinServer 2022 20349.2159 原版 5合1 - 殁漂遥

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

137
Requests

96 %
HTTPS

63 %
IPv6

23
Domains

29
Subdomains

25
IPs

8
Countries

3237 kB
Transfer

5873 kB
Size

21
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://mpyit.com/?s=%E5%BE%AE%E8%BD%AF%E5%8E%9F%E7%89%88
Title: 微软原版

Search URL Search Domain Scan URL

URL: https://renwai.ren/cdn/html/change/
Title: 转换

Search URL Search Domain Scan URL

URL: http://www.404le.com/
Title: 导航

Search URL Search Domain Scan URL

URL: https://mpyit.com/feed

Search URL Search Domain Scan URL

URL: https://docs.qq.com/doc/DVVJWVExsdWllUXRv
Title: 点此获取暗号

Search URL Search Domain Scan URL

URL: https://www.aiviy.com/item/gucci2021?pid=5&uap=0

Search URL Search Domain Scan URL

URL: https://www.aiviy.com/item/avast-ultimate?pid=5&uap=0

Search URL Search Domain Scan URL

URL: https://www.aiviy.com/item/acrobat-pro?pid=5&uap=0

Search URL Search Domain Scan URL

URL: https://www.aiviy.com/item/microsoft365?pid=5&uap=0

Search URL Search Domain Scan URL

URL: https://www.aiviy.com/item/iobit-uninstaller?pid=5&uap=0

Search URL Search Domain Scan URL

URL: https://www.aiviy.com/item/advanced-systemcare?pid=5&uap=0

Search URL Search Domain Scan URL

URL: https://www.aiviy.com/item/avg-pc-tuneup?pid=5&uap=0

Search URL Search Domain Scan URL

URL: https://www.aiviy.com/item/baimiao?pid=5&uap=0

Search URL Search Domain Scan URL

URL: https://www.aiviy.com/item/office-home-and-student-2021?pid=5&uap=0

Search URL Search Domain Scan URL

URL: https://www.aiviy.com/item/office-home-and-student-2019?pid=5&uap=0

Search URL Search Domain Scan URL

URL: https://www.aiviy.com/item/itop-screen-recorder?pid=5&uap=0

Search URL Search Domain Scan URL

URL: https://www.aiviy.com/item/youxiaorili?pid=5&uap=0

Search URL Search Domain Scan URL

URL: https://www.aiviy.com/item/ccleaner-professional?pid=5&uap=0

Search URL Search Domain Scan URL

URL: https://www.aiviy.com/item/xmind-zen?pid=5&uap=0

Search URL Search Domain Scan URL

URL: https://www.aiviy.com/item/internet-download-manager?pid=5&uap=0

Search URL Search Domain Scan URL

URL: https://www.aiviy.com/item/sketch?pid=5&uap=0

Search URL Search Domain Scan URL

URL: https://www.aiviy.com/item/scrivener?pid=5&uap=0

Search URL Search Domain Scan URL

URL: https://www.aiviy.com/item/cfosspeed?pid=5&uap=0

Search URL Search Domain Scan URL

URL: https://www.aiviy.com/item/alfred-powerpack?pid=5&uap=0

Search URL Search Domain Scan URL

URL: https://www.aiviy.com/item/setapp?pid=5&uap=0

Search URL Search Domain Scan URL

URL: https://docs.qq.com/doc/DVUZJUHhiaXlESFdL
Title: 注册帐号

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 91

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 108

https://googleads.g.doubleclick.net/pagead/adview?ai=CttZZ90KxZbbSHe6otOUPgZ2jsAqP3YbLbp29wu2-D6uU9P0IEAEg6qT4EmCRhKCFjBigAY3s5NkCyAEBqQL-ZQlZAu-oPqgDAcgDywSqBNcBT9Bh1l5r0zk_8HZ60LlaLJJOKA5aog9G-fpoxSZAMVUhODzFm8zTJO3LDIBQGTmcV9e1oFLfBdqN8fFZjSK2MUvrJjn6J5-xjgU3qfm96lb-v-QCIbOs-BbOXzYxzxmb_2PIlpgRObqaip1jCoawtyUrCxzn3YB5bw0GGvyRwipFzyLRW2tQ_2BBdJIHnUbGOPyxTK9-HL8HR4ZD_1s5zEoSodgllKxWNQBO82bdehPlDrtWiXMnQ7SdBAfjsdap7a8UYYSri2XJotDSIPeX6ayjM8umMQHABJPvlJiJBIgF16LpvD2SBQQIBBgBkgUECAUYBIAH25ObpgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDzpgbSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WJe-zuDA9oMDmgliaHR0cHM6Ly9wY2hlbHBzb2Z0LmNvbS9zdGF0aWMvbHAvZHJpdmVyLXVwZGF0ZXIvbmwvTFAxOS5waHA_Y2FtcGFpZ25pZD1BRFdPUkRTJmZpbHRlcj0xMzk5MDU1NDYxMzGACgHICwHYEw2IFArQFQGAFwGyFxwKGggAEhRwdWItMjY2ODY4MTU3NTI2NzUxNxgA&sigh=B6EgC2MNBPk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_B34XjOW7ogT9YEU5BYwKrvfn9IV_EkGJf_u1a861UeNZ78QL7OQkYiIrxvVS1JR3VKsK_QhyQBY2WIrvK0K6uINi2HYN-6lFGxgB&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217858907529133291574%22,%22debug_reporting%22:true,%22destination%22:%22https://pchelpsoft.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22725169677%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224665062027826550897%22}&andc=true

Request Chain 115

https://googleads.g.doubleclick.net/pagead/adview?ai=CuCDF-EKxZeujF_bWtOUPvKm88A3KqsnwdI3ZwcHvEeiqtpWLAxABIOqk-BJgkYSghYwYoAHWu6bEA8gBCakCDutgMqdIsj6oAwHIA8sEqgTWAU_QvPG9aKn0H2ZwGxq_I2Fiuj5GrRemNZChiqp_atXj5pOKMZoP5x002htBt-M6_RBzd8ww7xafWL6mWJv_T9nXWTkAdZbxndDvb1y0ot46MwHBDfZNDnUV2hoqo9I32HpMm9mJYmj33a7mDC2R1cXT13j8YxFTMgsJJZsJNVQHZ5Tw53LoW5xHH-2Eo574OMw6HgVXUp2lXEvqEIgfb3jE59E6_HoV-qBxlS7nQNctvPe0_cp_C6yUzzrXdEeSM14iI5FFKmSYm0RzW-CnbkQeuIQbz3nABKSKwuHhBIgFi6usn02SBQQIBBgBkgUECAUYBKAGLoAHksTZO6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEENyyFNIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY94GF4cD2gwOaCSZodHRwczovL3d3dy5zaG9wLWdvdWR3aXNzZWxrYW50b29yLm5sL4AKAcgLAZgM-fzzzL8EuBOhBNgTDtAVAYAXAbIXHAoaCAASFHB1Yi0yNjY4NjgxNTc1MjY3NTE3GAA&sigh=vsLqNQOSjb8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_EbaIXTEmDV4Qp4Pk-8iqHViR5VDKfH2MkRNPXcnIZGVZxMJysS8yPIVm0__cIdEM8zbmo8DWGAE&template_id=545&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224024462248917992879%22,%22debug_reporting%22:true,%22destination%22:%22https://shop-goudwisselkantoor.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22948542934%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216473409617906532081%22}&andc=true

Request Chain 117

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFEfOKpoYM47xEZWRGDYApo&google_cver=1&google_push=AXcoOmT9XUrwS8yjTVAyPDvF-tK7VSVGxRe-dxVoY7J4DsEuTNPOv96RFpSwk4uGpO2SucO0HL4CbqRyrpoitzdKZd-Yapvj1P1VJmk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFEfOKpoYM47xEZWRGDYApo&google_push=AXcoOmT9XUrwS8yjTVAyPDvF-tK7VSVGxRe-dxVoY7J4DsEuTNPOv96RFpSwk4uGpO2SucO0HL4CbqRyrpoitzdKZd-Yapvj1P1VJmk

Request Chain 118

https://um.simpli.fi/gp_match?google_gid=CAESEIbhHSAJW5M8U74YozNbVmw&google_cver=1&google_push=AXcoOmTpxd26WkUOD-aAIql61YG70M3GYKEba7_riSXJh033_mED34yY9n9jd99ceM7m0qZxSsWVg5Vb_xpcQ-e8uyXgLClHXxjI__Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6C8B9360331242E4952CF7A598830C51&google_push=AXcoOmTpxd26WkUOD-aAIql61YG70M3GYKEba7_riSXJh033_mED34yY9n9jd99ceM7m0qZxSsWVg5Vb_xpcQ-e8uyXgLClHXxjI__Q

Request Chain 121

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESECcBfaexQXU_hlauO2bQja8&google_cver=1&google_push=AXcoOmQc5PDq-QMCS0tNZD5gC78XPaN-fuv--e8vAgBzp5B0CD7NwMag7GVEYLpd10mSA9aiASRfZw8Q-Rj_ol0trV2NTqP7H5xmosM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQc5PDq-QMCS0tNZD5gC78XPaN-fuv--e8vAgBzp5B0CD7NwMag7GVEYLpd10mSA9aiASRfZw8Q-Rj_ol0trV2NTqP7H5xmosM&google_hm=9LyPECZlQymqJR-GKUrQsUo

Request Chain 122

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEElj6n9q1hmTdsxE5JCeAzg&google_cver=1&google_push=AXcoOmQ_ZOIdiBuH5dITe4nc3p8H5KCPiIZ81CmWud5ol7u7u2Vauw9LeRVAq7yxyIniEEq_hoq1uIwwPWQEEQ93_w167Ijfp7jmhGJY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQ_ZOIdiBuH5dITe4nc3p8H5KCPiIZ81CmWud5ol7u7u2Vauw9LeRVAq7yxyIniEEq_hoq1uIwwPWQEEQ93_w167Ijfp7jmhGJY HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

137 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 80658.html Show response
www.mpyit.com/ 38 KB
11 KB 1491ms
1431ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mpyit.com/80658.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f7d08ef59f3aa88f1ab542729a3f8d74d8e034288a4a51c31993e4df09ad7f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84a9da119f5166d6-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 24 Jan 2024 17:03:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CibEI%2BFU8caDJFnokpLJwkp%2FoPF1ZGai4CRiJaa4lz5jyqouJm0UH4J77A9iFoauhe44n4IHQxmJyVRpi67AQz4PmCargUamquipT73fV02lklCePu385c5PbkjDiJmgaqqAdthwLn0qoJPG"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-frame-options: DENY

GET
H2 200 style.css
www.mpyit.com/wp-content/themes/1/ 19 KB
5 KB 29ms
27ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mpyit.com/wp-content/themes/1/style.css

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0de9ff1364a2b0296b996e0290f196e75861fb1c6ddac2d2fad9adbc258f8738

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.mpyit.com/80658.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:48 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33600
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 13 Jan 2024 04:31:12 GMT
server: cloudflare
etag: W/"65a21210-4b06"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHvmBgjA5m8BBitGu%2Bb1cM9VmsVwsczWo%2FtgjXjfMYc70PHxn7JX5JipsdftIaliIIgUFaxYLrLHb%2FAhXIF6kb13dFF3Vo05QoKxt4Q%2BGSaplNzQRJcx4Y1lznVWMwxZnfjM3%2BOgDpEt9spd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 84a9da1a8c4066d6-AMS
expires: Wed, 24 Jan 2024 19:43:48 GMT

GET
H2 200 css.css
www.mpyit.com/wp-content/themes/1/css/ 15 KB
4 KB 29ms
28ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mpyit.com/wp-content/themes/1/css/css.css

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54c476e7db7635e6b4889a44d17954ca35d842f8da5075fcf7f2c6dd0442d120

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.mpyit.com/80658.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:48 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33600
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 24 Oct 2023 02:35:36 GMT
server: cloudflare
etag: W/"65372d78-3bcd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FJFGwS%2F1MggqXI6nn5nIJS2CW4ON1W%2FyLP%2BLbRl6OCTyADP7zTGECldCFc4s4ZxKttLMVdwH7JJoTrM0vyX%2FI28Jdfg2OL0grdoH62Z31pAbJmJdYSjr4DhfiB4RQREIvo7YEEzU1eE%2BEgM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 84a9da1a8c4466d6-AMS
expires: Wed, 24 Jan 2024 19:43:48 GMT

GET
H2 200 highlight.css
www.mpyit.com/wp-content/themes/1/css/ 6 KB
2 KB 48ms
47ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mpyit.com/wp-content/themes/1/css/highlight.css

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47a037ee332caa1d16283f64180b0a82e3b851e66aa4bee77885aa492e655427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.mpyit.com/80658.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:48 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33600
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Jul 2020 06:45:10 GMT
server: cloudflare
etag: W/"5f056b76-175e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vcrYk8rCRMBuZjt3JD7JMmSD6dseiKRVsEzWJ6%2FSyfKAOggzvK0YWMIng7lQOMMlPIJdTU%2BSo0Yj0gLGqewwRflFdlzXwgCgiheM%2BTA%2B%2BLlKdLHHKmDSsTzQ0W6aaMy%2FFN4eUbSzrcKbPEo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 84a9da1a8c4766d6-AMS
expires: Wed, 24 Jan 2024 19:43:48 GMT

GET
H2 200 img.css
www.mpyit.com/wp-content/themes/1/css/ 2 KB
1004 B 30ms
29ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mpyit.com/wp-content/themes/1/css/img.css

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f68ebf039b669fd6e2b4c2af31f5741284a1c97c32e7a7ae6cbf67961aff2e2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.mpyit.com/80658.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:48 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33600
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Jul 2020 06:45:10 GMT
server: cloudflare
etag: W/"5f056b76-8c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFIyfyfVJdRfIWNJOxvb6OyanzFvEkbvu4tW%2B5vYDYvC35dI0h1d7GfvypAJMtZipAg7fSVnakQFJjmWxuU0FxSJgG2nDbL2yChruSNLBNTk%2FEeft2%2F95T22cR0E7XxO8OrdxPExDrYa7x6W"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 84a9da1a8c4a66d6-AMS
expires: Wed, 24 Jan 2024 19:43:48 GMT

GET
H2 200 jquery.min.js Show response
www.mpyit.com/wp-content/themes/1/js/ 87 KB
32 KB 32ms
31ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mpyit.com/wp-content/themes/1/js/jquery.min.js

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.mpyit.com/80658.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:48 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29415
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 16 Feb 2022 14:32:04 GMT
server: cloudflare
etag: W/"620d0ae4-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXgHxA3sQ1Q%2FefAAGsWjAoRo1HxD3Ov8wkJ0Fvj183qx0POs15mhTu1aW1GzS17xzQ%2FDwnerCOXPRqyhQ%2BMUCWSagWUGvX0MnpRt4wot6ObpJMt4ieENLJFZV%2FG4%2FMIkbMDoRUHdLUvEwOhJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 84a9da1a8c4c66d6-AMS
expires: Wed, 24 Jan 2024 20:53:32 GMT

GET
H2 200 comments-ajax.js Show response
www.mpyit.com/wp-content/themes/1/ 6 KB
3 KB 34ms
33ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mpyit.com/wp-content/themes/1/comments-ajax.js

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d41126a7cd825e8adf7e0fd5e629e21e7876619abfddafc7542b13f0fbbb4cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.mpyit.com/80658.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:48 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29415
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 16 Feb 2022 14:44:58 GMT
server: cloudflare
etag: W/"620d0dea-17d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvfyEWl9%2F%2BL0YQglWtEuUE3%2F4vyhG8sJligAQPSAB6je21FAyPCHpxaramKEikrP1XvtOLqWQy5Y%2BPnRcA44lGgCfqswTRswOib6npIscFJa%2FR6S5nYeoZFd0uoxMEIDTEhvYXb0gAXRulGy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 84a9da1a8c4e66d6-AMS
expires: Wed, 24 Jan 2024 20:53:33 GMT

GET
H2 200 reply.js Show response
www.mpyit.com/wp-content/themes/1/js/ 405 B
553 B 36ms
35ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mpyit.com/wp-content/themes/1/js/reply.js

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32f126ce270fc599b4514d8b9af2e7c84cab9a7ed987383fae861ead2ad62e78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.mpyit.com/80658.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:48 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29415
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 16 Feb 2022 14:45:18 GMT
server: cloudflare
etag: W/"620d0dfe-195"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5HBB6uHh005OWaV7w8rDWBaTqdKLrer2SylURquq3yGhxaoquO%2FYrBewFXPhOfBKBMuCLiAfexvWNosZpDtREPnew2g0GOPxe5lqmYWpuY8f7hcIVqmuG86CaH8s%2BYUmTcVs%2Fn46O4x62Bk4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 84a9da1a8c5166d6-AMS
expires: Wed, 24 Jan 2024 20:53:33 GMT

GET
H2 200 custom.js Show response
www.mpyit.com/wp-content/themes/1/js/ 8 KB
3 KB 37ms
36ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mpyit.com/wp-content/themes/1/js/custom.js

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

864770005b5fb2229ec8da11c21d7844127caea1a7c0df920f3e031ae32150f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.mpyit.com/80658.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:48 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33600
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Mar 2022 02:04:16 GMT
server: cloudflare
etag: W/"621d7f20-20b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjqjfC75FmeRHGhv8yLd%2Fe7X7u1dp%2FytMmD7ah4luUoZgm8ayiNrlzE9h3vVoTjs2uygUQ3CuYgYHEGZpXrNZNHNuhXEm%2FUGB2awmMUcP520FYexANN9j4ek6HUCUpg21Ik%2BWTb5Rj6SCB%2BP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 84a9da1a8c5266d6-AMS
expires: Wed, 24 Jan 2024 19:43:48 GMT

GET
H2 200 superfish.js Show response
www.mpyit.com/wp-content/themes/1/js/ 8 KB
3 KB 45ms
44ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mpyit.com/wp-content/themes/1/js/superfish.js

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f13e3386451acd1af1091040cfc895fe6b1509f80a2950b5de27bbf5e26c78c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.mpyit.com/80658.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:48 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33600
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Jul 2020 06:51:22 GMT
server: cloudflare
etag: W/"5f056cea-1ed9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AtsGB8oLBVxvxAFkzLlOkLZlkgdlYImaB5WUlvx84OIK20adR4l4JS%2BZQUl1iO%2BAIDPltuiI48E8mWT0S1P2%2Fjwgkz9vLC7zO2V5%2BKm5SqUvGqM6ho9T00FyURSB%2B8MCWRNeEGBgj0mw7gIV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 84a9da1aac6c66d6-AMS
expires: Wed, 24 Jan 2024 19:43:48 GMT

GET
H2 200 lazyload.js Show response
www.mpyit.com/wp-content/themes/1/js/ 2 KB
1 KB 46ms
46ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mpyit.com/wp-content/themes/1/js/lazyload.js

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7263570d31d828f651add5588196fc80bcb39f568cc13ac618be31aa0c42babd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.mpyit.com/80658.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:48 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33600
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Jul 2020 06:51:18 GMT
server: cloudflare
etag: W/"5f056ce6-6ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hM1j1qMOxOD3h9c9rFdbyZUJ5f8v1rsWdNwk8HRlax%2Fhw7N9xpjVTQztzwaUHknh488b%2BjgWN%2BCqBPtFIVwMaRdpZblQSCkqxMkSI%2BOAReojyjrXUi9O2uwvIVm%2BcJnWzkWxyFX3UQwjhdJk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 84a9da1aac6f66d6-AMS
expires: Wed, 24 Jan 2024 19:43:48 GMT

GET
H/1.1 200
OK js-sdk-pro.min.js Show response
sdk.51.la/ 34 KB
13 KB 2102ms
1053ms Script
text/plain 203.107.86.226
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.51.la/js-sdk-pro.min.js
Requested by: Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: openresty /
Resource Hash: c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.mpyit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 17:03:50 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 128ms
74ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2668681575267517

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4efb14505e78ebbeb0b54a20f5201ec2d674eedf0fe71cc33b395bb8850694c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mpyit.com/
Origin: https://www.mpyit.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51291
x-xss-protection: 0
server: cafe
etag: 16559533716298240295
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 24 Jan 2024 17:03:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
84 KB 107ms
52ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RVJW2803T0

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e96f47a7ff52f3ef01dcaffaffb4c04c33e66bce6e93d25d12b4d29f37179055

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.mpyit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86050
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 Jan 2024 17:03:51 GMT

GET
H2 200 erphpdown.css
www.mpyit.com/wp-content/plugins/erphpdown/static/ 48 KB
9 KB 34ms
34ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mpyit.com/wp-content/plugins/erphpdown/static/erphpdown.css?ver=17.01

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4668692ecf80535644f6a77a690771398b2c0b5afde73f0562b4253adcb612bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:48 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33600
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 18 Sep 2023 02:57:04 GMT
server: cloudflare
etag: W/"6507bc80-be5b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DnB1SZWyPSoFTzqSyTX53j5JDNsF97Zsc1TmCfMrNFvBOjS6Gjze7g5jBwNtpNOTYck5MKvzHfRuYF1N4%2Ftk6BYLnVW0BVgCHTGkmr%2Ba7EH4E0R1yNb%2BftrX9J0RuEu94IskGsby%2FOKV4M1F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 84a9da1a8c4f66d6-AMS
expires: Wed, 24 Jan 2024 19:43:48 GMT

GET
H2 200 2-black.css
www.mpyit.com/wp-content/themes/1/styles/ 4 KB
1 KB 31ms
30ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mpyit.com/wp-content/themes/1/styles/2-black.css

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df5c07696f8dd4b1f96f21dfccca8f56083353bcfa5b5aafa9ea378927ba9530

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:48 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33600
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 11 Jan 2024 06:53:20 GMT
server: cloudflare
etag: W/"659f9060-ed3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Ko%2FYmbSY2k6DZiIZX%2FzUDYMZ5eA1sqM4YZWTFhC%2FQL5UGql6f%2Fge%2FJshdRpJq7iBjDgdz6w9UtBJ876K1uX4nlmFr99pD3cbkrWGLk24wA4wid2IDecncOHTQ8BtuvhWHq6Gs5Oh4Mc7xFk"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 84a9da1a8c5066d6-AMS
expires: Wed, 24 Jan 2024 19:43:48 GMT

GET
H2 200 logo2022110901.gif
renwai.ren/cdn/img/ 2 KB
3 KB 131ms
27ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://renwai.ren/cdn/img/logo2022110901.gif

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dd6be0c325a8955b6243820fd02b6e64c48b68620eb7318cc66e6b95613ea2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:49 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 380260
alt-svc: h3=":443"; ma=86400
content-length: 2082
last-modified: Wed, 09 Nov 2022 05:42:42 GMT
server: cloudflare
etag: "636b3dd2-822"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wwodqQiv2KmDAz%2B66O4mGDUeg5sSqNrSX8cYbE9xc%2Frnl1sAsEVVhsWQfRiSGTCxmrE2dImpGL8Y3eXp1MfrPwpijQBa3c7WXH4pmhqjv5cOSy8mdNoGRegQzQsaCr6%2FxDsvkEs7jBxL"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 84a9da1b3b71b6f4-AMS
expires: Mon, 19 Feb 2024 07:26:07 GMT

GET
H2 200 go2.gif
www.mpyit.com/wp-content/themes/1/images/ 3 KB
3 KB 43ms
42ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mpyit.com/wp-content/themes/1/images/go2.gif

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2252c0e51bc10bafad8e0bf9bbfbe915342e1f941d8c6a50c428a4eb7dc06273

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:48 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2021682
alt-svc: h3=":443"; ma=86400
content-length: 3104
last-modified: Tue, 06 Dec 2022 06:47:18 GMT
server: cloudflare
etag: "638ee576-c20"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYNIbpaqCwjRC%2BMj%2BFdjFl6m4%2BfK%2FSn95Z09E3doj%2BDqb%2FmAws%2B7iGsEEtlbxQUeUdfNNY8U3laHXuhmefDWmA51RCyJgQIpZ33HBl%2FRzViSkAAfFg20zLu3%2F0ke4URCcxhzJJyyegPwQcN6"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 84a9da1aac7266d6-AMS
expires: Wed, 31 Jan 2024 07:29:06 GMT

GET
H2 200 ico-windowsserver.gif
renwai.ren/cdn/pic/ 6 KB
6 KB 380ms
323ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://renwai.ren/cdn/pic/ico-windowsserver.gif

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cae6f3a8110a39ed039c32d456de2522784305840157a8e4e02442a77943b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:49 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 5890
last-modified: Fri, 12 Nov 2021 06:30:17 GMT
server: cloudflare
etag: "618e09f9-1702"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3SegvJbrQtu7l8a%2Bg8heRS4rGtBdgwkE1Avrt%2BK8IqdhxhL2wRAK7kHiWSI2ZlakcX4qAL8W8866k3pmtjVEIT5aKyVDkVQE3oQZBUXiqluRQS66ZkyxgA0%2B8W0C9g2N6X%2Fu%2BVTwUwUc"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 84a9da1b3b72b6f4-AMS
expires: Fri, 23 Feb 2024 17:03:49 GMT

GET
H2 200 union.js Show response
www.aiviy.com/assets/js/ 3 KB
2 KB 1689ms
814ms Script
application/javascript 2404:2280:1cc:0:3::2a
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aiviy.com/assets/js/union.js

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2404:2280:1cc:0:3::2a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

818af3a1106a144246de58270f398f2d2cb5361a07e965001bbbff8f44b5a881

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:50 GMT
strict-transport-security: max-age=31536000
via: cache25.l2de2[619,619,304-0,M], cache5.l2de2[621,0], ens-cache7.de5[635,782,200-0,H], ens-cache8.de5[788,0]
content-encoding: gzip
age: 0
x-swift-cachetime: 30
x-cache: HIT TCP_REFRESH_HIT dirn:13:819884429
x-swift-savetime: Wed, 24 Jan 2024 17:03:50 GMT
last-modified: Wed, 26 Oct 2022 02:12:30 GMT
server: Tengine
etag: W/"6358978e-cc0"
vary: Accept-Encoding, Accept-Encoding
ali-swift-global-savetime: 1706115830
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200
timing-allow-origin: *
eagleid: a3b55c9c17061158298972934e
expires: Thu, 25 Jan 2024 05:03:50 GMT

GET
H2 200 adwx2wm20221205.gif
renwai.ren/cdn/pic/ 72 KB
73 KB 603ms
603ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://renwai.ren/cdn/pic/adwx2wm20221205.gif

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5efc799b4e3c9f9346da66c0e2b25e0e2116fcb7596ce0c0f3102e8a3140c9bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:49 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 74110
last-modified: Mon, 05 Dec 2022 02:24:55 GMT
server: cloudflare
etag: "638d5677-1217e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYp1GtXpWxh6GAkJRsR3WDcJjUMvMoYxaAZSfoUJXhWiyz3%2FwZSoGDeLvqGSzpg1MBneWxeFqMyeITlqZIxtMhzNk7UX%2Bm4KW68WqMWP5MUH6ZQYp8mc6UHUecAKJ1Dj7q506FHShmlv"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 84a9da1d3d07b6f4-AMS
expires: Fri, 23 Feb 2024 17:03:49 GMT

GET
H3 200 favicon.ico
www.mpyit.com/ 4 KB
1 KB 463ms
463ms Image
image/x-icon 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mpyit.com/favicon.ico

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76ad6186a430c01b5a9b57eb20e52fe9fe14e9557c347f5a1fe1dde5e1e395dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:50 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 07 Dec 2018 12:13:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5c0a63d8-10be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oalfeljwK8WcfRag%2B6jTMV83j14jdfX8h%2Fehb5wd%2B%2FXFmHEUmQXUJ7zsCtW2RLUOjey5s3xlq5vNdbuNakwu%2FlTWjLfbuP39EFvIyxX%2Bs9cgBDcLWhC4EZdJUK5uPBHGAYGRqREQD%2Fsy8wy6"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=43200
cf-ray: 84a9da211bd4b8f1-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 erphpdown.js Show response
www.mpyit.com/wp-content/plugins/erphpdown/static/ 67 KB
17 KB 487ms
487ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mpyit.com/wp-content/plugins/erphpdown/static/erphpdown.js?ver=17.01

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0c4c3e994cabd9057172326553acb884eefd07e6cee7f408b8b99e8b43a39bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:50 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 16 Oct 2023 03:20:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652cac02-10aba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2Bn2hR6weOGYK3BnFphzBkY%2FCv6fPym19rKCQmD0HEJPG9d%2BmemxoneH%2BK1pPfEHzAt6szkULjY%2B5aQPunVLraYg4hfSy2AszPc6JxScvt2bYzz3Z26BB3p%2FDUgg7OSMOC99DYopN%2BsngL%2F%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 84a9da240f3ab8f1-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jan 2024 05:03:50 GMT

GET
H3 200 line.js Show response
renwai.ren/cdn/js/ 2 KB
1 KB 31ms
30ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://renwai.ren/cdn/js/line.js

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52fd320feb7d5c440f1bc75328988aa787a68f61c7661b84740519a159e8f831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:50 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18669
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 28 Apr 2019 02:36:44 GMT
server: cloudflare
etag: W/"5cc511bc-6a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bz%2Fylla9onfoObBl3ytbhzlWspsw%2Fps9MzSnUGysllADa4rrUKhpIsEZA1fGgcfCdfxafmMHyc5RXjnxbWxQptQ%2Fp0yEo8em96uy0jXnNgfC8I5TCBeNeeGPCJLNjmv5e9vHcSRZ6Mq3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 84a9da25fea9665b-AMS
expires: Wed, 24 Jan 2024 23:52:41 GMT

POST
H/1.1 200 collect Show response
collect-v6.51.la/v6/ 0
513 B 2175ms
1187ms XHR
text/plain 203.107.86.226
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.mpyit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.mpyit.com
Date: Wed, 24 Jan 2024 17:03:52 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 925ms
329ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?ccc6d1aefd3fd0efef536558cbccd5bd

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

f6023422efe469727ba8b22e3eae84ed7c35e97b69e9146f0398d653f4179567

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.mpyit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 17:03:51 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 8e573cc0e05f2694c0b48ad435c20ab0
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11269

GET
H3 200 / Show response
renwai.ren/cdn/html/shizhong/ Frame 4AF4 11 KB
3 KB 323ms
323ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://renwai.ren/cdn/html/shizhong/

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73db172db74997b152d6f8f95e6dc8455fc4f7fe0a5ea5cbbc24bbfa2fed2e9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84a9da27c9c3665b-AMS
content-encoding: br
content-type: text/html
date: Wed, 24 Jan 2024 17:03:51 GMT
last-modified: Wed, 28 Jun 2023 07:35:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1MIguMzO0dIT6ispy%2FitGI%2BoDy%2FgD2Dd2usYWObjsGLLxhNLM4LZQVx0hCyO0OSmY5fb55JWJiPhL7Ajz2hBqA%2FXsUh8zuvgEvlt4%2FrcjsmzgeYwgtxJsA3XQ3JLvX0Y9NYCFzSwynz2"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 unionAds Show response
www.aiviy.com/api/ 10 KB
2 KB 496ms
443ms Fetch
application/json 2404:2280:1cc:0:3::2a
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aiviy.com/api/unionAds?style=1&unionid=5

Requested by

Host: www.aiviy.com
URL: https://www.aiviy.com/assets/js/union.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2404:2280:1cc:0:3::2a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

46253cc1ef45cb64b5ff1e03bbf7c76495d74c99452d287ec6b1b9454305e0cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:51 GMT
via: cache18.l2nm125[268,0], ens-cache2.de5[412,0]
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Tengine
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
timing-allow-origin: *
eagleid: a3b55c9617061158310643648e

GET
H3 200 leftad.png
renwai.ren/cdn/img/ 22 KB
22 KB 26ms
26ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://renwai.ren/cdn/img/leftad.png

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/wp-content/themes/1/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15a06bd96fb0d911c829a750cd78b9ec78688a75728c01d5bf0c5a972de9932e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.mpyit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:51 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1000070
alt-svc: h3=":443"; ma=86400
content-length: 22198
last-modified: Sat, 08 Jul 2023 07:04:30 GMT
server: cloudflare
etag: "64a90a7e-56b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inHu7r5jfcI278aR70SMbHukOL6Kib29YiB6sd%2FNeuIfj59g3ucujdeiFNjz1zZWnVGi%2BmJ1OGCVKUeBIUnbh78Kaqpa%2BIQmt6bhOD%2F%2FFYBZoUsOa8L34fnNY7pTfGIW6WN2j9uV8WSD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 84a9da27c9c8665b-AMS
expires: Mon, 12 Feb 2024 03:16:01 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 403 KB
137 KB 195ms
90ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2668681575267517&plah=www.mpyit.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2668681575267517

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fb79d1d3953035b9eb999afbe575152396955430fc9c82cf0eac1c8e3a43b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139802
x-xss-protection: 0
server: cafe
etag: 2318351714126015738
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 17:03:51 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame 71AF 9 KB
5 KB 79ms
24ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2668681575267517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 7670
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 14:56:01 GMT
etag: 3890843268177463596
expires: Wed, 07 Feb 2024 14:56:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 57ms
21ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RVJW2803T0&gtm=45je41m0v869231748&_p=1706115830995&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&cid=557937139.1706115831&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706115831&sct=1&seg=0&dl=https%3A%2F%2Fwww.mpyit.com%2F80658.html&dt=fch1993%20WinServer%202022%2020349.2159%20%E5%8E%9F%E7%89%88%205%E5%90%881%20-%20%E6%AE%81%E6%BC%82%E9%81%A5&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3791
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RVJW2803T0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 17:03:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mpyit.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 disable-devtool.min.js Show response
renwai.ren/cdn/js/ Frame 4AF4 19 KB
6 KB 27ms
26ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://renwai.ren/cdn/js/disable-devtool.min.js

Requested by

Host: renwai.ren
URL: https://renwai.ren/cdn/html/shizhong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d22947c3babba615b3b6c2d3c02880cc1e405d141232e5f25b0bb63628d9d01a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://renwai.ren/cdn/html/shizhong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:51 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18667
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 10 Jul 2023 03:45:55 GMT
server: cloudflare
etag: W/"64ab7ef3-4cae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5v2Ue5mH5b8E2TuWxCC0XlJ5ad3qAnS%2Bgq1z2tWyuv%2B6ekrBEb5BAKy9qT3SkOkf6rd3DLoE08%2BgfCZ1JlPo5sY7BscIAS0tB4FcZf7mJ949sUu7jlrr6s6NDYIGWOeGdGYhHXc0rYUY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 84a9da29dd12665b-AMS
expires: Wed, 24 Jan 2024 23:52:44 GMT

GET
H/1.1 200
OK js-sdk-pro.min.js Show response
sdk.51.la/ Frame 4AF4 34 KB
13 KB 1672ms
1671ms Script
text/plain 203.107.86.226
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.51.la/js-sdk-pro.min.js
Requested by: Host: renwai.ren
URL: https://renwai.ren/cdn/html/shizhong/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: openresty /
Resource Hash: c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://renwai.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 17:03:52 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H3 200 pixi_5.3.4.min.js Show response
renwai.ren/cdn/html/shizhong/ Frame 4AF4 497 KB
120 KB 40ms
39ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://renwai.ren/cdn/html/shizhong/pixi_5.3.4.min.js

Requested by

Host: renwai.ren
URL: https://renwai.ren/cdn/html/shizhong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f4d90f1ff4acaa4024d952d5349789b3b032aa2b50a4f5094005a7a5e5cc208

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://renwai.ren/cdn/html/shizhong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:51 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18667
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Jun 2023 12:17:19 GMT
server: cloudflare
etag: W/"649d764f-7c288"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlqRDt%2FGyICarIH8s1ogAYySTj%2BIlpwFS72HE0JesIAP1caUFySgkxMaaPQuWr%2B5ylLFHbS5O06EMJ2RcjF0Mri7rUud8ErGVqiNys0Oj7cxFvIEdSXjizTqdBTE38tkQDb%2BmMjIuRRl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 84a9da29dd15665b-AMS
expires: Wed, 24 Jan 2024 23:52:44 GMT

GET
H3 200 Stats.min.js Show response
renwai.ren/cdn/html/shizhong/ Frame 4AF4 3 KB
2 KB 28ms
28ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://renwai.ren/cdn/html/shizhong/Stats.min.js

Requested by

Host: renwai.ren
URL: https://renwai.ren/cdn/html/shizhong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1476184fa9d401e5165fa2e012ab6bf2eb1b833751d88a092dc829d9b7ee488

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://renwai.ren/cdn/html/shizhong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:51 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18667
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Jun 2023 07:39:34 GMT
server: cloudflare
etag: W/"649a9236-b89"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmCFi5yk9Y9zHZs6PEW1hXDVO0G%2F5jKLzEAnOk3iJyWDS%2FtHtb00fNnZCjNiTGY4wugZDDho6RFW7H%2B2cCKMWPOudPrk9%2FGFz7N6IBWVUFQJ%2B%2BL%2B5G43c1mnMh%2BTVcHPGXiU9vJe82yR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 84a9da29dd17665b-AMS
expires: Wed, 24 Jan 2024 23:52:44 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BF24 364 KB
85 KB 745ms
744ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2668681575267517&output=html&adk=1812271804&adf=3025194257&lmt=1706115831&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.mpyit.com%2F80658.html&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706115831081&bpp=2&bdt=2204&idt=289&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7179723328677&frm=20&pv=2&ga_vid=557937139.1706115831&ga_sid=1706115831&ga_hid=2106798743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080589%2C95320377%2C95320890%2C95321627%2C95322163&oid=2&pvsid=1337645844093410&tmod=199813434&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=301

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2668681575267517&plah=www.mpyit.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc5f2abba51257b83c3a1a38cc46b2aea475ee3e71f08eca93d6bc7eb932e946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 87120
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 17:03:52 GMT
expires: Wed, 24 Jan 2024 17:03:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 172ms
171ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 17:03:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 IAA2UsACOy6UdGiUL5FgI8kaGEntxeCUQ9iMvpFO.png
cdn.aiviysoft.com/aiviycdn/ 55 KB
55 KB 554ms
50ms Image
image/png 2404:2280:1cc:0:3::e
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aiviysoft.com/aiviycdn/IAA2UsACOy6UdGiUL5FgI8kaGEntxeCUQ9iMvpFO.png
Requested by: Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:2280:1cc:0:3::e , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 757a97e5b082e06f4a82fdf9664092465cec9e4954e1ada1a4e918443bab5a03

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 16:18:43 GMT
via: cache3.l2de2[0,0,304-0,H], cache11.l2de2[2,0], ens-cache10.de5[9,9,200-0,H], ens-cache11.de5[17,0]
x-oss-request-id: 65B138631253C53533BB0153
content-md5: vwOHPWaht4EwlVg7oHdBXw==
age: 2709
x-swift-cachetime: 3600
x-cache: HIT TCP_REFRESH_HIT dirn:13:267223279
x-oss-cdn-auth: success
x-swift-savetime: Wed, 24 Jan 2024 17:03:52 GMT
content-length: 55986
x-oss-object-type: Normal
last-modified: Wed, 05 Jul 2023 12:14:31 GMT
server: Tengine
etag: "BF03873D66A1B7813095583BA077415F"
vary: Origin
ali-swift-global-savetime: 1706113123
content-type: image/png
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 17532289562721740419
eagleid: a3b55c9f17061158320167543e
x-oss-server-time: 21

GET
H2 200 eJC7QDQ7nFbda45C8FJHjFIHb6gNhYrSJfCK0Hqh.png
cdn.aiviysoft.com/aiviycdn/ 52 KB
52 KB 582ms
78ms Image
image/png 2404:2280:1cc:0:3::e
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aiviysoft.com/aiviycdn/eJC7QDQ7nFbda45C8FJHjFIHb6gNhYrSJfCK0Hqh.png
Requested by: Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:2280:1cc:0:3::e , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 19884df376acba9fab23d2292e07c96099c99cb15b344a7e5445f1939cafad34

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 16:18:43 GMT
via: cache9.l2de2[0,0,304-0,H], cache19.l2de2[3,0], ens-cache9.de5[19,19,200-0,H], ens-cache11.de5[23,0]
x-oss-request-id: 65B13863E80D01353050F94D
content-md5: z95BDOFQr77WA/SWFNIp0Q==
age: 2709
x-swift-cachetime: 3600
x-cache: HIT TCP_REFRESH_HIT dirn:13:391020926
x-oss-cdn-auth: success
x-swift-savetime: Wed, 24 Jan 2024 17:03:52 GMT
content-length: 52895
x-oss-object-type: Normal
last-modified: Sun, 25 Sep 2022 07:45:09 GMT
server: Tengine
etag: "CFDE410CE150AFBED603F49614D229D1"
vary: Origin
ali-swift-global-savetime: 1706113123
content-type: image/png
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 15833230654075715585
eagleid: a3b55c9f17061158320297574e
x-oss-server-time: 15

GET
H2 200 eaMDpkig7m0ttFqxqAwx1vE8v0dTxuz4sZWp14GU.png
cdn.aiviysoft.com/aiviycdn/ 18 KB
18 KB 904ms
399ms Image
image/png 2404:2280:1cc:0:3::e
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aiviysoft.com/aiviycdn/eaMDpkig7m0ttFqxqAwx1vE8v0dTxuz4sZWp14GU.png
Requested by: Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:2280:1cc:0:3::e , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 840c1e455d83a609f89cb1235a38cfc3e9aa497111a40fa10acd826ad2b03e34

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 16:18:43 GMT
via: cache8.l2de2[0,0,304-0,H], cache8.l2de2[1,0], ens-cache9.de5[360,360,200-0,H], ens-cache11.de5[362,0]
x-oss-request-id: 65B13863E80D013435A2F94D
content-md5: A4Rh4/KpwBPAOMgjcJJalQ==
age: 2708
x-swift-cachetime: 3600
x-cache: HIT TCP_REFRESH_HIT dirn:12:412207142
x-oss-cdn-auth: success
x-swift-savetime: Wed, 24 Jan 2024 17:03:52 GMT
content-length: 18506
x-oss-object-type: Normal
last-modified: Thu, 03 Mar 2022 08:38:14 GMT
server: Tengine
etag: "038461E3F2A9C013C038C82370925A95"
vary: Origin
ali-swift-global-savetime: 1706113124
content-type: image/png
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 6783842973198813912
eagleid: a3b55c9f17061158320297567e
x-oss-server-time: 6

GET
H2 200 gxnBHY2ocS6Q0kHUp24Sz5v8I8xuKCp8eRsCHket.png
cdn.aiviysoft.com/aiviycdn/ 35 KB
35 KB 864ms
360ms Image
image/png 2404:2280:1cc:0:3::e
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aiviysoft.com/aiviycdn/gxnBHY2ocS6Q0kHUp24Sz5v8I8xuKCp8eRsCHket.png
Requested by: Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:2280:1cc:0:3::e , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 29c797d1f9920c5b1df2ffa84d41522f4190da86508ed840a49471cb46d02b70

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 16:18:43 GMT
via: cache21.l2de2[0,0,304-0,H], cache11.l2de2[1,0], ens-cache7.de5[320,319,200-0,H], ens-cache11.de5[322,0]
x-oss-request-id: 65B138637FFDC23436FAD6F8
content-md5: EN/X9R1ciuHLUkS4EHweXA==
age: 2708
x-swift-cachetime: 3600
x-cache: HIT TCP_REFRESH_HIT dirn:13:833300546
x-oss-cdn-auth: success
x-swift-savetime: Wed, 24 Jan 2024 17:03:52 GMT
content-length: 35730
x-oss-object-type: Normal
last-modified: Fri, 19 Nov 2021 07:14:22 GMT
server: Tengine
etag: "10DFD7F51D5C8AE1CB5244B8107C1E5C"
vary: Origin
ali-swift-global-savetime: 1706113124
content-type: image/png
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 8268643087977500338
eagleid: a3b55c9f17061158320297570e
x-oss-server-time: 3

GET
H2 200 lOw3vUSiSz3RSQhSQkTBB1CzCSPHIsQWWxByDil2.png
cdn.aiviysoft.com/aiviycdn/ 23 KB
23 KB 579ms
75ms Image
image/png 2404:2280:1cc:0:3::e
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aiviysoft.com/aiviycdn/lOw3vUSiSz3RSQhSQkTBB1CzCSPHIsQWWxByDil2.png
Requested by: Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:2280:1cc:0:3::e , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 7d4faf1ca1f7203e4769999a75491235764deddb0fdab8d40819cd6b57620c33

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 16:18:44 GMT
via: cache7.l2de2[0,0,304-0,H], cache2.l2de2[1,0], ens-cache2.de5[9,10,200-0,H], ens-cache11.de5[12,0]
x-oss-request-id: 65B138641253C53634DE0253
content-md5: YEnlvvYi2bJ81wUV7DV+lg==
age: 2708
x-swift-cachetime: 3600
x-cache: HIT TCP_REFRESH_HIT dirn:12:501841987
x-oss-cdn-auth: success
x-swift-savetime: Wed, 24 Jan 2024 17:03:52 GMT
content-length: 23121
x-oss-object-type: Normal
last-modified: Thu, 18 Nov 2021 09:13:12 GMT
server: Tengine
etag: "6049E5BEF622D9B27CD70515EC357E96"
vary: Origin
ali-swift-global-savetime: 1706113124
content-type: image/png
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 16281608449666348152
eagleid: a3b55c9f17061158320297568e
x-oss-server-time: 22

GET
H2 200 Wz1ik5EkmClVOU5DtABAzbRS8om48zSjketaG4RJ.png
cdn.aiviysoft.com/aiviycdn/ 30 KB
31 KB 905ms
401ms Image
image/png 2404:2280:1cc:0:3::e
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aiviysoft.com/aiviycdn/Wz1ik5EkmClVOU5DtABAzbRS8om48zSjketaG4RJ.png
Requested by: Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:2280:1cc:0:3::e , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 6778a6cdc9f6f5e50e31d6bb98398ce194ac7b5a4c7afb1960730ea084ae35fa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 16:18:44 GMT
via: cache26.l2de2[0,0,304-0,H], cache21.l2de2[1,0], ens-cache16.de5[358,360,200-0,H], ens-cache11.de5[363,0]
x-oss-request-id: 65B1386472AE9E393379EBDF
content-md5: cRIOrbM/XmLRYioEHBrNGA==
age: 2708
x-swift-cachetime: 3600
x-cache: HIT TCP_REFRESH_HIT dirn:12:847496120
x-oss-cdn-auth: success
x-swift-savetime: Wed, 24 Jan 2024 17:03:52 GMT
content-length: 30999
x-oss-object-type: Normal
last-modified: Thu, 18 Nov 2021 09:12:36 GMT
server: Tengine
etag: "71120EADB33F5E62D1622A041C1ACD18"
vary: Origin
ali-swift-global-savetime: 1706113124
content-type: image/png
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 9513422503435414086
eagleid: a3b55c9f17061158320297572e
x-oss-server-time: 18

GET
H2 200 BwahvGPJrtAkMJCJYuwMw3bM9LeGIkwzc8NFZsix.png
cdn.aiviysoft.com/aiviycdn/ 37 KB
38 KB 41ms
40ms Image
image/png 2404:2280:1cc:0:3::e
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aiviysoft.com/aiviycdn/BwahvGPJrtAkMJCJYuwMw3bM9LeGIkwzc8NFZsix.png
Requested by: Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:2280:1cc:0:3::e , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 40e94ab93681f756c74d3e3c5e44e51e6672c58d2d85e31a03ee97d52c7307ca

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 16:18:44 GMT
via: cache26.l2de2[0,0,304-0,H], cache3.l2de2[2,0], ens-cache13.de5[7,7,200-0,H], ens-cache11.de5[10,0]
x-oss-request-id: 65B1386472AE9E303824ECDF
content-md5: 5VYcrtrgfhk0XYeznoKI1Q==
age: 2708
x-swift-cachetime: 3600
x-cache: HIT TCP_REFRESH_HIT dirn:12:328969284
x-oss-cdn-auth: success
x-swift-savetime: Wed, 24 Jan 2024 17:03:52 GMT
content-length: 38113
x-oss-object-type: Normal
last-modified: Thu, 18 Nov 2021 09:12:55 GMT
server: Tengine
etag: "E5561CAEDAE07E19345D87B39E8288D5"
vary: Origin
ali-swift-global-savetime: 1706113124
content-type: image/png
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 7016327069206095760
eagleid: a3b55c9f17061158320877742e
x-oss-server-time: 20

GET
H2 200 2iEN3zRLwEwTtB2ss4JugYSvvOJsSoO4WiABuuAK.png
cdn.aiviysoft.com/aiviycdn/ 21 KB
22 KB 35ms
34ms Image
image/png 2404:2280:1cc:0:3::e
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aiviysoft.com/aiviycdn/2iEN3zRLwEwTtB2ss4JugYSvvOJsSoO4WiABuuAK.png
Requested by: Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:2280:1cc:0:3::e , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: d5187a576b7ef0203357885dd0d4085ce3adc61f299648c9e5ece3d9bdfc2a2f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 16:18:44 GMT
via: cache12.l2de2[0,0,304-0,H], cache7.l2de2[0,0], ens-cache10.de5[3,3,200-0,H], ens-cache11.de5[10,0]
x-oss-request-id: 65B138645423BA3631106AF2
content-md5: 5NGmsrM85FQfMwTy4jl7tA==
age: 2708
x-swift-cachetime: 3600
x-cache: HIT TCP_REFRESH_HIT dirn:13:267223900
x-oss-cdn-auth: success
x-swift-savetime: Wed, 24 Jan 2024 17:03:52 GMT
content-length: 21758
x-oss-object-type: Normal
last-modified: Fri, 24 Dec 2021 09:32:59 GMT
server: Tengine
etag: "E4D1A6B2B33CE4541F3304F2E2397BB4"
vary: Origin
ali-swift-global-savetime: 1706113124
content-type: image/png
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 12327359151524385334
eagleid: a3b55c9f17061158320877747e
x-oss-server-time: 16

GET
H2 200 SooLj2mNDKS8FlQC0RqZOm1jRy80Hj9abcLmqZy7.png
cdn.aiviysoft.com/aiviycdn/ 69 KB
70 KB 66ms
65ms Image
image/png 2404:2280:1cc:0:3::e
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aiviysoft.com/aiviycdn/SooLj2mNDKS8FlQC0RqZOm1jRy80Hj9abcLmqZy7.png
Requested by: Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:2280:1cc:0:3::e , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 8ce3748f3444976507e5202d00735f45b79f583c40044fd35a3b6023901bb1fe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 16:18:44 GMT
via: cache11.l2de2[0,11,304-0,H], cache23.l2de2[12,0], ens-cache15.de5[17,18,200-0,H], ens-cache11.de5[19,0]
x-oss-request-id: 65B138645B40CC383838ABB8
content-md5: CKF38NmkdPkR9aQY2FIeXA==
age: 2708
x-swift-cachetime: 3600
x-cache: HIT TCP_REFRESH_HIT dirn:13:327609584
x-oss-cdn-auth: success
x-swift-savetime: Wed, 24 Jan 2024 17:03:52 GMT
content-length: 71004
x-oss-object-type: Normal
last-modified: Thu, 05 May 2022 12:28:05 GMT
server: Tengine
etag: "08A177F0D9A474F911F5A418D8521E5C"
vary: Origin
ali-swift-global-savetime: 1706113124
content-type: image/png
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 7211433444199414505
eagleid: a3b55c9f17061158320897750e
x-oss-server-time: 6

GET
H2 200 qXD6lGtZm0IS89aJm9XwSwEIJhIhRxgByWsxnOpT.png
cdn.aiviysoft.com/aiviycdn/ 22 KB
22 KB 47ms
46ms Image
image/png 2404:2280:1cc:0:3::e
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aiviysoft.com/aiviycdn/qXD6lGtZm0IS89aJm9XwSwEIJhIhRxgByWsxnOpT.png
Requested by: Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:2280:1cc:0:3::e , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: f26fd6004e80d343f519c09b4ae343576dda0558918173965f7a9efeb341c6a0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 16:18:44 GMT
via: cache25.l2de2[0,0,304-0,H], cache11.l2de2[2,0], ens-cache6.de5[6,6,200-0,H], ens-cache11.de5[9,0]
x-oss-request-id: 65B13864FBBA073939D3A572
content-md5: i+QrHS1kODaZwIHFOFWXvg==
age: 2707
x-swift-cachetime: 3600
x-cache: HIT TCP_REFRESH_HIT dirn:13:453870691
x-oss-cdn-auth: success
x-swift-savetime: Wed, 24 Jan 2024 17:03:52 GMT
content-length: 22186
x-oss-object-type: Normal
last-modified: Thu, 18 Nov 2021 09:13:03 GMT
server: Tengine
etag: "8BE42B1D2D64383699C081C5385597BE"
vary: Origin
ali-swift-global-savetime: 1706113125
content-type: image/png
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 16803825929885116077
eagleid: a3b55c9f17061158320897752e
x-oss-server-time: 10

GET
H2 200 vsHesafGka1F22KurWuCQkImH6tGzimxG3QUurJn.png
cdn.aiviysoft.com/aiviycdn/ 31 KB
31 KB 38ms
37ms Image
image/png 2404:2280:1cc:0:3::e
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aiviysoft.com/aiviycdn/vsHesafGka1F22KurWuCQkImH6tGzimxG3QUurJn.png
Requested by: Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:2280:1cc:0:3::e , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 54ae1b02c01b100f74ca42848645e0f39aa8e332a85c5fe6fb81d684073e9d79

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 16:18:45 GMT
via: cache7.l2de2[0,0,304-0,H], cache9.l2de2[1,0], ens-cache2.de5[2,2,200-0,H], ens-cache11.de5[8,0]
x-oss-request-id: 65B13865F326DB3030098EEB
content-md5: oiNDieFgoLXrz2HsnuIsMA==
age: 2707
x-swift-cachetime: 3600
x-cache: HIT TCP_REFRESH_HIT dirn:12:501842011
x-oss-cdn-auth: success
x-swift-savetime: Wed, 24 Jan 2024 17:03:52 GMT
content-length: 31709
x-oss-object-type: Normal
last-modified: Thu, 18 Nov 2021 09:13:20 GMT
server: Tengine
etag: "A2234389E160A0B5EBCF61EC9EE22C30"
vary: Origin
ali-swift-global-savetime: 1706113125
content-type: image/png
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 12535657972746744322
eagleid: a3b55c9f17061158320897762e
x-oss-server-time: 16

GET
H2 200 KoyTieRqQTVXW0rmYbPkR2lt1e6Y4wPgPmaItC6D.png
cdn.aiviysoft.com/aiviycdn/ 18 KB
19 KB 64ms
63ms Image
image/png 2404:2280:1cc:0:3::e
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aiviysoft.com/aiviycdn/KoyTieRqQTVXW0rmYbPkR2lt1e6Y4wPgPmaItC6D.png
Requested by: Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:2280:1cc:0:3::e , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: cfad602b6e37f960297765081d601f501c38afbb38b45a238699de0c124c4679

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 16:18:45 GMT
via: cache10.l2de2[0,0,304-0,H], cache4.l2de2[1,0], ens-cache9.de5[14,14,200-0,H], ens-cache11.de5[18,0]
x-oss-request-id: 65B13865E80D01363466FB4D
content-md5: sVs+JEHQGXqOB5s4aInwdg==
age: 2707
x-swift-cachetime: 3600
x-cache: HIT TCP_REFRESH_HIT dirn:13:391009425
x-oss-cdn-auth: success
x-swift-savetime: Wed, 24 Jan 2024 17:03:52 GMT
content-length: 18881
x-oss-object-type: Normal
last-modified: Thu, 18 Nov 2021 09:12:26 GMT
server: Tengine
etag: "B15B3E2441D0197A8E079B386889F076"
vary: Origin
ali-swift-global-savetime: 1706113125
content-type: image/png
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 8480830318922329403
eagleid: a3b55c9f17061158320897764e
x-oss-server-time: 21

GET
H2 200 QTv8iKOidMhXngTemcBea85sL75UP5upPH9enM05.png
cdn.aiviysoft.com/aiviycdn/ 88 KB
88 KB 76ms
75ms Image
image/png 2404:2280:1cc:0:3::e
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aiviysoft.com/aiviycdn/QTv8iKOidMhXngTemcBea85sL75UP5upPH9enM05.png
Requested by: Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:2280:1cc:0:3::e , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 8be2fc9345081344cda97a7a334a18f43c66297db6d4d5e1309823ef5aabad68

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 16:18:45 GMT
via: cache14.l2de2[0,10,304-0,H], cache10.l2de2[12,0], ens-cache15.de5[13,14,200-0,H], ens-cache11.de5[23,0]
x-oss-request-id: 65B138659F6B6033307396BD
content-md5: O4TGd6k3KJLgGtCvYU7FJw==
age: 2707
x-swift-cachetime: 3600
x-cache: HIT TCP_REFRESH_HIT dirn:13:327609432
x-oss-cdn-auth: success
x-swift-savetime: Wed, 24 Jan 2024 17:03:52 GMT
content-length: 89792
x-oss-object-type: Normal
last-modified: Thu, 05 May 2022 12:29:47 GMT
server: Tengine
etag: "3B84C677A9372892E01AD0AF614EC527"
vary: Origin
ali-swift-global-savetime: 1706113125
content-type: image/png
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 3235485242158040883
eagleid: a3b55c9f17061158320897766e
x-oss-server-time: 7

GET
H2 200 nRPvxlJC8C0Jm9L8whubysqn7cD2UyOMpmwZvm5E.png
cdn.aiviysoft.com/aiviycdn/ 74 KB
74 KB 351ms
350ms Image
image/png 2404:2280:1cc:0:3::e
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aiviysoft.com/aiviycdn/nRPvxlJC8C0Jm9L8whubysqn7cD2UyOMpmwZvm5E.png
Requested by: Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:2280:1cc:0:3::e , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 839fd2f9d76987285e214cc9f7be961e4dec5c2e0475a952da612d309cb51f16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 16:18:45 GMT
via: cache11.l2de2[0,22,304-0,H], cache25.l2de2[24,0], ens-cache5.de5[320,321,200-0,H], ens-cache11.de5[326,0]
x-oss-request-id: 65B138655C8CDB333295EED2
content-md5: OJ2bSEVMmIbBUQbspvUqMA==
age: 2707
x-swift-cachetime: 3600
x-cache: HIT TCP_REFRESH_HIT dirn:12:816126785
x-oss-cdn-auth: success
x-swift-savetime: Wed, 24 Jan 2024 17:03:52 GMT
content-length: 75566
x-oss-object-type: Normal
last-modified: Mon, 06 Dec 2021 05:59:26 GMT
server: Tengine
etag: "389D9B48454C9886C15106ECA6F52A30"
vary: Origin
ali-swift-global-savetime: 1706113125
content-type: image/png
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 5727999094717582602
eagleid: a3b55c9f17061158320897767e
x-oss-server-time: 15

GET
H2 200 BYLFSwVegHUv0s2SogdZQR3wDiSN0DZZJmeLbl71.png
cdn.aiviysoft.com/aiviycdn/ 97 KB
98 KB 49ms
49ms Image
image/png 2404:2280:1cc:0:3::e
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aiviysoft.com/aiviycdn/BYLFSwVegHUv0s2SogdZQR3wDiSN0DZZJmeLbl71.png
Requested by: Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:2280:1cc:0:3::e , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: fd51c47ba189b7e4111f4034aa5df5cc00dbbd3e3f58cf2e1f174c93bd96e104

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 16:18:45 GMT
via: cache8.l2de2[0,0,304-0,H], cache4.l2de2[1,0], ens-cache13.de5[4,4,200-0,H], ens-cache11.de5[10,0]
x-oss-request-id: 65B138655B40CC373341ACB8
content-md5: YW9GXUrBkPoGgG4c72t59w==
age: 2707
x-swift-cachetime: 3600
x-cache: HIT TCP_REFRESH_HIT dirn:13:519595615
x-oss-cdn-auth: success
x-swift-savetime: Wed, 24 Jan 2024 17:03:52 GMT
content-length: 99585
x-oss-object-type: Normal
last-modified: Fri, 24 Dec 2021 09:28:58 GMT
server: Tengine
etag: "616F465D4AC190FA06806E1CEF6B79F7"
vary: Origin
ali-swift-global-savetime: 1706113125
content-type: image/png
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 17576831307638055089
eagleid: a3b55c9f17061158320897770e
x-oss-server-time: 45

GET
H2 200 FFlo7Sm7UohYPXWO4EH5JXuAHmpJv12EF91gRin0.png
cdn.aiviysoft.com/aiviycdn/ 25 KB
25 KB 87ms
86ms Image
image/png 2404:2280:1cc:0:3::e
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aiviysoft.com/aiviycdn/FFlo7Sm7UohYPXWO4EH5JXuAHmpJv12EF91gRin0.png
Requested by: Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:2280:1cc:0:3::e , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 137acbf50e20a6353d1c2da5f2703ac33dbc48856bd88784ca2d2dad09891faa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 16:18:45 GMT
via: cache4.l2de2[0,23,304-0,H], cache5.l2de2[24,0], ens-cache8.de5[29,29,200-0,H], ens-cache11.de5[35,0]
x-oss-request-id: 65B1386599F00D363781BD85
content-md5: u945KfqqYTMp+szkR/4YYg==
age: 2707
x-swift-cachetime: 3600
x-cache: HIT TCP_REFRESH_HIT dirn:12:327201400
x-oss-cdn-auth: success
x-swift-savetime: Wed, 24 Jan 2024 17:03:52 GMT
content-length: 25704
x-oss-object-type: Normal
last-modified: Thu, 18 Nov 2021 09:13:27 GMT
server: Tengine
etag: "BBDE3929FAAA613329FACCE447FE1862"
vary: Origin
ali-swift-global-savetime: 1706113125
content-type: image/png
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 10185185725915646923
eagleid: a3b55c9f17061158320897773e
x-oss-server-time: 13

GET
H2 200 DGCSgCprFG4cJNogRZi7YtvDmj3iDestlX5c2uL8.png
cdn.aiviysoft.com/aiviycdn/ 24 KB
24 KB 291ms
291ms Image
image/png 2404:2280:1cc:0:3::e
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aiviysoft.com/aiviycdn/DGCSgCprFG4cJNogRZi7YtvDmj3iDestlX5c2uL8.png
Requested by: Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:2280:1cc:0:3::e , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 1a4c0fba8ee8a1143c7f9f60e8a043be88ab89871c7d5021f9018718cb916e90

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 16:18:45 GMT
via: cache23.l2de2[0,0,304-0,H], cache16.l2de2[1,0], ens-cache4.de5[258,258,200-0,H], ens-cache11.de5[266,0]
x-oss-request-id: 65B138656AD6D53032D5A160
content-md5: KWyeB4PnvON9LhvYQ7pdLQ==
age: 2707
x-swift-cachetime: 3600
x-cache: HIT TCP_REFRESH_HIT dirn:13:138011597
x-oss-cdn-auth: success
x-swift-savetime: Wed, 24 Jan 2024 17:03:52 GMT
content-length: 24580
x-oss-object-type: Normal
last-modified: Thu, 18 Nov 2021 09:14:14 GMT
server: Tengine
etag: "296C9E0783E7BCE37D2E1BD843BA5D2D"
vary: Origin
ali-swift-global-savetime: 1706113125
content-type: image/png
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 9359922350327154918
eagleid: a3b55c9f17061158320897778e
x-oss-server-time: 14

GET
H2 200 Sx3zscXkTORdSzOVDD7L74adZcFbMoOdoeiqZGy5.png
cdn.aiviysoft.com/aiviycdn/ 32 KB
32 KB 86ms
85ms Image
image/png 2404:2280:1cc:0:3::e
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aiviysoft.com/aiviycdn/Sx3zscXkTORdSzOVDD7L74adZcFbMoOdoeiqZGy5.png
Requested by: Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:2280:1cc:0:3::e , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 578dc0cd971b2050c6c2dbd78c882655f0f4fb00f6df21f76d5625739a167407

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 16:18:45 GMT
via: cache10.l2de2[0,0,304-0,H], cache9.l2de2[1,0], ens-cache9.de5[13,14,200-0,H], ens-cache11.de5[24,0]
x-oss-request-id: 65B138650AD071303887AECE
content-md5: p1Bvoo8Nk1QdUJibO0HglA==
age: 2707
x-swift-cachetime: 3600
x-cache: HIT TCP_REFRESH_HIT dirn:13:391009416
x-oss-cdn-auth: success
x-swift-savetime: Wed, 24 Jan 2024 17:03:52 GMT
content-length: 32646
x-oss-object-type: Normal
last-modified: Thu, 18 Nov 2021 09:14:22 GMT
server: Tengine
etag: "A7506FA28F0D93541D50989B3B41E094"
vary: Origin
ali-swift-global-savetime: 1706113125
content-type: image/png
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 17159381515294197660
eagleid: a3b55c9f17061158320897779e
x-oss-server-time: 8

GET
H2 200 LhVmJGTIuhGa0SSIFd5nP1xg12fDdyZjgvcMCVQu.png
cdn.aiviysoft.com/aiviycdn/ 32 KB
33 KB 83ms
83ms Image
image/png 2404:2280:1cc:0:3::e
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aiviysoft.com/aiviycdn/LhVmJGTIuhGa0SSIFd5nP1xg12fDdyZjgvcMCVQu.png
Requested by: Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:2280:1cc:0:3::e , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 162d2d91c9158e43c11a76117a7920ac0da0b6e2795409517fd20ceb606c6d2b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 16:18:45 GMT
via: cache16.l2de2[0,0,304-0,H], cache6.l2de2[2,0], ens-cache16.de5[13,13,200-0,H], ens-cache11.de5[24,0]
x-oss-request-id: 65B138655C8CDB353272EFD2
content-md5: Acd1L/nBXJCPXcrIc4kzzQ==
age: 2707
x-swift-cachetime: 3600
x-cache: HIT TCP_REFRESH_HIT dirn:12:847499275
x-oss-cdn-auth: success
x-swift-savetime: Wed, 24 Jan 2024 17:03:52 GMT
content-length: 33245
x-oss-object-type: Normal
last-modified: Thu, 18 Nov 2021 09:14:05 GMT
server: Tengine
etag: "01C7752FF9C15C908F5DCAC8738933CD"
vary: Origin
ali-swift-global-savetime: 1706113125
content-type: image/png
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 16836819790353129275
eagleid: a3b55c9f17061158320897782e
x-oss-server-time: 22

GET
H2 200 jGnDLF3OnPiNsKX7zVBGcuNibaCmTwsicEDV91wo.png
cdn.aiviysoft.com/aiviycdn/ 63 KB
63 KB 72ms
71ms Image
image/png 2404:2280:1cc:0:3::e
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aiviysoft.com/aiviycdn/jGnDLF3OnPiNsKX7zVBGcuNibaCmTwsicEDV91wo.png
Requested by: Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:2280:1cc:0:3::e , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 88cf73a715b7fb60e9959da7e359c8af477bcf7ece913bb061da3443702cd223

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 16:18:46 GMT
via: cache14.l2de2[0,7,304-0,H], cache21.l2de2[10,0], ens-cache10.de5[14,14,200-0,H], ens-cache11.de5[22,0]
x-oss-request-id: 65B138660BFF4B3439ACFADD
content-md5: Be1VMw/tNTjV/uKtKHp8WA==
age: 2706
x-swift-cachetime: 3600
x-cache: HIT TCP_REFRESH_HIT dirn:13:267223872
x-oss-cdn-auth: success
x-swift-savetime: Wed, 24 Jan 2024 17:03:52 GMT
content-length: 64078
x-oss-object-type: Normal
last-modified: Fri, 24 Dec 2021 09:22:56 GMT
server: Tengine
etag: "05ED55330FED3538D5FEE2AD287A7C58"
vary: Origin
ali-swift-global-savetime: 1706113126
content-type: image/png
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 7156229168020842657
eagleid: a3b55c9f17061158320897785e
x-oss-server-time: 24

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 163 KB
55 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d83468545646756953863db26337dbfde5fd94f7f58d7b01ac4453b5444e7601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56679
x-xss-protection: 0
server: cafe
etag: 3719882203814790466
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 17:03:52 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B213 714 B
382 B 224ms
224ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2668681575267517&output=html&h=280&adk=4144480424&adf=1704617392&pi=t.aa~a.966808166~rp.4&daaos=1706043846423~1706043846423&w=1200&fwrn=4&fwrnh=100&lmt=1706115832&rafmt=1&to=qs&pwprc=3502903349&format=1200x280&url=https%3A%2F%2Fwww.mpyit.com%2F80658.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706115832266&bpp=2&bdt=3389&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7179723328677&frm=20&pv=1&ga_vid=557937139.1706115831&ga_sid=1706115831&ga_hid=2106798743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080589%2C95320377%2C95320890%2C95321627%2C95322163&oid=2&pvsid=1337645844093410&tmod=199813434&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b671c1814030fac8c1d9cb27c07bac90c75779fa1d13076b0e8351d7b1ffcd7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 17:03:52 GMT
expires: Wed, 24 Jan 2024 17:03:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 24E9 186 KB
51 KB 483ms
483ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2668681575267517&output=html&h=240&adk=923897621&adf=2151592350&pi=t.aa~a.4238640646~rp.4&daaos=1706043846423~1706043846423&w=270&fwrn=4&fwrnh=100&lmt=1706115832&rafmt=1&to=qs&pwprc=3502903349&format=270x240&url=https%3A%2F%2Fwww.mpyit.com%2F80658.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706115832266&bpp=1&bdt=3389&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7179723328677&frm=20&pv=1&ga_vid=557937139.1706115831&ga_sid=1706115831&ga_hid=2106798743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1170&ady=1219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080589%2C95320377%2C95320890%2C95321627%2C95322163&oid=2&pvsid=1337645844093410&tmod=199813434&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e78dd32f366fba77cf6545aeb4cf0f8fef50662d964eea600ef9f733937f9647

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 51674
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 17:03:52 GMT
expires: Wed, 24 Jan 2024 17:03:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 793B 714 B
386 B 411ms
411ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2668681575267517&output=html&h=60&adk=2499841291&adf=54630664&pi=t.aa~a.1182920990~rp.3&daaos=1706043846423~1706043846423&w=1200&fwrn=4&fwrnh=100&lmt=1706115832&rafmt=1&to=qs&pwprc=3502903349&format=1200x60&url=https%3A%2F%2Fwww.mpyit.com%2F80658.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706115832266&bpp=1&bdt=3389&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C270x240&nras=4&correlator=7179723328677&frm=20&pv=1&ga_vid=557937139.1706115831&ga_sid=1706115831&ga_hid=2106798743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2030&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080589%2C95320377%2C95320890%2C95321627%2C95322163&oid=2&pvsid=1337645844093410&tmod=199813434&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee3098d22290164e64c7cfdb3fa0b8b84257833c9dab87cd55bf93bbed33adb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 361
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 17:03:52 GMT
expires: Wed, 24 Jan 2024 17:03:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 34ED 9 KB
4 KB 26ms
26ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 62569
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 23:41:03 GMT
etag: 3890843268177463596
expires: Tue, 06 Feb 2024 23:41:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame AEE1 9 KB
4 KB 28ms
27ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 62569
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 23:41:03 GMT
etag: 3890843268177463596
expires: Tue, 06 Feb 2024 23:41:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 326ms
326ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=844332618&si=ccc6d1aefd3fd0efef536558cbccd5bd&v=1.3.0&lv=1&sn=43177&r=0&ww=1600&u=https%3A%2F%2Fwww.mpyit.com%2F80658.html&tt=fch1993%20WinServer%202022%2020349.2159%20%E5%8E%9F%E7%89%88%205%E5%90%881%20-%20%E6%AE%81%E6%BC%82%E9%81%A5

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Jan 2024 17:03:52 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 css2
fonts.googleapis.com/ Frame 34ED 4 KB
1 KB 88ms
32ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 17:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 16:42:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 17:03:52 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 34ED 205 B
519 B 89ms
32ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 13:51:31 GMT
x-content-type-options: nosniff
age: 97941
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 Jan 2025 13:51:31 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 34ED 604 B
695 B 108ms
51ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:43:34 GMT
x-content-type-options: nosniff
age: 62418
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 Jan 2025 23:43:34 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 34ED 16 KB
7 KB 100ms
28ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2a69649d15f908464902e679f465757cff39c3f59f8d92f4117987152c50303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62907
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6870
x-xss-protection: 0
server: cafe
etag: 16407976921096022632
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:35:25 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 34ED 22 KB
10 KB 96ms
24ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:31:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9462
x-xss-protection: 0
server: cafe
etag: 4236850132385514013
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:31:15 GMT

GET
H2 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame AEE1 9 KB
4 KB 82ms
26ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 21:36:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 23:27:09 GMT

GET
H2 200 67b2cf2770e31c0fa9735c0b8b540980.js Show response
www.gstatic.com/mysidia/ Frame AEE1 11 KB
5 KB 84ms
29ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/67b2cf2770e31c0fa9735c0b8b540980.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:29:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4763
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 21:36:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 23:29:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AEE1 14 KB
1 KB 88ms
36ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 17:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 16:40:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 17:03:52 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame AEE1 2 KB
903 B 117ms
48ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:33:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63027
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:33:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame AEE1 23 KB
9 KB 118ms
50ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62836
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:36:36 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame AEE1 3 KB
1 KB 122ms
54ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 15:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 15:04:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame AEE1 20 KB
8 KB 100ms
32ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:41:57 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame AEE1 205 KB
65 KB 94ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66080
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705966741457425"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jan 2024 17:03:52 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame AEE1 37 KB
15 KB 86ms
33ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 23:31:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4117 14 KB
1 KB 34ms
34ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 17:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 16:38:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 17:03:52 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 4117 2 KB
856 B 24ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:33:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63027
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:33:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 4117 23 KB
9 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62836
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:36:36 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5E03 143 B
166 B 33ms
32ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 16:38:20 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 4117 3 KB
1 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 15:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 15:04:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 4117 20 KB
8 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:41:57 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4117 205 KB
65 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66080
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705966741457425"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jan 2024 17:03:52 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 4117 37 KB
15 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 23:31:36 GMT

GET
H2 200 12986108391283576346
tpc.googlesyndication.com/simgad/ Frame AEE1 5 KB
5 KB 29ms
29ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12986108391283576346?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75597203d493a77c57d1423d72d370d5b30e28f455bdee7aad32635ab08618b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 23:52:51 GMT
date: Tue, 23 Jan 2024 23:52:51 GMT
x-content-type-options: nosniff
age: 61861
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4703
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 19:11:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 595C 143 B
166 B 24ms
24ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 16:38:20 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AEE1 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 825d621f0013c35978345c61f654b9493a569a0399173c6fdb3a231b2f9ce69d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5E03
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

52ms
51ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 17:03:52 GMT
expires: Wed, 24 Jan 2024 17:03:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 17:03:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame AEE1 33 KB
34 KB 78ms
25ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 04:01:15 GMT
x-content-type-options: nosniff
age: 133357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 04:01:15 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 595C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

38ms
37ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 17:03:52 GMT
expires: Wed, 24 Jan 2024 17:03:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 17:03:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame 24E9 9 KB
4 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2668681575267517&output=html&h=240&adk=923897621&adf=2151592350&pi=t.aa~a.4238640646~rp.4&daaos=1706043846423~1706043846423&w=270&fwrn=4&fwrnh=100&lmt=1706115832&rafmt=1&to=qs&pwprc=3502903349&format=270x240&url=https%3A%2F%2Fwww.mpyit.com%2F80658.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706115832266&bpp=1&bdt=3389&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7179723328677&frm=20&pv=1&ga_vid=557937139.1706115831&ga_sid=1706115831&ga_hid=2106798743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1170&ady=1219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080589%2C95320377%2C95320890%2C95321627%2C95322163&oid=2&pvsid=1337645844093410&tmod=199813434&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 21:36:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 23:27:09 GMT

GET
H3 200 527e291d25aa7aa1711ba1884f6f78c5.js Show response
www.gstatic.com/mysidia/ Frame 24E9 145 KB
53 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/527e291d25aa7aa1711ba1884f6f78c5.js?tag=video_location/web_och

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77ca2c2257636217ded56d506e9cfade9188ca4a765ccde50448095a5deaecec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 23:38:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 24E9 14 KB
1 KB 33ms
32ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 17:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 15:37:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 17:03:52 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 24E9 2 KB
822 B 23ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:33:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63027
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:33:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 24E9 23 KB
9 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62836
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:36:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 24E9 3 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 15:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 15:04:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 24E9 20 KB
8 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:41:57 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 24E9 0
0 41ms
38ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSJo8taaM5wp1lLdsmdcuSU4O5E1WCtvxnKAWWRPDNe58UaGkVm4UOU5QTJ5kEszL8MCDQpzZftrT7QGEK8lHdki1uOjg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2668681575267517&output=html&h=240&adk=923897621&adf=2151592350&pi=t.aa~a.4238640646~rp.4&daaos=1706043846423~1706043846423&w=270&fwrn=4&fwrnh=100&lmt=1706115832&rafmt=1&to=qs&pwprc=3502903349&format=270x240&url=https%3A%2F%2Fwww.mpyit.com%2F80658.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706115832266&bpp=1&bdt=3389&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7179723328677&frm=20&pv=1&ga_vid=557937139.1706115831&ga_sid=1706115831&ga_hid=2106798743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1170&ady=1219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080589%2C95320377%2C95320890%2C95321627%2C95322163&oid=2&pvsid=1337645844093410&tmod=199813434&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 24E9 205 KB
65 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66080
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705966741457425"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jan 2024 17:03:52 GMT

GET
H3 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 24E9 37 KB
15 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 23:31:36 GMT

GET
H3 200 4467170780157312204
tpc.googlesyndication.com/simgad/ Frame 24E9 105 KB
105 KB 33ms
32ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4467170780157312204

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1bfd33474924427776aea5c9b8c6b918e223a635e10716a371d11818eca27f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 23:48:46 GMT
date: Tue, 23 Jan 2024 23:48:46 GMT
x-content-type-options: nosniff
age: 62106
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107541
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 08:58:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 13219555235822082051
tpc.googlesyndication.com/simgad/ Frame 24E9 1 KB
1 KB 31ms
30ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13219555235822082051?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6c01424e615d6a6506c30446e6baced62bbbb379ada73d1eacf50d0bb083e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 22:26:49 GMT
date: Tue, 23 Jan 2024 22:26:49 GMT
x-content-type-options: nosniff
age: 67023
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1162
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 12:34:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 data=FQSJlBb-0sTxsUUueJE8eYcEAXESZ9RtKpQBoe_9xePd355IZgCS2a7f4Obvb16i7JQJFtVtLgRN26wO
mts0.google.com/vt/ Frame 24E9 29 KB
29 KB 287ms
96ms Image
image/png 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=FQSJlBb-0sTxsUUueJE8eYcEAXESZ9RtKpQBoe_9xePd355IZgCS2a7f4Obvb16i7JQJFtVtLgRN26wO

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

15490dcdb9d4689efde9d0df7ee37ad9bf5fd7282ce7994b20bbc8d3efce07a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:53 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=67
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29608
x-xss-protection: 0
x-server-version-bin: CggIBBDFwb2tBg==
server: scaffolding on HTTPServer2
etag: 03f90f896cdad69b2
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Wed, 24 Jan 2024 18:03:53 GMT

GET
DATA 200
OK truncated
/ Frame 24E9 301 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 24E9 418 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js Show response
pagead2.googlesyndication.com/bg/ Frame E6CA 51 KB
19 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:38:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19859
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 23:38:26 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame AEE1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CttZZ90KxZbbSHe6otOUPgZ2jsAqP3YbLbp29wu2-D6uU9P0IEAEg6qT4EmCRhKCFjBigAY3s5NkCyAEBqQL-ZQlZAu-oPqgDAcgDywSqBNcBT9Bh1l5r0zk_8HZ60LlaLJJOKA5aog9G-fp...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217858907529133291574%22,%22debug_reporting%22:true,%22destination%22:%22https://pchelpsoft.com%22,%22event_report_window%2...

0
0

184ms
82ms

Fetch
text/css

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217858907529133291574%22,%22debug_reporting%22:true,%22destination%22:%22https://pchelpsoft.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22725169677%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224665062027826550897%22}&andc=true

Requested by

Host: www.mpyit.com
URL: https://www.mpyit.com/80658.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:53 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"17858907529133291574","debug_reporting":true,"destination":"https://pchelpsoft.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["725169677"],"22":["true"],"4":["01-24"],"6":["true"]},"priority":"500","source_event_id":"4665062027826550897"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 24 Jan 2024 17:03:53 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 24 Jan 2024 17:03:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17858907529133291574","debug_reporting":true,"destination":"https://pchelpsoft.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["725169677"],"22":["true"],"4":["01-24"],"6":["true"]},"priority":"500","source_event_id":"4665062027826550897"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 24E9 0
234 B 777ms
261ms Ping
image/gif 2800:3f0:4002:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lrs1bdvi&c=4895938130506&slotId=2447969065253&qqid=COv_ieHA9oMDFXYrrQYdvBQP3g&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ulc&ulv=1&ua_e=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/527e291d25aa7aa1711ba1884f6f78c5.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4002:80b::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 17:03:53 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js Show response
pagead2.googlesyndication.com/bg/ Frame 3916 51 KB
19 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:38:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19859
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 23:38:26 GMT

GET
H/1.1 206
Partial Content videoplayback
rr5---sn-pouxga5o-vu2s.googlevideo.com/ Frame 24E9 414 KB
415 KB 420ms
291ms Media
video/mp4 2a00:ff0:1234:3::10
ASOCIATIA-INTERLA...

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-pouxga5o-vu2s.googlevideo.com/videoplayback?expire=1706144632&ei=-EKxZfeDJbPmsfIPjtC0yAs&ip=2a00:1630:2:602::2&id=f3219d124b8ce446&itag=18&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=Wn&mm=31&mn=sn-pouxga5o-vu2s&ms=au&mv=m&mvi=5&pl=32&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=12.051&lmt=1698764037020897&mt=1706115443&cpn=IFOQH2xVlehPi6Fo&txp=5430434&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=AJfQdSswRgIhAKC0qZa_8y22t56bQ02P5IvnOI0SwPZJi7wC9s6lywoTAiEAjYNHmXQnqyMOoKB1YjqN4mQbFCRhU059LG2ZnJGiwzE=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AAO5W4owRQIgV70NbaS7C3cGd1voNsQ8j9xlL_c-Q2eGJDO8J8Ch78gCIQCDPVWiGsL7yBpOuQ9kQmy3XSS0lcb1zE2_BUPkjX49fg==

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:ff0:1234:3::10 , Romania, ASN41494 (ASOCIATIA-INTERLAN InterLAN Services, RO),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9d87e1674de6085172c852a9fcefa0b4cfeb1c24f237aa544480abd73bf9117e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 24 Jan 2024 17:03:53 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 31 Oct 2023 14:53:57 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-423958/423959
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 423959
Expires: Wed, 24 Jan 2024 17:03:53 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EE01 1 KB
643 B 24ms
24ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 28222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Thu, 25 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 24E9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c70f173b7836a32682e12d216f465a16d40b04e0ff4b9770ac7ffbc75d472e9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 199ms
83ms Preflight
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 24 Jan 2024 17:03:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 24E9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CuCDF-EKxZeujF_bWtOUPvKm88A3KqsnwdI3ZwcHvEeiqtpWLAxABIOqk-BJgkYSghYwYoAHWu6bEA8gBCakCDutgMqdIsj6oAwHIA8sEqgTWAU_QvPG9aKn0H2ZwGxq_I2Fiuj5GrRemNZC...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224024462248917992879%22,%22debug_reporting%22:true,%22destination%22:%22https://shop-goudwisselkantoor.nl%22,%22event_repor...

0
0

182ms
82ms

Fetch
text/css

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224024462248917992879%22,%22debug_reporting%22:true,%22destination%22:%22https://shop-goudwisselkantoor.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22948542934%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216473409617906532081%22}&andc=true

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:53 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"4024462248917992879","debug_reporting":true,"destination":"https://shop-goudwisselkantoor.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["948542934"],"22":["true"],"4":["01-24"],"6":["true"]},"priority":"500","source_event_id":"16473409617906532081"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 24 Jan 2024 17:03:53 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 24 Jan 2024 17:03:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4024462248917992879","debug_reporting":true,"destination":"https://shop-goudwisselkantoor.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["948542934"],"22":["true"],"4":["01-24"],"6":["true"]},"priority":"500","source_event_id":"16473409617906532081"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame EE01 35 B
464 B 89ms
24ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOhQSukcpAc-JQbFp99c0xo&google_cver=1&google_push=AXcoOmQQecYnmGr2ReRAVsp63c_cUzk5g5jNzcWuk7_JMhzRAkkEdZEfH30bMdc2wNjEh_Pf0NmtKEVbkHS2od6_BPcVoxugK5d-nw

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 17:03:53 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EE01
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFEfOKpoYM47xEZWRGDYApo&google_push=AXcoOmT9XUrwS8yjTVAyPDvF-tK7VSVGxRe-dxVoY7J4DsEuTNPOv96RFp...

170 B
232 B

33ms
33ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFEfOKpoYM47xEZWRGDYApo&google_push=AXcoOmT9XUrwS8yjTVAyPDvF-tK7VSVGxRe-dxVoY7J4DsEuTNPOv96RFpSwk4uGpO2SucO0HL4CbqRyrpoitzdKZd-Yapvj1P1VJmk

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 17:03:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-ams21032-AMS
pragma: no-cache
date: Wed, 24 Jan 2024 17:03:53 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1706115833.040473,VS0,VE97
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFEfOKpoYM47xEZWRGDYApo&google_push=AXcoOmT9XUrwS8yjTVAyPDvF-tK7VSVGxRe-dxVoY7J4DsEuTNPOv96RFpSwk4uGpO2SucO0HL4CbqRyrpoitzdKZd-Yapvj1P1VJmk
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EE01
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEIbhHSAJW5M8U74YozNbVmw&google_cver=1&google_push=AXcoOmTpxd26WkUOD-aAIql61YG70M3GYKEba7_riSXJh033_mED34yY9n9jd99ceM7m0qZxSsWVg5Vb_xpcQ-e8uyXgLClHXxjI__Q
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6C8B9360331242E4952CF7A598830C51&google_push=AXcoOmTpxd26WkUOD-aAIql61YG70M3GYKEba7_riSXJh033_mED34yY9n9jd99ceM7m0qZxSsWVg5Vb_xpcQ-e...

170 B
329 B

33ms
32ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6C8B9360331242E4952CF7A598830C51&google_push=AXcoOmTpxd26WkUOD-aAIql61YG70M3GYKEba7_riSXJh033_mED34yY9n9jd99ceM7m0qZxSsWVg5Vb_xpcQ-e8uyXgLClHXxjI__Q

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 17:03:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 24 Jan 2024 17:03:53 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6C8B9360331242E4952CF7A598830C51&google_push=AXcoOmTpxd26WkUOD-aAIql61YG70M3GYKEba7_riSXJh033_mED34yY9n9jd99ceM7m0qZxSsWVg5Vb_xpcQ-e8uyXgLClHXxjI__Q
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 23 Jan 2024 17:03:53 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame EE01 0
187 B 65ms
16ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEEhry8DMC7ACO31-vJuH3rs&google_cver=1&google_push=AXcoOmRFaa-fTPtm25oJQGN_3q0Hly7MKhyhjMvVi-Aj-1Rm4AEoJ2K-DwCFSfn7srEdkvvU0YQCgs9_THuuVGDI-TTflht34SBxRw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2668681575267517&output=html&h=240&adk=923897621&adf=2151592350&pi=t.aa~a.4238640646~rp.4&daaos=1706043846423~1706043846423&w=270&fwrn=4&fwrnh=100&lmt=1706115832&rafmt=1&to=qs&pwprc=3502903349&format=270x240&url=https%3A%2F%2Fwww.mpyit.com%2F80658.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706115832266&bpp=1&bdt=3389&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7179723328677&frm=20&pv=1&ga_vid=557937139.1706115831&ga_sid=1706115831&ga_hid=2106798743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1170&ady=1219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080589%2C95320377%2C95320890%2C95321627%2C95322163&oid=2&pvsid=1337645844093410&tmod=199813434&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Wed, 24 Jan 2024 17:03:53 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame EE01 43 B
235 B 69ms
21ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFjBH4-mNmdvmOjlAJjjwP8&google_cver=1&google_push=AXcoOmSZRPPbrYGD6AGk8VEmVRsRKKsQ2MQmD6u45JKGm8w_OxKhWR1dkeu8w_mV8v7T1sleFBG7AR7xpXjKXb6NeBWMUPj-8ZMbjw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2668681575267517&output=html&h=240&adk=923897621&adf=2151592350&pi=t.aa~a.4238640646~rp.4&daaos=1706043846423~1706043846423&w=270&fwrn=4&fwrnh=100&lmt=1706115832&rafmt=1&to=qs&pwprc=3502903349&format=270x240&url=https%3A%2F%2Fwww.mpyit.com%2F80658.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706115832266&bpp=1&bdt=3389&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7179723328677&frm=20&pv=1&ga_vid=557937139.1706115831&ga_sid=1706115831&ga_hid=2106798743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1170&ady=1219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080589%2C95320377%2C95320890%2C95321627%2C95322163&oid=2&pvsid=1337645844093410&tmod=199813434&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 17:03:53 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EE01
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESECcBfaexQXU_hlauO2bQja8&google_cver=1&google_push=AXcoOmQc5PDq-QMCS0tNZD5gC78XPaN-fuv--e8vAgBzp5B0CD7NwMag7GVEYLpd10...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQc5PDq-QMCS0tNZD5gC78XPaN-fuv--e8vAgBzp5B0CD7NwMag7GVEYLpd10mSA9aiASRfZw8Q-Rj_ol0trV2NTqP7H5xmosM&google_hm=...

170 B
232 B

34ms
34ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQc5PDq-QMCS0tNZD5gC78XPaN-fuv--e8vAgBzp5B0CD7NwMag7GVEYLpd10mSA9aiASRfZw8Q-Rj_ol0trV2NTqP7H5xmosM&google_hm=9LyPECZlQymqJR-GKUrQsUo

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 17:03:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Jan 2024 17:03:52 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQc5PDq-QMCS0tNZD5gC78XPaN-fuv--e8vAgBzp5B0CD7NwMag7GVEYLpd10mSA9aiASRfZw8Q-Rj_ol0trV2NTqP7H5xmosM&google_hm=9LyPECZlQymqJR-GKUrQsUo
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame EE01
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEElj6n9q1hmT...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQ_ZOIdiBuH5dITe4nc3p8H5KCPiIZ81CmWud5ol7u7u2Vauw9LeRVAq7yxyIniEEq_hoq1uIwwPWQEEQ93_w167Ijfp7jmhGJY
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

48ms
48ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2668681575267517&output=html&h=240&adk=923897621&adf=2151592350&pi=t.aa~a.4238640646~rp.4&daaos=1706043846423~1706043846423&w=270&fwrn=4&fwrnh=100&lmt=1706115832&rafmt=1&to=qs&pwprc=3502903349&format=270x240&url=https%3A%2F%2Fwww.mpyit.com%2F80658.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706115832266&bpp=1&bdt=3389&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7179723328677&frm=20&pv=1&ga_vid=557937139.1706115831&ga_sid=1706115831&ga_hid=2106798743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1170&ady=1219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080589%2C95320377%2C95320890%2C95321627%2C95322163&oid=2&pvsid=1337645844093410&tmod=199813434&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=11
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 24 Jan 2024 17:03:53 GMT
pragma: no-cache
date: Wed, 24 Jan 2024 17:03:53 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 24 Jan 2024 17:03:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame EE01 0
130 B 97ms
31ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I_142vQGhc92O-dG6zPcR9HjBDrszB8Yp-HUolxxVk-Jv0Fc7zbvLWRv0NXuuZM-QqA14zt9o

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 24E9 33 KB
33 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 04:01:15 GMT
x-content-type-options: nosniff
age: 133357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 04:01:15 GMT

POST
H/1.1 200 collect Show response
collect-v6.51.la/v6/ Frame 4AF4 0
510 B 708ms
546ms XHR
text/plain 203.107.86.226
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://renwai.ren/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://renwai.ren
Date: Wed, 24 Jan 2024 17:03:53 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 111ms
84ms Preflight
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 24 Jan 2024 17:03:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 HoneHoneClock.json Show response
renwai.ren/cdn/html/shizhong/ Frame 4AF4 28 KB
1 KB 169ms
169ms XHR
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://renwai.ren/cdn/html/shizhong/HoneHoneClock.json

Requested by

Host: renwai.ren
URL: https://renwai.ren/cdn/html/shizhong/pixi_5.3.4.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57568c951ab92e9e83cea60f9a260b82246eca457b3b52ed9a03eb4271db66be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://renwai.ren/cdn/html/shizhong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:53 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 27 Jun 2023 08:25:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"649a9cfa-6f67"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CLBftrPrFU0Mrv9FlV1%2FQsDc00jCsAvgCo8aJvIypi07wPtXhQ7hDk93KzwEbZApoIs9b12NkDoW41cTxwExOjrv7hraVmg3aX0iMLkESF4%2BgrfvZuUqXP96G4FcGo85jNRtba%2BbFnEQ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 84a9da34be99665b-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 70ms
70ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f61e7ec4ec62b597a7d7cfd3a4f1848fc836261f48dbaec1809b0ac4114720d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12513
x-xss-protection: 0

GET
H3 200 P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js Show response
pagead2.googlesyndication.com/bg/ Frame A030 51 KB
19 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:38:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19859
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 23:38:26 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Jan 2024 17:03:53 GMT

GET
H3 200 HoneHoneClock.png
renwai.ren/cdn/html/shizhong/ Frame 4AF4 418 KB
418 KB 27ms
26ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://renwai.ren/cdn/html/shizhong/HoneHoneClock.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f23f3ed964747edd896364d1a1ee84a6f4bce2497fadc0a915ba9aef6a11979

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://renwai.ren/cdn/html/shizhong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:53 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2471092
alt-svc: h3=":443"; ma=86400
content-length: 427947
last-modified: Thu, 29 Jun 2023 12:15:05 GMT
server: cloudflare
etag: "649d75c9-687ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5D2vhGhVwsXDZqNnQPXZOoPDK8DPGG%2BmQJbIpmuvVdLhn2tj7G0tlO2r5prJ7WFF1Y%2FJbOLFL4uBThqhJQWhIXUJNr45osQQ%2FdcnpuBk0aYvii1rKSik7YCxhZpl8DG0yn2lELSt%2B1aq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 84a9da37aaae665b-AMS
expires: Fri, 26 Jan 2024 02:39:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1CB9 13 KB
5 KB 23ms
23ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 6810
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 15:10:23 GMT
expires: Thu, 23 Jan 2025 15:10:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9CB0 829 B
560 B 60ms
60ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e526b69494affa974a26e707d00efe1ee63c50bbda2d828d780aa37e727ab8a2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MO1M3UNM1Ak5LoTUv9qtjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-MO1M3UNM1Ak5LoTUv9qtjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 17:03:53 GMT
expires: Wed, 24 Jan 2024 17:03:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 1CB9 39 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 15:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jan 2025 15:04:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9CB0 0
0 171ms
171ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=1337645844093410&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1CB9 0
10 B 23ms
23ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dHVX7A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:03:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AEE1 42 B
64 B 177ms
177ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvy-AJwU2Xy6uek9JRyUoh7plXJyHV2uwJIdrf0nML33eJi3JswFJJ0UhOpudVXBtGg79UXukaB-0UvdX4MI5S-ltgEKAwrYzkq7L0z90oY-6uX__PZro1sCMwYmgWbUvAD4Sv5z379YAHDBT7OuroN0bjn&sai=AMfl-YQHRyIWnCd6zTmW7giKEBla_hEhnjI8poh03fnGjKnpeJ1Vswu71ii0L-WadVOkyvACs_ITykM-snOWqLZ8xKwr9PB1XvHDHlvILyjNWDUaAKm-xCLvxIF_IT8muEnNQTulYp1hwfmHbdKrKCnv&sig=Cg0ArKJSzFRiMx9mPZh7EAE&cid=CAQSTgAvHhf_B34XjOW7ogT9YEU5BYwKrvfn9IV_EkGJf_u1a861UeNZ78QL7OQkYiIrxvVS1JR3VKsK_QhyQBY2WIrvK0K6uINi2HYN-6lFGxgB&id=lidar2&mcvt=1004&p=0,0,124,1005&mtos=87,859,1004,1004,1004&tos=87,772,145,0,0&v=20240122&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706115832359&rpt=477&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 17:03:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 177ms
177ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=1337645844093410&bg=!7e6l7qHNAAa8BdJLnAU7ADQBe5WfON1XpBCCElHbTv6hlu7Fc8OqMciSZgHplhxpEVt5ExnEiiU8Pb3hzej8h3VehT0dAgAAAEpSAAAAAmgBBwoArYv-7nNA9HPIkiN4qkMFjjwaj6xDFsyetQDwGe2MEuFwsj7YFL2-H_TVOHxpFnGG6ftXFFMcXpigyfUHPd7jiS3QCqVjH7ii7ZVmGWWF-3IUmFGG1oMRymChleORPRuyA6OJhujM8jsHQnhNIGXqZj27S8vOetGd4e89ZX9YarMoCJCSZVwQVE4gQEzb3uKf6D8UuVLgoBXFXtwTfWSxZyie8R9Nqc1u5lev4nMqmQLCLe08tKA74FX6T7GU_xF3Jpyq961jbRa1eej1MHgMMfmwpOBttrHNb2tDX76-yjNyj9zAhUER5JxHwrDfmsKusykYKW2xck6KfpfIrg3H7OMv3n1Gj6Jl7nzF3hLgHOPyxBfVXfjrCwejWztY8EmZb_vOF4Z6YVKLuSGwtJhEXu3038rWD31fIh8GtIP1S2sqyG4FNA5LZos-XBhTbM5yTckQEAFAa4jXoVrJiPeR-LS-aEASP8cq9aK_gyi7Hq0zbjdrQU4etQdbCeqgvEDEOzKJcIZ3a45HlNlRqvd_gUPMgfx3x5fdn68rIE5ts1TJcsgFJdC5u2GaBmHkt7sUauKFiSucKF49USmaoHlZF-baKXNGVaWDQ-fQ6Wt0WS9WclRtx6sLxeImtpBc_cwj2YBUmq5cHi5rF2hWmBFyjAplQX-CcCJajWf5CUfygVEuzRVVDD8w6hUD9NlusAha99RqPHJkxwV98GNK_sxQ-r5O_ndecOWHMeckaBZ3hcb45N7NDL1-qg6806v9ggQ51w3qw3RAzprEWyUYD8CIDnc3aOJRo70lEjjVL7t4v3vWUSIZfxI6Rz2KhaorGTnAuEaJzRpH0wl8l-Z7Kpvk7HjRjiUbJXLzPCP6zmdOQk1XE6Z7fBO-rlmzCj94gD93V-sBvqGa7VxfTxR91ZsUmBwmeFPmFF2oJdHQNWDPwJ0H5E1TdYx7CGiFQ3VRSHl0FmMVlmYiBinY8MRTT2g22nJ3vDHThRIR61F5meiG8VdYdl7im1Abb34sFspTnOHCHNKA9xG9foPz0IXKbXSxDkv4RI_FZKb3mh_la_7vJEccnqECbPkFATN4E-vQ6WIpVs3UPYPA-7Epe-7CmGWxZmfxZd3YoKDxZqUH5cfFnVERPh-KNUxTHj2FC4PdDiT2-BERUctnUumAbsMvn8ZWFMZeLA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 24E9 0
54 B 260ms
259ms Ping
image/gif 2800:3f0:4002:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lrs1bdw1&c=4895938130506&slotId=2447969065253&qqid=COv_ieHA9oMDFXYrrQYdvBQP3g&umsem=0&ape=1&ple=1&met.4=vil.lrs1bebt~vfl.lrs1bef0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/527e291d25aa7aa1711ba1884f6f78c5.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4002:80b::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 17:03:54 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mpyit.com/	1970-01-21 02:33:39	Name: WP-LastViewedPosts Value: a%3A1%3A%7Bi%3A0%3Bi%3A80658%3B%7D
www.mpyit.com/	1969-12-31 23:59:59	Name: __vtins__JZlDKvkGYoKgkBok Value: %7B%22sid%22%3A%20%223edfb190-4385-5a67-a7b3-053d2e554ff1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201706117630989%2C%20%22ct%22%3A%201706115830989%7D
www.mpyit.com/	1970-01-21 03:31:15	Name: __51uvsct__JZlDKvkGYoKgkBok Value: 1
www.mpyit.com/	1970-01-21 03:31:15	Name: __51vcke__JZlDKvkGYoKgkBok Value: ac2fc10d-6d93-55be-ad01-4a493130473a
www.mpyit.com/	1970-01-21 03:31:15	Name: __51vuft__JZlDKvkGYoKgkBok Value: 1706115830992
.mpyit.com/	1970-01-21 03:31:15	Name: _ga_RVJW2803T0 Value: GS1.1.1706115831.1.0.1706115831.0.0.0
.mpyit.com/	1970-01-21 03:31:15	Name: _ga Value: GA1.1.557937139.1706115831
.hm.baidu.com/	1970-01-21 03:31:15	Name: HMACCOUNT_BFESS Value: 6C3E9462D1728400
.mpyit.com/	1970-01-21 02:40:51	Name: Hm_lvt_ccc6d1aefd3fd0efef536558cbccd5bd Value: 1706115832
.mpyit.com/	1969-12-31 23:59:59	Name: Hm_lpvt_ccc6d1aefd3fd0efef536558cbccd5bd Value: 1706115832
.mpyit.com/	1970-01-21 03:16:51	Name: __gads Value: ID=17ce9f7393c63f0f:T=1706115832:RT=1706115832:S=ALNI_MZjCx7HydoHBRvLglDbatKewSJd-g
.mpyit.com/	1970-01-21 03:16:51	Name: __gpi Value: UID=00000d48404c4b29:T=1706115832:RT=1706115832:S=ALNI_Mbn2xTWyYQlyLGfvyh-sGFhijTcdA
.doubleclick.net/	1970-01-21 03:16:51	Name: IDE Value: AHWqTUmGckSNt-5KBllokItePvumKVcV7HPZ2j_RUIFBdP5hw-d24UX9z7Z3Kk421J4
.doubleclick.net/	1970-01-20 17:55:19	Name: DSID Value: NO_DATA
.simpli.fi/	1970-01-21 02:42:18	Name: suid Value: 6C8B9360331242E4952CF7A598830C51
.ctnsnet.com/	1970-01-21 02:40:51	Name: cid_f4bc8f1026654329aa251f86294ad0b1 Value: 1
.ctnsnet.com/	1970-01-21 02:40:51	Name: gid_CAESECcBfaexQXU_hlauO2bQja8 Value: 1
.quantserve.com/	1970-01-20 20:04:51	Name: d Value: EE8BCQH9KoEA
.quantserve.com/	1970-01-21 03:25:30	Name: mc Value: 65b142f9-0d043-79479-39791
.everesttech.net/	1970-01-21 02:40:51	Name: everest_g_v2 Value: g_surferid~ZbFC_QAQ5_mjAwBU
.googleadservices.com/	1970-01-20 20:04:51	Name: ar_debug Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.aiviysoft.com
cm.g.doubleclick.net
cms.quantserve.com
collect-v6.51.la
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hm.baidu.com
ius.ctnsnet.com
mts0.google.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
region1.google-analytics.com
renwai.ren
rr5---sn-pouxga5o-vu2s.googlevideo.com
sdk.51.la
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
www.aiviy.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.mpyit.com
x.bidswitch.net
103.235.46.191
142.250.184.226
142.250.186.66
151.101.130.49
2.16.97.41
2001:4860:4802:32::36
203.107.86.226
2404:2280:1cc:0:3::2a
2404:2280:1cc:0:3::e
2620:116:800d:21:e365:4988:e8a7:3270
2800:3f0:4002:80b::2003
2a00:1450:4001:802::2001
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2008
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a00:ff0:1234:3::10
2a06:98c1:3120::3
35.186.193.173
35.204.74.118
35.214.149.91
98.98.134.242
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0de9ff1364a2b0296b996e0290f196e75861fb1c6ddac2d2fad9adbc258f8738
137acbf50e20a6353d1c2da5f2703ac33dbc48856bd88784ca2d2dad09891faa
15490dcdb9d4689efde9d0df7ee37ad9bf5fd7282ce7994b20bbc8d3efce07a6
15a06bd96fb0d911c829a750cd78b9ec78688a75728c01d5bf0c5a972de9932e
162d2d91c9158e43c11a76117a7920ac0da0b6e2795409517fd20ceb606c6d2b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19884df376acba9fab23d2292e07c96099c99cb15b344a7e5445f1939cafad34
1a4c0fba8ee8a1143c7f9f60e8a043be88ab89871c7d5021f9018718cb916e90
1c70f173b7836a32682e12d216f465a16d40b04e0ff4b9770ac7ffbc75d472e9
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2252c0e51bc10bafad8e0bf9bbfbe915342e1f941d8c6a50c428a4eb7dc06273
29c797d1f9920c5b1df2ffa84d41522f4190da86508ed840a49471cb46d02b70
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f23f3ed964747edd896364d1a1ee84a6f4bce2497fadc0a915ba9aef6a11979
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32f126ce270fc599b4514d8b9af2e7c84cab9a7ed987383fae861ead2ad62e78
3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
40e94ab93681f756c74d3e3c5e44e51e6672c58d2d85e31a03ee97d52c7307ca
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
46253cc1ef45cb64b5ff1e03bbf7c76495d74c99452d287ec6b1b9454305e0cc
4668692ecf80535644f6a77a690771398b2c0b5afde73f0562b4253adcb612bf
47a037ee332caa1d16283f64180b0a82e3b851e66aa4bee77885aa492e655427
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4efb14505e78ebbeb0b54a20f5201ec2d674eedf0fe71cc33b395bb8850694c6
52fd320feb7d5c440f1bc75328988aa787a68f61c7661b84740519a159e8f831
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ae1b02c01b100f74ca42848645e0f39aa8e332a85c5fe6fb81d684073e9d79
54c476e7db7635e6b4889a44d17954ca35d842f8da5075fcf7f2c6dd0442d120
559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57568c951ab92e9e83cea60f9a260b82246eca457b3b52ed9a03eb4271db66be
578dc0cd971b2050c6c2dbd78c882655f0f4fb00f6df21f76d5625739a167407
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5efc799b4e3c9f9346da66c0e2b25e0e2116fcb7596ce0c0f3102e8a3140c9bb
5f4d90f1ff4acaa4024d952d5349789b3b032aa2b50a4f5094005a7a5e5cc208
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6778a6cdc9f6f5e50e31d6bb98398ce194ac7b5a4c7afb1960730ea084ae35fa
6dd6be0c325a8955b6243820fd02b6e64c48b68620eb7318cc66e6b95613ea2d
6f13e3386451acd1af1091040cfc895fe6b1509f80a2950b5de27bbf5e26c78c
6f61e7ec4ec62b597a7d7cfd3a4f1848fc836261f48dbaec1809b0ac4114720d
6fb79d1d3953035b9eb999afbe575152396955430fc9c82cf0eac1c8e3a43b53
7263570d31d828f651add5588196fc80bcb39f568cc13ac618be31aa0c42babd
73db172db74997b152d6f8f95e6dc8455fc4f7fe0a5ea5cbbc24bbfa2fed2e9a
75597203d493a77c57d1423d72d370d5b30e28f455bdee7aad32635ab08618b2
757a97e5b082e06f4a82fdf9664092465cec9e4954e1ada1a4e918443bab5a03
76ad6186a430c01b5a9b57eb20e52fe9fe14e9557c347f5a1fe1dde5e1e395dc
77ca2c2257636217ded56d506e9cfade9188ca4a765ccde50448095a5deaecec
7d4faf1ca1f7203e4769999a75491235764deddb0fdab8d40819cd6b57620c33
7f7d08ef59f3aa88f1ab542729a3f8d74d8e034288a4a51c31993e4df09ad7f6
818af3a1106a144246de58270f398f2d2cb5361a07e965001bbbff8f44b5a881
825d621f0013c35978345c61f654b9493a569a0399173c6fdb3a231b2f9ce69d
839fd2f9d76987285e214cc9f7be961e4dec5c2e0475a952da612d309cb51f16
840c1e455d83a609f89cb1235a38cfc3e9aa497111a40fa10acd826ad2b03e34
864770005b5fb2229ec8da11c21d7844127caea1a7c0df920f3e031ae32150f2
88cf73a715b7fb60e9959da7e359c8af477bcf7ece913bb061da3443702cd223
8be2fc9345081344cda97a7a334a18f43c66297db6d4d5e1309823ef5aabad68
8cae6f3a8110a39ed039c32d456de2522784305840157a8e4e02442a77943b02
8ce3748f3444976507e5202d00735f45b79f583c40044fd35a3b6023901bb1fe
8d41126a7cd825e8adf7e0fd5e629e21e7876619abfddafc7542b13f0fbbb4cd
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9d87e1674de6085172c852a9fcefa0b4cfeb1c24f237aa544480abd73bf9117e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a6c01424e615d6a6506c30446e6baced62bbbb379ada73d1eacf50d0bb083e83
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b671c1814030fac8c1d9cb27c07bac90c75779fa1d13076b0e8351d7b1ffcd7d
c2a69649d15f908464902e679f465757cff39c3f59f8d92f4117987152c50303
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa
cc5f2abba51257b83c3a1a38cc46b2aea475ee3e71f08eca93d6bc7eb932e946
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfad602b6e37f960297765081d601f501c38afbb38b45a238699de0c124c4679
d22947c3babba615b3b6c2d3c02880cc1e405d141232e5f25b0bb63628d9d01a
d5187a576b7ef0203357885dd0d4085ce3adc61f299648c9e5ece3d9bdfc2a2f
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d
d83468545646756953863db26337dbfde5fd94f7f58d7b01ac4453b5444e7601
df5c07696f8dd4b1f96f21dfccca8f56083353bcfa5b5aafa9ea378927ba9530
e0c4c3e994cabd9057172326553acb884eefd07e6cee7f408b8b99e8b43a39bf
e1bfd33474924427776aea5c9b8c6b918e223a635e10716a371d11818eca27f0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e526b69494affa974a26e707d00efe1ee63c50bbda2d828d780aa37e727ab8a2
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e78dd32f366fba77cf6545aeb4cf0f8fef50662d964eea600ef9f733937f9647
e96f47a7ff52f3ef01dcaffaffb4c04c33e66bce6e93d25d12b4d29f37179055
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f
ee3098d22290164e64c7cfdb3fa0b8b84257833c9dab87cd55bf93bbed33adb7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1476184fa9d401e5165fa2e012ab6bf2eb1b833751d88a092dc829d9b7ee488
f26fd6004e80d343f519c09b4ae343576dda0558918173965f7a9efeb341c6a0
f6023422efe469727ba8b22e3eae84ed7c35e97b69e9146f0398d653f4179567
f68ebf039b669fd6e2b4c2af31f5741284a1c97c32e7a7ae6cbf67961aff2e2d
fd51c47ba189b7e4111f4034aa5df5cc00dbbd3e3f58cf2e1f174c93bd96e104
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.mpyit.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

137 Requests

96 %HTTPS

63 %IPv6

23 Domains

29 Subdomains

25 IPs

8 Countries

3237 kBTransfer

5873 kBSize

21 Cookies

26 Outgoing links

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.mpyit.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

96 %
HTTPS

63 %
IPv6

23
Domains

29
Subdomains

25
IPs

8
Countries

3237 kB
Transfer

5873 kB
Size

21
Cookies

137 HTTP transactions
4 data transactions