xbtgseba5.pages.dev Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xbtgseba5.pages.dev/
Effective URL:
https://xbtgseba5.pages.dev/
Submission: On February 13 via api (February 13th 2024, 6:04:57 am UTC) from US — Scanned from NL

Summary HTTP 165 Redirects Links 66 Behaviour Indicators

Summary

This website contacted 29 IPs in 5 countries across 19 domains to perform 165 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is xbtgseba5.pages.dev.
TLS certificate: Issued by E1 on February 13th 2024. Valid for: 3 months.

This is the only time xbtgseba5.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	195.181.241.253 195.181.241.253	() ()
7	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	104.102.46.108 104.102.46.108	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
29	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:170... 2a02:26f0:1700:181::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:170... 2a02:26f0:1700:1ad::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	167.235.124.59 167.235.124.59	() ()
10	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
3	52.49.79.233 52.49.79.233	16509 (AMAZON-02) (AMAZON-02)
1	167.235.124.25 167.235.124.25	24940 (HETZNER-AS) (HETZNER-AS)
20	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
3	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
6	142.250.185.226 142.250.185.226	() ()
3	2a00:1450:400... 2a00:1450:4001:811::2006	() ()
1	2a00:1450:400... 2a00:1450:4001:813::200a	() ()
1	2a00:1450:400... 2a00:1450:4001:82b::2001	() ()
165	29

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

xbtgseba5.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 195.181.241.253 (Lithuania)

ASN- ()
PTR: 4xyy.l.time4vps.cloud

bctser343grh.giize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.46.108 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-46-108.deploy.static.akamaitechnologies.com

code3.adtlgc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

media.promotor.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:181::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

scdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:1ad::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 167.235.124.59 (Bühl, Germany)

ASN- ()
PTR: nue0037.cxense.com

comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.49.79.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-79-233.eu-west-1.compute.amazonaws.com

admp-tc-sati.adtlgc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.235.124.25 (Bühl, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nue0003.cxense.com

api.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3b55fef12947a5acbb5ac024a8d4c7a2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.226 (None, )

ASN- ()

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (None, )

ASN- ()

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (None, )

ASN- ()

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 114 3b55fef12947a5acbb5ac024a8d4c7a2.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	675 KB
29	promotor.ro media.promotor.ro
20	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 stats.g.doubleclick.net — Cisco Umbrella Rank: 80 ad.doubleclick.net — Cisco Umbrella Rank: 157 googleads4.g.doubleclick.net googleads.g.doubleclick.net Failed static.doubleclick.net Failed	290 KB
12	gstatic.com fonts.gstatic.com	151 KB
10	giize.com bctser343grh.giize.com	586 KB
8	cxense.com scdn.cxense.com — Cisco Umbrella Rank: 15094 cdn.cxense.com — Cisco Umbrella Rank: 4997 comcluster.cxense.com — Cisco Umbrella Rank: 4552 p1cluster.cxense.com — Cisco Umbrella Rank: 9116 id.cxense.com — Cisco Umbrella Rank: 10226 api.cxense.com — Cisco Umbrella Rank: 8083	77 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	123 KB
6	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 382	121 KB
5	youtube.com www.youtube.com — Cisco Umbrella Rank: 74	976 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
4	adtlgc.com code3.adtlgc.com — Cisco Umbrella Rank: 95883 admp-tc-sati.adtlgc.com — Cisco Umbrella Rank: 89760	14 KB
3	2mdn.net s0.2mdn.net	343 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2720 www.google.com — Cisco Umbrella Rank: 2	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	142 KB
2	pages.dev xbtgseba5.pages.dev	35 KB
1	ggpht.com yt3.ggpht.com	2 KB
1	googleapis.com jnn-pa.googleapis.com
1	google.nl www.google.nl — Cisco Umbrella Rank: 9463	408 B
0	ytimg.com Failed i.ytimg.com Failed
165	19

	Domain	Requested by
29	media.promotor.ro	xbtgseba5.pages.dev
21	tpc.googlesyndication.com	securepubads.g.doubleclick.net xbtgseba5.pages.dev tpc.googlesyndication.com ad.doubleclick.net
20	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net xbtgseba5.pages.dev
12	fonts.gstatic.com	xbtgseba5.pages.dev www.youtube.com
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net xbtgseba5.pages.dev pagead2.googlesyndication.com
10	bctser343grh.giize.com	xbtgseba5.pages.dev
7	www.googletagservices.com	xbtgseba5.pages.dev securepubads.g.doubleclick.net www.googletagservices.com
6	googleads4.g.doubleclick.net	ad.doubleclick.net
6	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.youtube.com	bctser343grh.giize.com www.youtube.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	s0.2mdn.net	xbtgseba5.pages.dev ad.doubleclick.net
3	ad.doubleclick.net	www.googletagservices.com
3	admp-tc-sati.adtlgc.com	code3.adtlgc.com
2	www.google.com	tpc.googlesyndication.com www.youtube.com
2	comcluster.cxense.com	scdn.cxense.com cdn.cxense.com
2	cdn.cxense.com	scdn.cxense.com cdn.cxense.com
2	www.googletagmanager.com	xbtgseba5.pages.dev www.googletagmanager.com
2	xbtgseba5.pages.dev	bctser343grh.giize.com
1	yt3.ggpht.com	www.youtube.com
1	jnn-pa.googleapis.com	www.youtube.com
1	3b55fef12947a5acbb5ac024a8d4c7a2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	api.cxense.com	scdn.cxense.com
1	www.google.nl	xbtgseba5.pages.dev
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	id.cxense.com	scdn.cxense.com
1	p1cluster.cxense.com	cdn.cxense.com
1	scdn.cxense.com	xbtgseba5.pages.dev
1	code3.adtlgc.com	xbtgseba5.pages.dev
0	i.ytimg.com Failed	www.youtube.com
0	static.doubleclick.net Failed	www.youtube.com
0	googleads.g.doubleclick.net Failed	www.youtube.com
165	33

This site contains links to these domains. Also see Links.

Domain
bctser343grh.giize.com
www.facebook.com
www.instagram.com
www.youtube.com
www.tiktok.com
open.spotify.com
www.prosport.ro
www.gandul.ro
www.cancan.ro
ciao.ro
www.descopera.ro
www.go4it.ro
www.promotor.ro

Subject Issuer	Validity	Valid
xbtgseba5.pages.dev E1	`2024-02-13` - `2024-05-13`	3 months	crt.sh
bctser343grh.giize.com R3	`2024-01-02` - `2024-04-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
cdn-content-production.cxpublic.com R3	`2023-12-10` - `2024-03-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
promotor.ro GTS CA 1P5	`2024-01-17` - `2024-04-16`	3 months	crt.sh
*.cxense.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.adtlgc.com R3	`2024-02-10` - `2024-05-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://xbtgseba5.pages.dev/
Frame ID: 53AA30C2E3F03C67CA47E11F5D2DB11B
Requests: 74 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: B4E9226971A9E00BF61E20CC9CF40822
Requests: 4 HTTP requests in this frame

Frame: https://3b55fef12947a5acbb5ac024a8d4c7a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AF046C6BFFCCAE65CFE8BA3BDBD7D7B9
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/-45pW16pKvE?feature=oembed&rel=0&controls=0&showinfo=0&modestbranding=1&
Frame ID: 80A2459FCA30A4424CDA931CD43F9C47
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshIMvC7N3K3HCOr_4TLXfou-ZKboOh7HF2dXx6ohNvrhhh8W0cgtaXHfNg7W1zciB19O-LO09A6RjSuYMvTUd-HYqNBQ8EGS4NH68iaevR3jqDD9-zGnoCFuv7F0nr3SfKicEpslF84RCbu54XQNm__VQ3qSdoz4t-6QyNQfD49QxPJVCTxYp-rFjJsRSLui-fCTCY2T7iTDMYKjLFuZtbgiba3CDh8qJRvcLYe2OCY8vkYFWzRABSYtpEPjyHUezZ4bKQTllI5QGQb62x5QrwrHz_3RHddJgA_WUS2DepWGIYYuMaL44NyqJlSbmD6wbiXZkZjrIxXVjxbi4whHNJofXn6hIPg4aAvb1cjtMkjdalBnB9IEmsJIFXcNSzD21ava6kHcvBQ-gLQW-JODbnYsULS1s85Q&sai=AMfl-YT6wcUv1fuQkesdFj32n7Uj-gZORWDhrZau4o4J0bmyFrCnTFUWU81q1mgAjeNlNvoZmj7bahQXMatGZwvjyuoLFbEaRCdFuN_iO9bSg8w0ZRZWdPQhXsB8uue0G_BifKFVc9Mng3El1lOL_DacyuQO&sig=Cg0ArKJSzPonukhVdxloEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 201E7F5C0A933D7E87556202ECE08087
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1SSPl9gx0dvO9KFQrghJ_fEaRG3yl90sVWhEmu6j4yhdrLU5aWv4Oy4oGZsxOfph7q7pHVixKgJvLCn9zaytETKCJNnF4nW_9Pz-1wNGPkLeUkD9iWlwZjO0Gme0IE_nt5MyIL-CDyepWIyx9jHS7eneDo_Pp5YZ-sqDuSlkXusOUj5arKx2XjNGxrG6pKyAYnX0Hkc-mkaL069EQ5bFBTM7lVKc8xOAhfZ9FXe4nTgY3UROaimshoDJV-TdoRDJZM0fS3D_7xJZjy_4jhd6EpYixGBj2dDIyIem2aVez-nQKWtAQfFwj16bhk33lssDLHBZxYAwMW0Yba0XIJwcyefdXYnndWC1QRZeJMdy9ru_E_b8fxv1pQcVO7ySkJ2I3CPGHsMgBdHQHIkxsQXeRNIoW2N5nbA&sai=AMfl-YTKBxBS7ugH979R8Ra7Jo70bmnOLq1SVrU8C6mn_6W6cqbnmG3A2-lNN9Ad2mZsV0HmIsMUQ5f0vYrK3n3rdCMYZzJCTmBf9quMcg0bMqJoAMN8DBZG0Bt2i9bFuW23m_-Yl6VhYN-NuOarDUrcxcdD&sig=Cg0ArKJSzPI_wwCNrN0uEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: EC2F5AA159A95D32BFFD2FA20192D1E4
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvS3m3OEybtovB_33KTbMl-IzAS9gEP-Jc70UjDjQ6_ZmVEBWnMxS5Dp7UYGN8aNHlrTBL10nqChjxpRzadU1hnOQf4kPl_vy2WjhUptbZS_2g87P9I_qPJ6RBahSIaVs_TBVrJzd9g0s0I3-8qFJKa00xTdEyqfNvQwYxmZ-DNs0DxKLjlr0sIEPtqAYW7qs0zOV_zcWsZEoUETuJx924CtA1vohlb-WXltz-aYIjH7xAaD1LWjhBk1O0bHSrjQmXHxJPwkQ34qtrpre-PkT2Xm3XwQ_L3WjcgTCXf1E7V4WEIVfWLa6mABiSCe0xd2wATeEW5uc1kORmkTwfqgz4GPEf5Y9H92Xj3FhHXV-ll8zh08UjEFh_MM505ldpy1x-t2vKm5Drnu0CQtdzUDOfi9MsRhUDGoQ&sai=AMfl-YQKUNSFUG8lcdsl7fAJZHxmzN8VEW-I2FL46dF5xg-YOS09hHq0Dn92xr514RpRVFXLFvwI8nFgnImYVU3alwTuLunz1kSXiXfSWqv_90SA4nXBJ8DwXAlv_HFZYQ0_qtjUskHbmsJrHPaFMtiTvrkN&sig=Cg0ArKJSzCCcVJAQSepmEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 0DBF4CD67955B43CEAB9A46201376CC8
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012402060239000/amp4ads-v0.mjs
Frame ID: F4BF84D18E4DABEB7D4D94C3775E3F60
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D2879B88436CE331713413EDC5A850F2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C6B6841FEB53EE95A33FDA530F6909CE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B1E9EC0881FEA4D5143D5B7DADE3FD9F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 0C1604C2653C5740DD8C29D099062A15
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: AE62C9F1E7C66FDC5D3D1C9BA8B0AA96
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Știri despre industria auto | Noutăți pentru pasionați și teste auto | Promotor.ro

Page URL History Show full URLs

http://xbtgseba5.pages.dev/ HTTP 307
https://xbtgseba5.pages.dev/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

165
Requests

97 %
HTTPS

75 %
IPv6

19
Domains

33
Subdomains

29
IPs

5
Countries

3575 kB
Transfer

8942 kB
Size

18
Cookies

66 Outgoing links

These are links going to different origins than the main page.

URL: https://bctser343grh.giize.com/

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto
Title: Știri

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/eco
Title: Mașini electrice

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/test-drive
Title: Test drive

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/utile
Title: Utile

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/teste-video
Title: Video

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/podcast-cu-prioritate
Title: Podcast cu Prioritate

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/cat-costa
Title: Cât costă?

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ProMotorRomania

Search URL Search Domain Scan URL

URL: https://www.instagram.com/promotor_ro

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC0qd3p9BkE0JuV34c6hTjCA

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@promotorro

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/1Cy2WFngsvj2Wny596HamY

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/test-drive-mazda-mx-30-plug-in-hybrid-motorul-rotativ-s-a-intors-19250893

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/suzuki-swift-este-masina-ideala-pentru-oras-un-pachet-distractiv-si-economic-video-19252533

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/renault-dezvaluie-numele-noului-sau-suv-compact-modelul-va-fi-denumit-symbioz-19252511

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/ford-puma-facelift-a-debutat-oficial-iata-ce-s-a-schimbat-pe-crossover-ul-produs-la-craiova-video-19251750

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/2024-cat-costa-sa-aduci-o-masina-din-olanda-e-mai-ieftin-cu-platforma-sau-pe-cont-propriu-19252972

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/advertoriale/bilbor-locul-unei-vacante-de-vis-cu-aerul-cel-mai-pur-din-romania-ape-minerale-si-paduri-nesfarsite-19253477

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/viitoarea-toyota-gr86-ar-putea-fi-propulsata-de-un-motor-hibrid-in-3-pistoane-19253427

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/autorulotele-mercedes-benz-marco-polo-aniverseaza-40-de-ani-de-existenta-iar-viitorul-se-anunta-a-fi-electric-19253278

Search URL Search Domain Scan URL

URL: https://www.prosport.ro/poze/actrita-face-dezvaluiri-incendiare-despre-relatiile-cu-barbatii-casatoriti-din-fotbal-am-fost-cu-trei-jucatori-si-am-aflat-ca-toti-aveau-logodnice-sau-sotii-cum-arata-tanara-careia-19825830?pic=19825880&utm_source=Promotor&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://www.gandul.ro/poze/o-recunosti-printesa-cu-ochi-verzi-adulata-de-milioane-de-romani-20148588?pic=0&utm_source=Promotor&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://www.cancan.ro/breaking-news-sinucidere-socanta-in-lumea-buna-a-capitalei-milionarul-s-a-gazat-cu-fum-de-la-gratar-in-baia-vilei-din-pipera-20956133?utm_source=Promotor+HP&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://ciao.ro/poze/top-ciao-ro-ia-mai-toarna-un-paharel-sa-ne-veselim-nitel-sprit-corespunzator-si-vedete-fara-control/?utm_source=ProMotor&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/regulile-si-indicatoarele-rutiere-se-aplica-in-parcarea-magazinului-ce-prevede-codul-rutier-19253276

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/cea-mai-urata-masina-din-lume-reimaginata-in-forma-electrica-foto-19253382

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/2024-cand-trebuie-inlocuit-filtrul-de-ulei-si-cel-de-benzina-sau-motorina-ce-recomanda-mecanicii-19253096

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/ferrari-purosangue-a-fost-fotografiat-in-bucuresti-mingea-de-foc-de-725-cp-galerie-foto-19253156

Search URL Search Domain Scan URL

URL: https://www.descopera.ro/galerii/20546549-lumini-ciudate-si-verzi-observate-pe-planeta-venus-ce-ar-putea-fi?pic=1&utm_source=Promotor+HP&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://www.go4it.ro/content/unelte-si-accesorii-esentiale-disponibile-in-oferta-kaufland-19228997/?utm_source=promotor+hp&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/permisul-de-conducere-va-fi-suspendat-in-toata-europa-nu-doar-in-tara-in-care-a-fost-emis-19253123

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/un-nou-document-devine-obligatoriu-in-2024-sunt-vizati-proprietarii-de-masini-19253045

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/noul-aston-martin-vantage-livreaza-mai-multa-putere-si-un-desing-mult-mai-matur-video-19253022

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/asemanari-si-diferente-intre-scuter-si-moped-care-poate-fi-condus-cu-permis-categoria-b-19252561

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/podcast-cu-prioritate/editia-32-podcast-cu-prioritate-by-promotor-apare-luni-12-februarie-ora-1200-invitat-george-grigorescu-19251248

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/test-drive-cu-mazda6-20th-anniversary-edition-ca-la-20-de-ani-19238816

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/test-drive-cu-bmw-seria-5-un-nou-inceput-19227167

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/test-drive-peugeot-508-facelift-o-specie-pe-cale-de-disparitie-19220699

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/rivalul-daciei-duster-a-ajuns-in-romania-ce-ofera-noul-mg-zs-video-19250142

Search URL Search Domain Scan URL

URL: https://www.prosport.ro/poze/un-roman-e-mai-tare-decat-george-clooney-s-a-cuplat-cu-fosta-iubita-a-actorului-care-e-mai-mare-ca-el-cu-15-ani-si-acum-femeia-e-in-extaz-galerie-foto-19825066?pic=19825088&utm_source=Promotor+%5B2%5D&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://www.prosport.ro/poze/devoratoarea-de-rapperi-este-insarcinata-cu-pustiul-vedeta-care-e-cu-18-ani-mai-mic-decat-ea-esti-o-pradatoare-cum-arata-femeia-de-39-de-ani-care-are-un-fiu-de-v-19824388?pic=19824391&utm_source=Promotor+%5B3%5D&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/cine-e-vinovat-daca-soferul-din-fata-a-pus-frana-fara-motiv-politistul-tavi-pertea-explica-video-19252494

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/2024-poti-conduce-duba-de-marfa-cu-permis-categoria-b-ce-limite-sunt-impuse-de-lege-19251885

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/2024-ai-voie-sa-opresti-in-sensul-giratoriu-cu-mai-multe-benzi-de-circulatie-ce-prevede-codul-rutier-19251408

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/cum-te-poti-feri-de-samsarii-de-masini-cele-5-teste-care-te-ajuta-sa-cumperi-o-masina-buna-19251138

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/utilitara-citroen-jumper-aniverseaza-30-de-ani-de-existenta-19252719

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/noua-toyota-gr-yaris-costa-peste-100-000-in-franta-din-cauza-taxelor-aplicate-pe-emisii-19252946

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/noul-abarth-600e-a-fost-prezentat-oficial-este-cel-mai-puternic-model-din-istoria-brandului-italian-19252849

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/ford-lucreaza-la-un-model-electric-accesibil-care-sa-rivalizeze-cu-tesla-model-3-19252465

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/parapetele-actuale-nu-au-nicio-sansa-in-fata-masinilor-electrice-mari-cum-arata-impactul-cu-un-rivian-r1t-video-19251665

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/aro-ul-ce-a-apartinut-securitatii-a-fost-scos-la-vanzare-pe-olx-care-este-pretul-cerut-pe-masina-foto-19252922

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/cel-mai-puternic-pagani-din-istorie-foloseste-un-motor-v12-cu-900-cp-galerie-foto-19252895

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/2024-romanii-vor-avea-carte-de-identitate-electronica-cum-pot-soferii-folosi-noul-document-19242990

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/poti-da-cu-spatele-pe-o-strada-cu-sens-unic-manevre-interzise-de-codul-rutier-19236835

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/2024-este-valabila-inspectia-tehnica-periodica-in-ultima-zi-ce-patesti-daca-esti-prins-cu-itp-expirat-de-15-zile-19232538

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/stiri-auto/record-pe-piata-auto-din-europa-suv-urile-au-fost-cele-mai-vandute-masini-din-2023-19252807

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/termeni-si-conditii
Title: Termeni si conditii

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/politica-de-confidentialitate
Title: Politica de confidentialitate

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/echipa-editoriala
Title: Echipa editorială

Search URL Search Domain Scan URL

URL: https://bctser343grh.giize.com/contact
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.promotor.ro/stiri-auto/suzuki-swift-este-masina-ideala-pentru-oras-un-pachet-distractiv-si-economic-video-19252533
Title: Suzuki Swift este mașina ideală pentru oraș. Un pachet distractiv și economic - VIDEO

Search URL Search Domain Scan URL

URL: https://www.promotor.ro/stiri-auto/rivalul-daciei-duster-a-ajuns-in-romania-ce-ofera-noul-mg-zs-video-19250142
Title: Rivalul Daciei Duster a ajuns în România. Ce oferă noul MG ZS - VIDEO

Search URL Search Domain Scan URL

URL: https://www.promotor.ro/stiri-auto/honda-cr-v-un-punct-de-referinta-in-segmentul-suv-urilor-de-familie-video-19247804
Title: Honda CR-V: Un punct de referință în segmentul SUV-urilor de familie - VIDEO

Search URL Search Domain Scan URL

URL: https://www.promotor.ro/stiri-auto/noul-ford-transit-courier-monovolum-bun-la-toate-produs-la-craiova-video-19246481
Title: Noul Ford Transit Courier: Van-ul bun la toate, produs la Craiova - VIDEO

Search URL Search Domain Scan URL

URL: https://www.promotor.ro/stiri-auto/renault-arkana-facelift-suv-ul-coupe-accesibil-video-19245823
Title: Renault Arkana facelift: SUV-ul coupe accesibil - VIDEO

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xbtgseba5.pages.dev/ HTTP 307
https://xbtgseba5.pages.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

165 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
xbtgseba5.pages.dev/
Redirect Chain

http://xbtgseba5.pages.dev/
https://xbtgseba5.pages.dev/

225 KB
32 KB

427ms
371ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b0260a5f9545d179da36b8d13d613ee314ac32ec5cbad8ef0730a3f255ce4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: GET, OPTIONS, POST, PURGE
access-control-allow-origin: *
age: 248
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 854ae054f8400b04-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 13 Feb 2024 06:04:51 GMT
link: <https://www.promotor.ro/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMNMJXkNhio5Bn8hzB%2FGcCpXG8hrI2ZGuwgsYC49TqEUJKqVTbNmnDe7UEXLRqUi%2FHjJtMHxH3tjEW6ASs74Rt6%2BukEC1mEuSKZ6JZv5mUBwbluCX%2FOWdKescqTXaYOwp1M%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload;
vary: Accept-Encoding
x-cacheable: yf
x-served-by: web08

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://xbtgseba5.pages.dev/
Non-Authoritative-Reason: HSTS

GET
H2 200 styles.css
bctser343grh.giize.com/wp-content/themes/promotor-nineteen/assets/build/ 123 KB
124 KB 466ms
211ms Stylesheet
text/css 195.181.241.253

General

Check archive.org

Show headers Download Go to

Full URL

https://bctser343grh.giize.com/wp-content/themes/promotor-nineteen/assets/build/styles.css?ver=1707203161

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.181.241.253 , Lithuania, ASN (),

Reverse DNS

4xyy.l.time4vps.cloud

Software

nginx/1.25.3 /

Resource Hash

d110d4a59eed5e7930b518b3fb1a76c1b7615275be6ebe7d6f0248dea2c0bb29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
cf-cache-status: HIT
x-cacheable: yf
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 600768
cf-polished: origSize=125689
alt-svc: h3=":443"; ma=86400
content-length: 125462
cf-bgj: minify
server: nginx/1.25.3
last-modified: Tue, 06 Feb 2024 07:06:02 GMT
etag: W/"65c1da5a-1eaf9"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST, PURGE
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3flu8%2B8BRi8cv%2Bjc9dV67QO2bKeE7JpqM7GPIpFmpjEDlOXwOu3aG00wi5TbOuVKy29E%2FUsWuXkvacgFcsV1P4Z2%2BfKIa089oAJVaj%2BTCMr4DCcb%2Fsbgt%2Bc6MWrCaWmp7WE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 854ae059bf2b3cbf-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Wed, 05 Feb 2025 07:06:26 GMT

GET
H2 200 polls-css.css
bctser343grh.giize.com/wp-content/plugins/wp-polls/ 2 KB
2 KB 404ms
149ms Stylesheet
text/css 195.181.241.253

General

Check archive.org

Show headers Download Go to

Full URL

https://bctser343grh.giize.com/wp-content/plugins/wp-polls/polls-css.css?ver=2.77.2

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.181.241.253 , Lithuania, ASN (),

Reverse DNS

4xyy.l.time4vps.cloud

Software

nginx/1.25.3 /

Resource Hash

31b11a2e634abd7166080ec689881f1152413a31284ab5fdff37ffd2cfac3212

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
cf-cache-status: HIT
x-cacheable: yf
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6470353
cf-polished: origSize=2708
alt-svc: h3=":443"; ma=86400
content-length: 1578
cf-bgj: minify
server: nginx/1.25.3
last-modified: Mon, 28 Aug 2023 06:18:38 GMT
etag: W/"64ec3c3e-a94"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST, PURGE
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bkrRAHrS72DATT1YdrUY6DunurnzIKX8335iukBPU3HzK8IgP4nul%2F47q9iZvW2LK2GBejNrCyTsbK56lMg8gL6i57wAS4liBOM5GHIP4%2BEORdF9OHdrZr7YNH%2FGs6pbRKl1hpTS%2FgujjeBROdg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 854ae059491c70b8-WAW
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Thu, 28 Nov 2024 15:27:07 GMT

GET
H2 200 style.css
bctser343grh.giize.com/wp-content/plugins/strawberry-video-pop/assets/css/ 7 KB
8 KB 343ms
88ms Stylesheet
text/css 195.181.241.253

General

Check archive.org

Show headers Download Go to

Full URL

https://bctser343grh.giize.com/wp-content/plugins/strawberry-video-pop/assets/css/style.css?ver=1651817729

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.181.241.253 , Lithuania, ASN (),

Reverse DNS

4xyy.l.time4vps.cloud

Software

nginx/1.25.3 /

Resource Hash

ac9020e4963dcda138f34b3512b528df3dc333ac3df66850e6ce9583abeb62e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
cf-cache-status: HIT
x-cacheable: yf
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36499
cf-polished: origSize=9499
alt-svc: h3=":443"; ma=86400
content-length: 7241
cf-bgj: minify
server: nginx/1.25.3
last-modified: Wed, 01 Feb 2023 10:57:46 GMT
etag: W/"63da45aa-251b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST, PURGE
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0m7530b%2F5zai200%2BJkDCF4gZvMTFNJrd7MSko0KXxw7OfSYQyGH09%2FJ%2B1CGCLuRdlpRHEhZHsa9BBPOgF372%2Bj3F3wDI81zoSwmOCnj8E6K47Srjn%2Bo5vAR7md7vCPMKsWapjisZoxH%2Fp7R1vE8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 854ae059498534f1-WAW
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 11 Feb 2025 04:04:04 GMT

GET
H2 200 prebid8.27.0.js Show response
bctser343grh.giize.com/wp-content/plugins/strawberry-ads-manager/js/ 282 KB
283 KB 90ms
88ms Script
application/javascript 195.181.241.253

General

Check archive.org

Show headers Download Go to

Full URL

https://bctser343grh.giize.com/wp-content/plugins/strawberry-ads-manager/js/prebid8.27.0.js

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.181.241.253 , Lithuania, ASN (),

Reverse DNS

4xyy.l.time4vps.cloud

Software

nginx/1.25.3 /

Resource Hash

dc9a4ccaaf01d80011a3413a1857391e893e6f06827f58977e4e8ab1c524e605

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
cf-cache-status: HIT
x-cacheable: yf
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 969425
cf-polished: origSize=288936
alt-svc: h3=":443"; ma=86400
content-length: 288404
cf-bgj: minify
server: nginx/1.25.3
last-modified: Mon, 15 Jan 2024 09:01:39 GMT
etag: W/"65a4f473-468a8"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST, PURGE
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKAPWHCOL%2Boswu%2F3YJOhM0yCK%2BtdO2SHIYanQOSHRm3LRaxf5c8xtcSTjJCqm4miqzS6mITsAvnZxbQcvaEaNCdxw3hCFLVZTU27AcWX2zXJmZffnchVA7qGeEgOwkCYrOk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 854ae05aea17bf3d-WAW
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Fri, 31 Jan 2025 19:49:03 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 96 KB
29 KB 151ms
95ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb80529a076c67c30380638bd7c4c05a0785e293cc50fc94fa1f8907a4ee62d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29412
x-xss-protection: 0
server: cafe
etag: 154 / 19766 / 31081088 / config-hash: 11694957100782630588
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 06:04:52 GMT

GET
H/1.1 200
OK sati_init.js Show response
code3.adtlgc.com/js/ 56 KB
12 KB 119ms
27ms Script
application/javascript 104.102.46.108
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://code3.adtlgc.com/js/sati_init.js
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.46.108 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-46-108.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b7774c353a621c534c2bc605e64a4f03f7923256b97558cc677ee5a7f732026f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 06:04:52 GMT
Content-Encoding: gzip
Last-Modified: Sun, 12 Nov 2023 20:47:45 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P5
ETag: W/"3acfdaa3262f5753a87db2ee1ff9c2f0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=66078
Connection: keep-alive
X-Amz-Cf-Id: gRZ3SEsVYqwbo0whpvtgHKOsw1-ktNqaW0X6qOZ6XTURHd5e6zkBOQ==
Content-Length: 12288
Expires: Wed, 14 Feb 2024 00:26:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 137 KB
53 KB 197ms
73ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1684917-1

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

71faa0aee2b44ceb3bb2bb045c99e96162baa34242f5d8774e171c86508d8baf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 53386
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Feb 2024 06:04:52 GMT

GET
H2 200 promotor-logo.svg
bctser343grh.giize.com/wp-content/themes/promotor-nineteen/assets/images/ 3 KB
4 KB 90ms
89ms Image
image/svg+xml 195.181.241.253

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bctser343grh.giize.com/wp-content/themes/promotor-nineteen/assets/images/promotor-logo.svg

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.181.241.253 , Lithuania, ASN (),

Reverse DNS

4xyy.l.time4vps.cloud

Software

nginx/1.25.3 /

Resource Hash

0c2eb05d46d97e8b48b70dc02f0b9c222de695214bc7f761a4d83635e9f5ee1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
cf-cache-status: HIT
x-cacheable: yf
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 385205
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 23 Jul 2019 20:07:14 GMT
server: nginx/1.25.3
etag: W/"5d3768f2-b56"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST, PURGE
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRfN4p6tdIHduJdi43y5LPWnLOrVD7057fiMIDR2Uanu5QOP1gXUXEj%2FJq15n90oQDZGIcT1XAt2QueiyGeM3ZXSUvyUspVOkIyFRoPO5uyfBXRfK5wWSFTe%2BhlUq72cu0Zyylp9EIzc8RWe7OI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 854ae05aef22fbca-WAW
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Thu, 06 Feb 2025 21:56:09 GMT

GET
H2 503 https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Ftest-drive-mazda-mx-30-plug-in-hybrid-motorul-rotativ-s-a-intors-26-1024x683.jpg
media.promotor.ro/0zaQMee6mBx4hBlYrM9bvdLR6UY=/790x555/smart/filters:contrast(5):format(webp):quality(80)/ 0
0 227ms
166ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/0zaQMee6mBx4hBlYrM9bvdLR6UY=/790x555/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Ftest-drive-mazda-mx-30-plug-in-hybrid-motorul-rotativ-s-a-intors-26-1024x683.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 jquery.js Show response
bctser343grh.giize.com/wp-content/themes/promotor-nineteen/assets/scripts/ 95 KB
96 KB 273ms
100ms Script
application/javascript 195.181.241.253

General

Check archive.org

Show headers Download Go to

Full URL

https://bctser343grh.giize.com/wp-content/themes/promotor-nineteen/assets/scripts/jquery.js?ver=1707203161

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.181.241.253 , Lithuania, ASN (),

Reverse DNS

4xyy.l.time4vps.cloud

Software

nginx/1.25.3 /

Resource Hash

c7d4c43f68c47e19be7184c316c903223b984fc57c4634fada219f486663cefb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
cf-cache-status: HIT
x-cacheable: yf
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 593715
cf-polished: origSize=97174
alt-svc: h3=":443"; ma=86400
content-length: 97156
cf-bgj: minify
server: nginx/1.25.3
last-modified: Fri, 21 Oct 2022 07:06:31 GMT
etag: W/"635244f7-17b96"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST, PURGE
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVvcdG0ff9FHhUWX%2Fl3e6cyvpJLp%2BxUWErgXz7sMmyRW3fJNodYrJ3eA53D5U%2BAzJhuJBFGj4Wek8FqjXiAFAWZIVQm3o7k5RsWZza3Z8nAaUxl0gT4zfWPoXSrRRfaUJCY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 854ae0594c7e35d9-WAW
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Wed, 05 Feb 2025 07:06:26 GMT

GET
H2 200 pushmenu.js Show response
bctser343grh.giize.com/wp-content/themes/promotor-nineteen/assets/scripts/ 2 KB
3 KB 175ms
175ms Script
application/javascript 195.181.241.253

General

Check archive.org

Show headers Download Go to

Full URL

https://bctser343grh.giize.com/wp-content/themes/promotor-nineteen/assets/scripts/pushmenu.js?ver=1707203161

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.181.241.253 , Lithuania, ASN (),

Reverse DNS

4xyy.l.time4vps.cloud

Software

nginx/1.25.3 /

Resource Hash

c86a504e4ccaa48d0bcfecdc6ade53faaf83334b1c2e7bb0a9b791809e03aa7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
cf-cache-status: HIT
x-cacheable: yf
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 593715
cf-polished: origSize=2948
alt-svc: h3=":443"; ma=86400
content-length: 1772
cf-bgj: minify
server: nginx/1.25.3
last-modified: Fri, 21 Oct 2022 07:06:31 GMT
etag: W/"635244f7-b84"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST, PURGE
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K12SPsVuhCd9XfRY91%2FYQ%2Bfcxwnbya6GZkKvhpDSKGxdKsRlKOnVewMZSvcjylydKc1bDmuAJYR2qQiWTCKw6rzuNyVfbd8G4%2ByuM5%2FfaervlPPGUF2fnlxZnTK2d4Bh8Nfswl1ULlkSQJrMuN4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 854ae0595d5ebfee-WAW
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Wed, 05 Feb 2025 07:06:26 GMT

GET
H2 200 polls-js.js Show response
bctser343grh.giize.com/wp-content/plugins/wp-polls/ 3 KB
4 KB 82ms
81ms Script
application/javascript 195.181.241.253

General

Check archive.org

Show headers Download Go to

Full URL

https://bctser343grh.giize.com/wp-content/plugins/wp-polls/polls-js.js?ver=2.77.2

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.181.241.253 , Lithuania, ASN (),

Reverse DNS

4xyy.l.time4vps.cloud

Software

nginx/1.25.3 /

Resource Hash

03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
cf-cache-status: HIT
x-cacheable: yf
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8031494
alt-svc: h3=":443"; ma=86400
content-length: 3242
cf-bgj: minify
server: nginx/1.25.3
last-modified: Mon, 28 Aug 2023 06:18:38 GMT
etag: W/"64ec3c3e-caa"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST, PURGE
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2vzQ3zkI%2F320jsoJRPEBKQ7sKlo19CIpvFCh6WzqhDB8GsLykr0hnwTIcwHHz3t1NaxBE8iKHqmdfxMHRXPN8I8anglrl%2FTAQD9KzrAUfKURy6Ygo%2FLv3kzlThR3Kg2zNAWn4Hzith%2Ffg2PRnMQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 854ae05a988570b6-WAW
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Mon, 11 Nov 2024 01:50:53 GMT

GET
H2 200 async-widgets.js Show response
bctser343grh.giize.com/wp-content/themes/promotor-nineteen/strawberry/widgets/resources/ 788 B
2 KB 149ms
148ms Script
application/javascript 195.181.241.253

General

Check archive.org

Show headers Download Go to

Full URL

https://bctser343grh.giize.com/wp-content/themes/promotor-nineteen/strawberry/widgets/resources/async-widgets.js?ver=1.0.0

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.181.241.253 , Lithuania, ASN (),

Reverse DNS

4xyy.l.time4vps.cloud

Software

nginx/1.25.3 /

Resource Hash

e6c25262e81839b1a1c14ae664f0a46f60e746ed3fdd2b5a530f3ed24f078ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
cf-cache-status: HIT
x-cacheable: yf
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6574977
cf-polished: origSize=1296
alt-svc: h3=":443"; ma=86400
content-length: 788
cf-bgj: minify
server: nginx/1.25.3
last-modified: Wed, 29 May 2019 06:35:23 GMT
etag: W/"5cee282b-510"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST, PURGE
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBreKe%2FJknshOwTKwQ7h7IzjccMK%2FVmAyDqKtqPRracdZy%2FWWjoKM1oz82PIMhANJOB0IXONn%2B%2BwZ5mPLywUn%2FHZv90yP0FThuTVQvuY7IbjaQJ6DXiTeY4K6ku7y%2BWiWOk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 854ae05aee7419ad-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Thu, 28 Nov 2024 03:18:40 GMT

GET
H2 200 index.js Show response
bctser343grh.giize.com/wp-content/plugins/strawberry-video-pop/assets/scripts/dist/assets/ 61 KB
62 KB 83ms
82ms Script
application/javascript 195.181.241.253

General

Check archive.org

Show headers Download Go to

Full URL

https://bctser343grh.giize.com/wp-content/plugins/strawberry-video-pop/assets/scripts/dist/assets/index.js?ver=1651817729

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.181.241.253 , Lithuania, ASN (),

Reverse DNS

4xyy.l.time4vps.cloud

Software

nginx/1.25.3 /

Resource Hash

b9d6414733583af09dece61e7ec8529201333617f4637123c816f5c285d0e69e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
cf-cache-status: HIT
x-cacheable: yf
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36242
cf-polished: origSize=62951
alt-svc: h3=":443"; ma=86400
content-length: 62949
cf-bgj: minify
server: nginx/1.25.3
last-modified: Wed, 01 Feb 2023 10:57:47 GMT
etag: W/"63da45ab-f5e7"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST, PURGE
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7PCNeiH0PgaG5VS9WaD6prysOxv8Wy3Sn60Oty9OHN8K%2FuP%2BWK%2Bj%2BE029Xw1YfFIG5eOWbd%2FSOM75dyOoG32qSPxw4HI9xCqo6tvNJpNY89lBW0rZJK16H15f%2BvWZOh4QwGvewWBL1CV%2BMr83E%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 854ae05aee83862f-WAW
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 11 Feb 2025 04:04:04 GMT

GET
H/1.1 200
OK cx.js Show response
scdn.cxense.com/ 112 KB
37 KB 83ms
28ms Script
application/x-javascript 2a02:26f0:1700:181::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.cxense.com/cx.js
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:181::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b441fe8b0a838bfe27c32d6dc64910e3ed3d55bd06a605b8d4a5c1ea15fe4b7f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 06:04:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Feb 2024 07:22:06 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37347
Expires: Tue, 13 Feb 2024 07:04:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 188ms
133ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xbtgseba5.pages.dev/
Origin: https://xbtgseba5.pages.dev
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 23:59:20 GMT
x-content-type-options: nosniff
age: 453932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Feb 2025 23:59:20 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 12 KB
12 KB 228ms
173ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xbtgseba5.pages.dev/
Origin: https://xbtgseba5.pages.dev
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 18:32:39 GMT
x-content-type-options: nosniff
age: 41533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11836
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Feb 2025 18:32:39 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 113ms
58ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xbtgseba5.pages.dev/
Origin: https://xbtgseba5.pages.dev
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:42:21 GMT
x-content-type-options: nosniff
age: 307351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 16:42:21 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gfD_u50.woff2
fonts.gstatic.com/s/montserrat/v18/ 16 KB
16 KB 119ms
64ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gfD_u50.woff2

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0f6078ddaeef5f86b7e6ed74247c6ade57731a4c6ff797dbfa4b3ead20b4392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xbtgseba5.pages.dev/
Origin: https://xbtgseba5.pages.dev
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 06:16:01 GMT
x-content-type-options: nosniff
age: 258531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16764
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:21:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Feb 2025 06:16:01 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 178ms
123ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xbtgseba5.pages.dev/
Origin: https://xbtgseba5.pages.dev
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 23:59:19 GMT
x-content-type-options: nosniff
age: 453933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Feb 2025 23:59:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 12 KB
12 KB 167ms
118ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xbtgseba5.pages.dev/
Origin: https://xbtgseba5.pages.dev
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:00:33 GMT
x-content-type-options: nosniff
age: 453859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11860
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 00:00:33 GMT

GET
H2 503 https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fsuzuki-swift-este-masina-ideala-pentru-oras-un-pachet-distractiv-si-economic-video-8-1024x576.jpg
media.promotor.ro/uiUtlEQRFrQW9ZwwV1Q9_hSZUyw=/500x250/smart/filters:contrast(5):format(webp):quality(80)/ 0
0 179ms
176ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/uiUtlEQRFrQW9ZwwV1Q9_hSZUyw=/500x250/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fsuzuki-swift-este-masina-ideala-pentru-oras-un-pachet-distractiv-si-economic-video-8-1024x576.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Frenault-dezvaluie-numele-noului-sau-suv-compact-modelul-va-fi-denumit-symbioz-2-1024x575.jpg
media.promotor.ro/MbNHXZrW1Uku7TRLpBr3EwPg-8g=/500x250/smart/filters:contrast(5):format(webp):quality(80)/ 0
0 180ms
177ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/MbNHXZrW1Uku7TRLpBr3EwPg-8g=/500x250/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Frenault-dezvaluie-numele-noului-sau-suv-compact-modelul-va-fi-denumit-symbioz-2-1024x575.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fford-puma-facelift-2024.jpg
media.promotor.ro/T_SIQN_eZb7JASzuN-wC6AZnFO0=/500x250/smart/filters:contrast(5):format(webp):quality(80)/ 0
0 157ms
154ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/T_SIQN_eZb7JASzuN-wC6AZnFO0=/500x250/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fford-puma-facelift-2024.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2F2024-cat-costa-sa-aduci-o-masina-din-olanda-e-mai-ieftin-cu-platforma-sau-pe-cont-propriu-1024x525.jpg
media.promotor.ro/4iTn4OYQzslO3dBhohzH4Lxqi_Y=/250x150/smart/filters:contrast(5):format(webp):quality(80)/ 0
0 162ms
159ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/4iTn4OYQzslO3dBhohzH4Lxqi_Y=/250x150/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2F2024-cat-costa-sa-aduci-o-masina-din-olanda-e-mai-ieftin-cu-platforma-sau-pe-cont-propriu-1024x525.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2FWhatsApp-Image-2024-02-12-at-15.34.33-1024x576.jpeg
media.promotor.ro/VpOIP0mveC6fxiHSTA3eurTetgs=/250x150/smart/filters:contrast(5):format(webp):quality(80)/ 0
0 195ms
192ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/VpOIP0mveC6fxiHSTA3eurTetgs=/250x150/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2FWhatsApp-Image-2024-02-12-at-15.34.33-1024x576.jpeg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2021%2F12%2F2021-kf3-gr86-high-001-2-1024x796.jpg
media.promotor.ro/WK2F5E1T_kMJUO9177QTORyIGOo=/250x150/smart/filters:contrast(5):format(webp):quality(80)/ 0
0 174ms
171ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/WK2F5E1T_kMJUO9177QTORyIGOo=/250x150/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2021%2F12%2F2021-kf3-gr86-high-001-2-1024x796.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fautorulotele-mercedes-benz-marco-polo-aniverseaza-40-de-ani-de-existenta-iar-viitorul-se-anunta-a-fi-electric-1-1024x683.jpg
media.promotor.ro/juwH-tSrZw6WPmCATaqYRsJrQbQ=/250x150/smart/filters:contrast(5):format(webp):quality(80)/ 0
0 180ms
178ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/juwH-tSrZw6WPmCATaqYRsJrQbQ=/250x150/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fautorulotele-mercedes-benz-marco-polo-aniverseaza-40-de-ani-de-existenta-iar-viitorul-se-anunta-a-fi-electric-1-1024x683.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 dc6d46dc69a9e3be669320925371bda4-o.jpg
media.promotor.ro/6fWlj8frZf7kJlJUktW6wtXDTyc=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://bctser343grh.giize.com/wp-content/uploads/sfm/2024/02/1571297645/ 0
0 167ms
164ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/6fWlj8frZf7kJlJUktW6wtXDTyc=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://bctser343grh.giize.com/wp-content/uploads/sfm/2024/02/1571297645/dc6d46dc69a9e3be669320925371bda4-o.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 314d26a400148880c64632bd1416376b-o.jpg
media.promotor.ro/uM-5mMj3xznw-g_GGWUkUfsVq9c=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://bctser343grh.giize.com/wp-content/uploads/sfm/2024/02/1571297657/ 0
0 182ms
180ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/uM-5mMj3xznw-g_GGWUkUfsVq9c=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://bctser343grh.giize.com/wp-content/uploads/sfm/2024/02/1571297657/314d26a400148880c64632bd1416376b-o.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 90b169a0d7368ea22ef437c0e9b3a81e-o.jpg
media.promotor.ro/gvWW2yqLD1CagA8X9YGsNHUZUzw=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://bctser343grh.giize.com/wp-content/uploads/sfm/2024/02/1571380236/ 0
0 183ms
181ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/gvWW2yqLD1CagA8X9YGsNHUZUzw=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://bctser343grh.giize.com/wp-content/uploads/sfm/2024/02/1571380236/90b169a0d7368ea22ef437c0e9b3a81e-o.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 8d2419b4017b9232d372b1a5b3e2b5a0-o.jpg
media.promotor.ro/Vm6AvkZVi-oDOX5wFM2J3uOjj68=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://bctser343grh.giize.com/wp-content/uploads/sfm/2024/02/1571380247/ 0
0 181ms
178ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/Vm6AvkZVi-oDOX5wFM2J3uOjj68=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://bctser343grh.giize.com/wp-content/uploads/sfm/2024/02/1571380247/8d2419b4017b9232d372b1a5b3e2b5a0-o.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fregulile-si-indicatoarele-rutiere-din-parcarea-unui-magazin-sunt-obligatorii-ce-prevede-codul-rutier-shutterstock_170975791...
media.promotor.ro/hS60Xrrks5-BpSf-KKqTvRQXee8=/250x150/smart/filters:contrast(5):format(webp):quality(80)/ 0
0 184ms
182ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/hS60Xrrks5-BpSf-KKqTvRQXee8=/250x150/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fregulile-si-indicatoarele-rutiere-din-parcarea-unui-magazin-sunt-obligatorii-ce-prevede-codul-rutier-shutterstock_1709757910-1024x637.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fcea-mai-urata-masina-din-lume-reimaginata-in-forma-electrica-foto-1024x576.jpg
media.promotor.ro/mis6UOpHPqbUFekDXy0wLxALD5U=/250x150/smart/filters:contrast(5):format(webp):quality(80)/ 0
0 189ms
187ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/mis6UOpHPqbUFekDXy0wLxALD5U=/250x150/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fcea-mai-urata-masina-din-lume-reimaginata-in-forma-electrica-foto-1024x576.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2023%2F10%2Ffiltru-de-ulei.jpg
media.promotor.ro/492qfFGeNv-LCONJWb4de0N3RuE=/250x150/smart/filters:contrast(5):format(webp):quality(80)/ 0
0 193ms
191ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/492qfFGeNv-LCONJWb4de0N3RuE=/250x150/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2023%2F10%2Ffiltru-de-ulei.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fferrari-purosangue-fotografiat-in-bucuresti-2024-strada-parcare-armand-arion-5.jpg
media.promotor.ro/P60S8zbOfHhz_mcCHMMICLnAzO0=/250x150/smart/filters:contrast(5):format(webp):quality(80)/ 0
0 204ms
202ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/P60S8zbOfHhz_mcCHMMICLnAzO0=/250x150/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fferrari-purosangue-fotografiat-in-bucuresti-2024-strada-parcare-armand-arion-5.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 e71957b152aed2c8661a862f9dde0be4-o.jpg
media.promotor.ro/4SCNntYA0fan2EPByMsgP8Uj46c=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://bctser343grh.giize.com/wp-content/uploads/sfm/2024/02/1571297693/ 0
0 93ms
91ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/4SCNntYA0fan2EPByMsgP8Uj46c=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://bctser343grh.giize.com/wp-content/uploads/sfm/2024/02/1571297693/e71957b152aed2c8661a862f9dde0be4-o.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 b1be6c8ae847be73198c02aac558ddc5-o.jpg
media.promotor.ro/wMHQ6vxU5nK03sLZ02rMAnBHqF8=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://bctser343grh.giize.com/wp-content/uploads/sfm/2024/02/1586957941/ 0
0 207ms
205ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/wMHQ6vxU5nK03sLZ02rMAnBHqF8=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://bctser343grh.giize.com/wp-content/uploads/sfm/2024/02/1586957941/b1be6c8ae847be73198c02aac558ddc5-o.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fue-vrea-ca-suspendarea-permisului-sa-fie-valabila-pe-tot-teritoriul-europei.jpg
media.promotor.ro/loD_M8qOBylY-A0BJqDopeUPI8A=/250x150/smart/filters:contrast(5):format(webp):quality(80)/ 0
0 188ms
186ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/loD_M8qOBylY-A0BJqDopeUPI8A=/250x150/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fue-vrea-ca-suspendarea-permisului-sa-fie-valabila-pe-tot-teritoriul-europei.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2FUn-nou-document-devine-obligatoriu-in-2024-Sunt-vizati-proprietarii-de-masini-1024x704.jpg
media.promotor.ro/OFNJWmiHaaTthpbVFARAl2Od9Qc=/250x150/smart/filters:contrast(5):format(webp):quality(80)/ 0
0 194ms
192ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/OFNJWmiHaaTthpbVFARAl2Od9Qc=/250x150/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2FUn-nou-document-devine-obligatoriu-in-2024-Sunt-vizati-proprietarii-de-masini-1024x704.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fnoul-aston-martin-vantage-livreaza-mai-multa-putere-si-un-desing-mult-mai-matur-video-9-1024x683.jpg
media.promotor.ro/eByJzUPiPn4GymqllTWYvwJjfvc=/250x150/smart/filters:contrast(5):format(webp):quality(80)/ 0
0 197ms
196ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/eByJzUPiPn4GymqllTWYvwJjfvc=/250x150/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fnoul-aston-martin-vantage-livreaza-mai-multa-putere-si-un-desing-mult-mai-matur-video-9-1024x683.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fasemanari-si-diferente-intre-scuter-si-moped-care-poate-fi-condus-cu-permis-categoria-b-2-576x1024.jpg
media.promotor.ro/8gvouRfxZBzNjhzmDIYaUU9FJrw=/250x150/smart/filters:contrast(5):format(webp):quality(80)/ 0
0 200ms
199ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/8gvouRfxZBzNjhzmDIYaUU9FJrw=/250x150/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fasemanari-si-diferente-intre-scuter-si-moped-care-poate-fi-condus-cu-permis-categoria-b-2-576x1024.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Feditia-31-%E2%80%9Epodcast-cu-prioritate-apare-luni-12-februarie-ora-1200-invitat-george-grigorescu-2-e1707137015870-1024x5...
media.promotor.ro/HSleBZd7XKFURwc9EofcVAm81D0=/790x600/smart/filters:contrast(5):format(webp):quality(80)/ 0
0 205ms
203ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/HSleBZd7XKFURwc9EofcVAm81D0=/790x600/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Feditia-31-%E2%80%9Epodcast-cu-prioritate-apare-luni-12-februarie-ora-1200-invitat-george-grigorescu-2-e1707137015870-1024x582.jpeg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2023%2F12%2Fmazda6-test-drive-1024x576.jpg
media.promotor.ro/hqsmjL7x3_Z7-uP5qocK5Sh0DlQ=/460x260/smart/filters:contrast(5):format(webp):quality(80)/ 0
0 180ms
179ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/hqsmjL7x3_Z7-uP5qocK5Sh0DlQ=/460x260/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2023%2F12%2Fmazda6-test-drive-1024x576.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2023%2F11%2Ftest-drive-bmw-seria-5-44-1024x578.jpg
media.promotor.ro/7vF0ZQ7yd76880XZ08sbB08lrtU=/460x260/smart/filters:contrast(5):format(webp):quality(80)/ 0
0 201ms
200ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/7vF0ZQ7yd76880XZ08sbB08lrtU=/460x260/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2023%2F11%2Ftest-drive-bmw-seria-5-44-1024x578.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2023%2F10%2Ftest-drive-peugeot-508-facelift-29-1-1024x576.jpg
media.promotor.ro/s_90crUiXXTj-oG1AZRY6tL-pNw=/460x260/smart/filters:contrast(5):format(webp):quality(80)/ 0
0 196ms
195ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/s_90crUiXXTj-oG1AZRY6tL-pNw=/460x260/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2023%2F10%2Ftest-drive-peugeot-508-facelift-29-1-1024x576.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Frivalul-daciei-duster-a-ajuns-in-romania-ce-ofera-noul-mg-zs-video-19-1024x683.jpg
media.promotor.ro/asbcWfT-SiWlkSMZs0_ZiLD5YQ8=/1170x600/smart/filters:contrast(5):format(webp):quality(80)/ 0
0 204ms
203ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/asbcWfT-SiWlkSMZs0_ZiLD5YQ8=/1170x600/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Frivalul-daciei-duster-a-ajuns-in-romania-ce-ofera-noul-mg-zs-video-19-1024x683.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 54fd4974966d6ca134866ac83bfee720-o.jpg
media.promotor.ro/T2mJgx7UJn1p7DGuljOeh-sCb4A=/460x260/smart/filters:contrast(5):format(webp):quality(80)/https://bctser343grh.giize.com/wp-content/uploads/sfm/2024/02/1571297645/ 0
0 200ms
199ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/T2mJgx7UJn1p7DGuljOeh-sCb4A=/460x260/smart/filters:contrast(5):format(webp):quality(80)/https://bctser343grh.giize.com/wp-content/uploads/sfm/2024/02/1571297645/54fd4974966d6ca134866ac83bfee720-o.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 503 74009b9addf80ae2902d98daa5a4bbba-o.jpg
media.promotor.ro/IZJrFlc97JdKEYoJ-wVyKwQe7sc=/460x260/smart/filters:contrast(5):format(webp):quality(80)/https://bctser343grh.giize.com/wp-content/uploads/sfm/2024/02/1571297645/ 0
0 205ms
204ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promotor.ro/IZJrFlc97JdKEYoJ-wVyKwQe7sc=/460x260/smart/filters:contrast(5):format(webp):quality(80)/https://bctser343grh.giize.com/wp-content/uploads/sfm/2024/02/1571297645/74009b9addf80ae2902d98daa5a4bbba-o.jpg
Requested by: Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 settings Show response
xbtgseba5.pages.dev/wp-json/svp/ 5 KB
2 KB 308ms
308ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xbtgseba5.pages.dev/wp-json/svp/settings

Requested by

Host: bctser343grh.giize.com
URL: https://bctser343grh.giize.com/wp-content/plugins/strawberry-video-pop/assets/scripts/dist/assets/index.js?ver=1651817729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

179cf879e9fbd15fafe600c10c0c5fb50237295b669e42e31f829838eb4d04ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://xbtgseba5.pages.dev/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

cf-edge-cache: cache,platform=wordpress
date: Tue, 13 Feb 2024 06:04:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cacheable: yf
age: 140
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-served-by: web08
server: cloudflare
allow: GET
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, POST, PURGE
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=guJ0t%2FA8AWvMdCE%2FZGxiY9O%2FZqcLHH%2BXGzCX3zAmP9cppOvmvcNTI%2Fywi4s4gS5mVl8FlJiwUZVsCG5Yn7HtwzLVDL61ENKY%2BuRyr1QkP1WifKuEW%2BWDL8AYwiSefvHbWwc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 854ae05b5de60b04-AMS
link: <https://www.promotor.ro/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-robots-tag: noindex

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame B4E9 456 B
659 B 78ms
28ms Document
text/html 2a02:26f0:1700:1ad::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:1ad::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1643f549380aeab61b23502d9f260f7350d9c2bd34dbc3cb0af73644332b6ef5

Request headers

Referer: https://xbtgseba5.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 289
Content-Type: text/html
Date: Tue, 13 Feb 2024 06:04:52 GMT
Expires: Fri, 23 Feb 2024 06:04:52 GMT
Last-Modified: Thu, 30 Nov 2023 11:55:50 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H/1.1 200
OK push Show response
comcluster.cxense.com/dmp/ 49 B
621 B 90ms
27ms Script
text/javascript 167.235.124.59

General

Check archive.org

Show headers Download Go to

Full URL

https://comcluster.cxense.com/dmp/push?callback=cXJsonpCB1&ver=2.8.48&persisted=fcadb0c22bec63a3e94af5a65644fc6b869880e0&glb=&json=%7B%22events%22%3A%5B%7B%22type%22%3A%22adBlockerDetection%22%2C%22rnd%22%3A%22lsjykxlzn0gp88nz%22%2C%22siteId%22%3A%221135102062960807737%22%2C%22prnd%22%3A%22lsjykxlk5k3zgbep%22%2C%22userIds%22%3A%5B%7B%22id%22%3A%22lsjykxlkltnv1bz2%22%2C%22type%22%3A%22cx%22%7D%5D%2C%22origin%22%3A%22brt-adblock%22%2C%22customParameters%22%3A%5B%7B%22group%22%3A%22adBlockerDetected%22%2C%22item%22%3A%22No%22%2C%22type%22%3A%22string%22%7D%5D%7D%5D%7D

Requested by

Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

167.235.124.59 Bühl, Germany, ASN (),

Reverse DNS

nue0037.cxense.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

21fb96298942208516e544e8e38eddfe75f3fffc2e2946dfc397354d4b1f5181

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 06:04:52 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: text/javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate
content-length: 49
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 5 KB
6 KB 94ms
93ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xbtgseba5.pages.dev/
Origin: https://xbtgseba5.pages.dev
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 09:03:04 GMT
x-content-type-options: nosniff
age: 594108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5524
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 09:03:04 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gbD_u50.woff2
fonts.gstatic.com/s/montserrat/v18/ 7 KB
7 KB 58ms
57ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gbD_u50.woff2

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a49e67ec1d9199fe4b0093def42da878674848cdcb044628bde09f888d5d2d72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xbtgseba5.pages.dev/
Origin: https://xbtgseba5.pages.dev
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 04:28:10 GMT
x-content-type-options: nosniff
age: 265002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6748
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Feb 2025 04:28:10 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 5 KB
6 KB 61ms
59ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb56f0e08adb026eb4e4b28c2fc33b35ce3ddf30a075f9906ec14caff095fa3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xbtgseba5.pages.dev/
Origin: https://xbtgseba5.pages.dev
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 06:23:11 GMT
x-content-type-options: nosniff
age: 258101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5540
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Feb 2025 06:23:11 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame B4E9 112 KB
37 KB 27ms
27ms Script
application/x-javascript 2a02:26f0:1700:1ad::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:1ad::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: afaf589a486468f63c165b96d7c860428314f4ff4a8d00e669b96fef70fb6d40

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 06:04:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Feb 2024 07:22:06 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37347
Expires: Tue, 13 Feb 2024 07:04:52 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/ 436 KB
137 KB 77ms
23ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

244f9013ff972cac8f03cdac206e08c733ba70140153ed7607ee424b58272341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:36:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23273
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139960
x-xss-protection: 0
server: cafe
etag: 11977059823252198946
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 11 Feb 2025 23:36:59 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 64 B
596 B 208ms
91ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=xbtgseba5.pages.dev

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f11f7cb04952b5955650591f3e8d80e99d49e9371a5a8432dfb0499ab5db1156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:04:52 GMT

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame B4E9 47 B
638 B 86ms
27ms Script
text/javascript 167.235.124.59

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.124.59 Bühl, Germany, ASN (),
Reverse DNS: nue0037.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: fa3e11e4ac5b0084b6c6f6963a243e98b6a35a73fdf89d3d296ed154ac56f7ad

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:52 GMT
last-modified: Sun, 13 Aug 2023 06:04:52 GMT
server: Jetty(9.4.28.v20200408)
etag: 1p064a6wglhgx1i2nttzc3cbbl
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: text/javascript;charset=utf-8
cache-control: private, proxy-revalidate
content-length: 47
expires: Thu, 13 Feb 2025 06:04:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
89 KB 72ms
72ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WBWT7L8BYX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1684917-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c412cda682df0aa2676ea7360912d71325a8e459f57cd5ec611b9d797ea12c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91321
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Feb 2024 06:04:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 170ms
54ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1684917-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 13 Feb 2024 05:30:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2050
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 13 Feb 2024 07:30:42 GMT

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame B4E9 43 B
469 B 29ms
29ms Image
image/gif 167.235.124.59

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.48&typ=pgv&rnd=lsjykxlk5k3zgbep&sid=1135102062960807737&loc=https%3A%2F%2Fxbtgseba5.pages.dev%2F&new=1&arf=0&ltm=1707804292378&ref=&tzo=-60&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=lsjykxltqouildjn&ckp=lsjykxlkltnv1bz2&glb=&cp_userState=anon&cst=1p064a6wglhgx1i2nttzc3cbbl
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.124.59 Bühl, Germany, ASN (),
Reverse DNS: nue0037.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Tue, 13 Feb 2024 06:04:52 GMT
server: Jetty(9.4.28.v20200408)
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 103 B
676 B 85ms
29ms Script
text/javascript 167.235.124.59

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lsjykxlkltnv1bz2%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%221p064a6wglhgx1i2nttzc3cbbl%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%221p064a6wglhgx1i2nttzc3cbbl%22%7D%5D%2C%22siteId%22%3A%221135102062960807737%22%2C%22location%22%3A%22https%3A%2F%2Fxbtgseba5.pages.dev%2F%22%7D&callback=cXJsonpCB2

Requested by

Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

167.235.124.59 Bühl, Germany, ASN (),

Reverse DNS

nue0037.cxense.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

4717a9af7fc083a0e7f0b12c378d29a5814568761341cd984f411bfb15faa030

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 06:04:52 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
content-type: text/javascript;charset=utf-8
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-length: 103
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 57ms
21ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WBWT7L8BYX&gtm=45je4270v870048749za200&_p=1707804292261&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=176482196.1707804293&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1707804292&sct=1&seg=0&dl=https%3A%2F%2Fxbtgseba5.pages.dev%2F&dt=%C8%98tiri%20despre%20industria%20auto%20%7C%20Nout%C4%83%C8%9Bi%20pentru%20pasiona%C8%9Bi%20%C8%99i%20teste%20auto%20%7C%20Promotor.ro&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1427
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WBWT7L8BYX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 06:04:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xbtgseba5.pages.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 76ms
26ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WBWT7L8BYX&cid=176482196.1707804293&gtm=45je4270v870048749za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WBWT7L8BYX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 06:04:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xbtgseba5.pages.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 189ms
68ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WBWT7L8BYX&cid=176482196.1707804293&gtm=45je4270v870048749za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=610811301

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 06:04:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
209 B 62ms
61ms XHR
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1484510653&t=pageview&_s=1&dl=https%3A%2F%2Fxbtgseba5.pages.dev%2F&ul=en-us&de=UTF-8&dt=%C8%98tiri%20despre%20industria%20auto%20%7C%20Nout%C4%83%C8%9Bi%20pentru%20pasiona%C8%9Bi%20%C8%99i%20teste%20auto%20%7C%20Promotor.ro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=457773139&gjid=724401104&cid=176482196.1707804293&tid=UA-1684917-1&_gid=1779710540.1707804293&_r=1&gtm=457e4270za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&jsscut=1&z=1085312469

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xbtgseba5.pages.dev/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 06:04:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xbtgseba5.pages.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK user Show response
admp-tc-sati.adtlgc.com/ 63 B
334 B 173ms
34ms Script
application/javascript 52.49.79.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admp-tc-sati.adtlgc.com/user?nw=0&cm=1&sg=1&callback=adapt_dataRequest_sati_admp.campaignCallback&cb=1707804292892&evid=&v=2.39
Requested by: Host: code3.adtlgc.com
URL: https://code3.adtlgc.com/js/sati_init.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.79.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-79-233.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: baee049272b23bef0a1a5f69bec303a844dc431d25607426aba9f49161e69be5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

P3P: policyref="http://code.adtlgc.com/w3c/p3p.xml",CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND COM NAV INT"
Date: Tue, 13 Feb 2024 06:04:53 GMT
Connection: keep-alive
transfer-encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK user Show response
admp-tc-sati.adtlgc.com/ 98 B
556 B 37ms
37ms Script
application/javascript 52.49.79.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admp-tc-sati.adtlgc.com/user?nw=1&cm=0&sg=0&callback=adapt_dataRequest_sati_admp.validateCallback&cb=1707804293067&evid=cx:3s5jjg74h2jko1pl49w4483vgk:17c9umg8ebn1z&v=2.39
Requested by: Host: code3.adtlgc.com
URL: https://code3.adtlgc.com/js/sati_init.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.79.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-79-233.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5ea43641040f44a848c164738b57fb175c03ebab3e71dac02d8953a1c4c1be6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

P3P: policyref="http://code.adtlgc.com/w3c/p3p.xml",CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND COM NAV INT"
Date: Tue, 13 Feb 2024 06:04:53 GMT
Connection: keep-alive
transfer-encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK pagestat Show response
admp-tc-sati.adtlgc.com/event/v3/ 0
282 B 132ms
33ms XHR
image/jpeg 52.49.79.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admp-tc-sati.adtlgc.com/event/v3/pagestat?location=https%3A%2F%2Fxbtgseba5.pages.dev%2F&cb=1707804293109&evid=cx:3s5jjg74h2jko1pl49w4483vgk:17c9umg8ebn1z&v=2.39
Requested by: Host: code3.adtlgc.com
URL: https://code3.adtlgc.com/js/sati_init.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.79.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-79-233.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 06:04:53 GMT
XDomainRequestAllowed: 1
Access-Control-Allow-Methods: *
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://xbtgseba5.pages.dev
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 segment Show response
api.cxense.com/profile/user/ 62 B
588 B 113ms
50ms Script
text/javascript 167.235.124.25
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/profile/user/segment?callback=cXJsonpCB3&persisted=993f7e91f41899181a61f3b6fa338bd436cdd1b7&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22lsjykxlkltnv1bz2%22%2C%22type%22%3A%22cx%22%7D%5D%7D

Requested by

Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.235.124.25 Bühl, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

nue0003.cxense.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

776b93b99396bd35a9bc62f2ffe2cd9462e9f47296b99d49b39d6d1a4ade1d7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 06:04:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
content-type: text/javascript;charset=utf-8
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-length: 62
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 55ms
54ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1484510653&t=event&ni=1&_s=2&dl=https%3A%2F%2Fxbtgseba5.pages.dev%2F&ul=en-us&de=UTF-8&dt=%C8%98tiri%20despre%20industria%20auto%20%7C%20Nout%C4%83%C8%9Bi%20pentru%20pasiona%C8%9Bi%20%C8%99i%20teste%20auto%20%7C%20Promotor.ro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=NTG%20adblock&ea=whitelisted&el=https%3A%2F%2Fxbtgseba5.pages.dev%2F&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=176482196.1707804293&tid=UA-1684917-1&_gid=1779710540.1707804293&gtm=457e4270za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&jsscut=1&z=1017044472

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:10:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24862
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 323 KB
58 KB 426ms
424ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1177284776031971&correlator=1207977252325958&hxva=1&scor=2606246783907360&eid=95323524%2C31079239%2C31081088&output=ldjh&gdfp_req=1&vrg=202402070101&ptt=17&impl=fifs&npa=1&iu_parts=119229185%2CPromotor_Nou%2CBillboard_300x250_1%2CBillboard_300x250_2%2CBillboard_300x250_3%2CBranding_970x250%2CPromotor_Special&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F6&prev_iu_szs=728x90%7C970x250%2C728x90%7C970x250%2C728x90%7C970x250%2C970x250%2C1x1&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1707804295271&lmt=1707804295&adxs=436%2C436%2C436%2C315%2C20&adys=1261%2C1852%2C2700%2C109%2C6324&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3%7C0%7C4&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fxbtgseba5.pages.dev%2F&vis=1&psz=1150x10%7C1150x20%7C1150x20%7C1560x-1%7C1560x-1&msz=1150x0%7C1150x0%7C1150x0%7C1560x-1%7C1560x-1&fws=0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&ga_vid=176482196.1707804293&ga_sid=1707804295&ga_hid=1484510653&ga_fc=true&dlt=1707804291728&idt=909&cust_params=cat_cancan%3Dhomepage&adks=1569812337%2C944352759%2C3360288363%2C3781322237%2C2484317901&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9a2faf3d1d9a5f13727fb10c1d1aaa047ede07a5619237c07d14cbe1a249ee7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59332
x-xss-protection: 0
google-lineitem-id: 6514641570,6514641570,6514641570,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138463754749,138463071810,138463199141,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://xbtgseba5.pages.dev
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
13 KB 279ms
105ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402070101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

940b936e9579cc4bf02555cdfec18241c6f748b48d0213ca2576e4db99dea491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12646
x-xss-protection: 0

GET
H2 200 container.html Show response
3b55fef12947a5acbb5ac024a8d4c7a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AF04 6 KB
3 KB 330ms
64ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3b55fef12947a5acbb5ac024a8d4c7a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xbtgseba5.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 06:04:55 GMT
expires: Wed, 12 Feb 2025 06:04:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 -45pW16pKvE Show response
www.youtube.com/embed/ Frame 80A2 93 KB
41 KB 229ms
110ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/-45pW16pKvE?feature=oembed&rel=0&controls=0&showinfo=0&modestbranding=1&

Requested by

Host: bctser343grh.giize.com
URL: https://bctser343grh.giize.com/wp-content/plugins/strawberry-video-pop/assets/scripts/dist/assets/index.js?ver=1651817729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

edc3a488d5f82841b1bb7d523d02ec5ceb80f9029354d2469817cb73d71d562a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xbtgseba5.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 06:04:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 55ms
54ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1484510653&t=event&ni=1&_s=3&dl=https%3A%2F%2Fxbtgseba5.pages.dev%2F&ul=en-us&de=UTF-8&dt=%C8%98tiri%20despre%20industria%20auto%20%7C%20Nout%C4%83%C8%9Bi%20pentru%20pasiona%C8%9Bi%20%C8%99i%20teste%20auto%20%7C%20Promotor.ro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VideoPopup&ea=website&el=initialized&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=176482196.1707804293&tid=UA-1684917-1&_gid=1779710540.1707804293&gtm=457e4270za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&jsscut=1&z=1508980413

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:10:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24864
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 182ms
35ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 06:04:55 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/5e928255/ Frame 80A2 361 KB
47 KB 56ms
55ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5e928255/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-45pW16pKvE?feature=oembed&rel=0&controls=0&showinfo=0&modestbranding=1&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fade87adb180b7d137c67f5c200574f11fb934a71d95b591eb40a26539a1e769

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/-45pW16pKvE?feature=oembed&rel=0&controls=0&showinfo=0&modestbranding=1&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 12:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61655
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47709
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 05:19:47 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Feb 2025 12:57:20 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 80A2 15 KB
15 KB 59ms
57ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-45pW16pKvE?feature=oembed&rel=0&controls=0&showinfo=0&modestbranding=1&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 21:00:18 GMT
x-content-type-options: nosniff
age: 291877
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 21:00:18 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 80A2 15 KB
15 KB 75ms
73ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-45pW16pKvE?feature=oembed&rel=0&controls=0&showinfo=0&modestbranding=1&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 593741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 09:09:14 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 201E 0
0 60ms
60ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshIMvC7N3K3HCOr_4TLXfou-ZKboOh7HF2dXx6ohNvrhhh8W0cgtaXHfNg7W1zciB19O-LO09A6RjSuYMvTUd-HYqNBQ8EGS4NH68iaevR3jqDD9-zGnoCFuv7F0nr3SfKicEpslF84RCbu54XQNm__VQ3qSdoz4t-6QyNQfD49QxPJVCTxYp-rFjJsRSLui-fCTCY2T7iTDMYKjLFuZtbgiba3CDh8qJRvcLYe2OCY8vkYFWzRABSYtpEPjyHUezZ4bKQTllI5QGQb62x5QrwrHz_3RHddJgA_WUS2DepWGIYYuMaL44NyqJlSbmD6wbiXZkZjrIxXVjxbi4whHNJofXn6hIPg4aAvb1cjtMkjdalBnB9IEmsJIFXcNSzD21ava6kHcvBQ-gLQW-JODbnYsULS1s85Q&sai=AMfl-YT6wcUv1fuQkesdFj32n7Uj-gZORWDhrZau4o4J0bmyFrCnTFUWU81q1mgAjeNlNvoZmj7bahQXMatGZwvjyuoLFbEaRCdFuN_iO9bSg8w0ZRZWdPQhXsB8uue0G_BifKFVc9Mng3El1lOL_DacyuQO&sig=Cg0ArKJSzPonukhVdxloEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:04:55 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/ Frame 201E 23 KB
9 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:53:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33060
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:53:55 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 201E 18 KB
8 KB 57ms
55ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 05:41:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 13 Feb 2024 06:41:18 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 201E 203 KB
61 KB 130ms
74ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 05:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 06:55:15 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EC2F 0
0 64ms
63ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1SSPl9gx0dvO9KFQrghJ_fEaRG3yl90sVWhEmu6j4yhdrLU5aWv4Oy4oGZsxOfph7q7pHVixKgJvLCn9zaytETKCJNnF4nW_9Pz-1wNGPkLeUkD9iWlwZjO0Gme0IE_nt5MyIL-CDyepWIyx9jHS7eneDo_Pp5YZ-sqDuSlkXusOUj5arKx2XjNGxrG6pKyAYnX0Hkc-mkaL069EQ5bFBTM7lVKc8xOAhfZ9FXe4nTgY3UROaimshoDJV-TdoRDJZM0fS3D_7xJZjy_4jhd6EpYixGBj2dDIyIem2aVez-nQKWtAQfFwj16bhk33lssDLHBZxYAwMW0Yba0XIJwcyefdXYnndWC1QRZeJMdy9ru_E_b8fxv1pQcVO7ySkJ2I3CPGHsMgBdHQHIkxsQXeRNIoW2N5nbA&sai=AMfl-YTKBxBS7ugH979R8Ra7Jo70bmnOLq1SVrU8C6mn_6W6cqbnmG3A2-lNN9Ad2mZsV0HmIsMUQ5f0vYrK3n3rdCMYZzJCTmBf9quMcg0bMqJoAMN8DBZG0Bt2i9bFuW23m_-Yl6VhYN-NuOarDUrcxcdD&sig=Cg0ArKJSzPI_wwCNrN0uEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:04:55 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/ Frame EC2F 23 KB
9 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:53:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33060
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:53:55 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame EC2F 18 KB
8 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 05:41:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 13 Feb 2024 06:41:18 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame EC2F 203 KB
61 KB 104ms
57ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 05:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 06:55:15 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0DBF 0
0 60ms
60ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvS3m3OEybtovB_33KTbMl-IzAS9gEP-Jc70UjDjQ6_ZmVEBWnMxS5Dp7UYGN8aNHlrTBL10nqChjxpRzadU1hnOQf4kPl_vy2WjhUptbZS_2g87P9I_qPJ6RBahSIaVs_TBVrJzd9g0s0I3-8qFJKa00xTdEyqfNvQwYxmZ-DNs0DxKLjlr0sIEPtqAYW7qs0zOV_zcWsZEoUETuJx924CtA1vohlb-WXltz-aYIjH7xAaD1LWjhBk1O0bHSrjQmXHxJPwkQ34qtrpre-PkT2Xm3XwQ_L3WjcgTCXf1E7V4WEIVfWLa6mABiSCe0xd2wATeEW5uc1kORmkTwfqgz4GPEf5Y9H92Xj3FhHXV-ll8zh08UjEFh_MM505ldpy1x-t2vKm5Drnu0CQtdzUDOfi9MsRhUDGoQ&sai=AMfl-YQKUNSFUG8lcdsl7fAJZHxmzN8VEW-I2FL46dF5xg-YOS09hHq0Dn92xr514RpRVFXLFvwI8nFgnImYVU3alwTuLunz1kSXiXfSWqv_90SA4nXBJ8DwXAlv_HFZYQ0_qtjUskHbmsJrHPaFMtiTvrkN&sig=Cg0ArKJSzCCcVJAQSepmEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:04:55 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/ Frame 0DBF 23 KB
9 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:53:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33060
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:53:55 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 0DBF 18 KB
8 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 05:41:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 13 Feb 2024 06:41:18 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0DBF 203 KB
61 KB 100ms
60ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 05:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 06:55:15 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012402060239000/ Frame F4BF 196 KB
55 KB 138ms
60ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402060239000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a7c5cebbb6d6eff010530c59b73e9e423125219661ff9bc5866c55cd17a5607

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 12 Feb 2024 18:11:22 GMT
age: 42813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56214
x-xss-protection: 0
server: sffe
etag: "51ebc873ede2e2f0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 11 Feb 2025 18:11:22 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012402060239000/v0/ Frame F4BF 15 KB
5 KB 277ms
200ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402060239000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2125b73ae211f46f82ee27eee87e5aa312c5bbf2aedca1b50b7d80f21fd3d5d2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 12 Feb 2024 18:11:22 GMT
age: 42813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5214
x-xss-protection: 0
server: sffe
etag: "1e0d3e55ad08d21f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 11 Feb 2025 18:11:22 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012402060239000/v0/ Frame F4BF 95 KB
28 KB 259ms
181ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402060239000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70651252ddc3ae3cc902b7f374fb9037f0a27192fb31b66acbf5300441b45ad3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 12 Feb 2024 18:11:22 GMT
age: 42813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29043
x-xss-protection: 0
server: sffe
etag: "f8b65ff06b47be2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 11 Feb 2025 18:11:22 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012402060239000/v0/ Frame F4BF 72 KB
16 KB 247ms
170ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402060239000/v0/amp-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08d631a369d2ed43e50e4e6dbb4619589fcf7a0b46d215ece86e1493b85fb464

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 12 Feb 2024 18:11:36 GMT
age: 42799
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16667
x-xss-protection: 0
server: sffe
etag: "edd7ffc7036628c6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 11 Feb 2025 18:11:36 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012402060239000/v0/ Frame F4BF 5 KB
3 KB 136ms
59ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402060239000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

288fd8ba8cb04967d8ffdb274e8828d79fe679e6991ceff828f0f48e04f315db

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 12 Feb 2024 18:11:22 GMT
age: 42813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "a50cf387c592e9af"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 11 Feb 2025 18:11:22 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012402060239000/v0/ Frame F4BF 40 KB
13 KB 215ms
139ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402060239000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js?cb=31081088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da80171367ccb86206235641cfa5efc267725e1870f5cc5c2a777dc57c7d5ebe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 12 Feb 2024 18:11:22 GMT
age: 42813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12948
x-xss-protection: 0
server: sffe
etag: "cd1beca569c88c8d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 11 Feb 2025 18:11:22 GMT

GET
DATA 200
OK truncated
/ Frame F4BF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44e3b23bf9887aa0d402c0b0f74e9643f94dffb45ccf1c8af3b410efc850690b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 c390c552b0110ea59b549c99bb786bfd.jpg
tpc.googlesyndication.com/sadbundle/14889558827439256494/ Frame F4BF 40 KB
40 KB 35ms
27ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14889558827439256494/c390c552b0110ea59b549c99bb786bfd.jpg

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e967e829628d4e8939f8be3a2145f3edba35db4aa7a33d98d089bf251ff2b75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 09 Feb 2025 15:37:45 GMT
date: Sat, 10 Feb 2024 15:37:45 GMT
x-content-type-options: nosniff
age: 224830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40966
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 19:34:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 12368ba04718cf3a516439636b99ae88.png
tpc.googlesyndication.com/sadbundle/14889558827439256494/ Frame F4BF 45 KB
46 KB 51ms
44ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14889558827439256494/12368ba04718cf3a516439636b99ae88.png

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db2f2e8fc1fb9b122633349c995f0d94d5d28e8ebb72c29a22562790c3b059c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 09 Feb 2025 15:37:45 GMT
date: Sat, 10 Feb 2024 15:37:45 GMT
x-content-type-options: nosniff
age: 224830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46576
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 19:34:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 9b62febe166961685c3d668d1032d60e.png
tpc.googlesyndication.com/sadbundle/14889558827439256494/ Frame F4BF 743 B
809 B 71ms
64ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14889558827439256494/9b62febe166961685c3d668d1032d60e.png

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e0fe497c2342b482b8ef2e2fd3756716a88593e363006d2dafd478534d97c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 09 Feb 2025 15:37:45 GMT
date: Sat, 10 Feb 2024 15:37:45 GMT
x-content-type-options: nosniff
age: 224830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 743
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 19:34:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 18dfd09d972b4f8bde870124cdbf3399.png
tpc.googlesyndication.com/sadbundle/14889558827439256494/ Frame F4BF 3 KB
3 KB 65ms
58ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14889558827439256494/18dfd09d972b4f8bde870124cdbf3399.png

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0a0322845bee4a70a455cef64113ca3dabc14c0380722eb5b2a847115f1771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 09 Feb 2025 15:37:45 GMT
date: Sat, 10 Feb 2024 15:37:45 GMT
x-content-type-options: nosniff
age: 224830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3460
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 19:34:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 63e2006d621bbd49562b4b85e6329190.png
tpc.googlesyndication.com/sadbundle/14889558827439256494/ Frame F4BF 4 KB
4 KB 70ms
63ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14889558827439256494/63e2006d621bbd49562b4b85e6329190.png

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

318e11cbc994665315e8a074421c05681ed63d3d1259cb24889ac7981e4b2073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 09 Feb 2025 15:37:45 GMT
date: Sat, 10 Feb 2024 15:37:45 GMT
x-content-type-options: nosniff
age: 224830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3725
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 19:34:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 38956506c0bcd8a5e3148ef887aa6102.png
tpc.googlesyndication.com/sadbundle/14889558827439256494/ Frame F4BF 630 B
696 B 62ms
57ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14889558827439256494/38956506c0bcd8a5e3148ef887aa6102.png

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e2149f90b9901435406e7c6e151ac335f990b1b4da62b02a62a799ed8ff564c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 09 Feb 2025 15:37:45 GMT
date: Sat, 10 Feb 2024 15:37:45 GMT
x-content-type-options: nosniff
age: 224830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 630
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 19:34:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 c8ef9ae06374c71227b5b94937766aa4.woff2
tpc.googlesyndication.com/sadbundle/14889558827439256494/ Frame F4BF 1 KB
1 KB 72ms
24ms Font
font/woff2 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/14889558827439256494/c8ef9ae06374c71227b5b94937766aa4.woff2

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3ebe94bf8b50568a7e0495273481bcad0cdf840597178e6af35c66ad5330862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xbtgseba5.pages.dev/
Origin: https://xbtgseba5.pages.dev
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 09 Feb 2025 12:00:33 GMT
date: Sat, 10 Feb 2024 12:00:33 GMT
x-content-type-options: nosniff
age: 237862
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 19:34:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 ro.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F4BF 2 KB
2 KB 31ms
26ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/ro.png

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

634452a9edacddb496182ea96d3b32aeb710730bfa32ade631ea7d194b5860e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 18:57:06 GMT
x-content-type-options: nosniff
server: cafe
age: 40069
etag: 5681779906409857437
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1785
x-xss-protection: 0
expires: Tue, 13 Feb 2024 18:57:06 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F4BF 295 B
424 B 29ms
25ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:23:00 GMT
x-content-type-options: nosniff
server: cafe
age: 34915
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 13 Feb 2024 20:23:00 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/5e928255/player_ias.vflset/nl_NL/ Frame 80A2 54 KB
17 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5e928255/player_ias.vflset/nl_NL/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-45pW16pKvE?feature=oembed&rel=0&controls=0&showinfo=0&modestbranding=1&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5f1b0b1a6995d00fbb6d040d66ae99f409c414501c14a77051dfd407b7aa419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/-45pW16pKvE?feature=oembed&rel=0&controls=0&showinfo=0&modestbranding=1&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:04:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 453602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17040
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 05:19:47 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 07 Feb 2025 00:04:53 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/5e928255/www-embed-player.vflset/ Frame 80A2 319 KB
95 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5e928255/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-45pW16pKvE?feature=oembed&rel=0&controls=0&showinfo=0&modestbranding=1&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

426e7b6570795bc7db0f653c34b536c2a5d266d08b225a12a874e43097c33063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/-45pW16pKvE?feature=oembed&rel=0&controls=0&showinfo=0&modestbranding=1&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:57:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97419
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 05:19:47 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Feb 2025 16:57:52 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/5e928255/player_ias.vflset/nl_NL/ Frame 80A2 2 MB
776 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5e928255/player_ias.vflset/nl_NL/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-45pW16pKvE?feature=oembed&rel=0&controls=0&showinfo=0&modestbranding=1&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f7b1e392b75efa0e4eb848f048a8a3ceea77d700746634e0c1bc430c625c570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/-45pW16pKvE?feature=oembed&rel=0&controls=0&showinfo=0&modestbranding=1&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 12:23:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322904
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 794124
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 05:19:47 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 08 Feb 2025 12:23:11 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D287 13 KB
5 KB 26ms
25ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xbtgseba5.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 17411
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 01:14:44 GMT
expires: Wed, 12 Feb 2025 01:14:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C6B6 829 B
1 KB 126ms
64ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e412198e3f167d72e76f56563fc31ea3468e1d9c51495fff148cb2a802a66ead

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MzI0jIyY8oaERDh7gqKkIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xbtgseba5.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-MzI0jIyY8oaERDh7gqKkIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 06:04:55 GMT
expires: Tue, 13 Feb 2024 06:04:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame 201E 59 KB
23 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 00:02:16 GMT

GET
H3 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame EC2F 59 KB
23 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 00:02:16 GMT

GET
H3 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame 0DBF 59 KB
23 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 00:02:16 GMT

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame D287 39 KB
15 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 14:23:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Feb 2025 14:23:13 GMT

GET
H2 200 B30021092.369196614;dc_ver=99.292;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=958139504;ord=q1sey5;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssjJUKNyO6XhJKSK_Mvn3z5CtJ6l... Show response
ad.doubleclick.net/ddm/adj/N832778.156812PROMOTOR.RO/ Frame EC2F 67 KB
31 KB 154ms
94ms Script
text/javascript 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N832778.156812PROMOTOR.RO/B30021092.369196614;dc_ver=99.292;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=958139504;ord=q1sey5;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssjJUKNyO6XhJKSK_Mvn3z5CtJ6lLT_zWKZR6iSP4Gb-tyVXGAuBdCdwacQ1UU9I0PPfVOwWby0j7hQchXOU9ZMyTBkUD6VrXg3AL3TuYrVmENYlokoixqKeFzaSamcV7pIYHx5qRYMeatHerBxr7AcvzWmSYhzUBRrAMwnPlsxf2dhhv_t1c8YcJxedKqp7lWepdZZeiFwtfP03JzFdRzz50fot7Yz22Ieypf3MP5vPQ56Nv3rN-vDZ4Ns2dTC1wAxKeQe5hZ63zq8J2jOhI7w4c-QQ-WEecQguG8yc5EfcwfXPB86OPgr_ThxqXPhuTnFTq3DBZoBeoAyCMM4JsHfrtjwZxJ-cGUZt6W5Y-rZZeueRWdtvk9FAeUqTF_pH1qsrdK_x1snUgbBy3XKAVpZ3exhlQ%26sai%3DAMfl-YQJD3TQcsxcYGpUqEYsEJ8qkB_fTstp4EiA-uMtkW3q5gHCR567C9QtV0ue5ap-TREmRZGvAshVN-P3K88lgzG-bQsTZg1hLcQKMU0y9XvE9u5zfVjP0GZVD1t5XgALEL3swR7KWvAc8qloc6vBf5GW%26sig%3DCg0ArKJSzOut9kXHmJbLEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fxbtgseba5.pages.dev%2F$0;xdt=0;crlt=eJGOBW3FMT;stc=1;chaa=1;sttr=141;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

bd36a596d0a9c63a5fbe08e2364a530aa94aa89a9844d2efb3607c6f181ce342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 06:04:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31546
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B30021092.369196614;dc_ver=99.292;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=803820606;ord=fa0pjv;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstnKRSGgJhnoZi5g25xjfdd2n_Gd... Show response
ad.doubleclick.net/ddm/adj/N832778.156812PROMOTOR.RO/ Frame 201E 66 KB
31 KB 103ms
62ms Script
text/javascript 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N832778.156812PROMOTOR.RO/B30021092.369196614;dc_ver=99.292;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=803820606;ord=fa0pjv;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstnKRSGgJhnoZi5g25xjfdd2n_GdbAl_e1s8LqtNBikXi5QmKf0Uym4n-UkNtsssCqJ-_pSGJkHcfTqVpuTSUlVqPSnkgSc6Q6TGBhsjqSGWTpHME2xYfdL7cTOqxnvGnOorIqPkJiRQ6HEDtfInlGOlIK0zL1MCVozbUAKpyNYy-usRKCB9DemlaDtRBjOhS5pFH0qjXYaOi4hFcx6-tKR-zDjz-i0jxyurqVq0Hcx3f_WBpycX82MhvTLlmVE5Q1es70kDYN69v4ITvQ_XOjew9AJmq2mp26tnz3z6EN8ypJrnrtqeAmd5nlKJzgb6cCEnjTLYtaBvJzqUZ6zuoZTjCAvlRV5pWtMNFCoO7meF1cHOPpAOzWDDlxmaW4j_CV6r04m3DrAJF3joMqYT4zfgF3nCw%26sai%3DAMfl-YRh1K9hpgsVTI1ZLvOUHOaAy7X2oTMY_o38yfgp-6reWjQUNxck7RaN7nwdg80yY6VDp4UBUESYcE8LLNFifXhXxhCvprgNKQM_AUN3nA5y6oFsLMUF9K2MwuyFXbg-_rSE8Nndg8CdwNdWRr5DSxTh%26sig%3DCg0ArKJSzL2Xp8cu8G3DEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fxbtgseba5.pages.dev%2F$0;xdt=0;crlt=eJGOBW3FMT;stc=1;chaa=1;sttr=161;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

72ae983c022340cb68443170b64889ca5c5018fba219b6c7b31cdcd6de929921

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 06:04:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31137
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B30021092.369196614;dc_ver=99.292;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=2311824292;ord=uis8ro;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstt9o67U6GLFK87r9SrhDgTvQqz... Show response
ad.doubleclick.net/ddm/adj/N832778.156812PROMOTOR.RO/ Frame 0DBF 67 KB
31 KB 92ms
58ms Script
text/javascript 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N832778.156812PROMOTOR.RO/B30021092.369196614;dc_ver=99.292;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=2311824292;ord=uis8ro;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstt9o67U6GLFK87r9SrhDgTvQqzM-_eUgf-0PNe7XOO9uZOyW1H5vr8GVlNuyDFxH-Ba32ioMTUkdrGV83g1y7e_Hmkk5o5jWd2q0Ye3-UBPJlOs0PSgvzKGW0Ao7bTn_t6RePzEK7WAr_L5bzclh_5nKanGiA1sfiZB6O6ff6zouGlL1Xxm0rb0uPMmGYsz5NE666MWnaKAAOS_Whov_2SGdbiLg8CvLO37Fo5kUxbSUviUHoh7rsn0hqCqjAjo8RxEKSvX6CB69DbA6imzYBYbHFsxaIbqfE06KjROwZP1bjmCK0KAh0WA4D18VUg2QjE0LzicMxF1wn11jpv5KURtHnlQxlz5yzYpm4D50NweYP7HLXO1qefgIw9_HvtW2uRlqGeLGHmZKjjGgqTEPblnPwHkQ%26sai%3DAMfl-YTarNfyME2hwgIionAzc9L80eM76ZM3V5EVZnyhM91khe5lo1hzrGsnXwLqpboyuSj2ix9kGhfwgX94qu-1Z6dzRRN7lHwd9HsfBRf3Ftp9CAyl-8-hCzHWAxVXlClboGt_p8okzG2G-0aB7frwL6_T%26sig%3DCg0ArKJSzFOEfk3eF6MdEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fxbtgseba5.pages.dev%2F$0;xdt=0;crlt=eJGOBW3FMT;stc=1;chaa=1;sttr=167;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

67c23e95b0268725a3eb540c55ff233c6fb6c18aaaa6636fbbacffbfe4c3c0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 06:04:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C6B6 0
0 92ms
91ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402070101&jk=1177284776031971&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D287 0
10 B 28ms
23ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3K87Lw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F4BF 0
0 77ms
71ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CieUlhwbLZeubFKGBx_AP9LqqoAmj_vG_dZve_KKmEtzZHhABINnWrTtgkYSghYwYoAHov6iVKcgBCakC0sLa5XYPsj7gAgCoAwHIAwiqBKMCT9DOujV2wgYbgvT9z0gZHC59Zy6_d25cJslj2z8VjC9k5xipRltlUKwZ11X8yjZt-tWQd4jZnI9WeZ7XgKXjvp4CwtT40Kx55yU-9gEJtxKgBbI52-e0g1CQV0ASmP4_ywl0PsldxPzaQ-6bHKs0TxksRhdSAiFz_VxcXwH09Zqdp7JXjArDEgR4o9aD5Bxr7OqCeSir-QS-i2YAYWGTNkVVqkvfYUABTJmv2dGnM4Bcg0TuB4BP13SihsmF7mODfUQU-U3sGC3GX_COZolQO97fiOYQlh49e4SQYzx9_eSYdLNRU99-SqABEtzORZBmY5xIUMz_F6ZCtshTExvHjfYnAj1MtYyYJQc8Aae3E5sGnZZXB9mMott8vJgQktkZmRmxwASe_vTgwgTgBAGIBffskY9OkgUECAQYAZIFBAgFGASgBi6AB-j3-PQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ86AV0ggmCIDhgHAQARgdMgLrAjoJgECAgISAgIQISL39wTpYpP_34tKnhAOaCeIBaHR0cHM6Ly93d3cueWFtYWhhLW1vdG9yLmV1L25sL25sL2ViaWtlL3VyYmFuL3BkcC9jcm9zc2NvcmUtcmMtMjAyMi8_dXRtX3NvdXJjZT1HT09HTEUmdXRtX21lZGl1bT1QQUlEX0RJU1BMQVkmdXRtX2NhbXBhaWduPTIwMjRfMDFfWU1OTF9DRU5UUkFMX0VCSUtFX0FMTFBST0RVQ1RTX01VTFRJUExFX0VDT01NRVJDRV9PTkdPSU5HX0RJU1BMQVkmdXRtX2NvbnRlbnQ9QkFOTkVSX0NST1NTQ09SRYAKA8gLAeINEwjCwfji0qeEAxWhwBEIHXSdCpTYEw2IFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItODgyOTU0OTc2OTY4MTc3ORjxkiA&sigh=EjjJkPnmJIY&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_WpPb_BuGdsUCWwhBZTIAhf7uRHnE7AXoQJHoxm4Kcqm51y9zwkuekRtQ3kQ4yMeh77xgXTzQ8kNeLAP-qV1ea-mmcComCG9HDNAYAQ&template_id=419&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0DBF 203 KB
61 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N832778.156812PROMOTOR.RO/B30021092.369196614;dc_ver=99.292;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=2311824292;ord=uis8ro;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstt9o67U6GLFK87r9SrhDgTvQqzM-_eUgf-0PNe7XOO9uZOyW1H5vr8GVlNuyDFxH-Ba32ioMTUkdrGV83g1y7e_Hmkk5o5jWd2q0Ye3-UBPJlOs0PSgvzKGW0Ao7bTn_t6RePzEK7WAr_L5bzclh_5nKanGiA1sfiZB6O6ff6zouGlL1Xxm0rb0uPMmGYsz5NE666MWnaKAAOS_Whov_2SGdbiLg8CvLO37Fo5kUxbSUviUHoh7rsn0hqCqjAjo8RxEKSvX6CB69DbA6imzYBYbHFsxaIbqfE06KjROwZP1bjmCK0KAh0WA4D18VUg2QjE0LzicMxF1wn11jpv5KURtHnlQxlz5yzYpm4D50NweYP7HLXO1qefgIw9_HvtW2uRlqGeLGHmZKjjGgqTEPblnPwHkQ%26sai%3DAMfl-YTarNfyME2hwgIionAzc9L80eM76ZM3V5EVZnyhM91khe5lo1hzrGsnXwLqpboyuSj2ix9kGhfwgX94qu-1Z6dzRRN7lHwd9HsfBRf3Ftp9CAyl-8-hCzHWAxVXlClboGt_p8okzG2G-0aB7frwL6_T%26sig%3DCg0ArKJSzFOEfk3eF6MdEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fxbtgseba5.pages.dev%2F$0;xdt=0;crlt=eJGOBW3FMT;stc=1;chaa=1;sttr=167;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 05:36:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 06:36:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/elements/html/ Frame 0DBF 12 KB
4 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 21:06:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 21:06:53 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0DBF 0
0 138ms
58ms Fetch
image/gif 142.250.185.226

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJjEz6XuZd3Oa_en1sSopdC2yfp09eErPeXTG1oB8SJ9_G15qXKfT-AIZoVasBbx-5EKe3yKiK3LgCV4ogc1JZiIVv-TYGUmXYjF_AooVH3VIGSi8OqiJhUsOhDlengyh00-BrlaForpXT7beKP4Ft7oCOwutIuhlTcYZJzy8RKbZjVIXDYYkzxq-8usVkZbLS&sai=AMfl-YT35ylr_RPZQVx6J3O2lBdWFs1zcbIjKRZvAJ-VKkrQXkA31aH5OXo1_MvqbycJctiFLV0ricWaLr6ugqyy6Eil-f0rw9WEMSXkXw&sig=Cg0ArKJSzIZousj2pK5YEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240208.44874&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:04:56 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 0DBF 41 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 19:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 296885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 19:36:51 GMT

GET
H2 200 3675790735510736834
s0.2mdn.net/simgad/ Frame 0DBF 114 KB
115 KB 130ms
56ms Image
image/jpeg 2a00:1450:4001:811::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3675790735510736834

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ff85b21aac41ba73d1353d0693356adfb571ceee4ab09fb9dc9100c5e62e4939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 14:56:58 GMT
date: Fri, 09 Feb 2024 14:56:58 GMT
x-content-type-options: nosniff
age: 313678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116840
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 13:44:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 0DBF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 210f133fed9d69c3f06a9d059189d34fc2689668bf84f2151e23aff2ddf71e2f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 3675790735510736834
s0.2mdn.net/simgad/ Frame 201E 114 KB
114 KB 151ms
114ms Image
image/jpeg 2a00:1450:4001:811::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3675790735510736834

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N832778.156812PROMOTOR.RO/B30021092.369196614;dc_ver=99.292;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=803820606;ord=fa0pjv;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstnKRSGgJhnoZi5g25xjfdd2n_GdbAl_e1s8LqtNBikXi5QmKf0Uym4n-UkNtsssCqJ-_pSGJkHcfTqVpuTSUlVqPSnkgSc6Q6TGBhsjqSGWTpHME2xYfdL7cTOqxnvGnOorIqPkJiRQ6HEDtfInlGOlIK0zL1MCVozbUAKpyNYy-usRKCB9DemlaDtRBjOhS5pFH0qjXYaOi4hFcx6-tKR-zDjz-i0jxyurqVq0Hcx3f_WBpycX82MhvTLlmVE5Q1es70kDYN69v4ITvQ_XOjew9AJmq2mp26tnz3z6EN8ypJrnrtqeAmd5nlKJzgb6cCEnjTLYtaBvJzqUZ6zuoZTjCAvlRV5pWtMNFCoO7meF1cHOPpAOzWDDlxmaW4j_CV6r04m3DrAJF3joMqYT4zfgF3nCw%26sai%3DAMfl-YRh1K9hpgsVTI1ZLvOUHOaAy7X2oTMY_o38yfgp-6reWjQUNxck7RaN7nwdg80yY6VDp4UBUESYcE8LLNFifXhXxhCvprgNKQM_AUN3nA5y6oFsLMUF9K2MwuyFXbg-_rSE8Nndg8CdwNdWRr5DSxTh%26sig%3DCg0ArKJSzL2Xp8cu8G3DEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fxbtgseba5.pages.dev%2F$0;xdt=0;crlt=eJGOBW3FMT;stc=1;chaa=1;sttr=161;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ff85b21aac41ba73d1353d0693356adfb571ceee4ab09fb9dc9100c5e62e4939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 14:56:58 GMT
date: Fri, 09 Feb 2024 14:56:58 GMT
x-content-type-options: nosniff
age: 313678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116840
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 13:44:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 201E 203 KB
61 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N832778.156812PROMOTOR.RO/B30021092.369196614;dc_ver=99.292;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=803820606;ord=fa0pjv;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstnKRSGgJhnoZi5g25xjfdd2n_GdbAl_e1s8LqtNBikXi5QmKf0Uym4n-UkNtsssCqJ-_pSGJkHcfTqVpuTSUlVqPSnkgSc6Q6TGBhsjqSGWTpHME2xYfdL7cTOqxnvGnOorIqPkJiRQ6HEDtfInlGOlIK0zL1MCVozbUAKpyNYy-usRKCB9DemlaDtRBjOhS5pFH0qjXYaOi4hFcx6-tKR-zDjz-i0jxyurqVq0Hcx3f_WBpycX82MhvTLlmVE5Q1es70kDYN69v4ITvQ_XOjew9AJmq2mp26tnz3z6EN8ypJrnrtqeAmd5nlKJzgb6cCEnjTLYtaBvJzqUZ6zuoZTjCAvlRV5pWtMNFCoO7meF1cHOPpAOzWDDlxmaW4j_CV6r04m3DrAJF3joMqYT4zfgF3nCw%26sai%3DAMfl-YRh1K9hpgsVTI1ZLvOUHOaAy7X2oTMY_o38yfgp-6reWjQUNxck7RaN7nwdg80yY6VDp4UBUESYcE8LLNFifXhXxhCvprgNKQM_AUN3nA5y6oFsLMUF9K2MwuyFXbg-_rSE8Nndg8CdwNdWRr5DSxTh%26sig%3DCg0ArKJSzL2Xp8cu8G3DEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fxbtgseba5.pages.dev%2F$0;xdt=0;crlt=eJGOBW3FMT;stc=1;chaa=1;sttr=161;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 05:36:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 06:36:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/elements/html/ Frame 201E 12 KB
4 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N832778.156812PROMOTOR.RO/B30021092.369196614;dc_ver=99.292;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=803820606;ord=fa0pjv;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstnKRSGgJhnoZi5g25xjfdd2n_GdbAl_e1s8LqtNBikXi5QmKf0Uym4n-UkNtsssCqJ-_pSGJkHcfTqVpuTSUlVqPSnkgSc6Q6TGBhsjqSGWTpHME2xYfdL7cTOqxnvGnOorIqPkJiRQ6HEDtfInlGOlIK0zL1MCVozbUAKpyNYy-usRKCB9DemlaDtRBjOhS5pFH0qjXYaOi4hFcx6-tKR-zDjz-i0jxyurqVq0Hcx3f_WBpycX82MhvTLlmVE5Q1es70kDYN69v4ITvQ_XOjew9AJmq2mp26tnz3z6EN8ypJrnrtqeAmd5nlKJzgb6cCEnjTLYtaBvJzqUZ6zuoZTjCAvlRV5pWtMNFCoO7meF1cHOPpAOzWDDlxmaW4j_CV6r04m3DrAJF3joMqYT4zfgF3nCw%26sai%3DAMfl-YRh1K9hpgsVTI1ZLvOUHOaAy7X2oTMY_o38yfgp-6reWjQUNxck7RaN7nwdg80yY6VDp4UBUESYcE8LLNFifXhXxhCvprgNKQM_AUN3nA5y6oFsLMUF9K2MwuyFXbg-_rSE8Nndg8CdwNdWRr5DSxTh%26sig%3DCg0ArKJSzL2Xp8cu8G3DEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fxbtgseba5.pages.dev%2F$0;xdt=0;crlt=eJGOBW3FMT;stc=1;chaa=1;sttr=161;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 21:06:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 21:06:53 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 201E 0
0 100ms
59ms Fetch
image/gif 142.250.185.226

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuQhl5AjOmlzl-wjL65BHUrkyVCoO6nfBmgaULZSdvFt-aXlCoTeHA1Wdw7rFROWA80rmSRdwgsI5dhgAwCDksLsfPq67JrPZ3skh0WVdMfdo3sAlAqeLd4KAB3odzqqj5OGrvm0MZei5knvris4oREUHNLlMrR2OlMienyUky2oJLS0Sk8awlBEdeWRDoN0jdN&sai=AMfl-YS6MYNV2c-AkxZ0-vJNeRMVmN1n5Jct5Bg142If2nMXv1ldfG7y-dleklX7myp6L116aNC9vM9IB7dcuX-MrC7hdlqOnydixDGG2A&sig=Cg0ArKJSzLsfg5NTzUp5EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240208.67367&arae=0&ftch=1&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N832778.156812PROMOTOR.RO/B30021092.369196614;dc_ver=99.292;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=803820606;ord=fa0pjv;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstnKRSGgJhnoZi5g25xjfdd2n_GdbAl_e1s8LqtNBikXi5QmKf0Uym4n-UkNtsssCqJ-_pSGJkHcfTqVpuTSUlVqPSnkgSc6Q6TGBhsjqSGWTpHME2xYfdL7cTOqxnvGnOorIqPkJiRQ6HEDtfInlGOlIK0zL1MCVozbUAKpyNYy-usRKCB9DemlaDtRBjOhS5pFH0qjXYaOi4hFcx6-tKR-zDjz-i0jxyurqVq0Hcx3f_WBpycX82MhvTLlmVE5Q1es70kDYN69v4ITvQ_XOjew9AJmq2mp26tnz3z6EN8ypJrnrtqeAmd5nlKJzgb6cCEnjTLYtaBvJzqUZ6zuoZTjCAvlRV5pWtMNFCoO7meF1cHOPpAOzWDDlxmaW4j_CV6r04m3DrAJF3joMqYT4zfgF3nCw%26sai%3DAMfl-YRh1K9hpgsVTI1ZLvOUHOaAy7X2oTMY_o38yfgp-6reWjQUNxck7RaN7nwdg80yY6VDp4UBUESYcE8LLNFifXhXxhCvprgNKQM_AUN3nA5y6oFsLMUF9K2MwuyFXbg-_rSE8Nndg8CdwNdWRr5DSxTh%26sig%3DCg0ArKJSzL2Xp8cu8G3DEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fxbtgseba5.pages.dev%2F$0;xdt=0;crlt=eJGOBW3FMT;stc=1;chaa=1;sttr=161;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:04:56 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 201E 41 KB
14 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N832778.156812PROMOTOR.RO/B30021092.369196614;dc_ver=99.292;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=803820606;ord=fa0pjv;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstnKRSGgJhnoZi5g25xjfdd2n_GdbAl_e1s8LqtNBikXi5QmKf0Uym4n-UkNtsssCqJ-_pSGJkHcfTqVpuTSUlVqPSnkgSc6Q6TGBhsjqSGWTpHME2xYfdL7cTOqxnvGnOorIqPkJiRQ6HEDtfInlGOlIK0zL1MCVozbUAKpyNYy-usRKCB9DemlaDtRBjOhS5pFH0qjXYaOi4hFcx6-tKR-zDjz-i0jxyurqVq0Hcx3f_WBpycX82MhvTLlmVE5Q1es70kDYN69v4ITvQ_XOjew9AJmq2mp26tnz3z6EN8ypJrnrtqeAmd5nlKJzgb6cCEnjTLYtaBvJzqUZ6zuoZTjCAvlRV5pWtMNFCoO7meF1cHOPpAOzWDDlxmaW4j_CV6r04m3DrAJF3joMqYT4zfgF3nCw%26sai%3DAMfl-YRh1K9hpgsVTI1ZLvOUHOaAy7X2oTMY_o38yfgp-6reWjQUNxck7RaN7nwdg80yY6VDp4UBUESYcE8LLNFifXhXxhCvprgNKQM_AUN3nA5y6oFsLMUF9K2MwuyFXbg-_rSE8Nndg8CdwNdWRr5DSxTh%26sig%3DCg0ArKJSzL2Xp8cu8G3DEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fxbtgseba5.pages.dev%2F$0;xdt=0;crlt=eJGOBW3FMT;stc=1;chaa=1;sttr=161;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 19:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 296885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 19:36:51 GMT

GET
DATA 200
OK truncated
/ Frame 201E 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74061d8734c159534ff12345d49f3082ff0d46f07d7961e628327d5e54307150

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 3675790735510736834
s0.2mdn.net/simgad/ Frame EC2F 114 KB
114 KB 249ms
249ms Image
image/jpeg 2a00:1450:4001:811::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3675790735510736834

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N832778.156812PROMOTOR.RO/B30021092.369196614;dc_ver=99.292;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=958139504;ord=q1sey5;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssjJUKNyO6XhJKSK_Mvn3z5CtJ6lLT_zWKZR6iSP4Gb-tyVXGAuBdCdwacQ1UU9I0PPfVOwWby0j7hQchXOU9ZMyTBkUD6VrXg3AL3TuYrVmENYlokoixqKeFzaSamcV7pIYHx5qRYMeatHerBxr7AcvzWmSYhzUBRrAMwnPlsxf2dhhv_t1c8YcJxedKqp7lWepdZZeiFwtfP03JzFdRzz50fot7Yz22Ieypf3MP5vPQ56Nv3rN-vDZ4Ns2dTC1wAxKeQe5hZ63zq8J2jOhI7w4c-QQ-WEecQguG8yc5EfcwfXPB86OPgr_ThxqXPhuTnFTq3DBZoBeoAyCMM4JsHfrtjwZxJ-cGUZt6W5Y-rZZeueRWdtvk9FAeUqTF_pH1qsrdK_x1snUgbBy3XKAVpZ3exhlQ%26sai%3DAMfl-YQJD3TQcsxcYGpUqEYsEJ8qkB_fTstp4EiA-uMtkW3q5gHCR567C9QtV0ue5ap-TREmRZGvAshVN-P3K88lgzG-bQsTZg1hLcQKMU0y9XvE9u5zfVjP0GZVD1t5XgALEL3swR7KWvAc8qloc6vBf5GW%26sig%3DCg0ArKJSzOut9kXHmJbLEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fxbtgseba5.pages.dev%2F$0;xdt=0;crlt=eJGOBW3FMT;stc=1;chaa=1;sttr=141;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ff85b21aac41ba73d1353d0693356adfb571ceee4ab09fb9dc9100c5e62e4939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 14:56:58 GMT
date: Fri, 09 Feb 2024 14:56:58 GMT
x-content-type-options: nosniff
age: 313678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116840
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 13:44:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame EC2F 203 KB
61 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N832778.156812PROMOTOR.RO/B30021092.369196614;dc_ver=99.292;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=958139504;ord=q1sey5;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssjJUKNyO6XhJKSK_Mvn3z5CtJ6lLT_zWKZR6iSP4Gb-tyVXGAuBdCdwacQ1UU9I0PPfVOwWby0j7hQchXOU9ZMyTBkUD6VrXg3AL3TuYrVmENYlokoixqKeFzaSamcV7pIYHx5qRYMeatHerBxr7AcvzWmSYhzUBRrAMwnPlsxf2dhhv_t1c8YcJxedKqp7lWepdZZeiFwtfP03JzFdRzz50fot7Yz22Ieypf3MP5vPQ56Nv3rN-vDZ4Ns2dTC1wAxKeQe5hZ63zq8J2jOhI7w4c-QQ-WEecQguG8yc5EfcwfXPB86OPgr_ThxqXPhuTnFTq3DBZoBeoAyCMM4JsHfrtjwZxJ-cGUZt6W5Y-rZZeueRWdtvk9FAeUqTF_pH1qsrdK_x1snUgbBy3XKAVpZ3exhlQ%26sai%3DAMfl-YQJD3TQcsxcYGpUqEYsEJ8qkB_fTstp4EiA-uMtkW3q5gHCR567C9QtV0ue5ap-TREmRZGvAshVN-P3K88lgzG-bQsTZg1hLcQKMU0y9XvE9u5zfVjP0GZVD1t5XgALEL3swR7KWvAc8qloc6vBf5GW%26sig%3DCg0ArKJSzOut9kXHmJbLEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fxbtgseba5.pages.dev%2F$0;xdt=0;crlt=eJGOBW3FMT;stc=1;chaa=1;sttr=141;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 05:36:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 06:36:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/elements/html/ Frame EC2F 12 KB
4 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N832778.156812PROMOTOR.RO/B30021092.369196614;dc_ver=99.292;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=958139504;ord=q1sey5;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssjJUKNyO6XhJKSK_Mvn3z5CtJ6lLT_zWKZR6iSP4Gb-tyVXGAuBdCdwacQ1UU9I0PPfVOwWby0j7hQchXOU9ZMyTBkUD6VrXg3AL3TuYrVmENYlokoixqKeFzaSamcV7pIYHx5qRYMeatHerBxr7AcvzWmSYhzUBRrAMwnPlsxf2dhhv_t1c8YcJxedKqp7lWepdZZeiFwtfP03JzFdRzz50fot7Yz22Ieypf3MP5vPQ56Nv3rN-vDZ4Ns2dTC1wAxKeQe5hZ63zq8J2jOhI7w4c-QQ-WEecQguG8yc5EfcwfXPB86OPgr_ThxqXPhuTnFTq3DBZoBeoAyCMM4JsHfrtjwZxJ-cGUZt6W5Y-rZZeueRWdtvk9FAeUqTF_pH1qsrdK_x1snUgbBy3XKAVpZ3exhlQ%26sai%3DAMfl-YQJD3TQcsxcYGpUqEYsEJ8qkB_fTstp4EiA-uMtkW3q5gHCR567C9QtV0ue5ap-TREmRZGvAshVN-P3K88lgzG-bQsTZg1hLcQKMU0y9XvE9u5zfVjP0GZVD1t5XgALEL3swR7KWvAc8qloc6vBf5GW%26sig%3DCg0ArKJSzOut9kXHmJbLEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fxbtgseba5.pages.dev%2F$0;xdt=0;crlt=eJGOBW3FMT;stc=1;chaa=1;sttr=141;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 21:06:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 21:06:53 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EC2F 0
0 60ms
59ms Fetch
image/gif 142.250.185.226

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvlR6Y_fTuzsx3B4A0HDi2ClilSuqk6bot6CswHq1SYRGd7SsGIgxMLSKRCUM70G9cznJ1ZvllRl3iF70FjN9yDZPXZGxhIsnSTGZQARbgLkVYE5102E8ldoUaf-a7RCgcXwvFqEmuwUY61EeeKRGZVT9I_ak5Ffutp_ngCkTG4nJZ-PPnGH0Ao90ovKYhzDBrL&sai=AMfl-YTWqRaKkSh-P5QOqtfr4aiX05nzg_v_wPMipx3dBtBjPDK0Tbh-RhQLC8skKmycrQSWIB1qfQAqgbczAMMn00dKcaOobiDHXaDNQg&sig=Cg0ArKJSzGQTrMbAlC3UEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240208.97223&arae=0&ftch=1&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N832778.156812PROMOTOR.RO/B30021092.369196614;dc_ver=99.292;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=958139504;ord=q1sey5;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssjJUKNyO6XhJKSK_Mvn3z5CtJ6lLT_zWKZR6iSP4Gb-tyVXGAuBdCdwacQ1UU9I0PPfVOwWby0j7hQchXOU9ZMyTBkUD6VrXg3AL3TuYrVmENYlokoixqKeFzaSamcV7pIYHx5qRYMeatHerBxr7AcvzWmSYhzUBRrAMwnPlsxf2dhhv_t1c8YcJxedKqp7lWepdZZeiFwtfP03JzFdRzz50fot7Yz22Ieypf3MP5vPQ56Nv3rN-vDZ4Ns2dTC1wAxKeQe5hZ63zq8J2jOhI7w4c-QQ-WEecQguG8yc5EfcwfXPB86OPgr_ThxqXPhuTnFTq3DBZoBeoAyCMM4JsHfrtjwZxJ-cGUZt6W5Y-rZZeueRWdtvk9FAeUqTF_pH1qsrdK_x1snUgbBy3XKAVpZ3exhlQ%26sai%3DAMfl-YQJD3TQcsxcYGpUqEYsEJ8qkB_fTstp4EiA-uMtkW3q5gHCR567C9QtV0ue5ap-TREmRZGvAshVN-P3K88lgzG-bQsTZg1hLcQKMU0y9XvE9u5zfVjP0GZVD1t5XgALEL3swR7KWvAc8qloc6vBf5GW%26sig%3DCg0ArKJSzOut9kXHmJbLEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fxbtgseba5.pages.dev%2F$0;xdt=0;crlt=eJGOBW3FMT;stc=1;chaa=1;sttr=141;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:04:56 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame EC2F 41 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N832778.156812PROMOTOR.RO/B30021092.369196614;dc_ver=99.292;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=958139504;ord=q1sey5;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssjJUKNyO6XhJKSK_Mvn3z5CtJ6lLT_zWKZR6iSP4Gb-tyVXGAuBdCdwacQ1UU9I0PPfVOwWby0j7hQchXOU9ZMyTBkUD6VrXg3AL3TuYrVmENYlokoixqKeFzaSamcV7pIYHx5qRYMeatHerBxr7AcvzWmSYhzUBRrAMwnPlsxf2dhhv_t1c8YcJxedKqp7lWepdZZeiFwtfP03JzFdRzz50fot7Yz22Ieypf3MP5vPQ56Nv3rN-vDZ4Ns2dTC1wAxKeQe5hZ63zq8J2jOhI7w4c-QQ-WEecQguG8yc5EfcwfXPB86OPgr_ThxqXPhuTnFTq3DBZoBeoAyCMM4JsHfrtjwZxJ-cGUZt6W5Y-rZZeueRWdtvk9FAeUqTF_pH1qsrdK_x1snUgbBy3XKAVpZ3exhlQ%26sai%3DAMfl-YQJD3TQcsxcYGpUqEYsEJ8qkB_fTstp4EiA-uMtkW3q5gHCR567C9QtV0ue5ap-TREmRZGvAshVN-P3K88lgzG-bQsTZg1hLcQKMU0y9XvE9u5zfVjP0GZVD1t5XgALEL3swR7KWvAc8qloc6vBf5GW%26sig%3DCg0ArKJSzOut9kXHmJbLEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fxbtgseba5.pages.dev%2F$0;xdt=0;crlt=eJGOBW3FMT;stc=1;chaa=1;sttr=141;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 19:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 296885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 19:36:51 GMT

GET
DATA 200
OK truncated
/ Frame EC2F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef8855f2bc602ca6e6d5cda1c3069ad61822e00f5e435127f40a917fc5cc94ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B1E9 38 KB
13 KB 26ms
26ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xbtgseba5.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 279246
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 00:30:50 GMT
expires: Sun, 09 Feb 2025 00:30:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 0C16 38 KB
13 KB 24ms
24ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xbtgseba5.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 279246
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 00:30:50 GMT
expires: Sun, 09 Feb 2025 00:30:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame AE62 38 KB
13 KB 24ms
24ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xbtgseba5.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 279246
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 00:30:50 GMT
expires: Sun, 09 Feb 2025 00:30:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EC2F 0
20 B 93ms
93ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=44&d=1&s=1&f=0.01&bgai=B7T9aiAbLZcqUBsbmx_AP5vKboAYAAAAAOAHgBAI

Requested by

Host: xbtgseba5.pages.dev
URL: https://xbtgseba5.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 06:04:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame B1E9 39 KB
15 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 14:23:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Feb 2025 14:23:13 GMT

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C16 39 KB
15 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 14:23:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Feb 2025 14:23:13 GMT

GET
H3 200 s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js Show response
pagead2.googlesyndication.com/bg/ Frame AE62 51 KB
19 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b36148a7ba888782e5fa1d52baa3db9045256fbea35a369412938cec151fff4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 23:45:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 281949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19835
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 23:45:47 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0DBF 0
0 58ms
58ms Fetch
image/gif 142.250.185.226

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJjEz6XuZd3Oa_en1sSopdC2yfp09eErPeXTG1oB8SJ9_G15qXKfT-AIZoVasBbx-5EKe3yKiK3LgCV4ogc1JZiIVv-TYGUmXYjF_AooVH3VIGSi8OqiJhUsOhDlengyh00-BrlaForpXT7beKP4Ft7oCOwutIuhlTcYZJzy8RKbZjVIXDYYkzxq-8usVkZbLS&sai=AMfl-YT35ylr_RPZQVx6J3O2lBdWFs1zcbIjKRZvAJ-VKkrQXkA31aH5OXo1_MvqbycJctiFLV0ricWaLr6ugqyy6Eil-f0rw9WEMSXkXw&sig=Cg0ArKJSzIZousj2pK5YEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=325&vt=11&dtpt=324&dett=2&cstd=0&cisv=r20240208.44874&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:04:56 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0DBF 0
0 89ms
88ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKHC8w04QWPRXP0UVrfnqftJLT96MUbtOIj82LfeXyCFymy3TiSsM_DlCHzng_2cZI3DmhfVtDgknj7dVoTwA-y2k0a8DBSYcsfHzCtgX-cTuV5RCrKEfmvmG94EwydlMfmeoZ_BD3AnhV1bPi5cVafMS6xRZlU8GIR8skz7DbdPBx-32R75_fEOKOGYto-hrDhvSKecQbhL1EvIyuSKk3l--lRPzBx5yc1ie8__zdSzXMLnKYK1gOjb-Hd1HLuT3uIXl2Ed1i42lD87VlVQYe80agdRopqO8k9xXUj_8B-z-Za05iHdwEn7wfDA3JIZzNF7ooWQx_6j0QLMx6jRUc2Rqo1Xv4DHnXc4REGOl2AJo4Jl5enFzFFSJbMuvjnBLmctWyrF-Usx2nk2SBp-QSoPpLcO-njh7t&sai=AMfl-YRO-lWOTCl2gBuFege0dotVgazuxEl7-r9QHH3NRnUvPzkFSCkPPoKTB22CmQ_NglmK7kZhBBlSdt7I5s6b21huZ83lZUgv8VYCuFvPQJ5IyCZmdGZ92t_AR-bH5T4OGca-6w8xz03L235Yo-uASpP1&sig=Cg0ArKJSzOUZFKqTW9OvEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:04:56 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 201E 0
0 57ms
57ms Fetch
image/gif 142.250.185.226

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuQhl5AjOmlzl-wjL65BHUrkyVCoO6nfBmgaULZSdvFt-aXlCoTeHA1Wdw7rFROWA80rmSRdwgsI5dhgAwCDksLsfPq67JrPZ3skh0WVdMfdo3sAlAqeLd4KAB3odzqqj5OGrvm0MZei5knvris4oREUHNLlMrR2OlMienyUky2oJLS0Sk8awlBEdeWRDoN0jdN&sai=AMfl-YS6MYNV2c-AkxZ0-vJNeRMVmN1n5Jct5Bg142If2nMXv1ldfG7y-dleklX7myp6L116aNC9vM9IB7dcuX-MrC7hdlqOnydixDGG2A&sig=Cg0ArKJSzLsfg5NTzUp5EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=304&vt=11&dtpt=303&dett=2&cstd=0&cisv=r20240208.67367&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N832778.156812PROMOTOR.RO/B30021092.369196614;dc_ver=99.292;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=803820606;ord=fa0pjv;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstnKRSGgJhnoZi5g25xjfdd2n_GdbAl_e1s8LqtNBikXi5QmKf0Uym4n-UkNtsssCqJ-_pSGJkHcfTqVpuTSUlVqPSnkgSc6Q6TGBhsjqSGWTpHME2xYfdL7cTOqxnvGnOorIqPkJiRQ6HEDtfInlGOlIK0zL1MCVozbUAKpyNYy-usRKCB9DemlaDtRBjOhS5pFH0qjXYaOi4hFcx6-tKR-zDjz-i0jxyurqVq0Hcx3f_WBpycX82MhvTLlmVE5Q1es70kDYN69v4ITvQ_XOjew9AJmq2mp26tnz3z6EN8ypJrnrtqeAmd5nlKJzgb6cCEnjTLYtaBvJzqUZ6zuoZTjCAvlRV5pWtMNFCoO7meF1cHOPpAOzWDDlxmaW4j_CV6r04m3DrAJF3joMqYT4zfgF3nCw%26sai%3DAMfl-YRh1K9hpgsVTI1ZLvOUHOaAy7X2oTMY_o38yfgp-6reWjQUNxck7RaN7nwdg80yY6VDp4UBUESYcE8LLNFifXhXxhCvprgNKQM_AUN3nA5y6oFsLMUF9K2MwuyFXbg-_rSE8Nndg8CdwNdWRr5DSxTh%26sig%3DCg0ArKJSzL2Xp8cu8G3DEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fxbtgseba5.pages.dev%2F$0;xdt=0;crlt=eJGOBW3FMT;stc=1;chaa=1;sttr=161;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:04:56 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 201E 0
0 89ms
89ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDG3aUhvCN01-OdnGCUszHfPVkX61n-d47QsndzoL_nKwAHbeSdLTKsSMgTSznGq7qzVLAnj1wB7S6Nbov2ShQ6uXdqs6_Y6Cy1muJ0hNqZnh6Ss9OnG-iOLrgMQ0_a74wnTFdssWZoPhlIKH-xwG7uCNcMxR7UCwOv6ZZynUwyw6mOucYX1JRZ2BJ-EkQtjTA3e9C2YjTYZ7g9pEWrCDTo-Mh2lbT1aZELzjWR0SSyutDgJkaaoIHLEkAKlKyC20sa3Z15cEvf_gMB0xRXZJvUHu0XXmlouVtx1v97DdHrixsPU--WxrVjhunnswhPlvMt6hLa9qF1M3W-NMrvAVBS4rxG3sxaz0W9yWVk0VQhWvXAjnp7Y8DrxOxDSdlsTyzUl-Si5teBwUWutMeOQTMf-4k9x3N_Bk1&sai=AMfl-YQ0oTdwcJgCUKen995973bWoE11TMFlpUTnVO4KSNzfvq6g2tK8fv8KbsSYZWJxJcpBhwVBG9DLK2O8mlQm8Q8udBtrLLUldLcNDFsNJ_-9KXTRs201SVcpZKg-QA9jcqKpx9po265EmLZWoAqBMH4V&sig=Cg0ArKJSzP3LaVyvkqE1EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:04:56 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame EC2F 0
0 57ms
57ms Fetch
image/gif 142.250.185.226

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvlR6Y_fTuzsx3B4A0HDi2ClilSuqk6bot6CswHq1SYRGd7SsGIgxMLSKRCUM70G9cznJ1ZvllRl3iF70FjN9yDZPXZGxhIsnSTGZQARbgLkVYE5102E8ldoUaf-a7RCgcXwvFqEmuwUY61EeeKRGZVT9I_ak5Ffutp_ngCkTG4nJZ-PPnGH0Ao90ovKYhzDBrL&sai=AMfl-YTWqRaKkSh-P5QOqtfr4aiX05nzg_v_wPMipx3dBtBjPDK0Tbh-RhQLC8skKmycrQSWIB1qfQAqgbczAMMn00dKcaOobiDHXaDNQg&sig=Cg0ArKJSzGQTrMbAlC3UEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=310&vt=11&dtpt=309&dett=2&cstd=0&cisv=r20240208.97223&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N832778.156812PROMOTOR.RO/B30021092.369196614;dc_ver=99.292;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=958139504;ord=q1sey5;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssjJUKNyO6XhJKSK_Mvn3z5CtJ6lLT_zWKZR6iSP4Gb-tyVXGAuBdCdwacQ1UU9I0PPfVOwWby0j7hQchXOU9ZMyTBkUD6VrXg3AL3TuYrVmENYlokoixqKeFzaSamcV7pIYHx5qRYMeatHerBxr7AcvzWmSYhzUBRrAMwnPlsxf2dhhv_t1c8YcJxedKqp7lWepdZZeiFwtfP03JzFdRzz50fot7Yz22Ieypf3MP5vPQ56Nv3rN-vDZ4Ns2dTC1wAxKeQe5hZ63zq8J2jOhI7w4c-QQ-WEecQguG8yc5EfcwfXPB86OPgr_ThxqXPhuTnFTq3DBZoBeoAyCMM4JsHfrtjwZxJ-cGUZt6W5Y-rZZeueRWdtvk9FAeUqTF_pH1qsrdK_x1snUgbBy3XKAVpZ3exhlQ%26sai%3DAMfl-YQJD3TQcsxcYGpUqEYsEJ8qkB_fTstp4EiA-uMtkW3q5gHCR567C9QtV0ue5ap-TREmRZGvAshVN-P3K88lgzG-bQsTZg1hLcQKMU0y9XvE9u5zfVjP0GZVD1t5XgALEL3swR7KWvAc8qloc6vBf5GW%26sig%3DCg0ArKJSzOut9kXHmJbLEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fxbtgseba5.pages.dev%2F$0;xdt=0;crlt=eJGOBW3FMT;stc=1;chaa=1;sttr=141;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:04:56 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame EC2F 0
0 94ms
94ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvf41VFCI120G9FeV8CXRRrPHGaYmimzUH78BUdbRi--TpbLoJB8RDe8kksdD2TBWEIw7vWt_VhN15N3o9awk2Zbzjhq4bixiFPgVi-zCscQXyHokOQT9oVcl6wXp5qTcWI7ohPjVD4RPDyFbFyg6O6xXTIqXvyaaQYFysy3dsG6UEkKO_E7uOklpJTQJBl9cZkN61QEc2KSG64kYk9_9BpnYPGZKDe8KvnJB2zVyOjIJEWmCRu1xbQW8Bdmefw4PQ3Rf7h1o09ARksEAkKp7b4cp-8T0OxsvP_7Z75G7ruDUb8bfOrfFLd-3101d596w4YCj51lveIJZZ-Q-hsyVwJLyX84AZmyz-qSpaVZBArTQ6X3RuHLnmEUxqDaRODqORYgToMXW-wVjV87Y6kIgzg4DlDm98q684n&sai=AMfl-YRnKOa0hxwbt-rkVuHr-_KsrfCP76o0-zKR_sHAgn_q4IylA1xwzvjaSkl7yQLaxPN2ZVmN5rzcz7YuJA_tSkWGthfEf_ANJ_pbYvzM6u27rC2ITBRoQyjKzVBldlmDQWnWsn1u1O5BNlH9QDaSutZw&sig=Cg0ArKJSzJ8PCXEcIU1-EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Feb 2024 06:04:56 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B1E9 0
20 B 90ms
90ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BliqOiAbLZciPBr6XjuwPgb-G6AYAAAAAOAHgBAI&bg=!BgWlBUrNAAaxkZ3akZE7ADQBe5WfOOV35bcxyQTqxW5H-5Ii3W-iqgT3EQQvWP6RM2KzXpehJLtHXgvNQ7umdR73QBjAAgAAAGJSAAAAA2gBBwoAln9mm0JkKzf26S_XlW7KnKQrWxDPLKgm5UaxzEzY85spPBllwyyw9PczvP0_Kq8uBshu2hkK04gc33L39-gF6ebsLljUljcF-NJQxFo18scPJoU3zxYXY9POnXW5Q3w6k4Cs-ORByyd2Rkeue62sHaqSRuXseRDoCy1CMIBwSCdn4rTDZ-aZjXL3dYlarjWoJATlBNBJgpkC3BSPusjtd1NA2UjGYM0SG2uCndJ7AkwAOMRKauHeMgEqzxXur5klkSjv_16MQ1R4-jyqm5TMaSB7LKAEgjsXZ8V7XhXmdlSKlyBaSUc7Lx9XxwKL4TbieYwMmZTCJzQ8w7xYvYWTZSdBQINBhCFYiXFjvgUTXtZHhgJ4CBx4jSMUTiuw9MdMAAi-LqMifuAABdSOhPhh1DH85NBNPhWd0M8hLRg9UUXy3bCLD-m5W3GjEGOVZTSpDFL_4FqQl6ssw-W6N9U4A8vZJUOsgCtvzoR-0TXztKn98Tq_Rp6harChITwt3Dj2XFIJv1Tjn9bFCSTS3G79YkhzHf2ZHXAeWp2LBxB3YzNsAv3zHrf1lRFjJLxn8_HySCd_FiMqDytIPGMEP7zykB-tW6hJVCYamQdRGXmm4kPhJqXRsnwAEzB-h6K8EzHmUPojlBRlPNklhQK7cgBqCo-AR6tQNx9uceltyz7suI1z4EwvwyrVO6cCOifomnFwaWWX-kvO5x2WgXzb_tELfViZhbwqTVMtchnjOPGxEa0w_xgZKJMmE2S7mNr5usGV6GhUiXhWVXs3ZpBOejtzTbVI9ngh6BCbhREBH7g3qaaT9rC9BALmY25qhyZc-y7z6aan3Ffd52sYeFOuJkmyE6F9SIQPqt3DQJT3NqU-zw-pOXapjV9CDTKL5dWGdOByToOi6Acif2qZk7VJ_hAzU9OqulIL6C_qRIkl3b4rcV94bATj6r-GJw1btzFa7Bp0istchO7e7A7rphqHTM3Mw19U6gwSBT4ee3vwVS-0eHfD0k-XOiPyWfGA9nFr-OWF7Hi9emODukpYt0ntsAfBtaJm8Y8pY5oa3eL-Qs5HJzZ2WmSZYWKlV5Ps1gc9EvmUPmTC9uWDqWVAkqB3tBE9LSl7mcXJKCq_QZlo19KsgZyFoTeAoofb-jgI28NsM2jjrc_g1UF7trvt7Pp0c4nd-Jh3XqMIQg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 06:04:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET id
googleads.g.doubleclick.net/pagead/ Frame 80A2 0
0

GET ad_status.js
static.doubleclick.net/instream/ Frame 80A2 0
0

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 116ms
62ms Preflight
text/html 2a00:1450:4001:813::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 13 Feb 2024 06:04:56 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 80A2 0
0

GET
H2 200 wAFWjcG1j0S59k6y9gmRkscrkcYt8sjUn-04af-yL2Q.js
www.google.com/js/th/ Frame 80A2 50 KB
20 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/wAFWjcG1j0S59k6y9gmRkscrkcYt8sjUn-04af-yL2Q.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5e928255/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 06:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 171950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19705
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 10 Feb 2025 06:19:06 GMT

GET sddefault.webp
i.ytimg.com/vi_webp/-45pW16pKvE/ Frame 80A2 0
0

GET
DATA 200
OK truncated
/ Frame 80A2 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AIf8zZRyGbUBwwFeAVZne3dp0mpjV_megyz1_0SBLkAwsg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 80A2 2 KB
2 KB 114ms
58ms Image
image/jpeg 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AIf8zZRyGbUBwwFeAVZne3dp0mpjV_megyz1_0SBLkAwsg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-45pW16pKvE?feature=oembed&rel=0&controls=0&showinfo=0&modestbranding=1&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 -, , ASN (),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:04:55 GMT
x-content-type-options: nosniff
age: 1
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1561
x-xss-protection: 0
server: fife
etag: "v19a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 14 Feb 2024 06:04:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C16 0
20 B 92ms
92ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BjXf5iAbLZZOTBpidjuwPof-TqA0AAAAAOAHgBAI&bg=!9vWl9brNAAaxkZ3akZE7ADQBe5WfOJgHM1Gnv8Ul-17LwlwPhws42fw8rNN2kuXH-LbfN-gO99yvEasrJYL9BNTR_zgEAgAAAIBSAAAAAWgBBwoABqxkCgVw8JkC3CQu9jynVeMlzrA9GlI_Mu3H6UnXuZBceaXX5rebsYof5k8an81WUxS1SVcVmUP4T53rpSoKVz5c8P2Dv3CPwoZfWwnz353gr8MNpnbQrkKAyCECP9kT4qAAloFRgs_GA2rB4FhgwvjF0l9B6t8vIE7RqSoiCndBTUY0hxT5MUYOlj2rVbIpZaktYt1xr9I5tzaTtpt2Un7lLXmU_T8IYQ3zVjVXz71rD4n6mY-ZHnM8JMBtX5_7gxYNgVfQPWL3rFKptvhtgGz5ynkXxwz7HaboxPLR3FPD-QVEC8dKzibWvOtcnuWCZ3eEMaqwSbIeu8rLUpKQKnsmGcJZjs4rr1lguxQzGeBg3czLjENWceF8HshlIjAtNoZ9P-Cy-OYt6kZw4J2j78D-uamvpI3U7AdOt0PNB8awF8qpRG8P1zok4leBKkBPyoMCwiOyKgcW0lnCNNdIWR2_e30w9pX5tDVhMurLRPCEKCr34TGK3uq2YE5S8ucVQR2qKIoGMBbReBjq3XgThnzzqS7n5ylV3HIVKYxPucYwMRIQM60goxbHCOGxLRny7aNncnffGm71657zjzKCkhfaiNuFNDGTGtDSgJwKVTuYbJ3FdmqIcKWKNxKgI4_f3opYZTI9vw7_yfv3XC_j3D61fvtKpeoHMRL2jCUxwWSDnoTeCj6_EK76UGRZa4C63WEnlEJbdctVSoiCw8Z4Q7Pr6sBiHj18bYbfbvvxlTr30bV2JmAj2f8eynG_ivZPpoPn6bC27FRadmO6IRHCFoIXD1n9s48ZP3DrMGnm49FLpmvxU_ye0EUBkBSKh-BKMMp2oBcBi4ktjRqVSkR8NqMYtXmVyuXUMHKoHBan-0sTHb7cVn8XSoTIm90gtIeTW5qoyga0yVw9Yx4WUM1xcTZMT1sar7t-JDuXyPq6Qt97VuiL16igeMcJeC3PCs1L7DqB3ApKDcLvW9KdnjZdpH2561t80w

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 06:04:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 80A2 12 KB
12 KB 58ms
58ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-45pW16pKvE?feature=oembed&rel=0&controls=0&showinfo=0&modestbranding=1&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 05:12:37 GMT
x-content-type-options: nosniff
age: 3139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11936
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 05:12:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AE62 0
20 B 90ms
89ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B7T9aiAbLZcqUBsbmx_AP5vKboAYAAAAAOAHgBAI&bg=!dXaldjnNAAY9UbWqHVE7ADQBe5WfOI-3iDvv7IcxdIKA85EMB28e1JK3UgSO1aUQ0pTBsmH6knOXP09L3P1EBA4BCvoLAgAAAHhSAAAAAWgBBwoAbeaAwFs4tNnwnNQg-X94gxc62kdo0rcJ7akavdNAvUmziDrjFIFJhD34MVHty4O7rJPwXMqn7W6_3BaBQWu2uPhuE_0Ps6y1X4ccKThdZYrlV2ftX5H-U6PjmAr4odXoPyajgJV7YfdEWlSnbRuZAvm8HFga3c7BKgNwy8mRbo0ezVylv_bnMQV7w8HMqgDtUJYWSIXQN_lc4a5Y2tQg3jFPsodcRfv5fdC5D7foVklb_kX2VPLB5lNzO51pg9gDTJuLbnX9ywsNEZOGsjQm-SmjLpohRVd8SKjWvsIk0AqKsZrB8oAChU60CEBBamwHjbGASmLqg4GVkmSKj1VUZYfOxGkfTfwvgFoKEZDvnZD9pbPag3P40MC5hi8egBwLSy4nxSALLVZ2dUElRH2GtEHlbYTaYEdQDUObDUBVcUi7Fxp_9SxpLgoILeSs8bVam7r7vms_eEFxjvTemvf9ZJ9hQ5pMP8_gwr15vOnZ75GY4KMESkE6VzLRlEypb2XiThmB9-zakg_uOZHe50Vgf2jlaJQBOTYro68mdzAsYQJrfM-CsV4uTY_HVide2qNIq0cOiLLpW5mbiuYxFS9sAr6qTxaj3X8eX01txzCdS00_tyyYrNoK2iDm_6kQUHD18yWhOu-D8hq40k71-WefGX0I1Y_hbchIwxC569ONFUVxxU8p7Rhr3uikeFYpbkmSA-Xhe7yxpc9H05VnESl72s1QqFb7X77OLRNOgVe0LOiFzJZ50Wy0gSkeR0xLAlzyCT2MUG82AFdOAc2SVUt29mzuWQUbfRXRt5AoHJjjAGrIEpWFExzAfNACxntr9qDtDxoE8Fi3yMwaPf6le4YeHmi6oL4f_gW8RGvZMZ_KWu_8VwpBidmMySux0Z2ftvTY8-ufWX9X8w6C5e8F9if8Ecjxc0JmGvTdsWXN0TncIsxPIVpUzdDQJO3B8ZxReDzWuIF3jBoBgeoTZGgNna1wjIMji5vKs0xPqD23hSZA8-Ra2MwafkhPC-yz-u_JMLUhIw_dAUsSOl8MW-9BfPo4aKjfhQl3rdTj4MD7ycoTz0NW8sjqvh3dcDOJe2z1THHjP-Oy4GFDMm5gk0SZF2ThjROv-j7N_ab3CUnRV-JlRfuLLklsn1VOxrGXWEOHqsaDX25BfFNhNvX4hA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 06:04:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 95ms
93ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402070101&jk=1177284776031971&bg=!ExClEF_NAAaxkZ3akZE7ADQBe5WfOB9QIrT6-DD3NJNOekgKcGDH56tD_sMQgDxpxopCtS1jMMxB-OhxQQO-08mFGcHAAgAAAG9SAAAAAmgBB5kCzuuXV2Hg8EZsD0lxErbriA16yUoigPueGhRj_Jvo5YGYA7wHv8eGsI4yR8QBP06-Zd_NqgxZiaggDZmNp70vtAr8g5Ah1TdOsbR4kL2C4lXbtJBmNizbvh8uCMIjTU5vjGep04wtPUFX-F2PhuAzlhSDUTHN3AboMYgnxWDEFZTDJvra6w2kHtGPmmpBUpgmw8i8u5yEf7kIHobLnn4-O3BNZM8OjO-nC4EfVmNYSBC0vwjVlksSbnhuSk52X-IbkC67jdE_Z81AVhOyIGvhjN6j56DMo6feIxY2z4EE_d_F5dUIWLN0skeWkxzM54l8USD8RwzoEUA1ZNt9F5bnZ9KF585GXm0Ccn56QHwgmMfDksxC4Vw2Tj2BEMHIczpUjfcjjwJXJL8WXY6aBdFMQqG92OcJex5DEX0jvEzvB4wGEvOaS2HaJfm5P3lBxc3SI8qRcT6f72G9JSxSoUcs59eWvSxy4yeZBLJtypwOzzf89Sf33_daA7M_YzD-XbHe-dOG1yWZDnn0xYyTYyb8NoNioBFFqx6FljECaq7YwKgf0qZZh49MoWTFsGOvPtt-qveH5kVm9uQiSLPfJXLzIoByp9BpLmaj1NdqIVqShtDTdfMkYCg8JwopVf1zeBGHCnhK1H4wABAXfv1lESxnH7mysd5W9Hnb3eP1ljU2ZPl2qcVB7o7HNYHJs1VvO-9Pc_RBjDi6fXolQSCb7eJhoHSbGVVvMLk6-jX__ARXIezhi87s1EFgyz3XMTc4AZYfElDHmgx9oQuRE2OmDBNAJGIBppZDMNRhnkWHNfQ-F0MaevhK2Xo_bDfr3lsUHq7T2fe2NZMAIqAe8VwZAwFnsOoDaUHs6En-oiEhfEgsjHruozvnl0U-sAd7mh94qzNoB29x1RHzHH7DB8DE5GpQAfJE38C2Ag-dfmb9GoFvSOtvDVnnYh_wxi6nGxV_Y2I
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xbtgseba5.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET generate_204
www.youtube.com/ Frame 80A2 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/id

Domain: static.doubleclick.net
URL: https://static.doubleclick.net/instream/ad_status.js

Domain: jnn-pa.googleapis.com
URL: https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Domain: i.ytimg.com
URL: https://i.ytimg.com/vi_webp/-45pW16pKvE/sddefault.webp

Domain: www.youtube.com
URL: https://www.youtube.com/generate_204?3LrsvQ

Verdicts & Comments Add Verdict or Comment

268 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xbtgseba5.pages.dev/	1970-01-21 03:52:12	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOBmAVg4AMAJgEA2IQE5RAgBwCA7PO7yQAXyA
.xbtgseba5.pages.dev/	1970-01-21 03:52:12	Name: _pcid Value: %7B%22browserId%22%3A%22lsjykxlkltnv1bz2%22%7D
.xbtgseba5.pages.dev/	1970-01-21 03:52:12	Name: cX_G Value: cx%3A3s5jjg74h2jko1pl49w4483vgk%3A17c9umg8ebn1z
.xbtgseba5.pages.dev/	1970-01-21 03:59:24	Name: _ga Value: GA1.3.176482196.1707804293
.xbtgseba5.pages.dev/	1970-01-20 18:24:50	Name: _gid Value: GA1.3.1779710540.1707804293
.xbtgseba5.pages.dev/	1970-01-20 18:23:24	Name: _gat_gtag_UA_1684917_1 Value: 1
xbtgseba5.pages.dev/	1970-01-20 20:33:00	Name: evid_0046 Value: cx:3s5jjg74h2jko1pl49w4483vgk:17c9umg8ebn1z
.adtlgc.com/	1970-01-21 03:59:24	Name: evid_0046 Value: cx:3s5jjg74h2jko1pl49w4483vgk:17c9umg8ebn1z
xbtgseba5.pages.dev/	1970-01-20 18:23:31	Name: adptset_0046 Value: 1
xbtgseba5.pages.dev/	1970-01-20 18:23:24	Name: evid_set_0046 Value: 2
.xbtgseba5.pages.dev/	1970-01-21 03:52:12	Name: cX_P Value: lsjykxlkltnv1bz2
.cxense.com/	1970-01-21 03:09:00	Name: gckp Value: cx:3s5jjg74h2jko1pl49w4483vgk:17c9umg8ebn1z
.xbtgseba5.pages.dev/	1970-01-21 03:59:24	Name: _ga_WBWT7L8BYX Value: GS1.1.1707804292.1.0.1707804295.57.0.0
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: oZLvL1ijR2g
.youtube.com/	1970-01-20 22:42:36	Name: VISITOR_INFO1_LIVE Value: nD-xZGZJvCM
.doubleclick.net/	1970-01-21 03:45:00	Name: IDE Value: AHWqTUmF5W0qK0eOkqU0YpjIjePWJNcI0OPEXX2i_j3y_LB57ERDVDq-teVqoUjuhCw
.doubleclick.net/	1970-01-20 22:42:36	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-20 22:42:36	Name: APC Value: AfxxVi76z88i51ncHiybRSgqIe2IZqLBFAHD2wAVmtf5h-QjrR0qLw

77 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://media.promotor.ro/0zaQMee6mBx4hBlYrM9bvdLR6UY=/790x555/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Ftest-drive-mazda-mx-30-plug-in-hybrid-motorul-rotativ-s-a-intors-26-1024x683.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/4SCNntYA0fan2EPByMsgP8Uj46c=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://bctser343grh.giize.com/wp-content/uploads/sfm/2024/02/1571297693/e71957b152aed2c8661a862f9dde0be4-o.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/T_SIQN_eZb7JASzuN-wC6AZnFO0=/500x250/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fford-puma-facelift-2024.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/4iTn4OYQzslO3dBhohzH4Lxqi_Y=/250x150/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2F2024-cat-costa-sa-aduci-o-masina-din-olanda-e-mai-ieftin-cu-platforma-sau-pe-cont-propriu-1024x525.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/6fWlj8frZf7kJlJUktW6wtXDTyc=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://bctser343grh.giize.com/wp-content/uploads/sfm/2024/02/1571297645/dc6d46dc69a9e3be669320925371bda4-o.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/WK2F5E1T_kMJUO9177QTORyIGOo=/250x150/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2021%2F12%2F2021-kf3-gr86-high-001-2-1024x796.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/uiUtlEQRFrQW9ZwwV1Q9_hSZUyw=/500x250/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fsuzuki-swift-este-masina-ideala-pentru-oras-un-pachet-distractiv-si-economic-video-8-1024x576.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/MbNHXZrW1Uku7TRLpBr3EwPg-8g=/500x250/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Frenault-dezvaluie-numele-noului-sau-suv-compact-modelul-va-fi-denumit-symbioz-2-1024x575.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/juwH-tSrZw6WPmCATaqYRsJrQbQ=/250x150/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fautorulotele-mercedes-benz-marco-polo-aniverseaza-40-de-ani-de-existenta-iar-viitorul-se-anunta-a-fi-electric-1-1024x683.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/Vm6AvkZVi-oDOX5wFM2J3uOjj68=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://bctser343grh.giize.com/wp-content/uploads/sfm/2024/02/1571380247/8d2419b4017b9232d372b1a5b3e2b5a0-o.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/hqsmjL7x3_Z7-uP5qocK5Sh0DlQ=/460x260/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2023%2F12%2Fmazda6-test-drive-1024x576.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/uM-5mMj3xznw-g_GGWUkUfsVq9c=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://bctser343grh.giize.com/wp-content/uploads/sfm/2024/02/1571297657/314d26a400148880c64632bd1416376b-o.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/gvWW2yqLD1CagA8X9YGsNHUZUzw=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://bctser343grh.giize.com/wp-content/uploads/sfm/2024/02/1571380236/90b169a0d7368ea22ef437c0e9b3a81e-o.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/hS60Xrrks5-BpSf-KKqTvRQXee8=/250x150/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fregulile-si-indicatoarele-rutiere-din-parcarea-unui-magazin-sunt-obligatorii-ce-prevede-codul-rutier-shutterstock_1709757910-1024x637.jpg Message: Failed to load resource: the server responded with a status of 503 ()
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://media.promotor.ro/loD_M8qOBylY-A0BJqDopeUPI8A=/250x150/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fue-vrea-ca-suspendarea-permisului-sa-fie-valabila-pe-tot-teritoriul-europei.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/mis6UOpHPqbUFekDXy0wLxALD5U=/250x150/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fcea-mai-urata-masina-din-lume-reimaginata-in-forma-electrica-foto-1024x576.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/492qfFGeNv-LCONJWb4de0N3RuE=/250x150/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2023%2F10%2Ffiltru-de-ulei.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/VpOIP0mveC6fxiHSTA3eurTetgs=/250x150/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2FWhatsApp-Image-2024-02-12-at-15.34.33-1024x576.jpeg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/OFNJWmiHaaTthpbVFARAl2Od9Qc=/250x150/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2FUn-nou-document-devine-obligatoriu-in-2024-Sunt-vizati-proprietarii-de-masini-1024x704.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/s_90crUiXXTj-oG1AZRY6tL-pNw=/460x260/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2023%2F10%2Ftest-drive-peugeot-508-facelift-29-1-1024x576.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/eByJzUPiPn4GymqllTWYvwJjfvc=/250x150/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fnoul-aston-martin-vantage-livreaza-mai-multa-putere-si-un-desing-mult-mai-matur-video-9-1024x683.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/T2mJgx7UJn1p7DGuljOeh-sCb4A=/460x260/smart/filters:contrast(5):format(webp):quality(80)/https://bctser343grh.giize.com/wp-content/uploads/sfm/2024/02/1571297645/54fd4974966d6ca134866ac83bfee720-o.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/8gvouRfxZBzNjhzmDIYaUU9FJrw=/250x150/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fasemanari-si-diferente-intre-scuter-si-moped-care-poate-fi-condus-cu-permis-categoria-b-2-576x1024.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/7vF0ZQ7yd76880XZ08sbB08lrtU=/460x260/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2023%2F11%2Ftest-drive-bmw-seria-5-44-1024x578.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/P60S8zbOfHhz_mcCHMMICLnAzO0=/250x150/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fferrari-purosangue-fotografiat-in-bucuresti-2024-strada-parcare-armand-arion-5.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/asbcWfT-SiWlkSMZs0_ZiLD5YQ8=/1170x600/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Frivalul-daciei-duster-a-ajuns-in-romania-ce-ofera-noul-mg-zs-video-19-1024x683.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/HSleBZd7XKFURwc9EofcVAm81D0=/790x600/smart/filters:contrast(5):format(webp):quality(80)/https%3A%2F%2Fbctser343grh.giize.com%2Fwp-content%2Fuploads%2F2024%2F02%2Feditia-31-%E2%80%9Epodcast-cu-prioritate-apare-luni-12-februarie-ora-1200-invitat-george-grigorescu-2-e1707137015870-1024x582.jpeg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/IZJrFlc97JdKEYoJ-wVyKwQe7sc=/460x260/smart/filters:contrast(5):format(webp):quality(80)/https://bctser343grh.giize.com/wp-content/uploads/sfm/2024/02/1571297645/74009b9addf80ae2902d98daa5a4bbba-o.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://media.promotor.ro/wMHQ6vxU5nK03sLZ02rMAnBHqF8=/220x124/smart/filters:contrast(5):format(webp):quality(80)/https://bctser343grh.giize.com/wp-content/uploads/sfm/2024/02/1586957941/b1be6c8ae847be73198c02aac558ddc5-o.jpg Message: Failed to load resource: the server responded with a status of 503 ()
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bctser343grh.giize.com/wp-content/plugins/strawberry-video-pop/assets/scripts/dist/assets/index.js?ver=1651817729 Message: Unrecognized feature: 'web-share'.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xbtgseba5.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3b55fef12947a5acbb5ac024a8d4c7a2.safeframe.googlesyndication.com
ad.doubleclick.net
admp-tc-sati.adtlgc.com
api.cxense.com
bctser343grh.giize.com
cdn.ampproject.org
cdn.cxense.com
code3.adtlgc.com
comcluster.cxense.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.ytimg.com
id.cxense.com
jnn-pa.googleapis.com
media.promotor.ro
p1cluster.cxense.com
pagead2.googlesyndication.com
region1.analytics.google.com
s0.2mdn.net
scdn.cxense.com
securepubads.g.doubleclick.net
static.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
xbtgseba5.pages.dev
yt3.ggpht.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
static.doubleclick.net
www.youtube.com
104.102.46.108
142.250.185.226
142.250.185.70
167.235.124.25
167.235.124.59
195.181.241.253
2001:4860:4802:34::36
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2006
2a00:1450:4001:811::2008
2a00:1450:4001:812::2004
2a00:1450:4001:813::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:828::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:400c:c00::9c
2a02:26f0:1700:181::268b
2a02:26f0:1700:1ad::268b
2a06:98c1:3120::3
2a06:98c1:3121::3
52.49.79.233
03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6
08d631a369d2ed43e50e4e6dbb4619589fcf7a0b46d215ece86e1493b85fb464
0a7c5cebbb6d6eff010530c59b73e9e423125219661ff9bc5866c55cd17a5607
0c2eb05d46d97e8b48b70dc02f0b9c222de695214bc7f761a4d83635e9f5ee1a
0e0fe497c2342b482b8ef2e2fd3756716a88593e363006d2dafd478534d97c2d
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1643f549380aeab61b23502d9f260f7350d9c2bd34dbc3cb0af73644332b6ef5
179cf879e9fbd15fafe600c10c0c5fb50237295b669e42e31f829838eb4d04ca
210f133fed9d69c3f06a9d059189d34fc2689668bf84f2151e23aff2ddf71e2f
2125b73ae211f46f82ee27eee87e5aa312c5bbf2aedca1b50b7d80f21fd3d5d2
21fb96298942208516e544e8e38eddfe75f3fffc2e2946dfc397354d4b1f5181
23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a
244f9013ff972cac8f03cdac206e08c733ba70140153ed7607ee424b58272341
288fd8ba8cb04967d8ffdb274e8828d79fe679e6991ceff828f0f48e04f315db
2f7b1e392b75efa0e4eb848f048a8a3ceea77d700746634e0c1bc430c625c570
318e11cbc994665315e8a074421c05681ed63d3d1259cb24889ac7981e4b2073
31b11a2e634abd7166080ec689881f1152413a31284ab5fdff37ffd2cfac3212
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
426e7b6570795bc7db0f653c34b536c2a5d266d08b225a12a874e43097c33063
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44e3b23bf9887aa0d402c0b0f74e9643f94dffb45ccf1c8af3b410efc850690b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4717a9af7fc083a0e7f0b12c378d29a5814568761341cd984f411bfb15faa030
4b0260a5f9545d179da36b8d13d613ee314ac32ec5cbad8ef0730a3f255ce4d7
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ea43641040f44a848c164738b57fb175c03ebab3e71dac02d8953a1c4c1be6b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
634452a9edacddb496182ea96d3b32aeb710730bfa32ade631ea7d194b5860e6
67c23e95b0268725a3eb540c55ff233c6fb6c18aaaa6636fbbacffbfe4c3c0b1
6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70651252ddc3ae3cc902b7f374fb9037f0a27192fb31b66acbf5300441b45ad3
71faa0aee2b44ceb3bb2bb045c99e96162baa34242f5d8774e171c86508d8baf
72ae983c022340cb68443170b64889ca5c5018fba219b6c7b31cdcd6de929921
74061d8734c159534ff12345d49f3082ff0d46f07d7961e628327d5e54307150
776b93b99396bd35a9bc62f2ffe2cd9462e9f47296b99d49b39d6d1a4ade1d7e
7e967e829628d4e8939f8be3a2145f3edba35db4aa7a33d98d089bf251ff2b75
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e2149f90b9901435406e7c6e151ac335f990b1b4da62b02a62a799ed8ff564c
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
940b936e9579cc4bf02555cdfec18241c6f748b48d0213ca2576e4db99dea491
9c412cda682df0aa2676ea7360912d71325a8e459f57cd5ec611b9d797ea12c6
a0f6078ddaeef5f86b7e6ed74247c6ade57731a4c6ff797dbfa4b3ead20b4392
a3ebe94bf8b50568a7e0495273481bcad0cdf840597178e6af35c66ad5330862
a49e67ec1d9199fe4b0093def42da878674848cdcb044628bde09f888d5d2d72
a9a2faf3d1d9a5f13727fb10c1d1aaa047ede07a5619237c07d14cbe1a249ee7
aa0a0322845bee4a70a455cef64113ca3dabc14c0380722eb5b2a847115f1771
ac9020e4963dcda138f34b3512b528df3dc333ac3df66850e6ce9583abeb62e8
afaf589a486468f63c165b96d7c860428314f4ff4a8d00e669b96fef70fb6d40
b36148a7ba888782e5fa1d52baa3db9045256fbea35a369412938cec151fff4d
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
b441fe8b0a838bfe27c32d6dc64910e3ed3d55bd06a605b8d4a5c1ea15fe4b7f
b7774c353a621c534c2bc605e64a4f03f7923256b97558cc677ee5a7f732026f
b9d6414733583af09dece61e7ec8529201333617f4637123c816f5c285d0e69e
baee049272b23bef0a1a5f69bec303a844dc431d25607426aba9f49161e69be5
bd36a596d0a9c63a5fbe08e2364a530aa94aa89a9844d2efb3607c6f181ce342
c7d4c43f68c47e19be7184c316c903223b984fc57c4634fada219f486663cefb
c86a504e4ccaa48d0bcfecdc6ade53faaf83334b1c2e7bb0a9b791809e03aa7c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d110d4a59eed5e7930b518b3fb1a76c1b7615275be6ebe7d6f0248dea2c0bb29
da80171367ccb86206235641cfa5efc267725e1870f5cc5c2a777dc57c7d5ebe
db2f2e8fc1fb9b122633349c995f0d94d5d28e8ebb72c29a22562790c3b059c1
dc9a4ccaaf01d80011a3413a1857391e893e6f06827f58977e4e8ab1c524e605
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e412198e3f167d72e76f56563fc31ea3468e1d9c51495fff148cb2a802a66ead
e6c25262e81839b1a1c14ae664f0a46f60e746ed3fdd2b5a530f3ed24f078ab2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb80529a076c67c30380638bd7c4c05a0785e293cc50fc94fa1f8907a4ee62d8
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
edc3a488d5f82841b1bb7d523d02ec5ceb80f9029354d2469817cb73d71d562a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8855f2bc602ca6e6d5cda1c3069ad61822e00f5e435127f40a917fc5cc94ea
f11f7cb04952b5955650591f3e8d80e99d49e9371a5a8432dfb0499ab5db1156
f5f1b0b1a6995d00fbb6d040d66ae99f409c414501c14a77051dfd407b7aa419
fa3e11e4ac5b0084b6c6f6963a243e98b6a35a73fdf89d3d296ed154ac56f7ad
fade87adb180b7d137c67f5c200574f11fb934a71d95b591eb40a26539a1e769
fb56f0e08adb026eb4e4b28c2fc33b35ce3ddf30a075f9906ec14caff095fa3c
ff85b21aac41ba73d1353d0693356adfb571ceee4ab09fb9dc9100c5e62e4939

xbtgseba5.pages.dev Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

165 Requests

97 %HTTPS

75 %IPv6

19 Domains

33 Subdomains

29 IPs

5 Countries

3575 kBTransfer

8942 kBSize

18 Cookies

66 Outgoing links

Page URL History

Redirected requests

165 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

xbtgseba5.pages.dev Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

165
Requests

97 %
HTTPS

75 %
IPv6

19
Domains

33
Subdomains

29
IPs

5
Countries

3575 kB
Transfer

8942 kB
Size

18
Cookies

165 HTTP transactions
5 data transactions