1appleday.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://1appleday.com/
Submission: On July 31 via api (July 31st 2023, 10:53:39 am UTC) from NL — Scanned from NL

Summary HTTP 86 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 15 domains to perform 86 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1appleday.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 26th 2023. Valid for: a year.

This is the only time 1appleday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
5	34.80.135.160 34.80.135.160	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2606:4700::68... 2606:4700::6812:d63b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.104.89.56 172.104.89.56	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
6	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
86	16

14 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

1appleday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.80.135.160 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 160.135.80.34.bc.googleusercontent.com

ypa.focusoftime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.104.89.56 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1699-56.members.linode.com

itsmy.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	432 KB
14	1appleday.com 1appleday.com	427 KB
10	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	101 KB
6	wp.com i0.wp.com — Cisco Umbrella Rank: 3632 i1.wp.com — Cisco Umbrella Rank: 8035	102 KB
5	focusoftime.com ypa.focusoftime.com — Cisco Umbrella Rank: 670579	16 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 3	839 B
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3887 onesignal.com — Cisco Umbrella Rank: 1358	72 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 79 ajax.googleapis.com — Cisco Umbrella Rank: 415	35 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 213	113 KB
2	gstatic.com fonts.gstatic.com	93 KB
2	itsmy.ga itsmy.ga	25 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 311	63 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1196	329 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 58	252 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	83 KB
86	15

	Domain	Requested by
21	tpc.googlesyndication.com	googleads.g.doubleclick.net 1appleday.com tpc.googlesyndication.com pagead2.googlesyndication.com
14	1appleday.com	1appleday.com
13	pagead2.googlesyndication.com	1appleday.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	i0.wp.com	1appleday.com
5	ypa.focusoftime.com	1appleday.com ypa.focusoftime.com ajax.googleapis.com
3	www.google.com	2 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	itsmy.ga	1appleday.com itsmy.ga
2	cdn.onesignal.com	1appleday.com cdn.onesignal.com
2	fonts.googleapis.com	1appleday.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	ajax.googleapis.com	ypa.focusoftime.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	onesignal.com	cdn.onesignal.com
1	www.google-analytics.com	www.googletagmanager.com
1	i1.wp.com	1appleday.com
1	www.googletagmanager.com	1appleday.com
86	19

This site contains links to these domains. Also see Links.

Domain
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-26` - `2024-02-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
ypa.focusoftime.com R3	`2023-07-06` - `2023-10-04`	3 months	crt.sh
itsmy.ga R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://1appleday.com/
Frame ID: 8FE6FCF9977917C97C1BE474FEA15FB6
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html
Frame ID: 28F7A4B69C1254611F413CC50A5EE80F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8148945356111809&output=html&adk=1812271804&adf=3025194257&lmt=1690800813&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2F1appleday.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690800813280&bpp=3&bdt=337&idt=230&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4673175747082&frm=20&pv=2&ga_vid=909262517.1690800813&ga_sid=1690800814&ga_hid=1577203672&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076469%2C44759842%2C44759875%2C44759926%2C31076088%2C31076446%2C31076491%2C44788442%2C21065724&oid=2&pvsid=2960014060876018&tmod=2111066060&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=248
Frame ID: 2AB581965FB29D04223DE884FE4C137E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8148945356111809&output=html&h=200&slotname=1092333085&adk=3869495825&adf=2744490797&pi=t.ma~as.1092333085&w=1140&fwrn=4&lmt=1690800813&rafmt=11&format=1140x200&url=https%3A%2F%2F1appleday.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690800813283&bpp=1&bdt=340&idt=250&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4673175747082&frm=20&pv=1&ga_vid=909262517.1690800813&ga_sid=1690800814&ga_hid=1577203672&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076469%2C44759842%2C44759875%2C44759926%2C31076088%2C31076446%2C31076491%2C44788442%2C21065724&oid=2&pvsid=2960014060876018&tmod=2111066060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MUUVjZctRQ&p=https%3A//1appleday.com&dtd=256
Frame ID: B60C3B4EE695DF5065D28CE8D0AFA13F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F38ACF3C101E5C0767313DFF1AE149CA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1515B3B04BD9551E4BF281A110D220D4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14027018177283854622/index.html
Frame ID: 429A4FC2D279FBF789047A36994D0A30
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 14AA06CDD4F88CE297C3843B045FDF1B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js
Frame ID: 7C0479740E2D54F33508B7318C1DC06C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 645E5C4281AAB05EE0A102A127D28E7B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C293AC24131EC2BDD7433307873A5617
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

蘋果健康咬一口 | 查詢各地健保診所健康新聞資訊

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Matomo Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

piwik\.js|piwik\.php

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

86
Requests

100 %
HTTPS

80 %
IPv6

15
Domains

19
Subdomains

16
IPs

4
Countries

1564 kB
Transfer

4077 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 64

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

86 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
1appleday.com/ 63 KB
14 KB 936ms
865ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1appleday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.29

Resource Hash

0c76aabed86b63a80876d209c9a852116ae44087a6aceeb21aa3c1e4ac91109b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache
cf-cache-status: DYNAMIC
cf-ray: 7ef54c538ff35c3e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 31 Jul 2023 10:53:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Na5ekI%2BPGuwo4v8U52HhCV%2FB3B%2FvvkjNtBAEd%2BB0kgbmJTPsLYzSuyGZ9p0TcpvpZBwqfORDUaou9uEYXd5h9eFDiQT3V%2Fsg9W96u0Zrzmj6grjfFG5jFLQt%2FrNqDVjX6nGh92%2FK7qIXqEtE"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.0)
x-mod-pagespeed: 1.11.33.2-0
x-page-speed: Powered By ngx_pagespeed
x-powered-by: PHP/7.4.29
x-varnish: 402921561

GET
H2 200 css
fonts.googleapis.com/ 22 KB
1 KB 80ms
30ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,800,700,600%7CRaleway:100,300,600,700,800

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f6013f0cb0737d7b55b11f7481176e4080e13347d0bc1e0475599af50f623805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 31 Jul 2023 10:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 10:34:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Jul 2023 10:53:33 GMT

GET
H2 200 plugins.css
1appleday.com/css/ 203 KB
31 KB 32ms
31ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1appleday.com/css/plugins.css

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29fd5f82877603cd338b02ae6cf841b3a1d15813093fe3c5427d0ed580d3884a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:32 GMT
strict-transport-security: max-age=63072000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14478
cf-polished: origSize=207608
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 21 May 2017 01:54:54 GMT
server: cloudflare
etag: W/"32af8-54fff0a713780-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZdVGMI15zTBoc7mPsnMB8eEAQRx1jDqEKIJkADpkDmXyLDQGDLDpTkthLs1Jf%2BIo2Tluo2Pyv7%2B1cz%2Fz5GZKYS%2FTYfSzp4aO%2Bd2t1sJgSCb%2Fg%2FxCAn2KtBxe0az5tD8eOlOYZo%2B%2FVt2zrx8x"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 4030700
cache-control: max-age=2592000
cf-ray: 7ef54c58ff905c3e-FRA
expires: Thu, 03 Aug 2023 05:08:34 GMT

GET
H2 200 style.css
1appleday.com/css/ 271 KB
45 KB 38ms
37ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1appleday.com/css/style.css

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

958b285c8c6bbb73221d5170bea81b8275a33e6a61b48cc7c54e0c035e11c17c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:32 GMT
strict-transport-security: max-age=63072000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14478
cf-polished: origSize=393387
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 21 May 2017 04:13:32 GMT
server: cloudflare
etag: W/"600ab-55000fa3bd300-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9swiqUjcwn7%2FtNn3GrAbUwJVzBqvknC%2BVqq5Kxdu3MoogTc8cFf%2FXH9iRsZ2LJgNFzY6G3JTqGeVkOuZJDq8hD7%2FvrcWpeXNfZs45zOuHSolJVYo4bEPfEkRYn97gn1LBUacUyG8e2ZrlJr1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 66067
cache-control: max-age=2592000
cf-ray: 7ef54c58ff955c3e-FRA
expires: Thu, 10 Aug 2023 12:44:22 GMT

GET
H2 200 responsive.css
1appleday.com/css/ 8 KB
2 KB 29ms
29ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1appleday.com/css/responsive.css

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12456ebcf0309eaa1dfc91beb9a97776bbff500999affe40fc0670949986c0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:32 GMT
strict-transport-security: max-age=63072000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14478
cf-polished: origSize=13240
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 10 Jul 2017 21:17:55 GMT
server: cloudflare
etag: W/"33b8-553fd1dc786c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVGQVhZFAeHdBfsFL5%2BDzJIBAZrNtpAw7kIhfChJ1a5i9KTswUv%2B1TdCUC6Ms2tG%2BFvfYM6A%2Bl4q9vWu4sTlN5WKB6NtPKpBzjjWqM1ZY9TTxIL%2FsV6VqfcFBvOZ0YwH4%2ByppeVK4jTNBska"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 2326880
cache-control: max-age=2592000
cf-ray: 7ef54c58ff965c3e-FRA
expires: Thu, 10 Aug 2023 12:38:05 GMT

GET
H2 200 custom.css
1appleday.com/css/ 5 KB
2 KB 30ms
30ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1appleday.com/css/custom.css

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6452d2c460939a653c687450df627288e09cd0d8e19bbbb154e669271f1fe10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:32 GMT
strict-transport-security: max-age=63072000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14478
cf-polished: origSize=6945
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 02 Nov 2018 19:55:39 GMT
server: cloudflare
etag: W/"1b21-579b3eb6624c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHcmcjsqcb8D5egv87m04IQBMjBAtjIOvfdgjBGTLCUYthHNNxPerW3%2B1QDf9y5raVKBiM77nxtAaiDTHZ4og1Natbw0NitpgLUdQ53OWdLkibK7uOV2KIhnqseRdZOk9WINkumvMXo85slR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 1507668
cache-control: max-age=2592000
cf-ray: 7ef54c58ff985c3e-FRA
expires: Thu, 10 Aug 2023 12:38:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
83 KB 88ms
37ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B05KWBSN17

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf302115788461d07829030d63fcd321a510f05cea9949a16b3ae82918fb8172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84914
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 31 Jul 2023 10:53:33 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
50 KB 173ms
117ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34c56f1123e8f033701a328441367871a22d5ae723b6cf7fe9b927a9622619e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50877
x-xss-protection: 0
server: cafe
etag: 3668641951166864979
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 10:53:33 GMT

GET
H2 200 adsapiptbase.js Show response
ypa.focusoftime.com/static/ 921 B
1 KB 652ms
205ms Script
application/javascript 34.80.135.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ypa.focusoftime.com/static/adsapiptbase.js?ptid=edb8c605e1e4e2f79ed3085e0fd505b9
Requested by: Host: 1appleday.com
URL: https://1appleday.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.80.135.160 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.135.80.34.bc.googleusercontent.com
Software: /
Resource Hash: bfcfe534590f5b61098f3a55b3b130d099937ad504b11399a342861406a1ac91

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:33 GMT
last-modified: Thu, 19 Nov 2020 15:50:54 GMT
etag: "5fb6945e-399"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 921
expires: Mon, 31 Jul 2023 11:53:33 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 89ms
34ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22a799158fe74ae3e802bb4708fa9b5888b3553ca8296ae1f4a23799a006d1ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:33 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 3324
etag: W/"841a8834d1e8a6a8a6de9933a13d2b34"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7ef54c5a0b7318b7-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Thu, 03 Aug 2023 10:53:33 GMT

GET
H3 200 logo-dark2.png
1appleday.com/images/ 4 KB
5 KB 62ms
59ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1appleday.com/images/logo-dark2.png

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4edf4d817609d3e5124052cf3ce866513ed540cb329d80b7159f279016f2a650

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:33 GMT
via: 1.1 varnish (Varnish/6.0)
strict-transport-security: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 15096
alt-svc: h3=":443"; ma=86400
content-length: 4225
last-modified: Thu, 06 Jun 2019 14:02:27 GMT
server: cloudflare
etag: "1081-58aa829fae2c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JBi0%2FBFM5EgLWd%2FqLqZpLq3LZGOROxkvut0%2F2VAAhiRfWC3Vp8%2BtnpAiUW%2BMeMdZ2W5hExtdkHF31XbZH2n83eC3evuBg%2FDpdmJR0ikJ0Ac4PjF6hTAMAX2AXg0ZepA%2B5Eo7efOra2RVq3Z"}],"group":"cf-nel","max_age":604800}
x-varnish: 33327176 41255514
content-type: image/png
cache-control: max-age=29030400
accept-ranges: bytes
cf-ray: 7ef54c59bbd8bb80-FRA
expires: Thu, 05 Oct 2023 18:32:17 GMT

GET
H3 200 loading.png
1appleday.com/images/ 15 KB
15 KB 63ms
60ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1appleday.com/images/loading.png

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cef5c13028789112f8e2a3a1f2811895a6f3f8b86a3f1dc6e964d335d296aaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:33 GMT
via: 1.1 varnish (Varnish/6.0)
strict-transport-security: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 15096
alt-svc: h3=":443"; ma=86400
content-length: 15004
last-modified: Thu, 06 Jun 2019 14:10:55 GMT
server: cloudflare
etag: "3a9c-58aa8484259c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqW%2Bt3DhVRQQzJAbEVeqPUnH6PT61Qbe2TUOYc%2BJGC9bD7MhKI66Qgth0bYPtMsL82FquJnahkr4QCCFNgHtpOYuLiuA%2FrBnWpaGJHcdcy7cmFzzx7eyDxQ5bFN59DEHXMSPM%2Fq4w%2FZISmnN"}],"group":"cf-nel","max_age":604800}
x-varnish: 382878647
content-type: image/png
cache-control: max-age=29030400
accept-ranges: bytes
cf-ray: 7ef54c59bbd9bb80-FRA
expires: Fri, 21 Jun 2024 17:55:55 GMT

GET
H3 200 jquery.js Show response
1appleday.com/js/ 94 KB
34 KB 31ms
30ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1appleday.com/js/jquery.js

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68af4c5878b9d0040bc9bb8663e9018bbcddd89a2520d6470dfeafed4e2cfd3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:33 GMT
strict-transport-security: max-age=63072000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47148
cf-polished: origSize=95935
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 10 May 2017 18:32:54 GMT
server: cloudflare
etag: W/"176bf-54f2fb3506180-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Cg9Bb8DE7Fpo8BrY1OlEgotnjTBz%2Bk%2BiQ62n6BTsrJsg6MJqitnXFpw8Y25ju9I%2FZpZsDOhNGEOm%2B4p57j4TGJUcyRsVN25y%2FJf90BRg2EQB8FGTJfLPKH072WeA1r7tWul7zJfwQhtljZe"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-varnish: 1507671
cache-control: max-age=2592000
cf-ray: 7ef54c594b3fbb80-FRA
expires: Thu, 03 Aug 2023 03:28:11 GMT

GET
H3 200 plugins.js Show response
1appleday.com/js/ 284 KB
84 KB 40ms
40ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1appleday.com/js/plugins.js

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac14b94ac1689eea5d39cd29390d3bec755a0508b0d03c75a450f35ea54d9e5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:33 GMT
strict-transport-security: max-age=63072000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47148
cf-polished: origSize=293042
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 21 May 2017 01:16:42 GMT
server: cloudflare
etag: W/"478b2-54ffe81d41280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BsK%2FU%2FKTEHy0hBGXZgQdpmgQSHOautLsghvgEZiJ6ID1P4Eaq8fmIxwl0%2BVASZTBL18BQQhtgJ6HsQIjB1amQ55CpNSBXMYyfdSnhgA3kPRkcaAKwctuC1%2BaFQdo5qMRWqMn%2F3vGTLS1poQJ"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-varnish: 2359630
cache-control: max-age=2592000
cf-ray: 7ef54c598ba4bb80-FRA
expires: Thu, 10 Aug 2023 12:38:06 GMT

GET
H3 200 jquery.lazyload.js Show response
1appleday.com/js/ 5 KB
2 KB 62ms
61ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1appleday.com/js/jquery.lazyload.js

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

543d6327016c035fe20a64e2bddb76f1294766acdaa2e54fb16194984f9cf857

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:33 GMT
strict-transport-security: max-age=63072000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47148
cf-polished: origSize=9047
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 29 Jul 2017 15:22:40 GMT
server: cloudflare
etag: W/"2357-555765e4a9000-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RegvI6z5ECVtvWyQTzZYiLCKHsHHGDl1OuQ0msVwagfk40w6jprF2eWpMxBq7zTdUNGnu%2Bl9RpXlR%2F7FsaBObZ68zcQKLQ3b7%2BCNfhNY%2FXRLw5t2AADuUNaAIRmz3Zmv9KlyMU2XOHxGJrhl"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-varnish: 1147128
cache-control: max-age=2592000
cf-ray: 7ef54c59abcabb80-FRA
expires: Thu, 10 Aug 2023 12:44:22 GMT

GET
H3 200 functions.js Show response
1appleday.com/js/ 54 KB
13 KB 62ms
58ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1appleday.com/js/functions.js

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cf81f0cfd54e41313d33365cf0fdcc2048860d3e24b4cf0cd832342d3c7be46

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:33 GMT
strict-transport-security: max-age=63072000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47148
cf-polished: origSize=107291
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 17 Jul 2017 16:22:24 GMT
server: cloudflare
etag: W/"1a31b-55485cdd19000-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pf%2Bzw%2Bgd9aYtqWE539wn0ANwyy1lKjck0IEET2M3%2FyRLKeaIR8Ao3ixn1Rkbp1nKV4q5LzpUyYC0cvY1h2nnKrWwblMKBiev75JbgcbUadhE38o0%2BRwzAC1Qrz7rvEtznM0ZX3KKcf3ddU0f"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-varnish: 66070
cache-control: max-age=2592000
cf-ray: 7ef54c59bbd5bb80-FRA
expires: Thu, 10 Aug 2023 12:38:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
699 B 38ms
38ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:300,300i

Requested by

Host: 1appleday.com
URL: https://1appleday.com/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dd03632667862a581d2301af3cba42f42e68ad0902140840224df3a422fcff86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 31 Jul 2023 10:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 10:53:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Jul 2023 10:53:33 GMT

GET
H2 200 piwik.js Show response
itsmy.ga/ 64 KB
25 KB 1102ms
538ms Script
application/x-javascript 172.104.89.56
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://itsmy.ga/piwik.js

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.89.56 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1699-56.members.linode.com

Software

nginx /

Resource Hash

d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:50:19 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Wed, 07 Jun 2023 17:02:40 GMT
server: nginx
etag: W/"10132-5fd8d1a826310"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 73ms
23ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,800,700,600%7CRaleway:100,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1appleday.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 00:05:03 GMT
x-content-type-options: nosniff
age: 211710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 00:05:03 GMT

GET
H3 200 fontawesome-webfont.woff2
1appleday.com/fonts/ 75 KB
76 KB 787ms
787ms Font
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1appleday.com/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: 1appleday.com
URL: https://1appleday.com/css/plugins.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://1appleday.com/css/plugins.css
Origin: https://1appleday.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:33 GMT
via: 1.1 varnish (Varnish/6.0)
strict-transport-security: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Wed, 10 May 2017 18:32:44 GMT
server: cloudflare
etag: "12d68-54f2fb2b7cb00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cw5c9S2wN4sxS1Dkx0xMfBErhaj9%2BGUAfJeU6DssrUjOoWEYDf%2FMg62iyiAkwHRpPt9bYnls4yfxIAv6Arl1Agi4D%2F9GaWfjUyp0m3rjI1fWMsEG3kKzR1jjvzYlcgR%2B1BuDt%2FXbg0XGkl5v"}],"group":"cf-nel","max_age":604800}
x-varnish: 238819747
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 7ef54c59cbe9bb80-FRA
expires: Mon, 31 Jul 2023 10:48:35 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 99ms
52ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,800,700,600%7CRaleway:100,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1appleday.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 04:02:00 GMT
x-content-type-options: nosniff
age: 197493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 04:02:00 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 38ms
37ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151603

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0eda55ec47640c00aa84096fabdb63c66f5e456f7b141e1ba1d153c2b6ebceb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:33 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 3324
etag: W/"22f7e3545bf8cba3cac43d34db3357ed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7ef54c5a5be918b7-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Thu, 03 Aug 2023 10:53:33 GMT

GET
H3 200 weight-loss.jpg
1appleday.com/images/ 103 KB
103 KB 318ms
318ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1appleday.com/images/weight-loss.jpg

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70e427bd250ba69d1e01c01a57a28551a19e05377312962a0039a4901654cc22

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:33 GMT
strict-transport-security: max-age=63072000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 105180
cf-bgj: h2pri
last-modified: Fri, 30 Mar 2018 21:05:55 GMT
server: cloudflare
etag: "19adc-568a79b20d2c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNFOon8N8HKbYX84Y46SLK4jC%2Ba3ikwKRrchPRl%2FA9zx0zPLmr5zqNmXeXZZpx%2BJu4%2FN7mQ8%2F8Xm%2F1Oz6W42JoTLxRTt6MEQRHjuHlPTdQdZDGu4%2FTEoWnse8ifMpbTIHIl1sWCNmaJCyuo3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 346636910
cache-control: max-age=29030400
accept-ranges: bytes
cf-ray: 7ef54c5a7cfcbb80-FRA
expires: Tue, 04 Jun 2024 02:11:09 GMT

GET
H2 200 5512b3d02a000002dc9f.jpeg
i0.wp.com/img.edh.tw/zz/csm/202307/ 29 KB
29 KB 57ms
15ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/img.edh.tw/zz/csm/202307/5512b3d02a000002dc9f.jpeg?resize=525,350&quality=75

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

6dcc39dd4ffcf76f932815ad306bd4e3b079ce1f2ceb21f2807f228654e2a98a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Mon, 31 Jul 2023 10:53:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 31 Jul 2023 06:19:13 GMT
server: nginx
etag: "d88529d41b69d143"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://img.edh.tw/zz/csm/202307/5512b3d02a000002dc9f.jpeg>; rel="canonical"
content-length: 29338
expires: Wed, 30 Jul 2025 18:19:13 GMT

GET
H2 200 e829ee0f74317aa8f7ca11e67cf78e60_l.jpg
i0.wp.com/www.healthnews.com.tw/imageFile/202307/ 11 KB
12 KB 1872ms
1831ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.healthnews.com.tw/imageFile/202307/e829ee0f74317aa8f7ca11e67cf78e60_l.jpg?resize=525,350&quality=75

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

d2c726acb0a3050c037ef0f9a3128d4a747d8fa8e1e1b57207babbe121d899c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nc: MISS ams 4
date: Mon, 31 Jul 2023 10:53:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 31 Jul 2023 10:53:35 GMT
server: nginx
etag: "b4b9a0d0ca730c89"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.healthnews.com.tw/imageFile/202307/e829ee0f74317aa8f7ca11e67cf78e60_l.jpg>; rel="canonical"
content-length: 11576
expires: Wed, 30 Jul 2025 22:53:35 GMT

GET
H2 200 d4418881.jpg
i1.wp.com/cdn2.ettoday.net/images/4418/ 8 KB
9 KB 1419ms
1378ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/cdn2.ettoday.net/images/4418/d4418881.jpg?resize=525,350&quality=75

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

a01ca6d98cd725a8b313959a8e75367596cfad686771f978cfee8f5d0c1eccdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nc: MISS ams 5
date: Mon, 31 Jul 2023 10:53:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 31 Jul 2023 10:53:34 GMT
server: nginx
etag: "c4b95a2d59eb7586"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://cdn2.ettoday.net/images/4418/d4418881.jpg>; rel="canonical"
content-length: 8694
expires: Wed, 30 Jul 2025 22:53:34 GMT

GET
H2 200 AL_56516.jpg
i0.wp.com/il.beauty321.com/gallery/articleIMG/ 19 KB
19 KB 1608ms
1566ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/il.beauty321.com/gallery/articleIMG/AL_56516.jpg?resize=525,350&quality=75

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

debc6faec7c4c2232107babb491d5fc8d6f0191d7701d68ee1be803ce864a47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nc: MISS ams 1
date: Mon, 31 Jul 2023 10:53:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 31 Jul 2023 10:53:34 GMT
server: nginx
etag: "55fd108787d8ba4e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://il.beauty321.com/gallery/articleIMG/AL_56516.jpg>; rel="canonical"
content-length: 19706
expires: Wed, 30 Jul 2025 22:53:34 GMT

GET
H2 200 554cf8649e112deea5abf574884e2a48_l.jpg
i0.wp.com/www.healthnews.com.tw/imageFile/202307/ 10 KB
10 KB 92ms
51ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.healthnews.com.tw/imageFile/202307/554cf8649e112deea5abf574884e2a48_l.jpg?resize=525,350&quality=75

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

7eadfe464ff8b3f6fdff8f397b40619cb952e5b716befb3a317d847f4cbbbabf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nc: MISS ams 5
date: Mon, 31 Jul 2023 10:53:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 31 Jul 2023 10:53:33 GMT
server: nginx
etag: "fd842dc3b26a17cc"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.healthnews.com.tw/imageFile/202307/554cf8649e112deea5abf574884e2a48_l.jpg>; rel="canonical"
content-length: 10534
expires: Wed, 30 Jul 2025 22:53:33 GMT

GET
H2 200 AL_56519.jpg
i0.wp.com/il.beauty321.com/gallery/articleIMG/ 23 KB
23 KB 100ms
59ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/il.beauty321.com/gallery/articleIMG/AL_56519.jpg?resize=525,350&quality=75

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

257a757b8daf04bb8d478ab9737ed2280fe1089de8923ce9c9e1792556680949

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nc: MISS ams 1
date: Mon, 31 Jul 2023 10:53:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 31 Jul 2023 10:53:33 GMT
server: nginx
etag: "b9fe7f9f85b8e6c4"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://il.beauty321.com/gallery/articleIMG/AL_56519.jpg>; rel="canonical"
content-length: 23040
expires: Wed, 30 Jul 2025 22:53:33 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
252 B 78ms
27ms Ping
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-B05KWBSN17&gtm=45je37q0&_p=1577203672&cid=909262517.1690800813&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690800813&sct=1&seg=0&dl=https%3A%2F%2F1appleday.com%2F&dt=%E8%98%8B%E6%9E%9C%E5%81%A5%E5%BA%B7%E5%92%AC%E4%B8%80%E5%8F%A3%C2%A0%7C%C2%A0%E6%9F%A5%E8%A9%A2%E5%90%84%E5%9C%B0%E5%81%A5%E4%BF%9D%E8%A8%BA%E6%89%80%20%E5%81%A5%E5%BA%B7%E6%96%B0%E8%81%9E%E8%B3%87%E8%A8%8A&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B05KWBSN17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 10:53:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1appleday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/bc1573be-2b0e-4939-8756-174eced72639/ 84 B
518 B 72ms
56ms Script
text/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/bc1573be-2b0e-4939-8756-174eced72639/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151603

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9ca101c49b57a4d46b3c5b79996f564a8b611bed284217cde2361f6e7b4b3bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:33 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
cf-polished: origSize=88
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 5722590d-6e76-4c01-a049-1f76633712ea
x-runtime: 0.006151
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"32bc6b1f215fcc4ceb52589795fed297"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 7ef54c5b0cf518b7-FRA
access-control-allow-headers: SDK-Version
expires: Mon, 31 Jul 2023 11:53:33 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/ 364 KB
125 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/show_ads_impl_fy2021.js?bust=31076491

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7be115738ff73d73b84c41328510e3396dda5897808e53d429a2c7b851f0debf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127822
x-xss-protection: 0
server: cafe
etag: 112616798572561359
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 10:53:33 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/ Frame 28F7 10 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1appleday.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 10:21:24 GMT
etag: 12368291122986407432
expires: Mon, 14 Aug 2023 10:21:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
329 B 29ms
28ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=1appleday.com&callback=_gfp_s_&client=ca-pub-8148945356111809

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/show_ads_impl_fy2021.js?bust=31076491

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc5f28e500a9ec83ec0966d5116abe7d8d34cef396e758dcf3f4214da8229b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2AB5 172 KB
53 KB 455ms
454ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8148945356111809&output=html&adk=1812271804&adf=3025194257&lmt=1690800813&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2F1appleday.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690800813280&bpp=3&bdt=337&idt=230&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4673175747082&frm=20&pv=2&ga_vid=909262517.1690800813&ga_sid=1690800814&ga_hid=1577203672&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076469%2C44759842%2C44759875%2C44759926%2C31076088%2C31076446%2C31076491%2C44788442%2C21065724&oid=2&pvsid=2960014060876018&tmod=2111066060&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=248

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/show_ads_impl_fy2021.js?bust=31076491

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f951646c40406e3b9ac6df696eb034171a6efb3f2918849c286332474407bfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1appleday.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 54062
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 10:53:33 GMT
expires: Mon, 31 Jul 2023 10:53:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B60C 106 KB
39 KB 472ms
472ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8148945356111809&output=html&h=200&slotname=1092333085&adk=3869495825&adf=2744490797&pi=t.ma~as.1092333085&w=1140&fwrn=4&lmt=1690800813&rafmt=11&format=1140x200&url=https%3A%2F%2F1appleday.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690800813283&bpp=1&bdt=340&idt=250&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4673175747082&frm=20&pv=1&ga_vid=909262517.1690800813&ga_sid=1690800814&ga_hid=1577203672&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076469%2C44759842%2C44759875%2C44759926%2C31076088%2C31076446%2C31076491%2C44788442%2C21065724&oid=2&pvsid=2960014060876018&tmod=2111066060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MUUVjZctRQ&p=https%3A//1appleday.com&dtd=256

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/show_ads_impl_fy2021.js?bust=31076491

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63171e1973421450a0a00b9dc7bc6e97d9ebc95fafcc737211d494309ebe5e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1appleday.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39995
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 10:53:33 GMT
expires: Mon, 31 Jul 2023 10:53:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adsypaptbase.js Show response
ypa.focusoftime.com/static/ 8 KB
8 KB 205ms
205ms Script
application/javascript 34.80.135.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ypa.focusoftime.com/static/adsypaptbase.js
Requested by: Host: ypa.focusoftime.com
URL: https://ypa.focusoftime.com/static/adsapiptbase.js?ptid=edb8c605e1e4e2f79ed3085e0fd505b9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.80.135.160 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.135.80.34.bc.googleusercontent.com
Software: /
Resource Hash: 36318bc9d59e88b71044e6d031964eb7fa178f2883bfac149a939f42a5780118

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:33 GMT
last-modified: Tue, 22 Mar 2022 05:55:29 GMT
etag: "623964d1-1eb5"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 7861
expires: Mon, 31 Jul 2023 11:53:33 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 94 KB
33 KB 71ms
20ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js?ver=1.11.2

Requested by

Host: ypa.focusoftime.com
URL: https://ypa.focusoftime.com/static/adsypaptbase.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 11:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33495
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 11:07:31 GMT

GET
H2 200 15212857227495645708
tpc.googlesyndication.com/simgad/ Frame B60C 31 KB
31 KB 115ms
38ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15212857227495645708?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qn8jzoQz8QGrCZV9sC7NW1GSuRi5Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8148945356111809&output=html&h=200&slotname=1092333085&adk=3869495825&adf=2744490797&pi=t.ma~as.1092333085&w=1140&fwrn=4&lmt=1690800813&rafmt=11&format=1140x200&url=https%3A%2F%2F1appleday.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690800813283&bpp=1&bdt=340&idt=250&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4673175747082&frm=20&pv=1&ga_vid=909262517.1690800813&ga_sid=1690800814&ga_hid=1577203672&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076469%2C44759842%2C44759875%2C44759926%2C31076088%2C31076446%2C31076491%2C44788442%2C21065724&oid=2&pvsid=2960014060876018&tmod=2111066060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MUUVjZctRQ&p=https%3A//1appleday.com&dtd=256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213cdff1743c6cf521b86da1b4795f6bf957420ac04da82e1ef83e237f345316

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:13:04 GMT
x-content-type-options: nosniff
age: 283230
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31285
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 13:19:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jul 2024 04:13:04 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame B60C 23 KB
9 KB 99ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 15:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 15:09:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame B60C 3 KB
1 KB 87ms
26ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 07:16:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 07:16:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame B60C 20 KB
9 KB 81ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25504
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 03:48:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B60C 179 KB
57 KB 99ms
38ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 31 Jul 2023 10:53:34 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame B60C 33 KB
13 KB 111ms
50ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4938ae629cfe26eaeb48f79a64d380e0f2f29a63b0cf0c98ef4dd19039ed3d81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 03:31:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13567
x-xss-protection: 0
server: cafe
etag: 2495518695802652152
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 03:31:01 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/ 154 KB
52 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/reactive_library_fy2021.js?bust=31076491

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/show_ads_impl_fy2021.js?bust=31076491

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c7cff830c0afe5f4769a47cb0b7b86c850a5839c90256b9526d03d914d6ed44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53523
x-xss-protection: 0
server: cafe
etag: 11654731868993138857
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 10:53:34 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F38A 143 B
166 B 22ms
21ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8148945356111809&output=html&h=200&slotname=1092333085&adk=3869495825&adf=2744490797&pi=t.ma~as.1092333085&w=1140&fwrn=4&lmt=1690800813&rafmt=11&format=1140x200&url=https%3A%2F%2F1appleday.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690800813283&bpp=1&bdt=340&idt=250&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4673175747082&frm=20&pv=1&ga_vid=909262517.1690800813&ga_sid=1690800814&ga_hid=1577203672&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076469%2C44759842%2C44759875%2C44759926%2C31076088%2C31076446%2C31076491%2C44788442%2C21065724&oid=2&pvsid=2960014060876018&tmod=2111066060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MUUVjZctRQ&p=https%3A//1appleday.com&dtd=256
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 2719
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 10:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F38A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

45ms
38ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 10:53:34 GMT
expires: Mon, 31 Jul 2023 10:53:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 10:53:34 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 keywordlist.js Show response
ypa.focusoftime.com/ 159 B
225 B 207ms
206ms Script
application/javascript 34.80.135.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ypa.focusoftime.com/keywordlist.js?_=1690800814053
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js?ver=1.11.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.80.135.160 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.135.80.34.bc.googleusercontent.com
Software: /
Resource Hash: 9c601f08cbfef5d3e7c33da6b313d14e1441cda60bb64ffaa45a81b090baf2cb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:34 GMT
content-length: 159
content-type: application/javascript

GET
H2 200 edb8c605e1e4e2f79ed3085e0fd505b9.js Show response
ypa.focusoftime.com/static/ 3 KB
3 KB 205ms
205ms Script
application/javascript 34.80.135.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ypa.focusoftime.com/static/edb8c605e1e4e2f79ed3085e0fd505b9.js?_=1690800814054
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js?ver=1.11.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.80.135.160 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.135.80.34.bc.googleusercontent.com
Software: /
Resource Hash: cd5679684c2ea433c84597142fe04db49afb46de9561da670539b37cb2c79328

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:34 GMT
last-modified: Tue, 22 Mar 2022 06:44:16 GMT
etag: "62397040-cef"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 3311
expires: Mon, 31 Jul 2023 11:53:34 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/ Frame 1515 10 KB
4 KB 21ms
20ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/show_ads_impl_fy2021.js?bust=31076491

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1appleday.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 40402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 23:40:12 GMT
etag: 12368291122986407432
expires: Sun, 13 Aug 2023 23:40:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 194ms
125ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/show_ads_impl_fy2021.js?bust=31076491
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://1appleday.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
DATA 200
OK truncated
/ Frame B60C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f4e556888b6a782385a1275aff8d3da003be92ba00fad915245438864206005

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14027018177283854622/ Frame 429A 7 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14027018177283854622/index.html

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24e9c68947ed2378f6040ac2b1263a7fdb8e217f10b8c33cdeab4322d41a0495

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 187135
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2478
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 06:54:39 GMT
expires: Sun, 28 Jul 2024 06:54:39 GMT
last-modified: Mon, 10 Jul 2023 15:15:42 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame 1515 23 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 15:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 15:09:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 14AA 143 B
166 B 22ms
22ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 2719
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 10:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 1515 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 07:16:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 07:16:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 1515 20 KB
8 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25504
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 03:48:30 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1515 0
20 B 122ms
121ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rsra&context=grsl&params=1-%26adk%3D1812271801%26client%3Dca-pub-8148945356111809%26fa%3D1%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26xpc%3D3PG0kIidE1%26p%3Dhttps%3A%2F%2F1appleday.com

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 10:53:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 429A 6 KB
3 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14027018177283854622/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 19:37:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 31 Jul 2023 19:37:45 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 429A 34 KB
13 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14027018177283854622/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 19:42:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54669
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 31 Jul 2023 19:42:25 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 429A 236 KB
63 KB 88ms
28ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14027018177283854622/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 31 Jul 2023 10:53:34 GMT

GET
H3 200 index.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14027018177283854622/ Frame 429A 12 KB
2 KB 26ms
25ms Script
application/x-javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14027018177283854622/index.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14027018177283854622/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d684ae60051b4c0eecab9771e707d079573a3e07b1136f4d636e05e569278aef

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Jul 2023 04:11:01 GMT
age: 283353
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2465
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 15:15:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jul 2024 04:11:01 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B60C 0
23 B 63ms
63ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CX_AUrZLHZLH5JqPWn88PsJWn4AOo6rK_cYrvo6bXEdq_mtbNCBABILi2y0tgsQWgAcKUrq0CyAECqQLyy4A24XmyPqgDAcgDyQSqBMsBT9BMrqD6gCv6C7K0MRCOy9w53jHxYPhCJf01LdRgzqMKAhAUKMtpKvBBsUPvAL6LLKKTxUd31p7iSCZpvVUagJjfwKdTa_WA_R70cYgGSXdx3J62A3swFHH0dt-hfIZzGTHG0hPtp1ErV0lY1ysqIRselNgXBTn9Jf1sMB3G9w4GHv_Xgm0GPXyjCAHM7qh0-QYMoKtcnDw4jQR1_0QSrt4UhMUh24AQW8aDWAXRmGIg0NfAv3g_HWOXrUzdLCjP-xWYyYx-yX2TOQXABO_Y2YDABKAGAoAHpuvR0gGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC5zgTSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAdgTA9AVAYAXAbIXHAoaCAASFHB1Yi04MTQ4OTQ1MzU2MTExODA5GAA&sigh=GzFyGJzFzk8&uach_m=[UACH]&cid=CAQSGwBpAlJW3QE56hff6KBII1F7R8aH4QnKFXo9HxgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8148945356111809&output=html&h=200&slotname=1092333085&adk=3869495825&adf=2744490797&pi=t.ma~as.1092333085&w=1140&fwrn=4&lmt=1690800813&rafmt=11&format=1140x200&url=https%3A%2F%2F1appleday.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690800813283&bpp=1&bdt=340&idt=250&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4673175747082&frm=20&pv=1&ga_vid=909262517.1690800813&ga_sid=1690800814&ga_hid=1577203672&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076469%2C44759842%2C44759875%2C44759926%2C31076088%2C31076446%2C31076491%2C44788442%2C21065724&oid=2&pvsid=2960014060876018&tmod=2111066060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MUUVjZctRQ&p=https%3A//1appleday.com&dtd=256
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 31 Jul 2023 10:53:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 31 Jul 2023 10:53:34 GMT

POST
H2 204 piwik.php
itsmy.ga/ 0
175 B 686ms
685ms Ping
text/plain 172.104.89.56
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://itsmy.ga/piwik.php?action_name=%E8%98%8B%E6%9E%9C%E5%81%A5%E5%BA%B7%E5%92%AC%E4%B8%80%E5%8F%A3%C2%A0%7C%C2%A0%E6%9F%A5%E8%A9%A2%E5%90%84%E5%9C%B0%E5%81%A5%E4%BF%9D%E8%A8%BA%E6%89%80%20%E5%81%A5%E5%BA%B7%E6%96%B0%E8%81%9E%E8%B3%87%E8%A8%8A&idsite=25&rec=1&r=460416&h=10&m=53&s=34&url=https%3A%2F%2F1appleday.com%2F&_id=9ebfcd494e70a647&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=dECbeP&pf_net=71&pf_srv=865&pf_tfr=3&pf_dm1=224&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D

Requested by

Host: itsmy.ga
URL: https://itsmy.ga/piwik.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.89.56 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1699-56.members.linode.com

Software

nginx / PHP/7.4.13

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://1appleday.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://1appleday.com
date: Mon, 31 Jul 2023 10:50:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
strict-transport-security: max-age=63072000
server: nginx
x-powered-by: PHP/7.4.13

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1515 179 KB
56 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 31 Jul 2023 10:53:34 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 14AA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

36ms
36ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 10:53:34 GMT
expires: Mon, 31 Jul 2023 10:53:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 10:53:34 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1515 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03cbbdc9c8ca3e7defbc7fc8c584d7a9e20884df55101023623933cfb858c0ab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adsypaptbase.css
ypa.focusoftime.com/static/ 3 KB
4 KB 205ms
205ms Stylesheet
text/css 34.80.135.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ypa.focusoftime.com/static/adsypaptbase.css
Requested by: Host: ypa.focusoftime.com
URL: https://ypa.focusoftime.com/static/adsypaptbase.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.80.135.160 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.135.80.34.bc.googleusercontent.com
Software: /
Resource Hash: 8e6dc5a407e1894a9789d82cb72fa3d90654acac449dfa547fb07765d8bf8eb5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:34 GMT
last-modified: Tue, 22 Mar 2022 07:26:17 GMT
etag: "62397a19-d85"
content-type: text/css
cache-control: max-age=3600
accept-ranges: bytes
content-length: 3461
expires: Mon, 31 Jul 2023 11:53:34 GMT

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C04 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 21:00:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 136383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 21:00:31 GMT

GET
H3 200 bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14027018177283854622/images/ Frame 429A 18 KB
18 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14027018177283854622/images/bg.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29cac26d2cd0664bb5dae74c12de6036b47e8a96e574283f4b72a6b105a9db1d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 28 Jul 2023 22:39:19 GMT
x-content-type-options: nosniff
age: 216855
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18694
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 15:15:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jul 2024 22:39:19 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1515 0
19 B 67ms
66ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CM51crZLHZJGzJoCIn88P8dmrUPvT_cxxiJb54PgR2r-a1s0IEAEguLbLS2CxBaABwpSurQLIAQmpAuUjJmJxe7I-qAMByANIqgTPAU_QyrB0V4FfShuiWxXJyXH9MqXKgpzILkULk-x1qVwHrocu2ukIa6UAp0SsIwv9SjKN_pZ8yJC-xLLu_8WSNBIChYmxa2Yb__wO_dSuEFrnFQ3aIn3cN-UctSxCr7RsUDQ-WdWdIIUvxMCsd-gBKcMYiLYwoQrRwo-XaIQuIG-2dxR7nqWVwCiF78CbaT0PxNvu9yYwC7iqCFaSrEwO1keT2-IaizVsa0V1wuLQDCy3XmmBZET9bbvWZhfLVqRJXJXdOMrQV0xpDrAsT8nQGsAE3_fdj7AEoAYugAem69HSAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELCpBdIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB2BMD0BUBgBcBshccChoIABIUcHViLTgxNDg5NDUzNTYxMTE4MDkYAA&sigh=j1k4yPHS31w&uach_m=[UACH]&cid=CAQSGwBpAlJW4YtI2WShTQHBL5qeLTwU2DMjdgb07xgB&template_id=419&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 31 Jul 2023 10:53:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 429A 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 21:00:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 136383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 21:00:31 GMT

GET
H3 200 cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14027018177283854622/images/ Frame 429A 1 KB
1 KB 20ms
20ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14027018177283854622/images/cta.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5e58c05d5fd3058b420eb113c53748ac9d813953043cc456e020c571ebb26a6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 28 Jul 2023 22:39:19 GMT
x-content-type-options: nosniff
age: 216855
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1475
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 15:15:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jul 2024 22:39:19 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14027018177283854622/images/ Frame 429A 3 KB
3 KB 20ms
20ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14027018177283854622/images/logo.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0829740150194ef6a49416c9bbb82aab5db9cc4af8fa888d0117300c436d685

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 29 Jul 2023 10:59:04 GMT
x-content-type-options: nosniff
age: 172470
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 15:15:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 10:59:04 GMT

GET
H3 200 t1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14027018177283854622/images/ Frame 429A 6 KB
6 KB 20ms
20ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14027018177283854622/images/t1.png

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541e5bc69b5feb299135f26d68d6a9b05e4133342b0819099a818ef724e576a1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 29 Jul 2023 06:54:40 GMT
x-content-type-options: nosniff
age: 187134
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 15:15:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 06:54:40 GMT

GET
H3 200 t2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14027018177283854622/images/ Frame 429A 4 KB
4 KB 20ms
19ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14027018177283854622/images/t2.png

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57cfa32fe7a1954be9588a0ad53dfcbcb83716596bd2b0bb2f8af0860b7e820b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 28 Jul 2023 01:50:12 GMT
x-content-type-options: nosniff
age: 291802
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4505
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 15:15:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jul 2024 01:50:12 GMT

GET
H3 200 t3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14027018177283854622/images/ Frame 429A 3 KB
3 KB 20ms
20ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14027018177283854622/images/t3.png

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd0bfac9cbf25daf3c102b4eb53437b7f8333f2113593a43bacb7731d889b073

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 29 Jul 2023 07:29:59 GMT
x-content-type-options: nosniff
age: 185015
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3322
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 15:15:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 07:29:59 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 70ms
69ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230726&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/show_ads_impl_fy2021.js?bust=31076491

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1aaa536748807ec97a545ce0e36e2a78707c8b01b1486b1069435d5016738513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11812
x-xss-protection: 0

POST
H3 204 ngx_pagespeed_beacon Show response
1appleday.com/ 0
418 B 292ms
291ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1appleday.com/ngx_pagespeed_beacon?url=https%3A%2F%2F1appleday.com%2F

Requested by

Host: 1appleday.com
URL: https://1appleday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://1appleday.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 31 Jul 2023 10:53:35 GMT
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFZjzlkxPzPhD6nSSvK0cdvSLH6uN5PsE6phrtCrnKjQ0G5rox3JhorZ6irDhrMwMRtzTbtlo1Am3ZDlRzx%2Fe%2BBoeao4kmmdN5K2DRy%2B9Ir8L7n34UBbWG5XRvxw3OU9X2%2FdNT%2BCyFPieyiI"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, no-cache
cf-ray: 7ef54c663d75bb80-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/show_ads_impl_fy2021.js?bust=31076491

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 10:53:35 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 645E 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1appleday.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1931
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 10:21:24 GMT
expires: Tue, 30 Jul 2024 10:21:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C293 783 B
535 B 41ms
41ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1e614f42b97d1621aac1eb556a5ce4a492b3694625c5cd73ca542b9e943f1037

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Q5oOvMC03jnrTBC144xNlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1appleday.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Q5oOvMC03jnrTBC144xNlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 10:53:35 GMT
expires: Mon, 31 Jul 2023 10:53:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 645E 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 21:00:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 136384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 21:00:31 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B60C 42 B
64 B 128ms
128ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv96I4wosBQXan03rg69_1ZowaxZefwVhxVe7GLQZt04iWfNvgyGZ00i3feTR9LkEOdh-PSiZFRSD7xfZGHDaiB62cD3MPW60n96ZUfj7uGXCeswYyLBKUhbABUdc1cYR14oY_U6bqeWnG5dK0dqC7Pn_ZhA0yGZ6B3YJmGX-mTdh1PzgPoRD3dCfBfrmk0ahrEN8K2R2bG0MALMM2F-x8L0u9eKE2lAI501UhqWZOPDGlG1DvW-MaK2N14EtdaQsPctDt94J9IcJH9YYfl0Ti6S62xLv2iddJnWj6zNnR7z-2MrmlTj0G2rv9ckxyAxW8cxuZsAf2Rfm5I3N15NWbPYtwMggQQKpFNW9df2KS5qTgOiMrEiYf0Guak9lDfWDBYllueyffUSeLDw2PdYqrIg0KaHdV51sLr5Dr44x4mpDTZ04jJkQ3rs2fnEk71oCjQ0wRQA7_9Ma8c8udjFRAuTSEIwqF5cOekCQdrJXrpUiO8rocrr_PQbWFwePtOAIcZA9whHcE1BfNvZT3YZ2w0F41IALwS7lWY8WYhG1vziGkGwdaQVdr-Xc0w79BwYStFbe6wbSK2hPT0eDpfmwmU94To0q6tjc6TrEN4iVrA5VxGH-dN0HM3ChBE4Z7I5LTDmym6_5vUXkxd5OxUGbU83tehMDEcCfRlz3mY4nTRP4RZLHNHVDxgocRNxWCpq1bcQVUi3Mcc2Slpz89qqnfdBg-AhRrXNtLnb6eR69rdTDAL4Fu1YaR4FcMNO3He58akxQZNOCx1zd3P0Djp_aI9T-3cR14SgjSe-zFruRzB8NeYyQ4lXTv8HK0RJgklv-UGVVxY__L-lJrq9OfFBIWUSDMI7W5tjNjHNJrqGzqFVvEMc70AlEpvYtNagVv00e_4TG76C-RZYb4RMzoDGAZU164RA7aFvNrzOqEIbd7dsbwJV90Sm0OUYShCdgSm7LEh&sai=AMfl-YRdkdwiaSBGWgkW436uJ0RK3qv_YgrZ1XLucVg10rlsaCAZrtVYRJ2lfspoAT5OpXem821sW8UnZXs0hM6pHWpi2MKBU6r8Ng&sig=Cg0ArKJSzKS8Ud14gV4sEAE&cid=CAQSGwBpAlJW3QE56hff6KBII1F7R8aH4QnKFXo9HxgB&id=lidar2&mcvt=1003&p=0,182,200,958&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3869495825&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690800813540&rpt=689&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 10:53:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C293 0
0 53ms
53ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230726&jk=2960014060876018&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 645E 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZXC_kg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 10:53:35 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1515 42 B
64 B 128ms
127ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstT19u91i6GwwJUviaZV_M56C1ozLYJLSqrd_KAdxnKAWm3tmvI0oqpmSJ9AH1KjJQtcM2j17-O5WySqaod30sIn1Z7DfmF1B7NAtLkxnl-OvXAz_GBZo7YAsmDPPl3QEao4CA-rOn_b6ejEItWFb2ngTRprxZKrD2kgpkaLiXrMt82qfS6BEEBDkgA0-ZKwYux5ncppMRsfOE2bUNQkv5Fuc5W9W0ev-zDi7pWh525Yy4fyv5gbf6_HIEVVFDSbSXdz9XzjxmXuRN5fTQLzKK1CfdySYc58LkzjVWFPY_Q9ld0BfHlrbLXcRb8s6hAj8ansnsaRAKafImoWb02Z6RQP7HfVA2giOq-PIRuha4dTgYdgsYQtK01U6PLGhA9zKYTVzcxChuENchB7PJEL4wgIpe-BVq0eJ66UxjjNiG3wj0mjstKpe_vx0lYURqHcOEmdGJ2Kkn6oca4AM-R1zOgiKya2gl8EIy6NNeaf1rcgywb18joBM-2yApwGmlVZHXKZJD3MDQndtXTkksIQX5n_PX2M0lw1m6ao37fy20WtObQOox_RDRSBOjMdTQZT-94vaKz9aE0Yu5J3c8s1aqR2ubPYRB4wud0XNpPzS6GO74n5B0rw2GQS3Jj2VBcmSAsrrauNWvWOnmGVu__FfE0kvjmlPzEqpQ_raLlxfENGeJgOMWiSPYgWhHV8QX6mMnOdlmUpro87nVypBUqMZ79f0MCDN8R_yhZQgYMVBPM-huVLI1jd8WrM8uGAQmB-Gbfqsg8O0NQ6DNyFpWdic3ziX7xCvdMBLm4Kx64W2fR42uB99iUU26ZE9jX0GUAZl1yrBB_2r1rL5WxC1KhEMg66UXsiHRJWYAJ2OgIHWdab7oRMtWlEXqwjmr-PdfvOcBr9wFJRav8_tphgYY25prUgaDsiXOHv7wjcF8RWcWYgeS_4zAl9LsNxTgAZSJfqrmY5RIPfQ&sai=AMfl-YSTwJFphwMvjiHnSO0OAkq17tlilDc5V5lDBZn9yuPhlW5kgj18VZudYdLRfnTyYh4HkEtB6TUt8G_IfbGrVoh88CwEB6ivtA&sig=Cg0ArKJSzM3HvOrR-trYEAE&cid=CAQSGwBpAlJW4YtI2WShTQHBL5qeLTwU2DMjdgb07xgB&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,766,1000,1095,1167&tos=0,766,234,95,72&v=20230726&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690800814132&rpt=241&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 10:53:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
56ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230726&jk=2960014060876018&bg=!lpWllcHNAAZGOVy5Zjk7ADkAdvg8WudXoqTaes5x8TAKkBAUHcVK1UbFplXLiwU-P2Wx9t32wZq-3RYzIs2QZF685RXDSwkijyQCAAAAU1IAAAAJaAEHmQK54s5_mwXhJUsLapdNH6YOZp0bSK_F3n4fDZdaweFWR8aHE86QDtQjXFDCPnH-FL6X44wvFgc1I7bvTBQokl8eQn9obwm19Vjqvl-P3RpLeZqlRYB4dapWdQyqNbTwsEtMzGYLof9sKdDS39WsHjKDIscaYsS2kKvuwrxDJg86gXBRx0KzP9zqV-h8xTP9zDn8E42in-UE4JAYgF9PUByX5phMTRjBuiTiTSQV8e7R9_mW9TzVc9F_ooMM1z76bBDQ2qPFXrP8rMxm0CPzMX46s4xh1vgCgDWHjihG9OrkS3LjYIO-ZF2YmerKuSBL1S0TxkZBGDsTC1fdTN5Wjvd37xFJgxXkD6O2UGCtD1B53uR_A34QfWmTVuJtSXU6mepK-hBlpxX7Vh6_z0kHA-La1WGEhnBDcxbIN1QdpN6iqm-LXuQF-X5kLe3w9EpYbktpBfH5bhJN_Ql0-Kx91ItGagX11ZAwa1Vq-vyOiy3dtnolgAy6kRohkWOrp0zc-9xLNaM8LMS96UTj5mjtaDKVEfnBCp7to-AjsK1xrrhd5ONSBQ3iT9spEwbi9VNuD_6KK1miEBfZh52oKJ7Sl9coIM-4YyvZ2nsPxkLiDRfuzetk4gSecN4RagZNVGQM2EnAO47gw99IgY-9eH7Nc7bYRU0ZRCQt3khcGLaAm3ce7lERhKPE2DugU6hzQ5coeAhPCAK94VyZ6oWUO6jy3WBofpj1rq11OXQHJgdhP65JoaxvatA3Km0EgyR8twE3AHaObCm2WAFVqjv0-LBFFFUaO7uV3i4ZPbeuWpYDXLvC95NfXbo5PNiTxEsgZp-xMZMBWyCp9ns2oNhnexEbuszdNOw5kIECNP_LdmoinS1ybSB-pRA8ri_kfILpqCqEjkf_6tWripZ3DLhjDB26WMgxlMgwa7kkPJvteg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1appleday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onesignal.com/	1970-01-20 13:40:02	Name: __cf_bm Value: 4ZcZ6DDSUu2KzR_lDzxpK0JrVSXzbxArtz7EYNIlt3g-1690800813-0-Ae0QFT3f967dA96ALAdXNu7vtGO7CdEHysZhs+Xv8f6I55mazMb19ZKsKFPPAgnLlW3lzuMKix5LhGGgzWjiS4I=
.1appleday.com/	1970-01-20 23:16:00	Name: _ga_B05KWBSN17 Value: GS1.1.1690800813.1.0.1690800813.0.0.0
.1appleday.com/	1970-01-20 23:16:00	Name: _ga Value: GA1.1.909262517.1690800813
.1appleday.com/	1970-01-20 23:01:36	Name: __gads Value: ID=2228e20e235a11c0-2217f5d929e300c1:T=1690800813:RT=1690800813:S=ALNI_MbOb2yM93wdPHzqdgayOJxaVd4dJg
.1appleday.com/	1970-01-20 23:01:36	Name: __gpi Value: UID=00000d34900c6eda:T=1690800813:RT=1690800813:S=ALNI_MadU8xx1BwF3VAl_GN0x3e5BTLxDw
.doubleclick.net/	1970-01-20 13:40:04	Name: DSID Value: NO_DATA
1appleday.com/	1970-01-20 23:05:56	Name: _pk_id.25.d8af Value: 9ebfcd494e70a647.1690800814.
1appleday.com/	1970-01-20 13:40:02	Name: _pk_ses.25.d8af Value: 1
.doubleclick.net/	1970-01-20 23:16:00	Name: IDE Value: AHWqTUnaOPKUMTNWEw44Hgv-qVFLLDkIHdHwmjSuOcfvGQfQroNoQ-a6HfCZUc09stw

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14027018177283854622/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14027018177283854622/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1appleday.com
ajax.googleapis.com
cdn.onesignal.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i0.wp.com
i1.wp.com
itsmy.ga
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
ypa.focusoftime.com
172.104.89.56
192.0.77.2
2606:4700::6812:d63b
2a00:1450:4001:801::200e
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2008
2a06:98c1:3121::3
34.80.135.160
03cbbdc9c8ca3e7defbc7fc8c584d7a9e20884df55101023623933cfb858c0ab
0c76aabed86b63a80876d209c9a852116ae44087a6aceeb21aa3c1e4ac91109b
0fc5f28e500a9ec83ec0966d5116abe7d8d34cef396e758dcf3f4214da8229b6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1aaa536748807ec97a545ce0e36e2a78707c8b01b1486b1069435d5016738513
1e614f42b97d1621aac1eb556a5ce4a492b3694625c5cd73ca542b9e943f1037
213cdff1743c6cf521b86da1b4795f6bf957420ac04da82e1ef83e237f345316
22a799158fe74ae3e802bb4708fa9b5888b3553ca8296ae1f4a23799a006d1ba
24e9c68947ed2378f6040ac2b1263a7fdb8e217f10b8c33cdeab4322d41a0495
257a757b8daf04bb8d478ab9737ed2280fe1089de8923ce9c9e1792556680949
29cac26d2cd0664bb5dae74c12de6036b47e8a96e574283f4b72a6b105a9db1d
29fd5f82877603cd338b02ae6cf841b3a1d15813093fe3c5427d0ed580d3884a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34c56f1123e8f033701a328441367871a22d5ae723b6cf7fe9b927a9622619e7
36318bc9d59e88b71044e6d031964eb7fa178f2883bfac149a939f42a5780118
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
4938ae629cfe26eaeb48f79a64d380e0f2f29a63b0cf0c98ef4dd19039ed3d81
4edf4d817609d3e5124052cf3ce866513ed540cb329d80b7159f279016f2a650
4f4e556888b6a782385a1275aff8d3da003be92ba00fad915245438864206005
541e5bc69b5feb299135f26d68d6a9b05e4133342b0819099a818ef724e576a1
543d6327016c035fe20a64e2bddb76f1294766acdaa2e54fb16194984f9cf857
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57cfa32fe7a1954be9588a0ad53dfcbcb83716596bd2b0bb2f8af0860b7e820b
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
5c7cff830c0afe5f4769a47cb0b7b86c850a5839c90256b9526d03d914d6ed44
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63171e1973421450a0a00b9dc7bc6e97d9ebc95fafcc737211d494309ebe5e98
6452d2c460939a653c687450df627288e09cd0d8e19bbbb154e669271f1fe10a
68af4c5878b9d0040bc9bb8663e9018bbcddd89a2520d6470dfeafed4e2cfd3a
6dcc39dd4ffcf76f932815ad306bd4e3b079ce1f2ceb21f2807f228654e2a98a
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
70e427bd250ba69d1e01c01a57a28551a19e05377312962a0039a4901654cc22
7be115738ff73d73b84c41328510e3396dda5897808e53d429a2c7b851f0debf
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7cf81f0cfd54e41313d33365cf0fdcc2048860d3e24b4cf0cd832342d3c7be46
7eadfe464ff8b3f6fdff8f397b40619cb952e5b716befb3a317d847f4cbbbabf
8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50
8e6dc5a407e1894a9789d82cb72fa3d90654acac449dfa547fb07765d8bf8eb5
8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3
8f951646c40406e3b9ac6df696eb034171a6efb3f2918849c286332474407bfc
93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19
958b285c8c6bbb73221d5170bea81b8275a33e6a61b48cc7c54e0c035e11c17c
9c601f08cbfef5d3e7c33da6b313d14e1441cda60bb64ffaa45a81b090baf2cb
a01ca6d98cd725a8b313959a8e75367596cfad686771f978cfee8f5d0c1eccdf
ac14b94ac1689eea5d39cd29390d3bec755a0508b0d03c75a450f35ea54d9e5a
b9ca101c49b57a4d46b3c5b79996f564a8b611bed284217cde2361f6e7b4b3bc
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bf302115788461d07829030d63fcd321a510f05cea9949a16b3ae82918fb8172
bfcfe534590f5b61098f3a55b3b130d099937ad504b11399a342861406a1ac91
c0829740150194ef6a49416c9bbb82aab5db9cc4af8fa888d0117300c436d685
c0eda55ec47640c00aa84096fabdb63c66f5e456f7b141e1ba1d153c2b6ebceb
cd0bfac9cbf25daf3c102b4eb53437b7f8333f2113593a43bacb7731d889b073
cd5679684c2ea433c84597142fe04db49afb46de9561da670539b37cb2c79328
cef5c13028789112f8e2a3a1f2811895a6f3f8b86a3f1dc6e964d335d296aaed
d12456ebcf0309eaa1dfc91beb9a97776bbff500999affe40fc0670949986c0a
d2c726acb0a3050c037ef0f9a3128d4a747d8fa8e1e1b57207babbe121d899c1
d5e58c05d5fd3058b420eb113c53748ac9d813953043cc456e020c571ebb26a6
d684ae60051b4c0eecab9771e707d079573a3e07b1136f4d636e05e569278aef
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
dd03632667862a581d2301af3cba42f42e68ad0902140840224df3a422fcff86
debc6faec7c4c2232107babb491d5fc8d6f0191d7701d68ee1be803ce864a47f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6013f0cb0737d7b55b11f7481176e4080e13347d0bc1e0475599af50f623805
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

1appleday.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

86 Requests

100 %HTTPS

80 %IPv6

15 Domains

19 Subdomains

16 IPs

4 Countries

1564 kBTransfer

4077 kBSize

9 Cookies

1 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

1appleday.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

100 %
HTTPS

80 %
IPv6

15
Domains

19
Subdomains

16
IPs

4
Countries

1564 kB
Transfer

4077 kB
Size

9
Cookies

86 HTTP transactions
2 data transactions