sopq-net-q8.ref-was-uae.xyz Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sopq-net-q8.ref-was-uae.xyz/39/
Effective URL:
https://sopq-net-q8.ref-was-uae.xyz/39/
Submission: On August 22 via api (August 22nd 2023, 7:20:16 am UTC) from SA — Scanned from NL

Summary HTTP 89 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 27 IPs in 3 countries across 14 domains to perform 89 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is sopq-net-q8.ref-was-uae.xyz.
TLS certificate: Issued by GTS CA 1P5 on July 30th 2023. Valid for: 3 months.

This is the only time sopq-net-q8.ref-was-uae.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:225e:3a00:11:c3fe:5b00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:51d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2600:9000:26d... 2600:9000:26da:8400:1c:71c5:c3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	13.32.99.51 13.32.99.51	16509 (AMAZON-02) (AMAZON-02)
1	149.56.240.127 149.56.240.127	16276 (OVH) (OVH)
1	2600:9000:26d... 2600:9000:26da:a200:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.76.13.90 3.76.13.90	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3 10	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
8	2600:9000:26d... 2600:9000:26da:f800:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 19	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	216.58.212.163 216.58.212.163	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
6	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
89	27

2 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sopq-net-q8.ref-was-uae.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:3a00:11:c3fe:5b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.gumlet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:51d (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:26da:8400:1c:71c5:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

gumlet.assettype.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-51.fra60.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.127 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534295.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26da:a200:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.76.13.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-13-90.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:26da:f800:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.163 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f3.1e100.net

p4-bsvtf3werujrk-sdcmd7ac62m4cwda-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.130 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	438 KB
14	gstatic.com fonts.gstatic.com p4-bsvtf3werujrk-sdcmd7ac62m4cwda-if-v6exp3-v4.metric.gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com	296 KB
11	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4950 buttons-config.sharethis.com — Cisco Umbrella Rank: 5616 l.sharethis.com — Cisco Umbrella Rank: 5169 platform-cdn.sharethis.com — Cisco Umbrella Rank: 10773	55 KB
10	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	121 KB
7	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1244 www.googleadservices.com — Cisco Umbrella Rank: 157	608 B
5	assettype.com gumlet.assettype.com — Cisco Umbrella Rank: 85069	64 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62 region1.google-analytics.com — Cisco Umbrella Rank: 2102	21 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225	170 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	222 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	3 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3	1 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 11601 s4.histats.com — Cisco Umbrella Rank: 11470	5 KB
2	ref-was-uae.xyz 1 redirects sopq-net-q8.ref-was-uae.xyz	51 KB
1	gumlet.com cdn.gumlet.com — Cisco Umbrella Rank: 73960	7 KB
89	14

	Domain	Requested by
19	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
10	pagead2.googlesyndication.com	sopq-net-q8.ref-was-uae.xyz pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	platform-cdn.sharethis.com	sopq-net-q8.ref-was-uae.xyz
7	fonts.gstatic.com	sopq-net-q8.ref-was-uae.xyz fonts.googleapis.com
6	www.googleadservices.com	sopq-net-q8.ref-was-uae.xyz
5	gumlet.assettype.com	sopq-net-q8.ref-was-uae.xyz
3	www.googletagservices.com	googleads.g.doubleclick.net
3	www.googletagmanager.com	sopq-net-q8.ref-was-uae.xyz www.googletagmanager.com
2	www.gstatic.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	p4-bsvtf3werujrk-sdcmd7ac62m4cwda-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-bsvtf3werujrk-sdcmd7ac62m4cwda-if-v6exp3-v4.metric.gstatic.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	sopq-net-q8.ref-was-uae.xyz	1 redirects
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	s4.histats.com	s10.histats.com
1	platform-api.sharethis.com	sopq-net-q8.ref-was-uae.xyz
1	s10.histats.com	sopq-net-q8.ref-was-uae.xyz
1	cdn.gumlet.com	sopq-net-q8.ref-was-uae.xyz
89	26

This site contains links to these domains. Also see Links.

Domain
sabq.org
twitter.com
www.facebook.com
api.whatsapp.com
www.quintype.com

Subject Issuer	Validity	Valid
ref-was-uae.xyz GTS CA 1P5	`2023-07-30` - `2023-10-28`	3 months	crt.sh
*.gumlet.com Amazon ECDSA 256 M02	`2023-02-16` - `2024-03-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-11`	a year	crt.sh
*.assettype.com Amazon ECDSA 256 M01	`2023-02-16` - `2024-03-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-20` - `2024-06-17`	a year	crt.sh
histats.com R3	`2023-06-06` - `2023-09-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://sopq-net-q8.ref-was-uae.xyz/39/
Frame ID: 512C506C7B4977EE1434434C53DB30A2
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20190131/zrt_lookup.html
Frame ID: 67FC17BE95C68ECA10AEB73B579BDD97
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5290359410522938&output=html&adk=1812271804&adf=3025194257&lmt=1692681610&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fsopq-net-q8.ref-was-uae.xyz%2F39%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692688810469&bpp=4&bdt=356&idt=424&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8000015379281&frm=20&pv=2&ga_vid=2125244873.1692688811&ga_sid=1692688811&ga_hid=1313655962&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077148%2C44795921%2C44800493%2C44799569&oid=2&pvsid=1077533735665885&tmod=314097917&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=468
Frame ID: 3D7AF6BDE96727E4D4E935BA432FE4B9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5290359410522938&output=html&h=280&slotname=7165497559&adk=2850616344&adf=1739352145&pi=t.ma~as.7165497559&w=752&fwrn=4&fwrnh=100&lmt=1692681610&rafmt=1&format=752x280&url=https%3A%2F%2Fsopq-net-q8.ref-was-uae.xyz%2F39%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692688810473&bpp=2&bdt=361&idt=475&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8000015379281&frm=20&pv=1&ga_vid=2125244873.1692688811&ga_sid=1692688811&ga_hid=1313655962&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=309&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077148%2C44795921%2C44800493%2C44799569&oid=2&pvsid=1077533735665885&tmod=314097917&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fu4TaYSiKi&p=https%3A//sopq-net-q8.ref-was-uae.xyz&dtd=481
Frame ID: DB52CFD13A966FF9FF9DB6FF68E475B4
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5290359410522938&output=html&h=280&slotname=3018039299&adk=2970146914&adf=3975479103&pi=t.ma~as.3018039299&w=752&fwrn=4&fwrnh=100&lmt=1692681610&rafmt=1&format=752x280&url=https%3A%2F%2Fsopq-net-q8.ref-was-uae.xyz%2F39%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692688810475&bpp=1&bdt=362&idt=487&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C752x280&nras=1&correlator=8000015379281&frm=20&pv=1&ga_vid=2125244873.1692688811&ga_sid=1692688811&ga_hid=1313655962&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077148%2C44795921%2C44800493%2C44799569&oid=2&pvsid=1077533735665885&tmod=314097917&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=kDcyHDCiia&p=https%3A//sopq-net-q8.ref-was-uae.xyz&dtd=498
Frame ID: B4E43F446FB61FB7E3FB34946557D77C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5290359410522938&output=html&h=280&slotname=4153775738&adk=3464295745&adf=1425563768&pi=t.ma~as.4153775738&w=752&fwrn=4&fwrnh=100&lmt=1692681610&rafmt=1&format=752x280&url=https%3A%2F%2Fsopq-net-q8.ref-was-uae.xyz%2F39%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692688810476&bpp=1&bdt=363&idt=504&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C752x280%2C752x280&nras=1&correlator=8000015379281&frm=20&pv=1&ga_vid=2125244873.1692688811&ga_sid=1692688811&ga_hid=1313655962&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077148%2C44795921%2C44800493%2C44799569&oid=2&pvsid=1077533735665885&tmod=314097917&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tqg5B3Uxnq&p=https%3A//sopq-net-q8.ref-was-uae.xyz&dtd=508
Frame ID: 666C8A7FF6CAC9C9398FA3253BD6C387
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C6471500CD104BCFCA63DCB35AE36A1A
Requests: 2 HTTP requests in this frame

Frame: https://p4-bsvtf3werujrk-sdcmd7ac62m4cwda-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 37CEF82533B3A90DA4D19ED4ADB65DAB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Frame ID: C85B3C62A6FB305D27AAE59B6F9EF74F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Frame ID: 07BFBBCFD052CAB9FCB8DFA28BEC75C8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Frame ID: 08D1487553F50CA094ECD3FC9D7BA7BC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 165742E03E20AA8912564C50FAA3E774
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FB94807206F9C1856C313F3F2818720E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

النائب العام يأمر بالقبض على خالد البلطان على خلفية بالإساءة لإدارة نادي الشباب

Page URL History Show full URLs

http://sopq-net-q8.ref-was-uae.xyz/39/ HTTP 301
https://sopq-net-q8.ref-was-uae.xyz/39/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

89
Requests

96 %
HTTPS

81 %
IPv6

14
Domains

26
Subdomains

27
IPs

3
Countries

1453 kB
Transfer

3554 kB
Size

17
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://sabq.org/

Search URL Search Domain Scan URL

URL: https://sabq.org/moment-by-moment
Title: لحظة بلحظة

Search URL Search Domain Scan URL

URL: https://sabq.org/saudia
Title: محليات

Search URL Search Domain Scan URL

URL: https://sabq.org/world
Title: العالم

Search URL Search Domain Scan URL

URL: https://sabq.org/mylife
Title: حياتنا

Search URL Search Domain Scan URL

URL: https://sabq.org/stations
Title: محطات

Search URL Search Domain Scan URL

URL: https://sabq.org/sports
Title: رياضة

Search URL Search Domain Scan URL

URL: https://sabq.org/tourism
Title: سياحة

Search URL Search Domain Scan URL

URL: https://sabq.org/business
Title: أعمال

Search URL Search Domain Scan URL

URL: https://sabq.org/technology
Title: تقنية

Search URL Search Domain Scan URL

URL: https://sabq.org/cars
Title: سيارات

Search URL Search Domain Scan URL

URL: https://sabq.org/media
Title: ميديا

Search URL Search Domain Scan URL

URL: https://sabq.org/articles
Title: مقالات

Search URL Search Domain Scan URL

URL: https://sabq.org/author/sroor
Title: <img src="https://gumlet.assettype.com/sabq%2F2022-02%2F89f694df-e61c-4c2b-aaf4-d70dd8d5648d%2Funnamed_10.JPG?auto=format%2Ccompress&w=1200" alt="عبدالملك سرور"/>

Search URL Search Domain Scan URL

URL: https://twitter.com/%D8%B9%D8%A8%D8%AF%D8%A7%D9%84%D9%85%D9%84%D9%83%20%D8%B3%D8%B1%D9%88%D8%B1

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://sopq-net-q8.ref-was-uae.xyz/39

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://sopq-net-q8.ref-was-uae.xyz/39&text=%D8%A7%D9%84%D9%86%D8%A7%D8%A6%D8%A8%20%D8%A7%D9%84%D8%B9%D8%A7%D9%85%20%D9%8A%D8%A3%D9%85%D8%B1%20%D8%A8%D8%A7%D9%84%D9%82%D8%A8%D8%B6%20%D8%B9%D9%84%D9%89%20%D8%AE%D8%A7%D9%84%D8%AF%20%D8%A7%D9%84%D8%A8%D9%84%D8%B7%D8%A7%D9%86%20%D8%B9%D9%84%D9%89%20%D8%AE%D9%84%D9%81%D9%8A%D8%A9%20%D8%A8%D8%A7%D9%84%D8%A5%D8%B3%D8%A7%D8%A1%D8%A9%20%D9%84%D8%A5%D8%AF%D8%A7%D8%B1%D8%A9%20%D9%86%D8%A7%D8%AF%D9%8A%20%D8%A7%D9%84%D8%B4%D8%A8%D8%A7%D8%A8

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=https://sopq-net-q8.ref-was-uae.xyz/39

Search URL Search Domain Scan URL

URL: https://www.quintype.com/?utm_source=sabq&utm_medium=footerlink&utm_campaign=poweredby
Title: تشغيل بواسطة Quintype

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sopq-net-q8.ref-was-uae.xyz/39/ HTTP 301
https://sopq-net-q8.ref-was-uae.xyz/39/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 61

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCg86e31AEQ8wMY8wMyCNXNCGq26v-T HTTP 301
https://tpc.googlesyndication.com/simgad/10544934091743721152

Request Chain 70

https://googleads.g.doubleclick.net/pagead/adview?ai=Ck5Orq2HkZLG_AZeMtwfkmKmYCvm-wvdwh4vis40RzevAoZIOEAEgxd2pL2CRhKCFjBigAaGV8u0CyAECqQL0O5NAUkSyPqgDAcgDyQSqBOgBT9DqPQah3enxrDTxAyeZ9gjIIvPkxtQuH629TM0F0CsULZ9DGdXgjmBLWlFD5XomPntY-nVQzBexXifrWpyEeFwxcVmZ6UwWL6_Xqch5feVp7jr1_8pLB8V4Y94DgUhwCE2iqzJduoekGNdx3FZZ1H7yQCQpwJsrLFcpmW4COlw9PL8nB1v5GM-vLZLGaxRFbxOctZ2q6IqD_BqxRnlkYbL9eWa7QObFpnkQJYVidd8s8LZfFT7sP-h_y4znAjbusjUiIzBVK9e7vmI8CegUI3fcuya3MYbPmv1z3b9T4CBY4TWUdle1AcAEtJmZlqYEiAWLm7CTSpIFBAgEGAGSBQQIBRgEoAYCgAfH6o2SAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIXIAtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCURodHRwczovL3F1aXouYmV0dGVybWUud29ybGQvYXIvZmlyc3QtcGFnZS1nZW5lcmF0ZWQtZ2VuZGVyP2Zsb3c9MTQzMoAKAcgLAdgTC9AVAZgWAYAXAbIXHAoaCAASFHB1Yi01MjkwMzU5NDEwNTIyOTM4GAA&sigh=TpoGwdD4SJ8&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJW79CasQInJ8Ya8KDfgPENQacPX8_zwRgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224322106180810986129%22,%22debug_reporting%22:true,%22destination%22:%22https://betterme.world%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22767330977%22],%224%22:[%2208-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226422290898245115713%22}&andc=true

Request Chain 79

https://googleads.g.doubleclick.net/pagead/adview?ai=CBvf3q2HkZPjPAvaCwuIPxJ-aiAj5joy9cYT05qqbEenRjcLpPBABIMXdqS9gkYSghYwYoAHZzaeiA8gBCakCIIAz_TlMsj6oAwHIA8sEqgTzAU_Q221vDRLn9YO3iuO3CYmpJC0t_8r2mzITe5a-_aTZAKv3mgRi-O0aFPiXnC5iAewcZ8aTTsW-jigGZUsBJFtbvxwRsH6hUaXZBfschiIXHBwtSkJDEhhSo2GiMqrLsGRJOqHgX4xGD_WLH2kBWMOJrOyKTgJ3LjRN1evM5ZYn-P066RM2gzlzTNX9xK3gx3mzCrx8AHU2zc4AWyWwuXtjoUZdgIbcAFvHASp3W8yJYKeAGjKCzPY_joBRy4X2sHGDGCxlektU02i3pe6PJGYnYdwnbVAOzbyi3TLqND9jNcKORz0RMjeqG3Cjg0usHJa1esAE-6eO5q8EiAXQ54CuApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAePsthdqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEPmoIdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCUhodHRwczovL3d3dy5ldXJvcGFyY3N2ZXJrb29wLm5sL29uemUtcmVzb3J0cy9ldXJvcGFyY3MtZGUtemVldXdzZS1kdWluZW6ACgHICwHYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNTI5MDM1OTQxMDUyMjkzOBgA&sigh=ciX4JVaRoMc&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWFj8JeyI8G249wie4ILM2KoI-31QG0xgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225833030370074671474%22,%22debug_reporting%22:true,%22destination%22:%22https://europarcsverkoop.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22877258457%22],%224%22:[%2208-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210640731449400223489%22}&andc=true

Request Chain 82

https://googleads.g.doubleclick.net/pagead/adview?ai=CHUiyq2HkZIM50463B_nfrJAKz52kw3Gat9CvtBHb2R4QASDF3akvYJGEoIWMGKABl5DhvwPIAQmoAwHIA8sEqgTnAU_QzX5EBtCALQZT4czxHrAyeOCnH0kGc5HDkcdx5LmRXNJ32xSEYCUUPGbGJyd8-1LmNoY7L6BHzVCOXjykfAZoklJ9ttHMTIDsyEna0iM_se5FQ3nWets8goqKu-AhUZxladVRO0JI8f1sjHLtRR2eCL6A0lRZozC_35CNUq9JvfPkhlZAHtl-BhdRNUFaRs72bS_95Nto_22JND8zFSHJQ_x3-v49mv1cpTuhLugpFyS6o4VLaAeis-I4lBaj8OoJIfqqBfzupIuWAiKh4GXphtZiRWdRM3h-waHcRzpWn4g1L9VswcAEs5z1nLcEiAWI8frKSZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfVjYBHqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQh7QZ0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJKGh0dHBzOi8vd3d3Lm15aGVyaXRhZ2Uubmwvc2VhcmNoLXJlY29yZHOACgHICwHYEwyIFAHQFQGAFwGyFxwKGggAEhRwdWItNTI5MDM1OTQxMDUyMjkzOBgA&sigh=oz9ijT-j2Eg&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWKVoESuuloMHou82E6Cs97X3ORPKqRBgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223892296973349958518%22,%22debug_reporting%22:true,%22destination%22:%22https://myheritage.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22939018263%22],%224%22:[%2208-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212800960299348905441%22}&andc=true

89 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sopq-net-q8.ref-was-uae.xyz/39/
Redirect Chain

http://sopq-net-q8.ref-was-uae.xyz/39/
https://sopq-net-q8.ref-was-uae.xyz/39/

315 KB
50 KB

150ms
84ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sopq-net-q8.ref-was-uae.xyz/39/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2370de383b705553284c5edf52ec06fa66bd30c0bfc791a02e14cbc49c40222b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fa95a06c8ad1b08-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 22 Aug 2023 07:20:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=th68moeP8%2FukKBpD0bhJa%2BgzR4FkLMzhGZQVnX4JJhIzQiO%2F6IoEtURUicw2JTxHgSpvmrAELbqhyM9%2F9O0WSgiU2z7PdAyEVoSQeB0i6Ajiafx6kY0XFj1E6ikCabCjyetZwJNFG14urZMvpnu8N5OL0sLF%2BgkRqtM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 7fa95a062c14b7a9-AMS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 22 Aug 2023 07:20:09 GMT
Expires: Tue, 22 Aug 2023 08:20:09 GMT
Location: https://sopq-net-q8.ref-was-uae.xyz/39/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ts9W1jSuwAUkq8ycmMYFyPzZNurUfyzd8Uy1SQlmshbw1XIZAvrLwwQIeyIamTmrh3cp8QzneLDbgxg4ejLoLdsPufJsqvUhryfDv4fyDTzDG%2FeSFxKP9I0RAnA4hrC2aPOel%2FlOOG%2FhScYLPxpeS6GWe6pxWVx3om8%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 gumlet.min.js Show response
cdn.gumlet.com/gumlet.js/2.0/ 19 KB
7 KB 134ms
32ms Script
application/javascript 2600:9000:225e:3a00:11:c3fe:5b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gumlet.com/gumlet.js/2.0/gumlet.min.js
Requested by: Host: sopq-net-q8.ref-was-uae.xyz
URL: https://sopq-net-q8.ref-was-uae.xyz/39/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3a00:11:c3fe:5b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13df2bb7aaa7526f48a0135ce43c27dcedd42b1c10bd4f8da2d7965b62b50102

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 24 May 2023 03:56:43 GMT
content-encoding: gzip
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Mon, 21 Nov 2022 09:03:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 7788208
etag: W/"083a141b447aa53bbb9073a45592d18d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, s-maxage=31536000, max-age=172800
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: YDsAApwplOPfBZgz8fcFrYvzB1rJtn_OEmDL836l7H9_X4mjCSIkbQ==

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 113ms
36ms Script
text/javascript 2606:4700:10::6814:51d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: sopq-net-q8.ref-was-uae.xyz
URL: https://sopq-net-q8.ref-was-uae.xyz/39/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:51d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 07:20:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 55245
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 7fa95a07fb3cb78e-AMS
content-length: 4547

GET
H2 200 577c1b612a86d.png
gumlet.assettype.com/sabq/2022-02/b66f0c26-4bdd-47c7-a85a-b3cd17347106/ 9 KB
10 KB 183ms
45ms Image
image/webp 2600:9000:26da:8400:1c:71c5:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gumlet.assettype.com/sabq/2022-02/b66f0c26-4bdd-47c7-a85a-b3cd17347106/577c1b612a86d.png

Requested by

Host: sopq-net-q8.ref-was-uae.xyz
URL: https://sopq-net-q8.ref-was-uae.xyz/39/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:8400:1c:71c5:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9f2a14b5def04639a5426db5d8e746b7ef101924d977d59584595b26ad37016e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 30 Jun 2023 21:02:16 GMT
via: 1.1 db2b666889c24cb2eb0398e459e4aa92.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 649f42d8577b7e5d57e5b4f0
x-amz-cf-pop: MUC50-P4
age: 4529874
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.043
alt-svc: h3=":443"; ma=86400
content-length: 9614
surrogate-key: gumlet.assettype.com 2023-04-19
etag: "1hu356okuvout"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: W6RBM7_eDzEEwTQ8Kv2mYl957sSm91KvvY0dIhULeFyBv3mEszpyOg==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 165ms
92ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5290359410522938

Requested by

Host: sopq-net-q8.ref-was-uae.xyz
URL: https://sopq-net-q8.ref-was-uae.xyz/39/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad986cb52a1f1fadaab68cc779dd9f5a082d06c6c0a8383f610bf0e4ec5a749f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sopq-net-q8.ref-was-uae.xyz/
Origin: https://sopq-net-q8.ref-was-uae.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 07:20:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50894
x-xss-protection: 0
server: cafe
etag: 5343462130416483470
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 07:20:10 GMT

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 Iura6YBj_oCad4k1nzGBCw.woff2
fonts.gstatic.com/s/tajawal/v8/ 10 KB
10 KB 112ms
38ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v8/Iura6YBj_oCad4k1nzGBCw.woff2

Requested by

Host: sopq-net-q8.ref-was-uae.xyz
URL: https://sopq-net-q8.ref-was-uae.xyz/39/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b081f7bf790678b56a2c0502651d6873cbabc09e78fe40655df15f918b1e369b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sopq-net-q8.ref-was-uae.xyz/
Origin: https://sopq-net-q8.ref-was-uae.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:35:15 GMT
x-content-type-options: nosniff
age: 261895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10256
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:16:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 06:35:15 GMT

GET
H2 200 Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v8/ 10 KB
10 KB 107ms
33ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v8/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2

Requested by

Host: sopq-net-q8.ref-was-uae.xyz
URL: https://sopq-net-q8.ref-was-uae.xyz/39/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de8f431c146ab1feb612cb7ced0842ae5c4e2f12067d13db0badeca73977200b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sopq-net-q8.ref-was-uae.xyz/
Origin: https://sopq-net-q8.ref-was-uae.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 02:50:52 GMT
x-content-type-options: nosniff
age: 275358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9996
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 02:50:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 128ms
53ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-152745701-1

Requested by

Host: sopq-net-q8.ref-was-uae.xyz
URL: https://sopq-net-q8.ref-was-uae.xyz/39/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

054ced56877ce59705bb1f1313f54bd6fdccfdefb6359f1d1e17e48f2a78c80e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 07:20:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66646
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 22 Aug 2023 07:20:10 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 203 KB
45 KB 129ms
38ms Script
text/javascript 13.32.99.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: sopq-net-q8.ref-was-uae.xyz
URL: https://sopq-net-q8.ref-was-uae.xyz/39/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-51.fra60.r.cloudfront.net

Software

Resource Hash

64ffd4b2224c9e2a0f2193cf1d37239572a67ce9d2bf3d97c58d6939139af61b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 07:19:07 GMT
content-encoding: gzip
via: 1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 63
etag: W/"32a36-40XB9TFKL290b/MnE4xfx5SGfVQ"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: u40tAyo0hYdHzpy9Z8ZjGNkz44-oMr2L5u5jbHS3vNDxg48truBIFg==

GET
DATA 200
OK truncated
/ 58 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 577c1b612a86d.png
gumlet.assettype.com/sabq/2022-02/b66f0c26-4bdd-47c7-a85a-b3cd17347106/ 7 KB
7 KB 135ms
48ms Image
image/webp 2600:9000:26da:8400:1c:71c5:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gumlet.assettype.com/sabq/2022-02/b66f0c26-4bdd-47c7-a85a-b3cd17347106/577c1b612a86d.png?w=200&dpr=1.0

Requested by

Host: sopq-net-q8.ref-was-uae.xyz
URL: https://sopq-net-q8.ref-was-uae.xyz/39/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:8400:1c:71c5:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

320b648c54874244355be452f7530e9f75bfa0c105d98d57a6fd9be9be6e7b20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 01 Jul 2023 17:53:04 GMT
via: 1.1 db2b666889c24cb2eb0398e459e4aa92.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 64a06800577b7e5d57019ba6
x-amz-cf-pop: MUC50-P4
age: 4454826
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.011
alt-svc: h3=":443"; ma=86400
content-length: 6730
surrogate-key: gumlet.assettype.com 2023-04-05
etag: "2u90ib3a44mfi"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: 5ZKCOVORckkdnBhXIXFBtiGJyJJgIuQTftgT_A3hgrCc8VdwUwXnWw==

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
185 B 332ms
106ms Script
text/html 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4560416&@f16&@g1&@h1&@i1&@j1692688810265&@k0&@l1&@m%D8%A7%D9%84%D9%86%D8%A7%D8%A6%D8%A8%20%D8%A7%D9%84%D8%B9%D8%A7%D9%85%20%D9%8A%D8%A3%D9%85%D8%B1%20%D8%A8%D8%A7%D9%84%D9%82%D8%A8%D8%B6%20%D8%B9%D9%84%D9%89%20%D8%AE%D8%A7%D9%84%D8%AF%20%D8%A7%D9%84%D8%A8%D9%84%D8%B7%D8%A7%D9%86%20%D8%B9%D9%84%D9%89%20%D8%AE%D9%84%D9%81%D9%8A%D8%A9%20%D8%A8%D8%A7%D9%84%D8%A5%D8%B3%D8%A7%D8%A1%D8%A9%20%D9%84%D8%A5%D8%AF%D8%A7%D8%B1%D8%A9%20%D9%86%D8%A7%D8%AF%D9%8A%20%D8%A7%D9%84%D8%B4%D8%A8%D8%A7%D8%A8&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:121503181&@b3:1692688810&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fsopq-net-q8.ref-was-uae.xyz%2F39%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: 56eecdb5e30d7cb8dbdd69784752a574d4d6054b0d4c7711b93a5522ec8521a7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 07:20:10 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H2 200 577c1b612a86d.png
gumlet.assettype.com/sabq/2022-02/b66f0c26-4bdd-47c7-a85a-b3cd17347106/ 9 KB
10 KB 136ms
56ms Image
image/webp 2600:9000:26da:8400:1c:71c5:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gumlet.assettype.com/sabq/2022-02/b66f0c26-4bdd-47c7-a85a-b3cd17347106/577c1b612a86d.png?w=1600&dpr=1.0

Requested by

Host: sopq-net-q8.ref-was-uae.xyz
URL: https://sopq-net-q8.ref-was-uae.xyz/39/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:8400:1c:71c5:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9f2a14b5def04639a5426db5d8e746b7ef101924d977d59584595b26ad37016e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 01 Jul 2023 12:12:23 GMT
via: 1.1 db2b666889c24cb2eb0398e459e4aa92.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 64a01827577b7e5d57f8efa7
x-amz-cf-pop: MUC50-P4
age: 4475267
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.01
alt-svc: h3=":443"; ma=86400
content-length: 9614
surrogate-key: gumlet.assettype.com 2023-06-05
etag: "1hu356okuvout"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: sPjfUIgQot0yW_aJy04pIUlp5_VyDqw3I-eLukESLgnhb-LnF8phJQ==

GET
H2 200 sabq%2Fimport%2Fuploads%2Fmaterial-file%2F601b0362544a69d8dd8b456b%2F601b035f77a1a.jpeg
gumlet.assettype.com/ 33 KB
34 KB 167ms
88ms Image
image/avif 2600:9000:26da:8400:1c:71c5:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gumlet.assettype.com/sabq%2Fimport%2Fuploads%2Fmaterial-file%2F601b0362544a69d8dd8b456b%2F601b035f77a1a.jpeg?rect=0%2C176%2C1500%2C844&auto=format%2Ccompress&fit=max&w=768&dpr=1.0

Requested by

Host: sopq-net-q8.ref-was-uae.xyz
URL: https://sopq-net-q8.ref-was-uae.xyz/39/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:8400:1c:71c5:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d102a02165e447060390793f3a067430a264e3cc5fd6cce8d620dd29c2686507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Sun, 20 Aug 2023 21:29:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 db2b666889c24cb2eb0398e459e4aa92.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-oc: HIT
x-gumlet-reqid: ZOKFuDzPtnWuPqYz
x-amz-cf-pop: MUC50-P4
age: 121842
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.114
alt-svc: h3=":443"; ma=86400
content-length: 33921
surrogate-key: gumlet.assettype.com 2023-08-20
etag: "3fh42mnp3ndaj"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: aaH_mLNBr5M_uSnU0SQubhojXRabjHv3brHfiY8ROBimrY7CS9uG4w==

GET
H2 200 sabq%2F2022-02%2F89f694df-e61c-4c2b-aaf4-d70dd8d5648d%2Funnamed_10.JPG
gumlet.assettype.com/ 1 KB
2 KB 136ms
57ms Image
image/avif 2600:9000:26da:8400:1c:71c5:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gumlet.assettype.com/sabq%2F2022-02%2F89f694df-e61c-4c2b-aaf4-d70dd8d5648d%2Funnamed_10.JPG?auto=format%2Ccompress&w=50&dpr=1.0

Requested by

Host: sopq-net-q8.ref-was-uae.xyz
URL: https://sopq-net-q8.ref-was-uae.xyz/39/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:8400:1c:71c5:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fe3a2021df903de8f7188042aa6e20123381149aa5b3697c97c8b1fd8f671a0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 13 Aug 2023 10:38:30 GMT
via: 1.1 db2b666889c24cb2eb0398e459e4aa92.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 64d8b2a60b6141975060d346
x-amz-cf-pop: MUC50-P4
age: 765700
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.524
alt-svc: h3=":443"; ma=86400
content-length: 1206
surrogate-key: gumlet.assettype.com 2023-06-12
etag: "3clhqbqv6ryo5"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: VX7AN1h881UTClArT0TT_sYEMh-wsHTiMTEcrvmrQoNcssoAfdSPzQ==

GET
H2 200 Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2
fonts.gstatic.com/s/tajawal/v8/ 9 KB
9 KB 35ms
35ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v8/Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2

Requested by

Host: sopq-net-q8.ref-was-uae.xyz
URL: https://sopq-net-q8.ref-was-uae.xyz/39/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

328cc866bbd43a73f3742f59aca4df9e04bf14354d8847461f6641279326de63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sopq-net-q8.ref-was-uae.xyz/
Origin: https://sopq-net-q8.ref-was-uae.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 23:37:10 GMT
x-content-type-options: nosniff
age: 286980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8712
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:16:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 23:37:10 GMT

GET
H2 200 Iura6YBj_oCad4k1nzSBC45I.woff2
fonts.gstatic.com/s/tajawal/v8/ 9 KB
9 KB 33ms
33ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v8/Iura6YBj_oCad4k1nzSBC45I.woff2

Requested by

Host: sopq-net-q8.ref-was-uae.xyz
URL: https://sopq-net-q8.ref-was-uae.xyz/39/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f56c2984babee36c5008ae3290384e27a63931814265ffe8ddda6a2fc38b41e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sopq-net-q8.ref-was-uae.xyz/
Origin: https://sopq-net-q8.ref-was-uae.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 20:18:25 GMT
x-content-type-options: nosniff
age: 298905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8724
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:16:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 20:18:25 GMT

GET
H2 200 647bfd72a660b80019d55fc0.js Show response
buttons-config.sharethis.com/js/ 496 B
941 B 176ms
47ms Script
text/javascript 2600:9000:26da:a200:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/647bfd72a660b80019d55fc0.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a200:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ac8af12a46eb3020d62ae8339a2f8a34776a0438013b5ab08836e0e02f9862e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 07:20:06 GMT
via: 1.1 6da146f012af036eaa9002470b7d7c54.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P4
age: 5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 496
last-modified: Sun, 04 Jun 2023 02:56:52 GMT
server: AmazonS3
etag: "b9775a3e523773ca3b4aacb55ff6070b"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
x-amz-cf-id: YZqbFKk2EMtd__t6eRFmHEWA-fYcTEKuA59_96bc_LnbjIkAG5oGmg==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
414 B 786ms
674ms XHR
text/plain 3.76.13.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=sopq-net-q8.ref-was-uae.xyz&location=%2F39%2F&product=sticky-share-buttons&url=https%3A%2F%2Fsopq-net-q8.ref-was-uae.xyz%2F39%2F&source=platform&fcmp=false&fcmpv2=false&has_segmentio=false&title=%D8%A7%D9%84%D9%86%D8%A7%D8%A6%D8%A8%20%D8%A7%D9%84%D8%B9%D8%A7%D9%85%20%D9%8A%D8%A3%D9%85%D8%B1%20%D8%A8%D8%A7%D9%84%D9%82%D8%A8%D8%B6%20%D8%B9%D9%84%D9%89%20%D8%AE%D8%A7%D9%84%D8%AF%20%D8%A7%D9%84%D8%A8%D9%84%D8%B7%D8%A7%D9%86%20%D8%B9%D9%84%D9%89%20%D8%AE%D9%84%D9%81%D9%8A%D8%A9%20%D8%A8%D8%A7%D9%84%D8%A5%D8%B3%D8%A7%D8%A1%D8%A9%20%D9%84%D8%A5%D8%AF%D8%A7%D8%B1%D8%A9%20%D9%86%D8%A7%D8%AF%D9%8A%20%D8%A7%D9%84%D8%B4%D8%A8%D8%A7%D8%A8&cms=unknown&publisher=647bfd72a660b80019d55fc0&sop=true&version=st_sop.js&lang=en&description=%D8%A7%D9%84%D9%86%D8%A7%D8%A6%D8%A8%20%D8%A7%D9%84%D8%B9%D8%A7%D9%85%20%D9%8A%D8%A3%D9%85%D8%B1%20%D8%A8%D8%A7%D9%84%D9%82%D8%A8%D8%B6%20%D8%B9%D9%84%D9%89%20%D8%AE%D8%A7%D9%84%D8%AF%20%D8%A7%D9%84%D8%A8%D9%84%D8%B7%D8%A7%D9%86%20%D8%B9%D9%84%D9%89%20%D8%AE%D9%84%D9%81%D9%8A%D8%A9%20%D8%A8%D8%A7%D9%84%D8%A5%D8%B3%D8%A7%D8%A1%D8%A9%20%D9%84%D8%A5%D8%AF%D8%A7%D8%B1%D8%A9%20%D9%86%D8%A7%D8%AF%D9%8A%20%D8%A7%D9%84%D8%B4%D8%A8%D8%A7%D8%A8%0A&ua=&ua_mobile=false&ua_full_version_list=

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.76.13.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-76-13-90.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 07:20:11 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://sopq-net-q8.ref-was-uae.xyz
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
81 KB 65ms
63ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q3XGLYLVNM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152745701-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

026d51e034d97c4115f6994f2b5fbff62c2d2c82f073b460d4950c4e90fe2617

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 07:20:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 22 Aug 2023 07:20:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
75 KB 48ms
47ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5MN5XDMB43&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152745701-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6fca27de84d345ae6abc498be9803c12ab37d3cfa71387cb9e1b1b8c8072e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 07:20:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77070
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 22 Aug 2023 07:20:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 110ms
35ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152745701-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 22 Aug 2023 05:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5427
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 22 Aug 2023 07:49:43 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/ 392 KB
132 KB 172ms
107ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5290359410522938&plah=sopq-net-q8.ref-was-uae.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5290359410522938

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4fd980b5240dd5ee62fca05c37c06dacc5326428582184e873aa6cc4eddc0f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 07:20:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134727
x-xss-protection: 0
server: cafe
etag: 18022955722279540444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 07:20:10 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230817/r20190131/ Frame 67FC 10 KB
5 KB 120ms
32ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230817/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5290359410522938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sopq-net-q8.ref-was-uae.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 74608
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 10:36:42 GMT
etag: 13776922816869014096
expires: Mon, 04 Sep 2023 10:36:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
263 B 85ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5MN5XDMB43&gtm=45je38l0&_p=1313655962&cid=2125244873.1692688811&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1692688810&sct=1&seg=0&dl=https%3A%2F%2Fsopq-net-q8.ref-was-uae.xyz%2F39%2F&dt=%D8%A7%D9%84%D9%86%D8%A7%D8%A6%D8%A8%20%D8%A7%D9%84%D8%B9%D8%A7%D9%85%20%D9%8A%D8%A3%D9%85%D8%B1%20%D8%A8%D8%A7%D9%84%D9%82%D8%A8%D8%B6%20%D8%B9%D9%84%D9%89%20%D8%AE%D8%A7%D9%84%D8%AF%20%D8%A7%D9%84%D8%A8%D9%84%D8%B7%D8%A7%D9%86%20%D8%B9%D9%84%D9%89%20%D8%AE%D9%84%D9%81%D9%8A%D8%A9%20%D8%A8%D8%A7%D9%84%D8%A5%D8%B3%D8%A7%D8%A1%D8%A9%20%D9%84%D8%A5%D8%AF%D8%A7%D8%B1%D8%A9%20%D9%86%D8%A7%D8%AF%D9%8A%20%D8%A7%D9%84%D8%B4%D8%A8%D8%A7%D8%A8&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5MN5XDMB43&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 07:20:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sopq-net-q8.ref-was-uae.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 52ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Q3XGLYLVNM&gtm=45je38l0&_p=1313655962&cid=2125244873.1692688811&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1692688810&sct=1&seg=0&dl=https%3A%2F%2Fsopq-net-q8.ref-was-uae.xyz%2F39%2F&dt=%D8%A7%D9%84%D9%86%D8%A7%D8%A6%D8%A8%20%D8%A7%D9%84%D8%B9%D8%A7%D9%85%20%D9%8A%D8%A3%D9%85%D8%B1%20%D8%A8%D8%A7%D9%84%D9%82%D8%A8%D8%B6%20%D8%B9%D9%84%D9%89%20%D8%AE%D8%A7%D9%84%D8%AF%20%D8%A7%D9%84%D8%A8%D9%84%D8%B7%D8%A7%D9%86%20%D8%B9%D9%84%D9%89%20%D8%AE%D9%84%D9%81%D9%8A%D8%A9%20%D8%A8%D8%A7%D9%84%D8%A5%D8%B3%D8%A7%D8%A1%D8%A9%20%D9%84%D8%A5%D8%AF%D8%A7%D8%B1%D8%A9%20%D9%86%D8%A7%D8%AF%D9%8A%20%D8%A7%D9%84%D8%B4%D8%A8%D8%A7%D8%A8&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q3XGLYLVNM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 07:20:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sopq-net-q8.ref-was-uae.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
215 B 40ms
40ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1313655962&t=pageview&_s=1&dl=https%3A%2F%2Fsopq-net-q8.ref-was-uae.xyz%2F39%2F&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D9%86%D8%A7%D8%A6%D8%A8%20%D8%A7%D9%84%D8%B9%D8%A7%D9%85%20%D9%8A%D8%A3%D9%85%D8%B1%20%D8%A8%D8%A7%D9%84%D9%82%D8%A8%D8%B6%20%D8%B9%D9%84%D9%89%20%D8%AE%D8%A7%D9%84%D8%AF%20%D8%A7%D9%84%D8%A8%D9%84%D8%B7%D8%A7%D9%86%20%D8%B9%D9%84%D9%89%20%D8%AE%D9%84%D9%81%D9%8A%D8%A9%20%D8%A8%D8%A7%D9%84%D8%A5%D8%B3%D8%A7%D8%A1%D8%A9%20%D9%84%D8%A5%D8%AF%D8%A7%D8%B1%D8%A9%20%D9%86%D8%A7%D8%AF%D9%8A%20%D8%A7%D9%84%D8%B4%D8%A8%D8%A7%D8%A8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=475884603&gjid=1247111551&cid=2125244873.1692688811&tid=UA-152745701-1&_gid=1710506221.1692688811&_r=1&gtm=457e38l0&jsscut=1&z=1370074112

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sopq-net-q8.ref-was-uae.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 07:20:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sopq-net-q8.ref-was-uae.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
725 B 138ms
38ms Image
image/svg+xml 2600:9000:26da:f800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/facebook.svg

Requested by

Host: sopq-net-q8.ref-was-uae.xyz
URL: https://sopq-net-q8.ref-was-uae.xyz/39/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:f800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 01:46:52 GMT
via: 1.1 0b2ae559ee268e62d32798bba4c8c014.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 2285607
x-amz-server-side-encryption: AES256
etag: "c6e9be45643e197ce1db1d7e24a99adc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 301
x-amz-cf-id: WGcBUa-yfTr5nHIQEL8uFE-Vf6S2Ar_l3XfwcaqoqQm7ydf-qUBn5w==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 140ms
40ms Image
image/svg+xml 2600:9000:26da:f800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/twitter.svg

Requested by

Host: sopq-net-q8.ref-was-uae.xyz
URL: https://sopq-net-q8.ref-was-uae.xyz/39/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:f800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:53:19 GMT
via: 1.1 0b2ae559ee268e62d32798bba4c8c014.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 2294812
etag: "0af2fb38987598376c99e21af17ade45"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 731
x-amz-cf-id: iZXeSDPhf4ajsu7BvQpi-g-067qcuY-4xcFdBcMrDv5M35rjIdUEgQ==

GET
H2 200 email.svg
platform-cdn.sharethis.com/img/ 343 B
769 B 141ms
41ms Image
image/svg+xml 2600:9000:26da:f800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/email.svg

Requested by

Host: sopq-net-q8.ref-was-uae.xyz
URL: https://sopq-net-q8.ref-was-uae.xyz/39/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:f800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 04:44:39 GMT
via: 1.1 0b2ae559ee268e62d32798bba4c8c014.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 2342132
etag: "5977437466e857c7ddcadda6f6d88c2a"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 343
x-amz-cf-id: QcGkm4D67OMnTw5GwcNHjFpjOglU1eE8ROunAwkphXqscVbhNUjvKQ==

GET
H2 200 whatsapp.svg
platform-cdn.sharethis.com/img/ 832 B
1 KB 141ms
42ms Image
image/svg+xml 2600:9000:26da:f800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/whatsapp.svg

Requested by

Host: sopq-net-q8.ref-was-uae.xyz
URL: https://sopq-net-q8.ref-was-uae.xyz/39/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:f800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 16:14:20 GMT
via: 1.1 0b2ae559ee268e62d32798bba4c8c014.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P4
age: 659151
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 832
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
etag: "afe7fc60ed757db39a88d2950fce69c9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: H7zrh3eEPNDRPhUBsPrUL5EZIkcIA49XT8wTZor_zlCt8_xMaY2TIA==

GET
H2 200 sms.svg
platform-cdn.sharethis.com/img/ 2 KB
1 KB 141ms
42ms Image
image/svg+xml 2600:9000:26da:f800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/sms.svg

Requested by

Host: sopq-net-q8.ref-was-uae.xyz
URL: https://sopq-net-q8.ref-was-uae.xyz/39/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:f800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3cb6024ae2cbbe02889d75c14ad2450d3e55209359d8800a847fcff83cddc3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 23:11:25 GMT
content-encoding: gzip
via: 1.1 0b2ae559ee268e62d32798bba4c8c014.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 2294774
x-amz-server-side-encryption: AES256
etag: W/"e7eca7e85a8b3599935b0649debb23f2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: O7XFTDwgZCgWhfXunQwHSdjfWiX4SxfsUZoZHvF3XjeJuYESAw4Olw==

GET
H2 200 sharethis.svg
platform-cdn.sharethis.com/img/ 514 B
955 B 142ms
43ms Image
image/svg+xml 2600:9000:26da:f800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/sharethis.svg

Requested by

Host: sopq-net-q8.ref-was-uae.xyz
URL: https://sopq-net-q8.ref-was-uae.xyz/39/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:f800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 10:26:15 GMT
via: 1.1 0b2ae559ee268e62d32798bba4c8c014.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P4
age: 766436
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 514
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
etag: "deecdaa377907db5cc1722fc831670a1"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: x4CP9C3E7L2A41RZevsyk9LV1e55r0xCFVekk0YBw-p4B8okTx9i5Q==

GET
H2 200 arrow_left.svg
platform-cdn.sharethis.com/img/ 565 B
989 B 44ms
44ms Image
image/svg+xml 2600:9000:26da:f800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/arrow_left.svg

Requested by

Host: sopq-net-q8.ref-was-uae.xyz
URL: https://sopq-net-q8.ref-was-uae.xyz/39/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:f800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 01:14:22 GMT
via: 1.1 0b2ae559ee268e62d32798bba4c8c014.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 2527549
etag: "b55d8d2b9321e381a3c38a4bddb74037"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 565
x-amz-cf-id: JIhLP1sXuQkPUC5cB3NBiDbL0qvT3ljRmKlB10x_I1KFZuhqnnhDLA==

GET
H2 200 arrow_right.svg
platform-cdn.sharethis.com/img/ 565 B
1006 B 45ms
45ms Image
image/svg+xml 2600:9000:26da:f800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/arrow_right.svg

Requested by

Host: sopq-net-q8.ref-was-uae.xyz
URL: https://sopq-net-q8.ref-was-uae.xyz/39/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:f800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 02:50:29 GMT
via: 1.1 0b2ae559ee268e62d32798bba4c8c014.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P4
age: 275382
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 565
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
etag: "9928d025bd5792b718ee0a185f62e67c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: uO651Jp4zupmmWJ1eUggyIbNLw6umpapIJg7GSULJgUzlGff6Q-k7w==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
608 B 201ms
73ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sopq-net-q8.ref-was-uae.xyz&callback=_gfp_s_&client=ca-pub-5290359410522938

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5290359410522938&plah=sopq-net-q8.ref-was-uae.xyz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8373cc233271853c6cc2a6702f7f224bdff46337b65379df4e0187a9e1bca37e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 07:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3D7A 0
188 B 182ms
181ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5290359410522938&output=html&adk=1812271804&adf=3025194257&lmt=1692681610&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fsopq-net-q8.ref-was-uae.xyz%2F39%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692688810469&bpp=4&bdt=356&idt=424&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8000015379281&frm=20&pv=2&ga_vid=2125244873.1692688811&ga_sid=1692688811&ga_hid=1313655962&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077148%2C44795921%2C44800493%2C44799569&oid=2&pvsid=1077533735665885&tmod=314097917&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=468

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sopq-net-q8.ref-was-uae.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 07:20:11 GMT
expires: Tue, 22 Aug 2023 07:20:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DB52 116 KB
39 KB 801ms
800ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5290359410522938&output=html&h=280&slotname=7165497559&adk=2850616344&adf=1739352145&pi=t.ma~as.7165497559&w=752&fwrn=4&fwrnh=100&lmt=1692681610&rafmt=1&format=752x280&url=https%3A%2F%2Fsopq-net-q8.ref-was-uae.xyz%2F39%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692688810473&bpp=2&bdt=361&idt=475&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8000015379281&frm=20&pv=1&ga_vid=2125244873.1692688811&ga_sid=1692688811&ga_hid=1313655962&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=309&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077148%2C44795921%2C44800493%2C44799569&oid=2&pvsid=1077533735665885&tmod=314097917&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fu4TaYSiKi&p=https%3A//sopq-net-q8.ref-was-uae.xyz&dtd=481

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dc890d7e8e9a9d795c8fa5f05e65504cdd23c7ad4bf25499a29f2469d28d33b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sopq-net-q8.ref-was-uae.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39261
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 07:20:11 GMT
expires: Tue, 22 Aug 2023 07:20:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B4E4 101 KB
38 KB 418ms
415ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5290359410522938&output=html&h=280&slotname=3018039299&adk=2970146914&adf=3975479103&pi=t.ma~as.3018039299&w=752&fwrn=4&fwrnh=100&lmt=1692681610&rafmt=1&format=752x280&url=https%3A%2F%2Fsopq-net-q8.ref-was-uae.xyz%2F39%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692688810475&bpp=1&bdt=362&idt=487&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C752x280&nras=1&correlator=8000015379281&frm=20&pv=1&ga_vid=2125244873.1692688811&ga_sid=1692688811&ga_hid=1313655962&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077148%2C44795921%2C44800493%2C44799569&oid=2&pvsid=1077533735665885&tmod=314097917&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=kDcyHDCiia&p=https%3A//sopq-net-q8.ref-was-uae.xyz&dtd=498

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a04a48fd89622b7dce8bccdd7e277f19c56f65dd32540874eafdb3c63bfcc7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sopq-net-q8.ref-was-uae.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38233
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 07:20:11 GMT
expires: Tue, 22 Aug 2023 07:20:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 666C 121 KB
40 KB 662ms
658ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5290359410522938&output=html&h=280&slotname=4153775738&adk=3464295745&adf=1425563768&pi=t.ma~as.4153775738&w=752&fwrn=4&fwrnh=100&lmt=1692681610&rafmt=1&format=752x280&url=https%3A%2F%2Fsopq-net-q8.ref-was-uae.xyz%2F39%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692688810476&bpp=1&bdt=363&idt=504&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C752x280%2C752x280&nras=1&correlator=8000015379281&frm=20&pv=1&ga_vid=2125244873.1692688811&ga_sid=1692688811&ga_hid=1313655962&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077148%2C44795921%2C44800493%2C44799569&oid=2&pvsid=1077533735665885&tmod=314097917&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tqg5B3Uxnq&p=https%3A//sopq-net-q8.ref-was-uae.xyz&dtd=508

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9658f0483195892b3774051d8e7b9ec2fe966a4452491e0337191f3705ebe8a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sopq-net-q8.ref-was-uae.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40916
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 07:20:11 GMT
expires: Tue, 22 Aug 2023 07:20:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 13582985887000357878
tpc.googlesyndication.com/simgad/ Frame B4E4 41 KB
42 KB 138ms
43ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13582985887000357878?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlf0KVQ3abc1UTTkyuUG4l-loKhyg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5290359410522938&output=html&h=280&slotname=3018039299&adk=2970146914&adf=3975479103&pi=t.ma~as.3018039299&w=752&fwrn=4&fwrnh=100&lmt=1692681610&rafmt=1&format=752x280&url=https%3A%2F%2Fsopq-net-q8.ref-was-uae.xyz%2F39%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692688810475&bpp=1&bdt=362&idt=487&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C752x280&nras=1&correlator=8000015379281&frm=20&pv=1&ga_vid=2125244873.1692688811&ga_sid=1692688811&ga_hid=1313655962&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077148%2C44795921%2C44800493%2C44799569&oid=2&pvsid=1077533735665885&tmod=314097917&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=kDcyHDCiia&p=https%3A//sopq-net-q8.ref-was-uae.xyz&dtd=498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a06ad32b623b7b49a342ccd5812958ef988fb205f6643827a6dfcae64ff05312

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 07:33:35 GMT
x-content-type-options: nosniff
age: 344796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42253
x-xss-protection: 0
last-modified: Mon, 09 May 2022 11:39:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 17 Aug 2024 07:33:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame B4E4 23 KB
9 KB 105ms
37ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:34 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C647 143 B
166 B 34ms
32ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5290359410522938&output=html&h=280&slotname=3018039299&adk=2970146914&adf=3975479103&pi=t.ma~as.3018039299&w=752&fwrn=4&fwrnh=100&lmt=1692681610&rafmt=1&format=752x280&url=https%3A%2F%2Fsopq-net-q8.ref-was-uae.xyz%2F39%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692688810475&bpp=1&bdt=362&idt=487&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C752x280&nras=1&correlator=8000015379281&frm=20&pv=1&ga_vid=2125244873.1692688811&ga_sid=1692688811&ga_hid=1313655962&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077148%2C44795921%2C44800493%2C44799569&oid=2&pvsid=1077533735665885&tmod=314097917&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=kDcyHDCiia&p=https%3A//sopq-net-q8.ref-was-uae.xyz&dtd=498
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 3388
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 06:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-bsvtf3werujrk-sdcmd7ac62m4cwda-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 37CE 247 B
869 B 142ms
41ms Document
text/html 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-bsvtf3werujrk-sdcmd7ac62m4cwda-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

7307caa0e4eabbf5214128e42ba8c46a45596b5768cac1b0223326a50abf2c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 204
content-security-policy-report-only: script-src 'nonce-k_D4g0vBpTpeYcWJGVToVA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 07:20:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame B4E4 3 KB
1 KB 100ms
36ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame B4E4 20 KB
8 KB 96ms
32ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B4E4 181 KB
57 KB 212ms
76ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 07:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 07:20:11 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame B4E4 35 KB
14 KB 149ms
87ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ea20bedd24c2721275fc920672ccf787385ec6b8cb5ccbfc6682aeee658e78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:18:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
server: cafe
etag: 17218437938740726354
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 17:18:53 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C647
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

48ms
48ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 07:20:11 GMT
expires: Tue, 22 Aug 2023 07:20:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 07:20:11 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe.html Show response
p4-bsvtf3werujrk-sdcmd7ac62m4cwda-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 37CE 5 KB
2 KB 42ms
41ms Document
text/html 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-bsvtf3werujrk-sdcmd7ac62m4cwda-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-bsvtf3werujrk-sdcmd7ac62m4cwda-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-bsvtf3werujrk-sdcmd7ac62m4cwda-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

c8ec0cbdd08cff80fdf4846619ed73014236fa89706d693c23abaeb0a65ed1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-bsvtf3werujrk-sdcmd7ac62m4cwda-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1985
content-security-policy-report-only: script-src 'nonce-nJ8EAfe_c6GWN6rKVmEVfg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 07:20:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 22:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B4E4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4f449ba77ea196e4ae5240cf8a8087454b347e42e1a4b79691793d6b0c22add

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 666C 15 KB
2 KB 119ms
42ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5290359410522938&output=html&h=280&slotname=4153775738&adk=3464295745&adf=1425563768&pi=t.ma~as.4153775738&w=752&fwrn=4&fwrnh=100&lmt=1692681610&rafmt=1&format=752x280&url=https%3A%2F%2Fsopq-net-q8.ref-was-uae.xyz%2F39%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692688810476&bpp=1&bdt=363&idt=504&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C752x280%2C752x280&nras=1&correlator=8000015379281&frm=20&pv=1&ga_vid=2125244873.1692688811&ga_sid=1692688811&ga_hid=1313655962&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=1894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077148%2C44795921%2C44800493%2C44799569&oid=2&pvsid=1077533735665885&tmod=314097917&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tqg5B3Uxnq&p=https%3A//sopq-net-q8.ref-was-uae.xyz&dtd=508

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2060d29f49d996a26f3888bf75735db9e023f651d382164d295337be9dc99620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 22 Aug 2023 07:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 06:51:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Aug 2023 07:20:11 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 666C 2 KB
945 B 33ms
32ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:34 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame 666C 23 KB
9 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 666C 3 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 666C 20 KB
8 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 666C 181 KB
57 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 07:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 07:20:11 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 666C 35 KB
15 KB 107ms
33ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 543773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 00:17:18 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 666C 51 KB
52 KB 111ms
35ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQaZx5FpedtuW08XG8_4oXjnwOpV8-MMWo7mm9DEHwSr6VFY3wxGlkiJC0cyw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5028070325d22ed0d9305a75aa46084efca86fa133d1472105b31eb91121394c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 03:19:34 GMT
x-content-type-options: nosniff
age: 14437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52728
x-xss-protection: 0
last-modified: Sun, 01 Oct 2023 05:10:08 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 21 Aug 2024 03:19:34 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 666C 43 KB
44 KB 218ms
66ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTrOxRRorZU_MK76AnGVBcnuzlvRqJf7CkiaHNJZTtuA-gEUiHG2FcHlbJjgM8&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb2a70bd94b1d195b332cdbf0bc92e671ecf9a206e0ea0880f6e21bbc6dc7102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 03:57:13 GMT
x-content-type-options: nosniff
age: 530578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44194
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 03:50:45 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 15 Aug 2024 03:57:13 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 666C 42 KB
43 KB 116ms
32ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcS2X0fo4TptOks8YdHI96oXHmfRt3kumdckM3lj_Iulm5m402q4ufdlzgs3zg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c3f8866f6a07a2abf723b21525c9ea70594ac6d045aac3f84c119676abab7c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 05:54:54 GMT
x-content-type-options: nosniff
age: 5117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43183
x-xss-protection: 0
last-modified: Sun, 01 Oct 2023 04:54:52 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 21 Aug 2024 05:54:54 GMT

GET
H2

200

10544934091743721152
tpc.googlesyndication.com/simgad/ Frame 666C
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCg86e31AEQ8wMY8wMyCNXNCGq26v-T
https://tpc.googlesyndication.com/simgad/10544934091743721152

30 KB
31 KB

32ms
32ms

Image
image/png

2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10544934091743721152

Requested by

Protocol

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911623e0a4f4edfaa7cd534f3118bd39ecc63c68db63f7240082c7297bc9698d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 07:52:17 GMT
x-content-type-options: nosniff
age: 257274
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31178
x-xss-protection: 0
last-modified: Fri, 04 Feb 2022 14:18:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 18 Aug 2024 07:52:17 GMT

Redirect headers

date: Mon, 21 Aug 2023 19:26:05 GMT
x-content-type-options: nosniff
server: cafe
age: 42846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/10544934091743721152
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Sep 2023 19:26:05 GMT

GET
DATA 200
OK truncated
/ Frame 666C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 302ec89f98faf28b4f2318c99049123387da576e2b557a6c7805741be1923adf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame DB52 14 KB
1 KB 48ms
46ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5290359410522938&output=html&h=280&slotname=7165497559&adk=2850616344&adf=1739352145&pi=t.ma~as.7165497559&w=752&fwrn=4&fwrnh=100&lmt=1692681610&rafmt=1&format=752x280&url=https%3A%2F%2Fsopq-net-q8.ref-was-uae.xyz%2F39%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692688810473&bpp=2&bdt=361&idt=475&shv=r20230817&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8000015379281&frm=20&pv=1&ga_vid=2125244873.1692688811&ga_sid=1692688811&ga_hid=1313655962&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=618&ady=309&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077148%2C44795921%2C44800493%2C44799569&oid=2&pvsid=1077533735665885&tmod=314097917&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fu4TaYSiKi&p=https%3A//sopq-net-q8.ref-was-uae.xyz&dtd=481

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 22 Aug 2023 07:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 06:14:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Aug 2023 07:20:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame DB52 2 KB
892 B 61ms
59ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:34 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame DB52 23 KB
9 KB 70ms
68ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame DB52 3 KB
1 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame DB52 20 KB
8 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:25 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DB52 181 KB
56 KB 81ms
79ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 07:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 07:20:11 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame DB52 35 KB
15 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 543773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 00:17:18 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B4E4
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Ck5Orq2HkZLG_AZeMtwfkmKmYCvm-wvdwh4vis40RzevAoZIOEAEgxd2pL2CRhKCFjBigAaGV8u0CyAECqQL0O5NAUkSyPqgDAcgDyQSqBOgBT9DqPQah3enxrDTxAyeZ9gjIIvPkxtQuH62...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224322106180810986129%22,%22debug_reporting%22:true,%22destination%22:%22https://betterme.world%22,%22event_report_window%22...

0
0

249ms
104ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224322106180810986129%22,%22debug_reporting%22:true,%22destination%22:%22https://betterme.world%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22767330977%22],%224%22:[%2208-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226422290898245115713%22}&andc=true

Requested by

Host: sopq-net-q8.ref-was-uae.xyz
URL: https://sopq-net-q8.ref-was-uae.xyz/39/

Protocol

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 07:20:12 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"4322106180810986129","debug_reporting":true,"destination":"https://betterme.world","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["767330977"],"4":["08-22"],"6":["true"]},"priority":"500","source_event_id":"6422290898245115713"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 22 Aug 2023 07:20:12 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 22 Aug 2023 07:20:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4322106180810986129","debug_reporting":true,"destination":"https://betterme.world","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["767330977"],"4":["08-22"],"6":["true"]},"priority":"500","source_event_id":"6422290898245115713"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11700037625861501846/ Frame DB52 32 KB
33 KB 63ms
63ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11700037625861501846/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6328e4808c722f665437137f3984bb0e2ca80426849a8ea7b28841041fe7367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 19:02:42 GMT
x-content-type-options: nosniff
age: 389849
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33250
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 13:29:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 16 Aug 2024 19:02:42 GMT

GET
DATA 200
OK truncated
/ Frame DB52 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame DB52 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame C85B 37 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 06:34:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 06:34:22 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 666C 33 KB
33 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 267370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 05:04:01 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 666C 20 KB
20 KB 32ms
32ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:20:48 GMT
x-content-type-options: nosniff
age: 251963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 09:20:48 GMT

GET
DATA 200
OK truncated
/ Frame DB52 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7e4641760bde4f45bf88fd4cba21c7807f9beb13b2c981946812c44d746b3a8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 158ms
68ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 22 Aug 2023 07:20:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 666C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CBvf3q2HkZPjPAvaCwuIPxJ-aiAj5joy9cYT05qqbEenRjcLpPBABIMXdqS9gkYSghYwYoAHZzaeiA8gBCakCIIAz_TlMsj6oAwHIA8sEqgTzAU_Q221vDRLn9YO3iuO3CYmpJC0t_8r2mzI...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225833030370074671474%22,%22debug_reporting%22:true,%22destination%22:%22https://europarcsverkoop.nl%22,%22event_report_wind...

0
0

97ms
94ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225833030370074671474%22,%22debug_reporting%22:true,%22destination%22:%22https://europarcsverkoop.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22877258457%22],%224%22:[%2208-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210640731449400223489%22}&andc=true

Protocol

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 07:20:12 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5833030370074671474","debug_reporting":true,"destination":"https://europarcsverkoop.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["877258457"],"4":["08-22"],"6":["true"]},"priority":"500","source_event_id":"10640731449400223489"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 22 Aug 2023 07:20:12 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 22 Aug 2023 07:20:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5833030370074671474","debug_reporting":true,"destination":"https://europarcsverkoop.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["877258457"],"4":["08-22"],"6":["true"]},"priority":"500","source_event_id":"10640731449400223489"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 07BF 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 06:34:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 06:34:22 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame DB52 33 KB
33 KB 34ms
34ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 267371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 05:04:01 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame DB52
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CHUiyq2HkZIM50463B_nfrJAKz52kw3Gat9CvtBHb2R4QASDF3akvYJGEoIWMGKABl5DhvwPIAQmoAwHIA8sEqgTnAU_QzX5EBtCALQZT4czxHrAyeOCnH0kGc5HDkcdx5LmRXNJ32xSEYCU...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223892296973349958518%22,%22debug_reporting%22:true,%22destination%22:%22https://myheritage.nl%22,%22event_report_window%22:...

0
0

99ms
95ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223892296973349958518%22,%22debug_reporting%22:true,%22destination%22:%22https://myheritage.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22939018263%22],%224%22:[%2208-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212800960299348905441%22}&andc=true

Protocol

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 07:20:12 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"3892296973349958518","debug_reporting":true,"destination":"https://myheritage.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["939018263"],"4":["08-22"],"6":["true"]},"priority":"500","source_event_id":"12800960299348905441"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 22 Aug 2023 07:20:12 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 22 Aug 2023 07:20:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3892296973349958518","debug_reporting":true,"destination":"https://myheritage.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["939018263"],"4":["08-22"],"6":["true"]},"priority":"500","source_event_id":"12800960299348905441"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 88ms
82ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230817&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9337e153ab97b18fea2bb0c47be876b355d7865cdf9cbe85c516fb46cb3c08a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 07:20:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11730
x-xss-protection: 0

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 08D1 37 KB
14 KB 43ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 06:34:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 06:34:22 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 74ms
73ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 22 Aug 2023 07:20:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 72ms
68ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 22 Aug 2023 07:20:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 81ms
79ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 07:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Aug 2023 07:20:12 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1657 13 KB
5 KB 61ms
59ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sopq-net-q8.ref-was-uae.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 4854
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 05:59:18 GMT
expires: Wed, 21 Aug 2024 05:59:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FB94 829 B
991 B 47ms
45ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

40d5314a90f68f2cca5ecc1e8f8940c99cb281ffa5c90d909396d2fcc5289b33

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8C_e7BPA_Jhio9191s1YhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sopq-net-q8.ref-was-uae.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 535
content-security-policy: script-src 'report-sample' 'nonce-8C_e7BPA_Jhio9191s1YhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 07:20:12 GMT
expires: Tue, 22 Aug 2023 07:20:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FB94 0
0 131ms
130ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230817&jk=1077533735665885&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 1657 37 KB
14 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 06:34:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 06:34:22 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1657 0
10 B 58ms
58ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?B0VsJw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 07:20:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DB52 42 B
64 B 139ms
138ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjMAzCwuXjvDwlVh34hiBfz4_OtrAkkNBzqCPENySfzqHiyxS6_6wAfjiK-yAuTeuNTZOSQmuFBJwNtxqBlsUx4jVIaQszkoNJWZ3p7xscW9XL-ulaheewGXK5havBTDoa660SDOwEo8Uu&sai=AMfl-YTXZWDlE3nHUmd97XAfyCY7I1WCTl2cRjpP-JUhuhiQMUPaLITWFNd2fGg4S3m-n3hnuNUBWI-ah4iR&sig=Cg0ArKJSzBwgUz-9sy0ZEAE&cid=CAQSGwBpAlJWKVoESuuloMHou82E6Cs97X3ORPKqRBgB&id=lidar2&mcvt=1014&p=0,0,280,752&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20230821&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2850616344&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692688810956&rpt=1137&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 07:20:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 136ms
135ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230817&jk=1077533735665885&bg=!hYalhsnNAAZGPLJIZjw7ADQBe5WfOMnqLTvYpsPvAr7DP51rpq0cQsee9gbD-K9uLhwrdHkAnZSv45EBm8_rLZg0Vu1iAgAAAF9SAAAAHGgBBwoAoFttcBDpKL9luI2KPSG3oxRy4-2Rz2P0irt2VwwOzJYhgTZg8p7oRMHoQmZKl8ys7qBx2LcIgTM9-3BnPb2JCgfJvvPtc_Wmk46n6HlP8XEpb6sIXngvbVmgZDA2scDm3M9oDsy_8rL80Uz4G1awIZJHHhTzbsTaFzR9X3cOJy976ZfutIEWhBqC-YLHEzr6ZB_UcdwXn_EG9V1S1fDPNRmZArpSiCqm1QcmxwuO25wwbR2slm-2TGlFelTvXygLksvCRV314mE_kqTKMl16tbNNDMbIjj3srO_gLZ6otd8NFa6Op432ik3gD2Rs0-xSQxBdgOWh-NG7WKPHT46UqxQxrJfg5jxMGZomAtYaiHRP9iL9dth-VpMSeODg8DOzsiX2b3fmmz0ESPXA9Vg_hHckOtHfIHws7bQ90KUnJDHjOkfHl0Q2uoUbZztnJD9nDdxEwyeFDyE1gyDhQh91o92vrxYFo6sjauLTXInVFXe-aEPb-EToZ1edDl45qCrz4pTk6R4GnWAqgqrvAt0u6Pfu5V_I707BRrvixMc8twuELHVf2BlIXCLTUJ1PvzGMVeGCZC17qkGuBOR-C0FYM8ZILRvprBsWz35X1HEaHLKGeMX3amUeql6yv0k_t7xb_Ag7lwgFhPJwe2whEOFQvltw9-pDDz5giLY321h48qvNtMJDayOitZB63W63Ark33J44E-FAJY9GqKTmbHBWRSr1yc_y9uLyCGc3zW7ezyfm_uYaFNzReXXzqdv0ZcUPnU4UDwfZcS4wsUyYdgN3B3Gu-LxR_RiHaiXl0O9BK85cSOMXJvS0nbVkAYVbOxdBNxoeJOITkx_SbPqd-osS5tuDrd0Te4j95eum-Zhdrzg1hU3GY7ubj5nEv1SFu-TVOU9IqylBT3nQU0kNTBB5aqe-P17-3XT2Wthx1JZdSwYMLG0NGNcb-u0b-qqb3u9dWrCn3IB-z8kaJYrNSSj6gNFdllCHDU4oHpo4jlS_5mtjPdMmt66W42gZAAoPe__z4KAGq9Ef1VrZv-7W6kBsyj6Zoxph9q1i8MZkD24iTM7hmPvKVSBd-z2hWsfhhafPDhr9tGGfSA5x7FAJW1XLUPchezjX0wHkb8lyWIIZIODdvfqN3mSBCfAI1DyLbQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sopq-net-q8.ref-was-uae.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sopq-net-q8.ref-was-uae.xyz/	1970-01-20 22:57:04	Name: HstCfa4560416 Value: 1692688810265
sopq-net-q8.ref-was-uae.xyz/	1970-01-20 22:57:04	Name: HstCla4560416 Value: 1692688810265
sopq-net-q8.ref-was-uae.xyz/	1970-01-20 22:57:04	Name: HstCmu4560416 Value: 1692688810265
sopq-net-q8.ref-was-uae.xyz/	1970-01-20 22:57:04	Name: HstPn4560416 Value: 1
sopq-net-q8.ref-was-uae.xyz/	1970-01-20 22:57:04	Name: HstPt4560416 Value: 1
sopq-net-q8.ref-was-uae.xyz/	1970-01-20 22:57:04	Name: HstCnv4560416 Value: 1
sopq-net-q8.ref-was-uae.xyz/	1970-01-20 22:57:04	Name: HstCns4560416 Value: 1
.ref-was-uae.xyz/	1970-01-20 23:47:28	Name: _ga_5MN5XDMB43 Value: GS1.1.1692688810.1.0.1692688810.0.0.0
.ref-was-uae.xyz/	1970-01-20 23:47:28	Name: _ga_Q3XGLYLVNM Value: GS1.1.1692688810.1.0.1692688810.0.0.0
.ref-was-uae.xyz/	1970-01-20 23:47:28	Name: _ga Value: GA1.2.2125244873.1692688811
.ref-was-uae.xyz/	1970-01-20 14:12:55	Name: _gid Value: GA1.2.1710506221.1692688811
.ref-was-uae.xyz/	1970-01-20 14:11:28	Name: _gat_gtag_UA_152745701_1 Value: 1
.ref-was-uae.xyz/	1970-01-20 23:33:04	Name: __gads Value: ID=b1a8badfd46fdb02-22fc67b657de009f:T=1692688811:RT=1692688811:S=ALNI_MbdsCI0wGSkqF1BvFiLNeXP-UaEZQ
.ref-was-uae.xyz/	1970-01-20 23:33:04	Name: __gpi Value: UID=00000c65e4c3bc5d:T=1692688811:RT=1692688811:S=ALNI_MbFgSQzqgQOdBtS38CS4SP3SwNuWQ
.doubleclick.net/	1970-01-20 14:11:32	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 23:33:04	Name: IDE Value: AHWqTUn7J-sPpfqkWHSjfvP3vXFz3m-uvyTQevstzNY2ypjzUJCxwL0X-jZL2qjbJrI
.googleadservices.com/	1970-01-20 16:21:04	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buttons-config.sharethis.com
cdn.gumlet.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gumlet.assettype.com
l.sharethis.com
p4-bsvtf3werujrk-sdcmd7ac62m4cwda-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform-api.sharethis.com
platform-cdn.sharethis.com
region1.google-analytics.com
s10.histats.com
s4.histats.com
sopq-net-q8.ref-was-uae.xyz
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
13.32.99.51
142.250.186.130
149.56.240.127
2001:4860:4802:32::36
216.58.212.163
2600:9000:225e:3a00:11:c3fe:5b00:93a1
2600:9000:26da:8400:1c:71c5:c3c0:93a1
2600:9000:26da:a200:c:abe:f440:93a1
2600:9000:26da:f800:1d:85c3:6640:93a1
2606:4700:10::6814:51d
2a00:1450:4001:800::200e
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:831::200e
2a06:98c1:3121::3
3.76.13.90
026d51e034d97c4115f6994f2b5fbff62c2d2c82f073b460d4950c4e90fe2617
054ced56877ce59705bb1f1313f54bd6fdccfdefb6359f1d1e17e48f2a78c80e
0ea20bedd24c2721275fc920672ccf787385ec6b8cb5ccbfc6682aeee658e78b
13df2bb7aaa7526f48a0135ce43c27dcedd42b1c10bd4f8da2d7965b62b50102
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
1dc890d7e8e9a9d795c8fa5f05e65504cdd23c7ad4bf25499a29f2469d28d33b
1f56c2984babee36c5008ae3290384e27a63931814265ffe8ddda6a2fc38b41e
2060d29f49d996a26f3888bf75735db9e023f651d382164d295337be9dc99620
2370de383b705553284c5edf52ec06fa66bd30c0bfc791a02e14cbc49c40222b
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
302ec89f98faf28b4f2318c99049123387da576e2b557a6c7805741be1923adf
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
320b648c54874244355be452f7530e9f75bfa0c105d98d57a6fd9be9be6e7b20
328cc866bbd43a73f3742f59aca4df9e04bf14354d8847461f6641279326de63
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c3f8866f6a07a2abf723b21525c9ea70594ac6d045aac3f84c119676abab7c2
3cb6024ae2cbbe02889d75c14ad2450d3e55209359d8800a847fcff83cddc3ce
40d5314a90f68f2cca5ecc1e8f8940c99cb281ffa5c90d909396d2fcc5289b33
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
5028070325d22ed0d9305a75aa46084efca86fa133d1472105b31eb91121394c
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56eecdb5e30d7cb8dbdd69784752a574d4d6054b0d4c7711b93a5522ec8521a7
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64ffd4b2224c9e2a0f2193cf1d37239572a67ce9d2bf3d97c58d6939139af61b
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6a04a48fd89622b7dce8bccdd7e277f19c56f65dd32540874eafdb3c63bfcc7b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7307caa0e4eabbf5214128e42ba8c46a45596b5768cac1b0223326a50abf2c9b
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
8373cc233271853c6cc2a6702f7f224bdff46337b65379df4e0187a9e1bca37e
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
911623e0a4f4edfaa7cd534f3118bd39ecc63c68db63f7240082c7297bc9698d
9337e153ab97b18fea2bb0c47be876b355d7865cdf9cbe85c516fb46cb3c08a1
9658f0483195892b3774051d8e7b9ec2fe966a4452491e0337191f3705ebe8a8
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
9f2a14b5def04639a5426db5d8e746b7ef101924d977d59584595b26ad37016e
a06ad32b623b7b49a342ccd5812958ef988fb205f6643827a6dfcae64ff05312
a4f449ba77ea196e4ae5240cf8a8087454b347e42e1a4b79691793d6b0c22add
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac8af12a46eb3020d62ae8339a2f8a34776a0438013b5ab08836e0e02f9862e0
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad986cb52a1f1fadaab68cc779dd9f5a082d06c6c0a8383f610bf0e4ec5a749f
b081f7bf790678b56a2c0502651d6873cbabc09e78fe40655df15f918b1e369b
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b7e4641760bde4f45bf88fd4cba21c7807f9beb13b2c981946812c44d746b3a8
c6fca27de84d345ae6abc498be9803c12ab37d3cfa71387cb9e1b1b8c8072e57
c8ec0cbdd08cff80fdf4846619ed73014236fa89706d693c23abaeb0a65ed1e1
d102a02165e447060390793f3a067430a264e3cc5fd6cce8d620dd29c2686507
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de8f431c146ab1feb612cb7ced0842ae5c4e2f12067d13db0badeca73977200b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fd980b5240dd5ee62fca05c37c06dacc5326428582184e873aa6cc4eddc0f9
e6328e4808c722f665437137f3984bb0e2ca80426849a8ea7b28841041fe7367
eb2a70bd94b1d195b332cdbf0bc92e671ecf9a206e0ea0880f6e21bbc6dc7102
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe3a2021df903de8f7188042aa6e20123381149aa5b3697c97c8b1fd8f671a0a
fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514

sopq-net-q8.ref-was-uae.xyz Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

89 Requests

96 %HTTPS

81 %IPv6

14 Domains

26 Subdomains

27 IPs

3 Countries

1453 kBTransfer

3554 kBSize

17 Cookies

19 Outgoing links

Page URL History

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sopq-net-q8.ref-was-uae.xyz Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

96 %
HTTPS

81 %
IPv6

14
Domains

26
Subdomains

27
IPs

3
Countries

1453 kB
Transfer

3554 kB
Size

17
Cookies

89 HTTP transactions
7 data transactions