Submitted URL: http://tt.vg/
Effective URL: https://tt.vg/
Submission: On September 08 via api from US — Scanned from NL

Summary

This website contacted 21 IPs in 9 countries across 26 domains to perform 174 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is tt.vg.
TLS certificate: Issued by GTS CA 1P5 on July 26th 2023. Valid for: 3 months.
This is the only time tt.vg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 43 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
2 10 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
16 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
3 14 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
28 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 142.250.185.194 15169 (GOOGLE)
1 1 151.101.66.49 54113 (FASTLY)
3 19 142.250.185.226 15169 (GOOGLE)
1 1 52.28.12.14 16509 (AMAZON-02)
8 8 37.157.3.30 198622 (ADFORM)
4 4 213.155.156.169 1299 (TWELVE99 ...)
2 178.250.7.11 44788 (ASN-CRITE...)
1 2 23.32.185.35 16625 (AKAMAI-AS)
2 4 2001:678:cb4:... 56396 (AMOBEE)
1 1 35.190.0.66 15169 (GOOGLE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 3.120.226.29 16509 (AMAZON-02)
1 1 35.204.158.49 396982 (GOOGLE-CL...)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
174 21
Apex Domain
Subdomains
Transfer
47 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
594 KB
43 tt.vg
tt.vg
716 KB
33 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 53
cm.g.doubleclick.net — Cisco Umbrella Rank: 259
215 KB
21 gstatic.com
www.gstatic.com
fonts.gstatic.com
616 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 2
51 KB
8 adform.net
c1.adform.net — Cisco Umbrella Rank: 660
6 KB
7 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1180
www.googleadservices.com — Cisco Umbrella Rank: 156
598 B
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58
7 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 226
283 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 991
r.turn.com — Cisco Umbrella Rank: 4368
2 KB
4 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5086
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1052
2 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1452
449 B
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 633
725 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1767
587 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2238
173 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 935
715 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3462
104 B
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 2053
296 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 490
713 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 7482
553 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 771
730 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 778
538 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1977
247 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1103
7 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
84 KB
174 26
Domain Requested by
43 tt.vg 1 redirects tt.vg
static.cloudflareinsights.com
28 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
19 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
19 pagead2.googlesyndication.com tt.vg
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.gstatic.com
16 www.gstatic.com www.google.com
www.gstatic.com
googleads.g.doubleclick.net
14 googleads.g.doubleclick.net 3 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
10 www.google.com 2 redirects tt.vg
www.gstatic.com
www.google.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
8 c1.adform.net 8 redirects
6 www.googleadservices.com googleads.g.doubleclick.net
6 fonts.googleapis.com googleads.g.doubleclick.net
5 www.googletagservices.com googleads.g.doubleclick.net
5 fonts.gstatic.com www.google.com
fonts.googleapis.com
4 d5p.de17a.com 4 redirects
2 pm.w55c.net 2 redirects
2 r.turn.com
2 ad.turn.com 2 redirects
2 sync.teads.tv 1 redirects
2 dis.criteo.com googleads.g.doubleclick.net
1 dsp.adfarm1.adition.com 1 redirects
1 tr.blismedia.com googleads.g.doubleclick.net
1 um.simpli.fi 1 redirects
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 ag.innovid.com googleads.g.doubleclick.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 d.agkn.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 static.cloudflareinsights.com tt.vg
1 www.googletagmanager.com tt.vg
174 31

This site contains no links.

Subject Issuer Validity Valid
tt.vg
GTS CA 1P5
2023-07-26 -
2023-10-24
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
www.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-10 -
2024-04-09
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-19 -
2023-10-18
3 months crt.sh
*.innovid.com
RapidSSL TLS RSA CA G1
2023-03-15 -
2024-04-14
a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2023-08-15 -
2024-09-15
a year crt.sh
tr.blismedia.com
GTS CA 1D4
2023-08-07 -
2023-11-05
3 months crt.sh

This page contains 22 frames:

Primary Page: https://tt.vg/
Frame ID: 0217FAA220F30CA29F511AFD8D237E49
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html
Frame ID: F79C3DA5012718E48CF26414C56F1E49
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8TFYjAAAAABJHquBlH3UT777CF6lK0IS-Be0C&co=aHR0cHM6Ly90dC52Zzo0NDM.&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=btv2dujgoc35
Frame ID: 460A7BE20A416000D6B6821A42F58DC9
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&adk=1812271804&adf=3025194257&lmt=1694178517&plaf=7%3A2&plat=1%3A16777216%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x810_r&format=0x0&url=https%3A%2F%2Ftt.vg%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185716618&bpp=6&bdt=715&idt=407&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5127701079112&frm=20&pv=2&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=428
Frame ID: 1EB9FF1408E8337A65FCEA83F198CFFA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3987640334&adf=379431333&pi=t.aa~a.995694564~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=3&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0&nras=2&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=79pYMtUQHD&p=https%3A//tt.vg&dtd=43
Frame ID: 098604E624247474BAA1D3D091A2A227
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3291032931&pi=t.aa~a.3133132311~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280&nras=3&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3073&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZRQ56lCdm9&p=https%3A//tt.vg&dtd=49
Frame ID: 36C7D008F942F08E13948426DDC86F52
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3896020557&pi=t.aa~a.3133131374~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4046&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Pw2jI9TuDy&p=https%3A//tt.vg&dtd=53
Frame ID: 6141391222B5CE70B876F5AE5BE021AD
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3D9B0D8D9704974B7FCFFF36AF8C889F
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1A665DAE4733E88BB192D7F3D9545BB2
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F15AC587157F233380D5F071F7E7C83A
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 366B6FCF397D46AB06D1C691ADAFE52A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3C4EBFB1A551D90FFA4989EDDA27E65D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EC570B8E6563F5EB1E195AE52BEC3228
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7592E521F2ED587E5DDCCFAB98A06446
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Frame ID: 1FE219E1C4DF2E48B249A22EECD1C89A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Frame ID: 8CC040A06D0E82FE830B878121DCF21D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DA60021CAFC9607E7819AA60772A1A90
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4FE434C626ACB02A394B0388ECFA4BAD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 31A4C4138A9FC6505EFD9E5F245AD974
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Frame ID: 8614C74B94644BE7F386B72F0FA22BC8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Frame ID: 8EE3BBDCA79C2C864B4639CBE9E0CF37
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Frame ID: 6F95DE144ED61EFBF672E1E9A92189BD
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

URL Shortener - Short URLs & URLs statistics | TT.VG

Page URL History Show full URLs

  1. http://tt.vg/ HTTP 301
    https://tt.vg/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

174
Requests

89 %
HTTPS

55 %
IPv6

26
Domains

31
Subdomains

21
IPs

9
Countries

2575 kB
Transfer

6290 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tt.vg/ HTTP 301
    https://tt.vg/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 95
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 122
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CuNPF9Tj7ZLrBO6SCwuIPr6Oq-Aqx7o7mcrj78r2YEv_Ror3AARABINmQ-W1gkYSghYwYoAGcr_uoAsgBCagDAcgDywSqBLsBT9BLjAFpy3V3ME9TWwixz0kVJBZYK-tCsJ2LCgZF8B97FD7e-yXUN-YIMeFdlMGZ4mLaSy-qVpEH1jgEuNhJcUuTXT99E_jABUxTOBKoePL1vQzZdpIHh9jI7a7HwOAWimf5zSzo1a7oASyJcDv10x3yKvqjCndni3sgzbp66IhJm1cxSk8BE7g08hra1DqmD8xekV9z53UHr_ZYD2mzSTYu1rMkLEz3GWeoxs-mtafnA9AtlP0k9oGzKcAE9c6t7p4EiAWdwOWdSZIFBAgEGAGSBQQIBRgEoAYugAfM0ITXAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEL3gAdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCc8BaHR0cHM6Ly93d3cuaGVyby13YXJzLmNvbS9sYW5kaW5ncy9sb290MTFnL2VuLz9rbVByZWxvYWRlcj1ta3RfYW55d2hlcmVfMWIuanBnJm54X3NvdXJjZT1hZHhfYWR3b3Jkc3BlcmZtYXguaHdfd2JfdWNfLS5jYy13d18xMmxhbi5hdS1taXgub3B0LXB1cmNoYXNlLmxwLWxvb3QxMWcuZHQtcGVyZm1heC5jaWQtMTk2NTgwNzIzMTcuYWdpZC0uY3NkLTA4MDIyMy4tgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTQzMjc5NDM3NDQxODEyMTMYAA&sigh=_QfKWz4i5OI&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJW_GMLNv8_tz3ccRtQJ3O0dcH7fPHfvfvxloXaWbVoqDHe-Sz-glM07zEzlW5JG8lnixzmvTMpGAE&template_id=5000&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22464460850418726138%22,%22debug_reporting%22:true,%22destination%22:%22https://hero-wars.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22622778268%22],%224%22:[%2209-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226512300339696590209%22}&andc=true
Request Chain 143
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEF16Q_ojWwFsIKSccQdsPEI&google_cver=1&google_push=AXcoOmTjCL8apxQwB8koX6rbC1wCkhchlHM_Z_NwhhfiEdF8H3ZJXcijYzW7P61v4uMr9p49bUZV0332EVHyKyBB_KcuT4f42og_o68 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF16Q_ojWwFsIKSccQdsPEI&google_push=AXcoOmTjCL8apxQwB8koX6rbC1wCkhchlHM_Z_NwhhfiEdF8H3ZJXcijYzW7P61v4uMr9p49bUZV0332EVHyKyBB_KcuT4f42og_o68
Request Chain 144
  • https://d.agkn.com/pixel/2175/?google_gid=CAESENUzFGKmsXL9fwfgHooow0g&google_cver=1&google_push=AXcoOmSG83n0LR5qF40Bu7Zqxv12nZ6yfKqZW3PJTjEi5u4qQPA7xFxssIeWDNTqmCE8oFpWnOfzMcfS9Mx-HG8IqvomVGsptCYZ8G8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSG83n0LR5qF40Bu7Zqxv12nZ6yfKqZW3PJTjEi5u4qQPA7xFxssIeWDNTqmCE8oFpWnOfzMcfS9Mx-HG8IqvomVGsptCYZ8G8&google_hm=Q0FFU0VOVXpGR0ttc1hMOWZ3ZmdIb29vdzBn
Request Chain 145
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEe84WDlon3PcLiYNP5dHsU&google_cver=1&google_push=AXcoOmTjt69cC9agxaOu7rGH9wX92vpvUPdE0fE6CgWaNEWOc_UmUEyie2-E9k5WEphlgrW9Mh4WISlK_VCr1TmrmWLULan6eNybHDY HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEe84WDlon3PcLiYNP5dHsU&google_cver=1&google_push=AXcoOmTjt69cC9agxaOu7rGH9wX92vpvUPdE0fE6CgWaNEWOc_UmUEyie2-E9k5WEphlgrW9Mh4WISlK_VCr1TmrmWLULan6eNybHDY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjczMTk3Mjg5OTg0MzYwNDU0Mw&google_push=AXcoOmTjt69cC9agxaOu7rGH9wX92vpvUPdE0fE6CgWaNEWOc_UmUEyie2-E9k5WEphlgrW9Mh4WISlK_VCr1TmrmWLULan6eNybHDY
Request Chain 146
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEOhuuSGT25a3QXUZ3UYgmWE&google_cver=1&google_push=AXcoOmSeZLeF3g_7inTGf97BwsFJyDQMCug8VDIYdqIt5nZ54xZipU58kXGPi1NNyZFiwZYr4JQ5AceHJWlXy3m9-uoaOJaUoEy0AUw HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOhuuSGT25a3QXUZ3UYgmWE&google_cver=1&google_push=AXcoOmSeZLeF3g_7inTGf97BwsFJyDQMCug8VDIYdqIt5nZ54xZipU58kXGPi1NNyZFiwZYr4JQ5AceHJWlXy3m9-uoaOJaUoEy0AUw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSeZLeF3g_7inTGf97BwsFJyDQMCug8VDIYdqIt5nZ54xZipU58kXGPi1NNyZFiwZYr4JQ5AceHJWlXy3m9-uoaOJaUoEy0AUw
Request Chain 148
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEe84WDlon3PcLiYNP5dHsU&google_cver=1&google_push=AXcoOmQQN1yaw-uFP0YgBgiiFirX8isDqyEouD4_QdKH5Gib8H5RX-HiAY-awroFw_xYToGIRYNAnKL2QEJ6vc0STqxdjjlli-_Man4 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEe84WDlon3PcLiYNP5dHsU&google_cver=1&google_push=AXcoOmQQN1yaw-uFP0YgBgiiFirX8isDqyEouD4_QdKH5Gib8H5RX-HiAY-awroFw_xYToGIRYNAnKL2QEJ6vc0STqxdjjlli-_Man4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzU1MjAzMjMyMzU0ODEzNjI5Ng&google_push=AXcoOmQQN1yaw-uFP0YgBgiiFirX8isDqyEouD4_QdKH5Gib8H5RX-HiAY-awroFw_xYToGIRYNAnKL2QEJ6vc0STqxdjjlli-_Man4
Request Chain 149
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELpPSpuIxUKD7jge2vtCI30&google_cver=1&google_push=AXcoOmQdvD9zgTV5CACmAI_pgolR1b1LUm5bOUhamBJdWaEHi03Tft0JakiChRLg0PmNZeR12KU_1KhCfm3740s2CeuNaWGLfgEXb_Lj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQdvD9zgTV5CACmAI_pgolR1b1LUm5bOUhamBJdWaEHi03Tft0JakiChRLg0PmNZeR12KU_1KhCfm3740s2CeuNaWGLfgEXb_Lj HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 152
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEASfoB9uhIuK9Wm338HJ7bc&google_cver=1&google_push=AXcoOmQgE_ilktK7uUZ3vU4t7_vTjhTJc4ZVZkmixXeldjVe5cnTaJyhAh__JXZf91x8UZ0xMfRL5ttOpL-cCQnXM4pfJh2z_aJV HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA2MzU1Mjk0NjAzNjA2MzA5NQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELpagC4vC_tIv9Di90gxWYM&google_cver=1
Request Chain 153
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEN4nvsvEljNWMMeVnTowHus&google_cver=1&google_push=AXcoOmT4Qh28wvOaS2Rd-rh5xNyozAfl39uJHHBcOLlgXkH8HWl8qh1Mrjo_jceX4u2MqexM9_zOcn7RSdKITfneKXDLKvfIidAGLQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=VslGCWGYSnOa40AnNxRFBw2&google_push=AXcoOmT4Qh28wvOaS2Rd-rh5xNyozAfl39uJHHBcOLlgXkH8HWl8qh1Mrjo_jceX4u2MqexM9_zOcn7RSdKITfneKXDLKvfIidAGLQ
Request Chain 154
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGUVD1COS23CloKZ1d9Sm6Q&google_cver=1&google_push=AXcoOmQqyohax8G9UNguBwsGB9TF-rkJBklSR_tENviamb9MRZpRtzjyVurqTB3AKON2flgsZdU6GWT--iPmVyi881OQulocg9fBCw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQqyohax8G9UNguBwsGB9TF-rkJBklSR_tENviamb9MRZpRtzjyVurqTB3AKON2flgsZdU6GWT--iPmVyi881OQulocg9fBCw&google_hm=eS1xTFlkbFh0RTJwRVdwNVFkekVKVzVwQlFnaEpiM0FYS35B
Request Chain 155
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGRL6mofpCcpPHLG_2oxP8U&google_cver=1&google_push=AXcoOmRrsBwUDKd2CYCrGJLHuXGGa2F9e5J1lN8UyZ6cdR1BBKCLGTB1mel-HbZ1wFYbqkwlHZTL1V5pdT-5lnK4nw1k2DKz6e_x HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGRL6mofpCcpPHLG_2oxP8U&google_cver=1&google_push=AXcoOmRrsBwUDKd2CYCrGJLHuXGGa2F9e5J1lN8UyZ6cdR1BBKCLGTB1mel-HbZ1wFYbqkwlHZTL1V5pdT-5lnK4nw1k2DKz6e_x HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkzMzcwNzM1NzA3ODkxMTc2NA&google_push=AXcoOmRrsBwUDKd2CYCrGJLHuXGGa2F9e5J1lN8UyZ6cdR1BBKCLGTB1mel-HbZ1wFYbqkwlHZTL1V5pdT-5lnK4nw1k2DKz6e_x
Request Chain 157
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGRL6mofpCcpPHLG_2oxP8U&google_cver=1&google_push=AXcoOmQXZ4P9azs8P96DslD6UsaDnBi7L5PEoBEiU6tAQlv3gzvaS9o2rfLaaODnK5wlfTxHEf0QHRvqZ--CRPQOlmhbesmlz2SNXQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGRL6mofpCcpPHLG_2oxP8U&google_cver=1&google_push=AXcoOmQXZ4P9azs8P96DslD6UsaDnBi7L5PEoBEiU6tAQlv3gzvaS9o2rfLaaODnK5wlfTxHEf0QHRvqZ--CRPQOlmhbesmlz2SNXQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQzMDEzNDIzNzk1NjQ0NzAzMg&google_push=AXcoOmQXZ4P9azs8P96DslD6UsaDnBi7L5PEoBEiU6tAQlv3gzvaS9o2rfLaaODnK5wlfTxHEf0QHRvqZ--CRPQOlmhbesmlz2SNXQ
Request Chain 166
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CWIW39Tj7ZMXnO8iqtwfPyJyIC7b81Oxy3qn8hbQRChABINmQ-W1gkYSghYwYoAHss_LAAcgBCagDAcgDywSqBLsBT9C_rG1RJbhEwj0-Deyji9LhnNW82b8SJcWM8Rlmm0mBJ_7uGu1cf-M2MNzkw4FLrPoB75QV7SNaCy9g69vdLhyDtLCsbEm21sMBRuUUkakhOzq1m5FhbuaeBhGeWrwuY0LT7vEpu_4dtjUrRLty_o_E3_weRVxCjDdtRafKsTrqiAyqv1Tz_pa_r4MgDfbFRzTn94565D7mdM6SVhUkXCuQ8VVatLNl8jEAEim6bJcaFRKoJ3MXkr17EsAE_Pjol8AEiAX3vYmaS5IFBAgEGAGSBQQIBRgEoAYugAf8y42_AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOKUAdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCSBodHRwczovL21hZG11c2NsZXMuY29tL3N0ZXAtZ29hbIAKAcgLAdgTDIgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi00MzI3OTQzNzQ0MTgxMjEzGAA&sigh=9NCIFviMelU&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWZuI9adS58uBCHZhG1GVxalmH1eYIT9Q-Y9PcUDzAT7vV3z5vEozDePYcx_Gn8eovv5nPIcc_GAE&template_id=5000&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227441542534460456563%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%224%22:[%2209-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22175904581492539553%22}&andc=true
Request Chain 167
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELpagC4vC_tIv9Di90gxWYM&google_cver=1&google_push=AXcoOmTKkKtMZ1R6EJgSv03pqiwLsTAy1MM9ERCqrPV7bNKZs0XA3ewbJKoTaLXSehHGvE8thA-16MgZtx6xUHWQE2AtpS7SrmKFeFo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTA0NDMzMzI1MTE4NDA4MTc4Mw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELpagC4vC_tIv9Di90gxWYM&google_cver=1
Request Chain 169
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEB49M99z9QgkqZV4Nrj6FTk&google_cver=1&google_push=AXcoOmTNplwKy4pWtjBJVGkZzBy2MQrkrG8pp3JuFn2Zhx1lDm6BIPfToR1GSUzdB_lDCfZdw6KPX7BXthBjMxsdkGrkHvWO1azZkA HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEB49M99z9QgkqZV4Nrj6FTk&google_cver=1&google_push=AXcoOmTNplwKy4pWtjBJVGkZzBy2MQrkrG8pp3JuFn2Zhx1lDm6BIPfToR1GSUzdB_lDCfZdw6KPX7BXthBjMxsdkGrkHvWO1azZkA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WXV2Zm10TVoxUUVENjc1&google_gid=CAESEB49M99z9QgkqZV4Nrj6FTk&google_cver=1&google_push=AXcoOmTNplwKy4pWtjBJVGkZzBy2MQrkrG8pp3JuFn2Zhx1lDm6BIPfToR1GSUzdB_lDCfZdw6KPX7BXthBjMxsdkGrkHvWO1azZkA
Request Chain 170
  • https://um.simpli.fi/gp_match?google_gid=CAESEJFs9X7vj2BU4Q593JlIA9c&google_cver=1&google_push=AXcoOmSwUDwCVtHwnxxs5aGjOAUo4iTXXjkestD0aUGEPneFy_vg1MA4SPJzgxfeSFGiB3iV1PDeVT2wvwCWtPVpA69T8r1G3Y6f3g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=580C5501BE4A4886BE44F55DA5333891&google_push=AXcoOmSwUDwCVtHwnxxs5aGjOAUo4iTXXjkestD0aUGEPneFy_vg1MA4SPJzgxfeSFGiB3iV1PDeVT2wvwCWtPVpA69T8r1G3Y6f3g
Request Chain 172
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEA6Od9m_enxfvMA7rbQbxk0&google_cver=1&google_push=AXcoOmSuwwN_7qiifPf0ed4HcBHIEa1QnlBc08dgS6gKDhquIe9hxmloiKq4GRvYjWXccwscbLj56aRab0DJIp8GutrRdIi7_mTlvbE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NjQ3MjI1NjQ1NTc2ODIxNQ%3D%3D&google_push=AXcoOmSuwwN_7qiifPf0ed4HcBHIEa1QnlBc08dgS6gKDhquIe9hxmloiKq4GRvYjWXccwscbLj56aRab0DJIp8GutrRdIi7_mTlvbE
Request Chain 173
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEKBeif3LjcZCn9kUZjttcro&google_cver=1&google_push=AXcoOmSxDv0QQTLwn7VSUmUKQdRpj82VuoQOKYFFB52C2YeRxUE81VLJBzcgFo_p_v79ChEaslFfEOO93OEZ4AzmCOa8qpwyCpZAig HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEKBeif3LjcZCn9kUZjttcro&google_cver=1&google_push=AXcoOmSxDv0QQTLwn7VSUmUKQdRpj82VuoQOKYFFB52C2YeRxUE81VLJBzcgFo_p_v79ChEaslFfEOO93OEZ4AzmCOa8qpwyCpZAig HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSxDv0QQTLwn7VSUmUKQdRpj82VuoQOKYFFB52C2YeRxUE81VLJBzcgFo_p_v79ChEaslFfEOO93OEZ4AzmCOa8qpwyCpZAig
Request Chain 177
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CLNmu9Tj7ZLKgPJCMwuIPyq2asAe2_NTscqfRgfrkEQoQASDZkPltYJGEoIWMGKAB7LPywAHIAQmoAwHIA8sEqgS7AU_QXvCugApRIKDyCSmyYaNqcXE2DcmYvyVhRe0TjIeZH2QKAI3PLoAr2tvG9yY5hXdrmwbUCjHgJowLJb3zdEtQsuh4wxRJZQOqlWvsElCONLqIL6M2p2DXh8uzGdTsE2rjPoB-lhGUxQ2ahssXHcRzpVTuOfGSaeWu93kbZ220-qArIBDx6XYG1YHKg4Jm9QXmxJvlM0iSal2WIVFx91KbHTxYAYvqlZUbzLdvBjXYin0UhlX2j5PdpJTABPz46JfABIgF972JmkuSBQQIBBgBkgUECAUYBKAGLoAH_MuNvwKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxDvUdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCSlodHRwczovL21hZG11c2NsZXMuY29tL25vLXN1Z2FyLWNoYWxsZW5nZYAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi00MzI3OTQzNzQ0MTgxMjEzGAA&sigh=BWOxkfSJFSU&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWezGktdLkQMmu1-BkwQ6wr8fqhn3zbDdGVWarThNbZXY-7ncnf9-jXyTho1bKANnT4YdVVrIJGAE&template_id=5000&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222445392885001231822%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%224%22:[%2209-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223591566620828231905%22}&andc=true

174 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
tt.vg/
Redirect Chain
  • http://tt.vg/
  • https://tt.vg/
32 KB
8 KB
Document
General
Full URL
https://tt.vg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69cbb616ed3029ae2297dd4d8a7b4a0730351eca47ab42571ea156acfb8be801

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
80381b929a400c33-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 08 Sep 2023 15:08:35 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBOW%2FFcghYAukztcR4OLR9OkSDw3CRFfUsYfTtm%2FzGsBDH%2Fnmakd1cTmHBK8G8E78mYJ2533cOyaD0d%2FWYsZ7hXyIH6x2RGeQ0GGHUmZNcMwc%2F0Knqo0DRPrAyvUvuV9DR%2BQsw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
80381b91fa7c1c82-AMS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 08 Sep 2023 15:08:35 GMT
Expires
Fri, 08 Sep 2023 16:08:35 GMT
Location
https://tt.vg/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t4H6JUGIgL%2BVTV9oOoYLlY1NHwUkipgByklQailY7VcAbmme5UET%2BFP8SKQ1bPdQ3Ky0vVKYjfSe5rnMr5A0dDYG9WHbbhb8b%2FL%2BRHRQc926hLm5%2BeauMdZiyg6ILzFNI55YXg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
all.min.css
tt.vg/static/frontend/libs/fontawesome/
100 KB
23 KB
Stylesheet
General
Full URL
https://tt.vg/static/frontend/libs/fontawesome/all.min.css
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58fdbb37ecb0c8a4d514714e322edef085c1f9d71e703b3925b054437f446166

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64e9f2a6-18efb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5MoZafMXtiLK93KvBj9BxiaaJgiC6pqV9Xynaap5YB4AP8RKjb%2Foxp7QVrOF2bL7syuCL%2B4uWsyhK%2B7kvjPUwrVLj1VFFUZlmXziTjpuEFBoaDlKAmyFB0xRhDxEbu74nNsjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
80381b948d3f0c33-AMS
alt-svc
h3=":443"; ma=86400
expires
Sat, 09 Sep 2023 03:08:36 GMT
select2.min.css
tt.vg/static/frontend/libs/select2/dist/css/
15 KB
2 KB
Stylesheet
General
Full URL
https://tt.vg/static/frontend/libs/select2/dist/css/select2.min.css
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64e9f2a6-3a76"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D45yRnnt26s8CqAVR73nQCcNwCH5hjk6m3zR2t%2Fp%2BwalYA9WPk2MREs%2B%2BBNMQTt5T34WU%2BxDf3cVz4EF1aITzHE71YDuUCx55P%2FCRVMO6fFIHMWTIEK1oQMkf60p3yiRMo76ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
80381b948d420c33-AMS
alt-svc
h3=":443"; ma=86400
expires
Sat, 09 Sep 2023 03:08:36 GMT
cookieconsent.css
tt.vg/static/frontend/libs/cookieconsent/
18 KB
5 KB
Stylesheet
General
Full URL
https://tt.vg/static/frontend/libs/cookieconsent/cookieconsent.css
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e5a1815609e1b500701e8a9c63a4ee98c47794025a0de9bbc7b8a3fdc4419e6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64e9f2a6-4973"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JpmZM9o4Nl9fe8PNaTM%2BWnTJV20ANdsFUGKlORPIStbUmf4V36bd0PBVdoKO39esVD3RvgYGc9xA5%2BOXIIwEOZnH4rZpme1U5G3iFB0%2FPns4%2Fus%2FWH7ywlpNx%2FJhhP6dixnUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
80381b948d430c33-AMS
alt-svc
h3=":443"; ma=86400
expires
Sat, 09 Sep 2023 03:08:36 GMT
style.min.css
tt.vg/static/frontend/css/
460 KB
68 KB
Stylesheet
General
Full URL
https://tt.vg/static/frontend/css/style.min.css
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
800015905e0e95d7e7eae80f0e6eacf3863d05206ae99104686ee275f19e010c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64e9f2a6-72eca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2IEv%2Fvx640HZxscuQQhnzBnLkZYBDdItThiO5C3S17D8pQbbocQT8dTHt8jPePnZY4SO86PSiqBWe9Mp55jYfHRA5FZ%2Be0fvPlikApxGIKsNNOej8vmg7%2FJxczZcSnyMfQWIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
80381b948d440c33-AMS
alt-svc
h3=":443"; ma=86400
expires
Sat, 09 Sep 2023 03:08:36 GMT
js
www.googletagmanager.com/gtag/
239 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5GBHM4THHH
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dfc61864aa62f4ceed96524edc2e7279d6a47a369036c292b5a0f18f36bd93ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85291
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 08 Sep 2023 15:08:36 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
147 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4327943744181213
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93d7958f2697364abf4319f36486e5694fea3f7d2feb75bed984122b279f20a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tt.vg/
Origin
https://tt.vg
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50857
x-xss-protection
0
server
cafe
etag
9850348673583371298
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 08 Sep 2023 15:08:36 GMT
%E9%BB%98%E8%AE%A4%E6%A0%87%E9%A2%98__2023-02-07+15_47_22.png
tt.vg/content/
5 KB
5 KB
Image
General
Full URL
https://tt.vg/content/%E9%BB%98%E8%AE%A4%E6%A0%87%E9%A2%98__2023-02-07+15_47_22.png
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5abf15a26a478ac77e618025342d863fb02b1172e3fab32094835968066d8f7b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
5115
last-modified
Tue, 07 Feb 2023 07:51:02 GMT
server
cloudflare
etag
"63e202e6-13fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pCDK0RdxkcdaaX%2BQqqqkPrQkLuY1TcWOZ1531YrzwNPxiEJ5T6zSPrVyYKsgJStsu%2FrT8CR9rkA9K%2BSTVr3n8kP%2BkP6BLDjL7FYAmj01AzV88u3bppQeBUlUUkBVE4dwlNgUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
80381b976d05b915-AMS
priority
u=3,i
expires
Sun, 08 Oct 2023 15:08:36 GMT
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js?hl=en&render=6Lc8TFYjAAAAABJHquBlH3UT777CF6lK0IS-Be0C
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0b85a8e385320b3d0c0a9028e62b5da43d5ecb5f37197a40e5d50f5770c2b8bf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
863
x-xss-protection
1; mode=block
expires
Fri, 08 Sep 2023 15:08:36 GMT
SNdOnt_hero_%E9%BB%98%E8%AE%A4%E6%A0%87%E9%A2%98__2023-02-07+15_47_56.png
tt.vg/content/
76 KB
76 KB
Image
General
Full URL
https://tt.vg/content/SNdOnt_hero_%E9%BB%98%E8%AE%A4%E6%A0%87%E9%A2%98__2023-02-07+15_47_56.png
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88a9860b28e38cafd65ac1901077ffa5d37817d2de73383ca5dbe6b72cb3c266

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2191
alt-svc
h3=":443"; ma=86400
content-length
77585
last-modified
Tue, 07 Feb 2023 07:51:17 GMT
server
cloudflare
etag
"63e202f5-12f11"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YfWV5yfyOYvUCkcy2Gwc0bsE%2FpgeocnGHpUHfyG19xygwc%2FbwGC2oF6GGSZqCmKSpItjZbkm%2B0j5H6MAp%2FJIuC1JwVYy6VMAFMQL231IAGJCgEYSbzSFLDI1I5bGsUrsuZ7RxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
80381b976d06b915-AMS
priority
u=3,i
expires
Sun, 08 Oct 2023 14:32:05 GMT
profiles.png
tt.vg/static/images/
49 KB
50 KB
Image
General
Full URL
https://tt.vg/static/images/profiles.png
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
310bd640fec7a71439624dcd3283d6c509f5b22eeb1c852a53dbfd2172290b64

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2191
alt-svc
h3=":443"; ma=86400
content-length
50280
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
server
cloudflare
etag
"64e9f2a6-c468"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9OnsBWQzREpH5KVDmdrJ8rCz21x6ONWBd5lw9AkFTqlraA9U0FNMzdTev8opbJPB7R597iL9hiINghsYLJNZrwaQCap6w4pm7M1YSbZexpMP6AHX3ZpmV01h3uw8KaBHcjn9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
80381b976d07b915-AMS
priority
u=3,i
expires
Sun, 08 Oct 2023 14:32:05 GMT
filters.png
tt.vg/static/images/
18 KB
19 KB
Image
General
Full URL
https://tt.vg/static/images/filters.png
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dc661f636f195609c6a56234a8e61501290e70790ae3c9bba1557fb84f88edc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2188
alt-svc
h3=":443"; ma=86400
content-length
18598
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
server
cloudflare
etag
"64e9f2a6-48a6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bR4uEhekV7UWzCwTpC5goNNTX4gQq4r8zKVDeD0001qh2B3B6KmjG2P8EhQmxhFxjzfgFmUsakyQy1N1boEv%2B0pK94cgg1QvFjk8MYqQJDR3TXIRzgX%2F4CeXC%2B7Tpv5MovVDmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
80381b976d09b915-AMS
priority
u=3,i
expires
Sun, 08 Oct 2023 14:32:08 GMT
qrcodes.png
tt.vg/static/images/
84 KB
84 KB
Image
General
Full URL
https://tt.vg/static/images/qrcodes.png
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
345d7f0379689f4d88d39b40b97e5995308eaa22e37756f10d9f4353361652a2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2188
alt-svc
h3=":443"; ma=86400
content-length
85833
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
server
cloudflare
etag
"64e9f2a6-14f49"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDu88W2zFiszkxr8koLQi%2FGbbRh6N36TYT7BB%2BiY3%2F%2FCyBVXDhgGdWdBqb7fNMrehtiVme1WoJCVseOjfPV%2FU7nypDeCW9PMVEPlgZtREe20IGjsGm9NnHD6A0qxhZx3S7zpBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
80381b976d0ab915-AMS
priority
u=3,i
expires
Sun, 08 Oct 2023 14:32:08 GMT
us.svg
tt.vg/static/images/flags/
4 KB
1 KB
Image
General
Full URL
https://tt.vg/static/images/flags/us.svg
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0764fbaf28b48639aa8a4c6244d07b22341d958094f4d8a7c62b6936fa9c2a4a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2190
etag
W/"64e9f2a6-11c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLP9jv7h5X2DiX2YS9UOuazSguSKqY6HuDzQxcHOty2lp2j9TAvyyDHzj2o%2Fd6IGWR4gaZ%2FHy91SamWM3u2%2FTjUlfaOZCP9jxf5ATtZWO9A3P2ybiygNv8ivEQaf3NW2BArUdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80381b976d0bb915-AMS
alt-svc
h3=":443"; ma=86400
priority
u=3,i
fr.svg
tt.vg/static/images/flags/
321 B
677 B
Image
General
Full URL
https://tt.vg/static/images/flags/fr.svg
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
648775f95901e24afe12a1a5b904fc38eef9642ea4592a4ad842592771d54592

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2189
etag
W/"64e9f2a6-141"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7DeiRYtuKG1%2Bj8%2BD3zQhA6PbHMv51lggfBj8jPQOlbEvDHB0XSxfjOUoDSAbYwj4h6LT4Lxrdaz5M9V8o0kwNYW2vzqOacX3nLfhlB1ROVkbnKH7ma9hRQmp10Bu61vlewHRmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80381b976d0db915-AMS
alt-svc
h3=":443"; ma=86400
priority
u=3,i
gb.svg
tt.vg/static/images/flags/
860 B
934 B
Image
General
Full URL
https://tt.vg/static/images/flags/gb.svg
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
887d6a17e3f465e3781be9292d4f17676e9e41034a21898de4de3ada1cf35bec

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2190
etag
W/"64e9f2a6-35c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0H9%2FZmrF11MMbwI53g24H4CcYEDw9ozs96ZlU1teGTDCRDVLcIetG37SYk7dkxC2s6lp3OIkrDYeNRHBi%2B4tTpvzvK7Y%2FDeQiDsBEXbywTBXmTXlyFD68CW0xSrrSoxb7aC7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80381b976d0fb915-AMS
alt-svc
h3=":443"; ma=86400
priority
u=3,i
wp.svg
tt.vg/static/images/
1 KB
1 KB
Image
General
Full URL
https://tt.vg/static/images/wp.svg
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a5f1b1a775539fd7153b19c1edb543b046dd57fb0ca540fa448749fc722d130

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2190
etag
W/"64e9f2a6-5cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7yZVBc5pKmdMHBe%2FE5sBV9t8ur%2FFiVO6OcTrDIuZeljCbHzrGMJiqCuEl%2FHCSLdZumMidSR7wGp6L23FOMMPy0xf6M0Ysh3s3TKjySm7aiFltvY8KrbzC%2BWDtoc2WOmbuv8nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80381b976d10b915-AMS
alt-svc
h3=":443"; ma=86400
priority
u=3,i
slack.svg
tt.vg/static/images/
1 KB
916 B
Image
General
Full URL
https://tt.vg/static/images/slack.svg
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0af31c6ff066af42be01942d97b843c037874f184e1c96f0a6bdf3946a4d1b9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2190
etag
W/"64e9f2a6-572"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbqF5NwLzEYqTy1zexEZmXlyjJAnq1P9qHlj0NKp2SRTdbMIkAsKstAGYzzzzUmhGDE%2Fu6K%2F61Jv%2F4hG1sdkb2HRrDKHwKgas95iE9PnBz23wvsduC8452JfK9LsLPmewpmpqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80381b976d11b915-AMS
alt-svc
h3=":443"; ma=86400
priority
u=3,i
shortcuts.svg
tt.vg/static/images/
2 KB
1 KB
Image
General
Full URL
https://tt.vg/static/images/shortcuts.svg
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa578bc87be816b3db85edd15e8300cddb9eadf04a973f6d6d4e45e65c41a15f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2190
etag
W/"64e9f2a6-983"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0msp63Wlp3AIEkrHLlDIJHiLPstUpC8NTMfTzcdInk1ItXDvoDY9RPRvXw%2BUDNRvkXkc%2B7Td9mC5TG9rwVw%2FZkCZjiWz3DcoN6XP3yqfpKKQpqM88oSTK3f6NkQWDQPGnTJ0HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80381b976d13b915-AMS
alt-svc
h3=":443"; ma=86400
priority
u=3,i
gtm.svg
tt.vg/static/images/
1019 B
1 KB
Image
General
Full URL
https://tt.vg/static/images/gtm.svg
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1823500ee86a20d18d69defa16b1d7d64299d5840faf4b65b421e621cd1e527b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2189
etag
W/"64e9f2a6-3fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQkAGhioWv1bzCGMRK2WEIym2n8%2FPgfY119LkUYzVTBeQg1nDZaZSJ%2B9E%2FJ%2BjMWpO%2BQoagOVcxSAtoaFCfHXcER14QvmslEUiWzycIAzJ4MrZlISqBxUS%2BCCO2ccM4pqPvHXDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80381b976d14b915-AMS
alt-svc
h3=":443"; ma=86400
priority
u=3,i
facebook.svg
tt.vg/static/images/
450 B
777 B
Image
General
Full URL
https://tt.vg/static/images/facebook.svg
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70a61061ecf9e6f6a497315d699b281ec1e9505dba1fd9331f02ef5416a6ebaa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2189
etag
W/"64e9f2a6-1c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wo1auSpvmHGZygwGKiR8I5RCrjfM2%2FCGTl6wPlxp62hMnCUmqWPR%2B1iXUXjUoRTL70YEWcecQSI7KR26chCF5ornOhlLmimLSjiAoB1HYMOdbPDxfhdH20Vm%2FvRyUdlpgrRgVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80381b976d15b915-AMS
alt-svc
h3=":443"; ma=86400
priority
u=3,i
zapier.svg
tt.vg/static/images/
1 KB
1 KB
Image
General
Full URL
https://tt.vg/static/images/zapier.svg
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
139a90853100a3a4afa575e33a8134a26d92cabbd26044c62f93ccc938dbb7c1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2189
etag
W/"64e9f2a6-488"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLLkeSpIL%2F5wlpoEYw7jYQgaXhISq6O2vWXO6Bkp3%2F3%2FW%2BmU57H00TNmZql2E7wVQfjPLCiy2oukPOMbTt9QaEgjzmbG%2FNjjhqIwwiSdz4GmKgzH8JHZoz9dQDE%2Futb80qahsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80381b976d16b915-AMS
alt-svc
h3=":443"; ma=86400
priority
u=3,i
bing.svg
tt.vg/static/images/
464 B
785 B
Image
General
Full URL
https://tt.vg/static/images/bing.svg
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a53e358d9729b82f3b59887f709dc13bc0164e6fbfbfd639940f820901386d7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2189
etag
W/"64e9f2a6-1d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ni0eH2aF0CwHagghAul64j3ycJQ3uCczqoJJV77yhlLIkDMu5HyXFcESBFbIe8OzbZvGRL15Gq%2B%2BV7uoZdVU5FM8aNOoyHsBg65kBUr9H2BOvp06c9F14hKi7uBL7GgzC%2Bjo2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80381b976d18b915-AMS
alt-svc
h3=":443"; ma=86400
priority
u=3,i
twitter.svg
tt.vg/static/images/
1 KB
1 KB
Image
General
Full URL
https://tt.vg/static/images/twitter.svg
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1bd51e114753f99252a3a188249026e184becda90451dec0a1643bfcf85e297

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2189
etag
W/"64e9f2a6-451"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBqC7BN2uxfg5DH6cXYKbxILgbRya3GV1RD05VdnZpJRrpUE82Sk%2BzBgrcf8KG5Y64kl%2B4%2F%2BO%2F6ZD%2BJIS9h2y9F0qsPLU5UJh8XPF%2B%2BeM9cUfwHr9JZi3ADFG%2Fsx9L5OOUKG2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80381b976d1ab915-AMS
alt-svc
h3=":443"; ma=86400
priority
u=3,i
snapchat.svg
tt.vg/static/images/
7 KB
3 KB
Image
General
Full URL
https://tt.vg/static/images/snapchat.svg
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95d7aa853769ad4fd368ac28f201ab903c567ef7719ee542016f40a73841c96b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2189
etag
W/"64e9f2a6-1aa0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCK8CFu9MWMJNssoizHxZMqriQ8Ph%2FIKF3QbF3mUhCbxG3OQwjCtlon5Pa2VXvdtFNBXnF6XqByg31W%2FCnBHB%2FpZytyjiksk0rhkBZxgraNAH0b58403vsIpy75%2F%2FUNxaSwNBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80381b976d1cb915-AMS
alt-svc
h3=":443"; ma=86400
priority
u=3,i
reddit.svg
tt.vg/static/images/
2 KB
2 KB
Image
General
Full URL
https://tt.vg/static/images/reddit.svg
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4644d1714253e3191325bb5d1f02df845679a152df5a976db08e2242d6becc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2189
etag
W/"64e9f2a6-93a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JM42peWm9dGOQfrmZZztof1sHW6vRuxhf7prCY4KG3S9QnWrFxGa2xA9p08MOUqG2cM%2FchTWN4OiJdp7q0sB9utgPfDOF2WZ79N2rXtCuO28S%2FEFRukHqdlDf6If%2FFXkMW09og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80381b976d1db915-AMS
alt-svc
h3=":443"; ma=86400
priority
u=3,i
ga.svg
tt.vg/static/images/
404 B
722 B
Image
General
Full URL
https://tt.vg/static/images/ga.svg
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0afa34695933663b97d3ff2846d107957e82f9ab49423d784512b4abbf542da

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2189
etag
W/"64e9f2a6-194"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxV%2FjpAqCsWYzi%2BwXR5s69E6L2yQcHXVz0lNZM8bKcnhoUkMt8xOiN%2BEzXMKcXxpNynXusSlMY0cv6SO0R2d81nvGcnAc7FHbI2Rg9Nk%2F4l%2BZ211YBLEhbWFqrffAzI0XLJW8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80381b976d1eb915-AMS
alt-svc
h3=":443"; ma=86400
priority
u=3,i
linkedin.svg
tt.vg/static/images/
612 B
837 B
Image
General
Full URL
https://tt.vg/static/images/linkedin.svg
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27df2f0f5920beb815e662147728283d9eec37973b40f8917072f581381f4079

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2189
etag
W/"64e9f2a6-264"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4xu1OOdS%2B7QRPmotttVh5zxLZmGD2yZierdhbRHeziE77oQbqt%2BfOwTN0ReJfojsRm1zBa%2F%2B6NokE3qiEOIo1etPBATAocQDoG0mhWyA%2FWx4D6Lm79410p1enaYZyPGVuyPsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80381b976d20b915-AMS
alt-svc
h3=":443"; ma=86400
priority
u=3,i
pinterest.svg
tt.vg/static/images/
6 KB
2 KB
Image
General
Full URL
https://tt.vg/static/images/pinterest.svg
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a87a2de940fcd825afbdd64763da4afbb96732da942bc0e07763e17566bc1f8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2189
etag
W/"64e9f2a6-17f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fa%2BbpaPX3l6tym04IywW2372y8r7cfu3%2B7C0GUAKVIsT2T%2BD%2FPp%2Bwk7sVfH73BJg0ES4uniLECZzq%2FHWVqM6FIHBGTXLAcI7wUGWvQm4edUknkLb%2BzKVNNtbOOVxeG8lwuOzOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80381b976d22b915-AMS
alt-svc
h3=":443"; ma=86400
priority
u=3,i
quora.svg
tt.vg/static/images/
2 KB
2 KB
Image
General
Full URL
https://tt.vg/static/images/quora.svg
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d326e1beb637fb1a95450797ec2eef966c01a063ef1d8e5903013f80e719bce7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2188
etag
W/"64e9f2a6-8e1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CoASVgB8j14I1WwbvF7isk2wYElR6BPpKMjviVeCuJ9cydGJFExRujj70zrgdrLp5pgNA7F9JHic%2F7Knywg4s8BdmYkpfI2B6PD88ykRK2ejGRx34CSjnlTGWqgivJ8nuufKpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80381b976d23b915-AMS
alt-svc
h3=":443"; ma=86400
priority
u=3,i
tiktok.svg
tt.vg/static/images/
3 KB
2 KB
Image
General
Full URL
https://tt.vg/static/images/tiktok.svg
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf427039f141cd2a1b2be39923bb64324368a9e138dfcec86a1323fa86e20977

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2188
etag
W/"64e9f2a6-c9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X2VG%2FI4JyvqfXXKfwWHCc4bnF9p67GDg1OyjFbzWeyMj9%2FjCd94kQz7vuCM3tX9nBGj5AiwDQrXSlfYVjHjZV9gA4CgeOtC%2BIo7I0Kk1%2BnPJ8z7L9WYBLasDZvF5wbXNmRr%2BvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80381b976d25b915-AMS
alt-svc
h3=":443"; ma=86400
priority
u=3,i
aroll.svg
tt.vg/static/images/
2 KB
1 KB
Image
General
Full URL
https://tt.vg/static/images/aroll.svg
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f002de98a08348d79f04c198fafc8571cc50d2c0d73c2e38ad498784b87af74f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2188
etag
W/"64e9f2a6-67c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2d2wLxlt4qZkqMApjgb7Npugj0Ty3SdVggjJ3jMXJPCoToiLP8Ykd6Pmr4uj%2BXI8nQ4htk%2F2p7nl9uyVpF5ylRcv2ps5HXhklC3FksrQKfN3oAUaZa6Wsv7S9beqDDqmIgt9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80381b976d27b915-AMS
alt-svc
h3=":443"; ma=86400
priority
u=3,i
bundle.pack.js
tt.vg/static/
324 KB
95 KB
Script
General
Full URL
https://tt.vg/static/bundle.pack.js
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc981871b8271bea9270a3af4f77bb50d37101e555dd6801fe7ecf9e26a9b12b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64e9f2a6-51029"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8untkd1hoCetGAufLYXqKxvPJ3nxQEpmqzMkEeBmtIfiV%2FTGasTbbQEoEnDC7cD5XFJvIVsNUq8WT85kEm2v1suHcDg9qMz0gTKG1gomx1pmmAX90nIUE0OJSgh2OJorcA0zA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
80381b973cb9b915-AMS
alt-svc
h3=":443"; ma=86400
priority
u=2,i=?0
expires
Sat, 09 Sep 2023 03:08:36 GMT
feather.min.js
tt.vg/static/frontend/libs/feather-icons/dist/
74 KB
20 KB
Script
General
Full URL
https://tt.vg/static/frontend/libs/feather-icons/dist/feather.min.js
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dfcdd882f92d647a26beb3d974ef2ef27b96bcef8b01abaef32b8bbb2d38ef9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64e9f2a6-12803"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MADGbKCsAcGHKPHAC5bonkGpHfVkwYaJT6Juj3%2FCcC1%2Fr%2FR%2BGrXev%2F1IoBff5Tt7aMX332wirt9mTJ3FumFDeaJuiU3iXUrc7RftgXTI0LxNlzr2fovCgSbHjifb%2BoxLjNUBdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
80381b975cedb915-AMS
alt-svc
h3=":443"; ma=86400
priority
u=2,i=?0
expires
Sat, 09 Sep 2023 03:08:36 GMT
cookieconsent.js
tt.vg/static/frontend/libs/cookieconsent/
18 KB
7 KB
Script
General
Full URL
https://tt.vg/static/frontend/libs/cookieconsent/cookieconsent.js
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f79b4bcd8580176cef84bc7a633291696808f11418ac91be5356b315a3e04eb0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2192
cf-polished
origSize=18743
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
server
cloudflare
etag
W/"64e9f2a6-4937"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjzmwTHY0muWfRMnJbvzpn37KtSkBk88oOjgSwEB7Aoc5eC58T1cQ%2FecjAqFclmrF4qgDoxWv%2Fly2kpwDqaYI%2BTdJQBDasUmAC%2BRCAnr%2BRN%2Fdofmx3Yd01mCIwpOg0fPIFTj7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
80381b976cfbb915-AMS
priority
u=2,i=?0
expires
Sat, 09 Sep 2023 02:32:04 GMT
clipboard.min.js
tt.vg/static/frontend/libs/clipboard/dist/
10 KB
4 KB
Script
General
Full URL
https://tt.vg/static/frontend/libs/clipboard/dist/clipboard.min.js
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2192
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
server
cloudflare
etag
W/"64e9f2a6-28d5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWBypb1tSLGhJRpoxYOP0DPGeJvVXABjL%2FqWuGJwWWE8x383B0XjS%2FEaRgkDd12LKFbgHWYtSqeFF3raPuZo94co1Ef7JCq%2B1ZmUv408JB78Np2%2BOPkpLdRzOfgQrFAmflBlCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
80381b976cfdb915-AMS
priority
u=2,i=?0
expires
Sat, 09 Sep 2023 02:32:04 GMT
typed.min.js
tt.vg/static/frontend/libs/typedjs/
11 KB
4 KB
Script
General
Full URL
https://tt.vg/static/frontend/libs/typedjs/typed.min.js
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39b5f0a136ac9c139981b89e2ee615ac75fed86c0761c7ebf87d827be7d86e5e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2192
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
server
cloudflare
etag
W/"64e9f2a6-2de9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30X7pG04ghN7Z6m8qfWbLZ93Bco4%2F8TLUQocDsiF5XzQ50slpM%2F1m4Jwd6XO7%2Fe9hWW5fuFL15GSIeao99RMa%2Bg4WbeCZQ%2Fpd32xGzbBwDP9WDC93s2yoir%2FKEtQTjafrOEk%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
80381b976cffb915-AMS
priority
u=2,i=?0
expires
Sat, 09 Sep 2023 02:32:04 GMT
app.min.js
tt.vg/static/frontend/js/
6 KB
2 KB
Script
General
Full URL
https://tt.vg/static/frontend/js/app.min.js?v=1.2
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12116847297eb16ae5aa1d26b27a0b4704afcc352272ab89cd6d28a27b2604be

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2191
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
server
cloudflare
etag
W/"64e9f2a6-16fe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmftGjdhGH3%2BQnH2loqR2rprUz%2FpSbKFIYTyghMqS8HLeOSG%2Frz%2FuSQrwpFYw6bufXPKG%2Fzu6ariMPc1F6W9dDinhYh3Q2v7ZruoNoNq2QRVYIDh7F9fHvxn%2Bg0CedEy3eRHqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
80381b976d01b915-AMS
priority
u=2,i=?0
expires
Sat, 09 Sep 2023 02:32:05 GMT
server.min.js
tt.vg/static/
6 KB
2 KB
Script
General
Full URL
https://tt.vg/static/server.min.js?v=1.2
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f37d261feb967d601b207da30b4304bb14274310399c93105caeeb080db84c19

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2191
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
server
cloudflare
etag
W/"64e9f2a6-19b6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pNZMOWwU%2F4KPqnQ0o9hDVpBKUW8mfEfCLAKqE7nC6BtYkEE8OhyzaH8yQXNAEji%2B23gMP70yKwZCcreNr5UWsfBg5lgy%2FW4B8gkZwHl%2BQm9hfYBQGOlC2KbCNZbcPC9%2B5G1Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
80381b976d04b915-AMS
priority
u=2,i=?0
expires
Sat, 09 Sep 2023 02:32:05 GMT
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/
20 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
https://tt.vg/
Origin
https://tt.vg
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
80381b97bac506d2-AMS
nunito-sans-v12-latin-600.woff2
tt.vg/static/frontend/fonts/
17 KB
17 KB
Font
General
Full URL
https://tt.vg/static/frontend/fonts/nunito-sans-v12-latin-600.woff2
Requested by
Host: tt.vg
URL: https://tt.vg/static/frontend/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3

Request headers

Referer
https://tt.vg/static/frontend/css/style.min.css
Origin
https://tt.vg
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
cf-cache-status
MISS
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64e9f2a6-4304"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dgp%2BTDUSqKUiP%2F5f6TcEO5CuUM9LuLF5Bg8IOxw0T8bVEKsLLN0a1Nq%2FSwnY0o99I8HZnzsal%2BttbAV3xICuPVI0jBMhf3ShZVqyPhBuNSj2zGUrzxg3HctMM0DNujJCjtWOXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80381b976d29b915-AMS
alt-svc
h3=":443"; ma=86400
content-length
17156
priority
u=0,i=?0
nunito-sans-v12-latin-regular.woff2
tt.vg/static/frontend/fonts/
17 KB
17 KB
Font
General
Full URL
https://tt.vg/static/frontend/fonts/nunito-sans-v12-latin-regular.woff2
Requested by
Host: tt.vg
URL: https://tt.vg/static/frontend/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

Request headers

Referer
https://tt.vg/static/frontend/css/style.min.css
Origin
https://tt.vg
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
cf-cache-status
MISS
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64e9f2a6-4254"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHA3ZAM645s9RX6d8RTwkgsNza9P2ewgkCEQkpsHM4PWxT8vkilcjAPeJJAsgI%2FtEiGB4Z6XFD1VsBquN1S08trKuxzXrNFPx8bSr%2Bqyb9hy07dH6Tmbqq8XRqVCOu69wSzxwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80381b976d2cb915-AMS
alt-svc
h3=":443"; ma=86400
content-length
16980
priority
u=0,i=?0
nunito-sans-v12-latin-700.woff2
tt.vg/static/frontend/fonts/
17 KB
17 KB
Font
General
Full URL
https://tt.vg/static/frontend/fonts/nunito-sans-v12-latin-700.woff2
Requested by
Host: tt.vg
URL: https://tt.vg/static/frontend/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5

Request headers

Referer
https://tt.vg/static/frontend/css/style.min.css
Origin
https://tt.vg
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
cf-cache-status
MISS
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64e9f2a6-42dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNJ7TjH2C0JhX25P%2Bj5ZupfQDyGVX4askcgGlC6yQrevj6WFHDffXE39sjnhX%2Bm7E1CEjvehw8oNPZS63ynBl521xcuDPdLlvpyT0c5nhzWPXUSsaPjScF%2BBdATqY%2Fdtm2oeFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80381b976d2db915-AMS
alt-svc
h3=":443"; ma=86400
content-length
17116
priority
u=0,i=?0
nunito-sans-v12-latin-italic.woff2
tt.vg/static/frontend/fonts/
17 KB
18 KB
Font
General
Full URL
https://tt.vg/static/frontend/fonts/nunito-sans-v12-latin-italic.woff2
Requested by
Host: tt.vg
URL: https://tt.vg/static/frontend/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6637ea3139ffb01e240829717a4f8c195d7be6b81780ed643000b49833d8d6d1

Request headers

Referer
https://tt.vg/static/frontend/css/style.min.css
Origin
https://tt.vg
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2192
alt-svc
h3=":443"; ma=86400
content-length
17684
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
server
cloudflare
etag
"64e9f2a6-4514"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKlkFG4KnVobEa2ZS%2FIYESeD3%2FPLpvSWYBfcxpwE2l3MapYGs1jK%2FhjOcCu43DkFpwf94ca4VBm9Q5QLEoVomon9N8Yvk1ZAr8sI%2BQqGvaYjxQ1yt3MYcN3uMXJou7fekvNJnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80381b977d31b915-AMS
priority
u=0,i=?0
recaptcha__en.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/
451 KB
181 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&render=6Lc8TFYjAAAAABJHquBlH3UT777CF6lK0IS-Be0C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tt.vg/
Origin
https://tt.vg
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 00:44:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185062
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 00:44:36 GMT
fa-solid-900.woff2
tt.vg/static/frontend/libs/fontawesome/webfonts/
147 KB
147 KB
Font
General
Full URL
https://tt.vg/static/frontend/libs/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: tt.vg
URL: https://tt.vg/static/frontend/libs/fontawesome/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

Request headers

Referer
https://tt.vg/static/frontend/libs/fontawesome/all.min.css
Origin
https://tt.vg
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2192
alt-svc
h3=":443"; ma=86400
content-length
150020
last-modified
Sat, 26 Aug 2023 12:40:06 GMT
server
cloudflare
etag
"64e9f2a6-24a04"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohuyy7dBLr3dBQpSAtNrzM5YAAPS3oDMGIyP2JqZW4YxMWYmPvcaot%2Bzk7eY5RaLAqQVhq67FJkFwem5%2FszBldNqdiSJyEZkQOMSHk6P6t1ZSXFxSiIGJZzYeHFy5yTv%2B95lVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80381b97ad67b915-AMS
priority
u=0,i=?0
collect
region1.google-analytics.com/g/
0
247 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-5GBHM4THHH&gtm=45je3960&_p=1087910904&cid=1597887283.1694185717&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694185716&sct=1&seg=0&dl=https%3A%2F%2Ftt.vg%2F&dt=URL%20Shortener%20-%20Short%20URLs%20%26%20URLs%20statistics%20%7C%20TT.VG&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5GBHM4THHH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tt.vg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/
377 KB
128 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4327943744181213&plah=tt.vg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4327943744181213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d274e977b640d39506371649567debcb77f8020778ede7a3330e9980ea0198c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131261
x-xss-protection
0
server
cafe
etag
5120320892894388858
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 08 Sep 2023 15:08:36 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/ Frame F79C
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4327943744181213
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tt.vg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
59423
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 22:38:13 GMT
etag
8554266389219770021
expires
Thu, 21 Sep 2023 22:38:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame 460A
54 KB
31 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8TFYjAAAAABJHquBlH3UT777CF6lK0IS-Be0C&co=aHR0cHM6Ly90dC52Zzo0NDM.&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=btv2dujgoc35
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5a691e7977d42de2b33ab6fe8187a95b7abd495195cdaa46e79c10646ab7dc86
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6gkP-cTVmv8pZYtupK5rvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tt.vg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
30839
content-security-policy
script-src 'report-sample' 'nonce-6gkP-cTVmv8pZYtupK5rvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 15:08:36 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 460A
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8TFYjAAAAABJHquBlH3UT777CF6lK0IS-Be0C&co=aHR0cHM6Ly90dC52Zzo0NDM.&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=btv2dujgoc35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 00:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 00:26:30 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 460A
451 KB
181 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8TFYjAAAAABJHquBlH3UT777CF6lK0IS-Be0C&co=aHR0cHM6Ly90dC52Zzo0NDM.&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=btv2dujgoc35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 00:44:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51841
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185062
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 00:44:36 GMT
cookie.js
partner.googleadservices.com/gampad/
377 B
598 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=tt.vg&callback=_gfp_s_&client=ca-pub-4327943744181213
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4327943744181213&plah=tt.vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb7936a32a8b9cbb7ff3bce813abaf70972a497b9d08f19784bc95ebbfec8477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
246
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1EB9
335 KB
77 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&adk=1812271804&adf=3025194257&lmt=1694178517&plaf=7%3A2&plat=1%3A16777216%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x810_r&format=0x0&url=https%3A%2F%2Ftt.vg%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185716618&bpp=6&bdt=715&idt=407&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5127701079112&frm=20&pv=2&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=428
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4327943744181213&plah=tt.vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e175dd26d031cdf33a0a896583176a726094d0fc2b3202f4a2221c81125c51f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tt.vg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
78943
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 15:08:37 GMT
expires
Fri, 08 Sep 2023 15:08:37 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cm&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 460A
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 06:02:48 GMT
x-content-type-options
nosniff
age
551149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 09 Sep 2023 06:02:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 460A
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8TFYjAAAAABJHquBlH3UT777CF6lK0IS-Be0C&co=aHR0cHM6Ly90dC52Zzo0NDM.&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=btv2dujgoc35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 02:58:03 GMT
x-content-type-options
nosniff
age
562234
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 02:58:03 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 460A
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8TFYjAAAAABJHquBlH3UT777CF6lK0IS-Be0C&co=aHR0cHM6Ly90dC52Zzo0NDM.&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=btv2dujgoc35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 05:51:22 GMT
x-content-type-options
nosniff
age
551835
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 05:51:22 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 460A
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8TFYjAAAAABJHquBlH3UT777CF6lK0IS-Be0C&co=aHR0cHM6Ly90dC52Zzo0NDM.&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=btv2dujgoc35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1a5c551d5ba0de7a7a02e17897757c35a37b64c9572c764050dbd363f2942a97
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8TFYjAAAAABJHquBlH3UT777CF6lK0IS-Be0C&co=aHR0cHM6Ly90dC52Zzo0NDM.&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=btv2dujgoc35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Fri, 08 Sep 2023 15:08:37 GMT
reload
www.google.com/recaptcha/api2/ Frame 460A
33 KB
19 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Lc8TFYjAAAAABJHquBlH3UT777CF6lK0IS-Be0C
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e648f2d9271f52d280739f4ba4bb8016c226b1d4ecb5558cca1e392bdfdcf563
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8TFYjAAAAABJHquBlH3UT777CF6lK0IS-Be0C&co=aHR0cHM6Ly90dC52Zzo0NDM.&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=btv2dujgoc35
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Fri, 08 Sep 2023 15:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19163
x-xss-protection
1; mode=block
expires
Fri, 08 Sep 2023 15:08:37 GMT
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230906&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4327943744181213&plah=tt.vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cbf2e4cd581d67fbba13a88584802bb9977c8ed6c3c28d5a3529d5df0529703b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11713
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/
154 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4327943744181213&plah=tt.vg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1435a2a19b76f9d5eed674522edd480f798f8c6333ef8b8801cf6d48fecd4df4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53640
x-xss-protection
0
server
cafe
etag
4991607403896237245
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 08 Sep 2023 15:08:37 GMT
rum
tt.vg/cdn-cgi/
0
134 B
XHR
General
Full URL
https://tt.vg/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://tt.vg/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type
application/json

Response headers

date
Fri, 08 Sep 2023 15:08:37 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://tt.vg
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
80381ba0896db915-AMS
ads
googleads.g.doubleclick.net/pagead/ Frame 0986
116 KB
39 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3987640334&adf=379431333&pi=t.aa~a.995694564~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=3&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0&nras=2&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=79pYMtUQHD&p=https%3A//tt.vg&dtd=43
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4327943744181213&plah=tt.vg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aebe5fb20305fbd48bd5d6f99d58b950b566d493f6273ab726afd53bf8dd0fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tt.vg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
40156
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 15:08:38 GMT
expires
Fri, 08 Sep 2023 15:08:38 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 36C7
119 KB
40 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3291032931&pi=t.aa~a.3133132311~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280&nras=3&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3073&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZRQ56lCdm9&p=https%3A//tt.vg&dtd=49
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4327943744181213&plah=tt.vg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c97ebae421dce1f7b742e5a013983a24a2ff057683807db4c6eb19684cde76a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tt.vg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
40930
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 15:08:38 GMT
expires
Fri, 08 Sep 2023 15:08:38 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6141
120 KB
41 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3896020557&pi=t.aa~a.3133131374~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4046&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Pw2jI9TuDy&p=https%3A//tt.vg&dtd=53
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4327943744181213&plah=tt.vg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea07a5cd4bca6f776675e57677b6a021a4e1916fb4bd439fb5af3087f47e9c33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tt.vg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
41721
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 15:08:38 GMT
expires
Fri, 08 Sep 2023 15:08:38 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4327943744181213&plah=tt.vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 15:08:38 GMT
ping
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4327943744181213&plah=tt.vg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://tt.vg/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/ Frame 3D9B
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4327943744181213&plah=tt.vg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tt.vg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
72302
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 19:03:35 GMT
etag
8554266389219770021
expires
Thu, 21 Sep 2023 19:03:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/ Frame 1A66
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4327943744181213&plah=tt.vg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tt.vg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
72303
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 19:03:35 GMT
etag
8554266389219770021
expires
Thu, 21 Sep 2023 19:03:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 3D9B
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Sep 2023 15:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 08 Sep 2023 13:34:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 08 Sep 2023 15:08:38 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3D9B
205 B
229 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 18:25:37 GMT
x-content-type-options
nosniff
age
160981
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 05 Sep 2024 18:25:37 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3D9B
604 B
628 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 10:08:14 GMT
x-content-type-options
nosniff
age
277224
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 04 Sep 2024 10:08:14 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame 3D9B
15 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 14:15:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
3181
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6551
x-xss-protection
0
server
cafe
etag
511223485441000916
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 14:15:37 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame 3D9B
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 14:08:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
3609
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8566
x-xss-protection
0
server
cafe
etag
5625731030761120726
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 14:08:29 GMT
63e0a2a793d720ddab32c7ad1c79b976.js
www.gstatic.com/mysidia/ Frame 1A66
9 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 03:15:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
561192
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3931
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 22:08:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 01 Dec 2023 03:15:26 GMT
b293f88652ab0f749d3615e759df59dc.js
www.gstatic.com/mysidia/ Frame 1A66
11 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/b293f88652ab0f749d3615e759df59dc.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 03:15:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
561192
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4722
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 22:08:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 01 Dec 2023 03:15:26 GMT
css
fonts.googleapis.com/ Frame 1A66
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Sep 2023 15:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 08 Sep 2023 14:10:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 08 Sep 2023 15:08:38 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 1A66
2 KB
945 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 07:18:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
28200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 07:18:38 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 1A66
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 07:18:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
28200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 07:18:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 1A66
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 14:49:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
1171
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 14:49:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 1A66
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 06:26:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
31337
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 06:26:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1A66
181 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Sep 2023 15:08:38 GMT
3c1ec1505caf618a1f8c049839112e9c.js
www.gstatic.com/mysidia/ Frame 1A66
36 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 02:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46769
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15058
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 22:08:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 02:09:09 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame F15A
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
2695
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 14:23:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame F15A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 15:08:38 GMT
expires
Fri, 08 Sep 2023 15:08:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 15:08:38 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 366B
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Sep 2023 15:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 08 Sep 2023 14:12:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 08 Sep 2023 15:08:38 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 366B
2 KB
926 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 07:18:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
28200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 07:18:38 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 366B
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 07:18:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
28200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 07:18:38 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3C4E
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
2695
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 14:23:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 366B
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 14:49:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
1171
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 14:49:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 366B
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 06:26:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
31337
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 06:26:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 366B
181 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Sep 2023 15:08:38 GMT
3c1ec1505caf618a1f8c049839112e9c.js
www.gstatic.com/mysidia/ Frame 366B
36 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 02:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46769
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15058
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 22:08:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 02:09:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EC57
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tt.vg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
1151
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 14:49:27 GMT
expires
Sat, 07 Sep 2024 14:49:27 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7592
829 B
559 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a697d96688d0600a1ecf1b4fa93b32925dab543e8e2b31dd6ff4ae45af7cbb78
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nF7Y7bvbMW-d0V9utX55NA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tt.vg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-nF7Y7bvbMW-d0V9utX55NA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 15:08:38 GMT
expires
Fri, 08 Sep 2023 15:08:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3C4E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 15:08:38 GMT
expires
Fri, 08 Sep 2023 15:08:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 15:08:38 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame EC57
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 06:41:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
30431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 06:41:27 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7592
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230906&jk=3296435410371696&rc=05ACWY-nqtetHJntmG7KJ02o7op7mpqz2ybPaFvpMoKHhtNn4Cm7jV4l9x-fMVhR5aX1NqUIxHewl7h88IGOyCdd_PTFS-5IFaE7Nox7vzzxJcRbySQZUW7eZJ0NyZtmACbSoyjpftk1saWjRm8mYLsSfunhZdRxixw9Q8HHSWUW8SwJo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

63e0a2a793d720ddab32c7ad1c79b976.js
www.gstatic.com/mysidia/ Frame 0986
9 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3987640334&adf=379431333&pi=t.aa~a.995694564~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=3&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0&nras=2&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=79pYMtUQHD&p=https%3A//tt.vg&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 03:15:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
561192
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3931
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 22:08:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 01 Dec 2023 03:15:26 GMT
6b2333ff0b6a934f314e6b5957720264.js
www.gstatic.com/mysidia/ Frame 0986
19 KB
8 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/6b2333ff0b6a934f314e6b5957720264.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3987640334&adf=379431333&pi=t.aa~a.995694564~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=3&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0&nras=2&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=79pYMtUQHD&p=https%3A//tt.vg&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36ef63420f2a82374d016a378bf127ba8d3c761c8dcad295188b1690a17a0108
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 02:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7824
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 22:08:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 02:20:27 GMT
css
fonts.googleapis.com/ Frame 0986
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3987640334&adf=379431333&pi=t.aa~a.995694564~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=3&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0&nras=2&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=79pYMtUQHD&p=https%3A//tt.vg&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Sep 2023 15:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 08 Sep 2023 14:09:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 08 Sep 2023 15:08:38 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 0986
2 KB
892 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3987640334&adf=379431333&pi=t.aa~a.995694564~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=3&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0&nras=2&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=79pYMtUQHD&p=https%3A//tt.vg&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 07:18:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
28200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 07:18:38 GMT
136beb7e84d4b05a5b5bba85738ca9f6.js
www.gstatic.com/mysidia/ Frame 0986
6 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/136beb7e84d4b05a5b5bba85738ca9f6.js?tag=analytics_pingback_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3987640334&adf=379431333&pi=t.aa~a.995694564~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=3&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0&nras=2&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=79pYMtUQHD&p=https%3A//tt.vg&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 06:19:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
290954
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2330
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 02:30:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 04 Dec 2023 06:19:24 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 0986
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3987640334&adf=379431333&pi=t.aa~a.995694564~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=3&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0&nras=2&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=79pYMtUQHD&p=https%3A//tt.vg&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 07:18:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
28200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 07:18:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 0986
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3987640334&adf=379431333&pi=t.aa~a.995694564~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=3&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0&nras=2&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=79pYMtUQHD&p=https%3A//tt.vg&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 14:49:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
1171
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 14:49:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 0986
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3987640334&adf=379431333&pi=t.aa~a.995694564~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=3&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0&nras=2&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=79pYMtUQHD&p=https%3A//tt.vg&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 06:26:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
31337
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 06:26:21 GMT
l
www.google.com/ads/measurement/ Frame 0986
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRr9BKgLOXNti33vr89jpMVgYL1D9u7I5OO6zwH3L3qhhfJvLiX1mSKCcI7Lv4JgnKTEBmX-RG7TjpL61yTNf5lSylrnQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3987640334&adf=379431333&pi=t.aa~a.995694564~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=3&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0&nras=2&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=79pYMtUQHD&p=https%3A//tt.vg&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0986
181 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3987640334&adf=379431333&pi=t.aa~a.995694564~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=3&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0&nras=2&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=79pYMtUQHD&p=https%3A//tt.vg&dtd=43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Sep 2023 15:08:38 GMT
3c1ec1505caf618a1f8c049839112e9c.js
www.gstatic.com/mysidia/ Frame 0986
36 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3987640334&adf=379431333&pi=t.aa~a.995694564~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=3&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0&nras=2&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=79pYMtUQHD&p=https%3A//tt.vg&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 02:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46769
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15058
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 22:08:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 02:09:09 GMT
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame 1FE2
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 06:41:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
30431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 06:41:27 GMT
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame 8CC0
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: tt.vg
URL: https://tt.vg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 06:41:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
30431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 06:41:27 GMT
css
fonts.googleapis.com/ Frame 36C7
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3291032931&pi=t.aa~a.3133132311~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280&nras=3&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3073&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZRQ56lCdm9&p=https%3A//tt.vg&dtd=49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Sep 2023 15:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 08 Sep 2023 14:14:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 08 Sep 2023 15:08:38 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 36C7
2 KB
892 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3291032931&pi=t.aa~a.3133132311~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280&nras=3&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3073&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZRQ56lCdm9&p=https%3A//tt.vg&dtd=49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 07:18:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
28200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 07:18:38 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 36C7
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3291032931&pi=t.aa~a.3133132311~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280&nras=3&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3073&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZRQ56lCdm9&p=https%3A//tt.vg&dtd=49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 07:18:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
28200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 07:18:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 36C7
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3291032931&pi=t.aa~a.3133132311~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280&nras=3&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3073&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZRQ56lCdm9&p=https%3A//tt.vg&dtd=49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 14:49:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
1171
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 14:49:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 36C7
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3291032931&pi=t.aa~a.3133132311~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280&nras=3&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3073&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZRQ56lCdm9&p=https%3A//tt.vg&dtd=49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 06:26:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
31337
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 06:26:21 GMT
l
www.google.com/ads/measurement/ Frame 36C7
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSm8rEZDMhTRz2Sr4plrbhtmyNnl-5yScIuGqctNqf6kR5Ia_AjluDchdPQUCnotr494r9dWh0oYSRcp7G3yVRyh-4YPQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3291032931&pi=t.aa~a.3133132311~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280&nras=3&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3073&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZRQ56lCdm9&p=https%3A//tt.vg&dtd=49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 36C7
181 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3291032931&pi=t.aa~a.3133132311~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280&nras=3&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3073&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZRQ56lCdm9&p=https%3A//tt.vg&dtd=49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Sep 2023 15:08:38 GMT
3c1ec1505caf618a1f8c049839112e9c.js
www.gstatic.com/mysidia/ Frame 36C7
36 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3291032931&pi=t.aa~a.3133132311~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280&nras=3&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3073&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZRQ56lCdm9&p=https%3A//tt.vg&dtd=49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 02:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46769
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15058
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 22:08:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 02:09:09 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/12872425255061421345/ Frame 0986
39 KB
39 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12872425255061421345/14763004658117789537?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3987640334&adf=379431333&pi=t.aa~a.995694564~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=3&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0&nras=2&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=79pYMtUQHD&p=https%3A//tt.vg&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9005a4ac3cbc5b2fdb5cac983ebf17f6475ebad68a943665388cf491cd820a54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 07:02:39 GMT
x-content-type-options
nosniff
age
461159
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40183
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 17:50:56 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 02 Sep 2024 07:02:39 GMT
truncated
/ Frame 0986
206 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 0986
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e4aff932cafd42e55b1af0534929b42c42cce514e67029b00d55992cd96f5fa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
www.googleadservices.com/pagead/ar-adview/ Frame 0986
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CuNPF9Tj7ZLrBO6SCwuIPr6Oq-Aqx7o7mcrj78r2YEv_Ror3AARABINmQ-W1gkYSghYwYoAGcr_uoAsgBCagDAcgDywSqBLsBT9BLjAFpy3V3ME9TWwixz0kVJBZYK-tCsJ2LCgZF8B97FD7...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22464460850418726138%22,%22debug_reporting%22:true,%22destination%22:%22https://hero-wars.com%22,%22event_report_window%22:%...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22464460850418726138%22,%22debug_reporting%22:true,%22destination%22:%22https://hero-wars.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22622778268%22],%224%22:[%2209-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226512300339696590209%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3987640334&adf=379431333&pi=t.aa~a.995694564~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=3&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0&nras=2&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=79pYMtUQHD&p=https%3A//tt.vg&dtd=43
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:39 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"464460850418726138","debug_reporting":true,"destination":"https://hero-wars.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["622778268"],"4":["09-08"],"6":["true"]},"priority":"500","source_event_id":"6512300339696590209"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 08 Sep 2023 15:08:39 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 08 Sep 2023 15:08:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"464460850418726138","debug_reporting":true,"destination":"https://hero-wars.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["622778268"],"4":["09-08"],"6":["true"]},"priority":"500","source_event_id":"6512300339696590209"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DA60
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3987640334&adf=379431333&pi=t.aa~a.995694564~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=3&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0&nras=2&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=79pYMtUQHD&p=https%3A//tt.vg&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
14079
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 11:13:59 GMT
etag
48472445140208031
expires
Sat, 09 Sep 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 6141
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3896020557&pi=t.aa~a.3133131374~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4046&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Pw2jI9TuDy&p=https%3A//tt.vg&dtd=53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Sep 2023 15:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 08 Sep 2023 14:11:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 08 Sep 2023 15:08:38 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 6141
2 KB
892 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3896020557&pi=t.aa~a.3133131374~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4046&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Pw2jI9TuDy&p=https%3A//tt.vg&dtd=53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 07:18:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
28200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 07:18:38 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 6141
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3896020557&pi=t.aa~a.3133131374~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4046&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Pw2jI9TuDy&p=https%3A//tt.vg&dtd=53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 07:18:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
28200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 07:18:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 6141
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3896020557&pi=t.aa~a.3133131374~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4046&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Pw2jI9TuDy&p=https%3A//tt.vg&dtd=53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 14:49:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
1171
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 14:49:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 6141
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3896020557&pi=t.aa~a.3133131374~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4046&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Pw2jI9TuDy&p=https%3A//tt.vg&dtd=53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 06:26:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
31337
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 06:26:21 GMT
l
www.google.com/ads/measurement/ Frame 6141
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwA6HF5mcBIqQHCxS6ufGfhOS8JVncIUqhYry9Y7dLW78-A0yITOxxWhOW9AT7TFgF203zul_hMcENkc3AJsWtuE4trA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3896020557&pi=t.aa~a.3133131374~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4046&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Pw2jI9TuDy&p=https%3A//tt.vg&dtd=53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6141
181 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3896020557&pi=t.aa~a.3133131374~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4046&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Pw2jI9TuDy&p=https%3A//tt.vg&dtd=53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Sep 2023 15:08:38 GMT
3c1ec1505caf618a1f8c049839112e9c.js
www.gstatic.com/mysidia/ Frame 6141
36 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3896020557&pi=t.aa~a.3133131374~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4046&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Pw2jI9TuDy&p=https%3A//tt.vg&dtd=53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 02:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46769
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15058
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 22:08:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 02:09:09 GMT
truncated
/ Frame 0986
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4de345d3f90760591212a452045ae5c182464aed92a8102bc3a9aaa74e074df5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
14763004658117789537
tpc.googlesyndication.com/simgad/16052553192492714996/ Frame 36C7
50 KB
50 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/16052553192492714996/14763004658117789537?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3291032931&pi=t.aa~a.3133132311~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280&nras=3&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3073&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZRQ56lCdm9&p=https%3A//tt.vg&dtd=49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac84bffc3d89597ab409def208a58323afab2c7343ca590362d00700b7923ece
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 21:06:07 GMT
x-content-type-options
nosniff
age
324151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51664
x-xss-protection
0
last-modified
Tue, 23 May 2023 22:02:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 03 Sep 2024 21:06:07 GMT
truncated
/ Frame 36C7
206 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 36C7
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/svg+xml
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4FE4
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3291032931&pi=t.aa~a.3133132311~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280&nras=3&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3073&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZRQ56lCdm9&p=https%3A//tt.vg&dtd=49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
14079
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 11:13:59 GMT
etag
48472445140208031
expires
Sat, 09 Sep 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22464460850418726138%22,%22debug_reporting%22:true,%22destination%22:%22https://hero-wars.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22622778268%22],%224%22:[%2209-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226512300339696590209%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 08 Sep 2023 15:08:38 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0986
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QKyEAAAAAAAAxQDAECg0QAyEAAAAAABiDQDAECg0QCiEAAAAAMzMdQDAECg0QDSEAAAAAAAAAADAECg4QHioIMTExMHgyODAwBAoOEBkqCDExMTB4MjgwMAQKDRAOIQAAAAAAAAAAMAQKDRAEIQAAAJqZVYNAMAQKDRAPIQAAAAAAAAAAMAQKDRArIQAAAAAAgEJAMAQKDRAFIQAAAJqZWYNAMAQSGkNQcVBuYy1sbTRFREZTU0JVQVlkcjVFS3J3Igx0ZXh0L3J5dWtfbXMoFQ==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/6b2333ff0b6a934f314e6b5957720264.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/16052553192492714996/ Frame 6141
50 KB
50 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/16052553192492714996/14763004658117789537?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3896020557&pi=t.aa~a.3133131374~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4046&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Pw2jI9TuDy&p=https%3A//tt.vg&dtd=53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac84bffc3d89597ab409def208a58323afab2c7343ca590362d00700b7923ece
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 21:06:07 GMT
x-content-type-options
nosniff
age
324151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51664
x-xss-protection
0
last-modified
Tue, 23 May 2023 22:02:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 03 Sep 2024 21:06:07 GMT
truncated
/ Frame 6141
206 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 6141
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/svg+xml
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 31A4
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3896020557&pi=t.aa~a.3133131374~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4046&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Pw2jI9TuDy&p=https%3A//tt.vg&dtd=53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
14079
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Sep 2023 11:13:59 GMT
etag
48472445140208031
expires
Sat, 09 Sep 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame DA60
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF16Q_ojWwFsIKSccQdsPEI&google_push=AXcoOmTjCL8apxQwB8koX6rbC1wCkhchlHM_Z_NwhhfiEdF8H3ZJXcijYz...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF16Q_ojWwFsIKSccQdsPEI&google_push=AXcoOmTjCL8apxQwB8koX6rbC1wCkhchlHM_Z_NwhhfiEdF8H3ZJXcijYzW7P61v4uMr9p49bUZV0332EVHyKyBB_KcuT4f42og_o68
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-ams21080-AMS
pragma
no-cache
date
Fri, 08 Sep 2023 15:08:38 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1694185719.890742,VS0,VE89
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF16Q_ojWwFsIKSccQdsPEI&google_push=AXcoOmTjCL8apxQwB8koX6rbC1wCkhchlHM_Z_NwhhfiEdF8H3ZJXcijYzW7P61v4uMr9p49bUZV0332EVHyKyBB_KcuT4f42og_o68
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame DA60
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESENUzFGKmsXL9fwfgHooow0g&google_cver=1&google_push=AXcoOmSG83n0LR5qF40Bu7Zqxv12nZ6yfKqZW3PJTjEi5u4qQPA7xFxssIeWDNTqmCE8oFpWnOfzMcfS9Mx-HG8IqvomVGsptCYZ8G8
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSG83n0LR5qF40Bu7Zqxv12nZ6yfKqZW3PJTjEi5u4qQPA7xFxssIeWDNTqmCE8oFpWnOfzMcfS9Mx-HG8IqvomVGsptCYZ8G8&google_hm=Q0FFU0VOVXpGR0ttc1...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSG83n0LR5qF40Bu7Zqxv12nZ6yfKqZW3PJTjEi5u4qQPA7xFxssIeWDNTqmCE8oFpWnOfzMcfS9Mx-HG8IqvomVGsptCYZ8G8&google_hm=Q0FFU0VOVXpGR0ttc1hMOWZ3ZmdIb29vdzBn
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 08 Sep 2023 15:08:38 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSG83n0LR5qF40Bu7Zqxv12nZ6yfKqZW3PJTjEi5u4qQPA7xFxssIeWDNTqmCE8oFpWnOfzMcfS9Mx-HG8IqvomVGsptCYZ8G8&google_hm=Q0FFU0VOVXpGR0ttc1hMOWZ3ZmdIb29vdzBn
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DA60
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEe84WDlon3PcLiYNP5dHsU&google_cver=1&google_push=AXcoOmTjt69cC9agxaOu7rGH9wX92vpvUPdE0fE6CgWaNEWOc_UmUEyie2-E9k5WEphlgrW9Mh4WISlK...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEe84WDlon3PcLiYNP5dHsU&google_cver=1&google_push=AXcoOmTjt69cC9agxaOu7rGH9wX92vpvUPdE0fE6CgWaNEWOc_UmUEyie2-E9k5WEphlgrW9Mh4...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjczMTk3Mjg5OTg0MzYwNDU0Mw&google_push=AXcoOmTjt69cC9agxaOu7rGH9wX92vpvUPdE0fE6CgWaNEWOc_UmUEyie2-E9k5WEphlgrW9Mh4WIS...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjczMTk3Mjg5OTg0MzYwNDU0Mw&google_push=AXcoOmTjt69cC9agxaOu7rGH9wX92vpvUPdE0fE6CgWaNEWOc_UmUEyie2-E9k5WEphlgrW9Mh4WISlK_VCr1TmrmWLULan6eNybHDY
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjczMTk3Mjg5OTg0MzYwNDU0Mw&google_push=AXcoOmTjt69cC9agxaOu7rGH9wX92vpvUPdE0fE6CgWaNEWOc_UmUEyie2-E9k5WEphlgrW9Mh4WISlK_VCr1TmrmWLULan6eNybHDY
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame DA60
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEOhuuSGT25a3QXUZ3UYgmWE&google_cver=1&google_push=AXcoOmSeZLeF3g_7inTGf97BwsFJyDQMCug8VDIYdqIt5nZ54xZipU58kXGPi1NNyZFiwZYr4JQ5AceHJWlXy3m9-uoaOJa...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOhuuSGT25a3QXUZ3UYgmWE&google_cver=1&google_push=AXcoOmSeZLeF3g_7inTGf97BwsFJyDQMCug8VDIYdqIt5nZ54xZipU58kXGPi1NNyZFiwZYr4JQ5AceHJWlXy3m9-uoaO...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSeZLeF3g_7inTGf97BwsFJyDQMCug8VDIYdqIt5nZ54xZipU58kXGPi1NNyZFiwZYr4JQ5AceHJWlXy3m9-uoaOJaUoEy0AUw
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSeZLeF3g_7inTGf97BwsFJyDQMCug8VDIYdqIt5nZ54xZipU58kXGPi1NNyZFiwZYr4JQ5AceHJWlXy3m9-uoaOJaUoEy0AUw
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSeZLeF3g_7inTGf97BwsFJyDQMCug8VDIYdqIt5nZ54xZipU58kXGPi1NNyZFiwZYr4JQ5AceHJWlXy3m9-uoaOJaUoEy0AUw
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame DA60
43 B
362 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRZJmZ1VfYuNHvj7FFGvQI7F83SJ2DNmk432ytPJTV_KamkPp8PaepedtSAl49JBvD0j__HJmnPZFXUknc3EHWwISA55UwTlQ&google_gid=CAESENa8MQR15EpKJRavSWoyH3k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3987640334&adf=379431333&pi=t.aa~a.995694564~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=3&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0&nras=2&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=79pYMtUQHD&p=https%3A//tt.vg&dtd=43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:38 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
245659
expires
Fri, 08 Sep 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DA60
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEe84WDlon3PcLiYNP5dHsU&google_cver=1&google_push=AXcoOmQQN1yaw-uFP0YgBgiiFirX8isDqyEouD4_QdKH5Gib8H5RX-HiAY-awroFw_xYToGIRYNAnKL2...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEe84WDlon3PcLiYNP5dHsU&google_cver=1&google_push=AXcoOmQQN1yaw-uFP0YgBgiiFirX8isDqyEouD4_QdKH5Gib8H5RX-HiAY-awroFw_xYToGIRYN...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzU1MjAzMjMyMzU0ODEzNjI5Ng&google_push=AXcoOmQQN1yaw-uFP0YgBgiiFirX8isDqyEouD4_QdKH5Gib8H5RX-HiAY-awroFw_xYToGIRYNAnK...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzU1MjAzMjMyMzU0ODEzNjI5Ng&google_push=AXcoOmQQN1yaw-uFP0YgBgiiFirX8isDqyEouD4_QdKH5Gib8H5RX-HiAY-awroFw_xYToGIRYNAnKL2QEJ6vc0STqxdjjlli-_Man4
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzU1MjAzMjMyMzU0ODEzNjI5Ng&google_push=AXcoOmQQN1yaw-uFP0YgBgiiFirX8isDqyEouD4_QdKH5Gib8H5RX-HiAY-awroFw_xYToGIRYNAnKL2QEJ6vc0STqxdjjlli-_Man4
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
report
sync.teads.tv/um/ Frame DA60
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELpPSpuIxUKD...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQdvD9zgTV5CACmAI_pgolR1b1LUm5bOUhamBJdWaEHi03Tft0JakiChRLg0PmNZeR12KU_1KhCfm3740s2CeuNaWGLfgEXb_Lj
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires
Fri, 08 Sep 2023 15:08:39 GMT
pragma
no-cache
date
Fri, 08 Sep 2023 15:08:39 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame DA60
0
40 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IqrR02sLOvxrgfdozecSTHfX2RJoU7_puAfX6BWH8YORqkJrd6RQpdbV49uldUGwwUhhrXHw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3987640334&adf=379431333&pi=t.aa~a.995694564~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=3&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0&nras=2&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=79pYMtUQHD&p=https%3A//tt.vg&dtd=43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 36C7
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc2d4f11ee9c751dc07fb81b4da0ed12dbc60ab0b1f4d293182b857a6522bbbb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4FE4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEASfoB9uhIuK9Wm338HJ7bc&google_cver=1&google_push=AXcoOmQgE_ilktK7uUZ3vU4t7_vTjhTJc4ZVZkmixXeldjVe5cnTaJyhAh__JXZf91x8UZ0xMfRL5ttOpL-cCQnXM4pfJh2z_aJV
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA2MzU1Mjk0NjAzNjA2MzA5NQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELpagC4vC_tIv9Di90gxWYM&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELpagC4vC_tIv9Di90gxWYM&google_cver=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 08 Sep 2023 15:08:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELpagC4vC_tIv9Di90gxWYM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4FE4
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEN4nvsvEljNWMMeVnTowHus&google_cver=1&google_push=AXcoOmT4Qh28wvOaS2Rd-rh5xNyozAfl39uJHHBcOLlgXkH8HWl8qh1Mrjo_jceX4u2MqexM9_zOcn7RSdKITfne...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=VslGCWGYSnOa40AnNxRFBw2&google_push=AXcoOmT4Qh28wvOaS2Rd-rh5xNyozAfl39uJHHBcOLlgXkH8HWl8qh1Mrjo_jceX4u2MqexM9_zOcn7RSdKITfneKXDLKvfIidAGLQ
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=VslGCWGYSnOa40AnNxRFBw2&google_push=AXcoOmT4Qh28wvOaS2Rd-rh5xNyozAfl39uJHHBcOLlgXkH8HWl8qh1Mrjo_jceX4u2MqexM9_zOcn7RSdKITfneKXDLKvfIidAGLQ
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 08 Sep 2023 15:08:38 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=VslGCWGYSnOa40AnNxRFBw2&google_push=AXcoOmT4Qh28wvOaS2Rd-rh5xNyozAfl39uJHHBcOLlgXkH8HWl8qh1Mrjo_jceX4u2MqexM9_zOcn7RSdKITfneKXDLKvfIidAGLQ
x-host
tde-deliveryengine-production-684d5dc7fc-gz25v
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4FE4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGUVD1COS23CloKZ1d9Sm6Q&google_cver=1&google_push=AXcoOmQqyohax8G9UNguBwsGB9TF-rkJBklSR_tENviamb9MRZpRtzjyVurqTB3AKON2flgsZdU6GWT--iPmVyi881OQulo...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQqyohax8G9UNguBwsGB9TF-rkJBklSR_tENviamb9MRZpRtzjyVurqTB3AKON2flgsZdU6GWT--iPmVyi881OQulocg9fBCw&google_hm=eS1xTFlkbFh0RTJwRVdw...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQqyohax8G9UNguBwsGB9TF-rkJBklSR_tENviamb9MRZpRtzjyVurqTB3AKON2flgsZdU6GWT--iPmVyi881OQulocg9fBCw&google_hm=eS1xTFlkbFh0RTJwRVdwNVFkekVKVzVwQlFnaEpiM0FYS35B
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 08 Sep 2023 15:08:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQqyohax8G9UNguBwsGB9TF-rkJBklSR_tENviamb9MRZpRtzjyVurqTB3AKON2flgsZdU6GWT--iPmVyi881OQulocg9fBCw&google_hm=eS1xTFlkbFh0RTJwRVdwNVFkekVKVzVwQlFnaEpiM0FYS35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4FE4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGRL6mofpCcpPHLG_2oxP8U&google_cver=1&google_push=AXcoOmRrsBwUDKd2CYCrGJLHuXGGa2F9e5J1lN8UyZ6cdR1BBKCLGTB1mel-HbZ1wFYbqkwlHZTL1V5p...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGRL6mofpCcpPHLG_2oxP8U&google_cver=1&google_push=AXcoOmRrsBwUDKd2CYCrGJLHuXGGa2F9e5J1lN8UyZ6cdR1BBKCLGTB1mel-HbZ1wFYbqkwlHZT...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkzMzcwNzM1NzA3ODkxMTc2NA&google_push=AXcoOmRrsBwUDKd2CYCrGJLHuXGGa2F9e5J1lN8UyZ6cdR1BBKCLGTB1mel-HbZ1wFYbqkwlHZTL1V...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkzMzcwNzM1NzA3ODkxMTc2NA&google_push=AXcoOmRrsBwUDKd2CYCrGJLHuXGGa2F9e5J1lN8UyZ6cdR1BBKCLGTB1mel-HbZ1wFYbqkwlHZTL1V5pdT-5lnK4nw1k2DKz6e_x
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkzMzcwNzM1NzA3ODkxMTc2NA&google_push=AXcoOmRrsBwUDKd2CYCrGJLHuXGGa2F9e5J1lN8UyZ6cdR1BBKCLGTB1mel-HbZ1wFYbqkwlHZTL1V5pdT-5lnK4nw1k2DKz6e_x
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usersync.aspx
dis.criteo.com/dis/ Frame 4FE4
43 B
363 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRXlrmFBXROjc70vQYIBpC0lpQb-WVtlud7SJrCg79EyzeYTEy6OutKrJmXWWbCzHTe1M5-7H9uaHND78HoLa9pEQHIWegmPA&google_gid=CAESECOzzGLE-p5fPs5b24zautg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3291032931&pi=t.aa~a.3133132311~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280&nras=3&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3073&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZRQ56lCdm9&p=https%3A//tt.vg&dtd=49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:38 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
214731
expires
Fri, 08 Sep 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4FE4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGRL6mofpCcpPHLG_2oxP8U&google_cver=1&google_push=AXcoOmQXZ4P9azs8P96DslD6UsaDnBi7L5PEoBEiU6tAQlv3gzvaS9o2rfLaaODnK5wlfTxHEf0QHRvq...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGRL6mofpCcpPHLG_2oxP8U&google_cver=1&google_push=AXcoOmQXZ4P9azs8P96DslD6UsaDnBi7L5PEoBEiU6tAQlv3gzvaS9o2rfLaaODnK5wlfTxHEf0...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQzMDEzNDIzNzk1NjQ0NzAzMg&google_push=AXcoOmQXZ4P9azs8P96DslD6UsaDnBi7L5PEoBEiU6tAQlv3gzvaS9o2rfLaaODnK5wlfTxHEf0QHR...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQzMDEzNDIzNzk1NjQ0NzAzMg&google_push=AXcoOmQXZ4P9azs8P96DslD6UsaDnBi7L5PEoBEiU6tAQlv3gzvaS9o2rfLaaODnK5wlfTxHEf0QHRvqZ--CRPQOlmhbesmlz2SNXQ
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQzMDEzNDIzNzk1NjQ0NzAzMg&google_push=AXcoOmQXZ4P9azs8P96DslD6UsaDnBi7L5PEoBEiU6tAQlv3gzvaS9o2rfLaaODnK5wlfTxHEf0QHRvqZ--CRPQOlmhbesmlz2SNXQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
trk
ag.innovid.com/ Frame 4FE4
43 B
296 B
Image
General
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESENBqSpUnI3az6NnVzsMddw0&google_cver=1&google_push=AXcoOmTahxjKmnqrg1dtF4ODPmT2el8lPmnZ22C2AXWa5OL8Z3_RmlxUBQWwJYgYaNYCPBAMtY5jDAs-Ol23hNKR0WPjhsb7JAXhrA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3291032931&pi=t.aa~a.3133132311~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280&nras=3&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3073&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZRQ56lCdm9&p=https%3A//tt.vg&dtd=49
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:e7cf:72f5:7230:231d London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 08 Sep 2023 15:08:39 GMT
cache-control
no-cache
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 4FE4
0
130 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LfdR2Xrd3jwSJPmm_zBpNeNEkl1SMIqtEPLQ87jarIjB-pTAjTMLTgnKmvVEvHZ6S3hmuI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3291032931&pi=t.aa~a.3133132311~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280&nras=3&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3073&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZRQ56lCdm9&p=https%3A//tt.vg&dtd=49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
generate_204
tpc.googlesyndication.com/ Frame EC57
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?dYjskg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 0986
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 05:14:28 GMT
x-content-type-options
nosniff
age
208450
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Sep 2024 05:14:28 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 36C7
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 05:14:28 GMT
x-content-type-options
nosniff
age
208450
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Sep 2024 05:14:28 GMT
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame 8614
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=3987640334&adf=379431333&pi=t.aa~a.995694564~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=3&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0&nras=2&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=79pYMtUQHD&p=https%3A//tt.vg&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 06:41:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
30431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 06:41:27 GMT
truncated
/ Frame 6141
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79bb81d44f615837825118dee9e9661f580abb6b0ce0a379877664f75202c42e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 6141
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 05:14:28 GMT
x-content-type-options
nosniff
age
208450
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Sep 2024 05:14:28 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 36C7
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CWIW39Tj7ZMXnO8iqtwfPyJyIC7b81Oxy3qn8hbQRChABINmQ-W1gkYSghYwYoAHss_LAAcgBCagDAcgDywSqBLsBT9C_rG1RJbhEwj0-Deyji9LhnNW82b8SJcWM8Rlmm0mBJ_7uGu1cf-M...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227441542534460456563%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227441542534460456563%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%224%22:[%2209-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22175904581492539553%22}&andc=true
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:39 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"7441542534460456563","debug_reporting":true,"destination":"https://madmuscles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["404527596"],"4":["09-08"],"6":["true"]},"priority":"500","source_event_id":"175904581492539553"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 08 Sep 2023 15:08:39 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 08 Sep 2023 15:08:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7441542534460456563","debug_reporting":true,"destination":"https://madmuscles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["404527596"],"4":["09-08"],"6":["true"]},"priority":"500","source_event_id":"175904581492539553"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 31A4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELpagC4vC_tIv9Di90gxWYM&google_cver=1&google_push=AXcoOmTKkKtMZ1R6EJgSv03pqiwLsTAy1MM9ERCqrPV7bNKZs0XA3ewbJKoTaLXSehHGvE8thA-16MgZtx6xUHWQE2AtpS7SrmKFeFo
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTA0NDMzMzI1MTE4NDA4MTc4Mw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELpagC4vC_tIv9Di90gxWYM&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELpagC4vC_tIv9Di90gxWYM&google_cver=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 08 Sep 2023 15:08:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELpagC4vC_tIv9Di90gxWYM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 31A4
0
104 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHGUX5XMz7vpIa_0PlJozR0&google_cver=1&google_push=AXcoOmQzh1neEC3Bre6metTugUggWRH2okH16zZXHPiSe6arlNPPH3nWif3Mn54j1EQ5rS16vk3i2fVMnez_rjASCuNZAtfi2rpMhdQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3896020557&pi=t.aa~a.3133131374~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4046&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Pw2jI9TuDy&p=https%3A//tt.vg&dtd=53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:39 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 31A4
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEB49M99z9QgkqZV4Nrj6FTk&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEB49M99z9QgkqZV4Nrj6FTk&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WXV2Zm10TVoxUUVENjc1&google_gid=CAESEB49M99z9QgkqZV4Nrj6FTk&google_cver=1&google_push=AXcoOmTNplwKy4pWtjBJVGkZzBy2MQrkrG8pp3JuFn2Zhx1...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WXV2Zm10TVoxUUVENjc1&google_gid=CAESEB49M99z9QgkqZV4Nrj6FTk&google_cver=1&google_push=AXcoOmTNplwKy4pWtjBJVGkZzBy2MQrkrG8pp3JuFn2Zhx1lDm6BIPfToR1GSUzdB_lDCfZdw6KPX7BXthBjMxsdkGrkHvWO1azZkA
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 08 Sep 2023 15:08:39 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0f5e39ca57a5c2bae@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WXV2Zm10TVoxUUVENjc1&google_gid=CAESEB49M99z9QgkqZV4Nrj6FTk&google_cver=1&google_push=AXcoOmTNplwKy4pWtjBJVGkZzBy2MQrkrG8pp3JuFn2Zhx1lDm6BIPfToR1GSUzdB_lDCfZdw6KPX7BXthBjMxsdkGrkHvWO1azZkA
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 31A4
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJFs9X7vj2BU4Q593JlIA9c&google_cver=1&google_push=AXcoOmSwUDwCVtHwnxxs5aGjOAUo4iTXXjkestD0aUGEPneFy_vg1MA4SPJzgxfeSFGiB3iV1PDeVT2wvwCWtPVpA69T8r1G3Y6f3g
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=580C5501BE4A4886BE44F55DA5333891&google_push=AXcoOmSwUDwCVtHwnxxs5aGjOAUo4iTXXjkestD0aUGEPneFy_vg1MA4SPJzgxfeSFGiB3iV1PDeVT2wvwCWtPV...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=580C5501BE4A4886BE44F55DA5333891&google_push=AXcoOmSwUDwCVtHwnxxs5aGjOAUo4iTXXjkestD0aUGEPneFy_vg1MA4SPJzgxfeSFGiB3iV1PDeVT2wvwCWtPVpA69T8r1G3Y6f3g
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 08 Sep 2023 15:08:39 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=580C5501BE4A4886BE44F55DA5333891&google_push=AXcoOmSwUDwCVtHwnxxs5aGjOAUo4iTXXjkestD0aUGEPneFy_vg1MA4SPJzgxfeSFGiB3iV1PDeVT2wvwCWtPVpA69T8r1G3Y6f3g
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 07 Sep 2023 15:08:39 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 31A4
0
173 B
Image
General
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEPW-ROJ3cSskFMKaM8HJWe0&google_cver=1&google_push=AXcoOmSezVBlV-Hf6dRtacUG5EzqFp4zhb8hKWmcuU6Rs7GJyIGGdYU6Mn1sPmPSduDb0x8tZS6zvTyPHuja9EZSzueyx7_2Qj2Fymw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3896020557&pi=t.aa~a.3133131374~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4046&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Pw2jI9TuDy&p=https%3A//tt.vg&dtd=53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:39 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 31A4
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEA6Od9m_enxfvMA7rbQbxk0&google_cver=1&google_push=AXcoOmSuwwN_7qiifPf0ed4HcBHIEa1QnlBc08dgS6gKDhquIe9hxmloiKq4GRvYjWXccwscbLj56aRab0DJIp...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NjQ3MjI1NjQ1NTc2ODIxNQ%3D%3D&google_push=AXcoOmSuwwN_7qiifPf0ed4HcBHIEa1QnlBc08dgS6gKDhquIe9hxmloiKq4GRvYjWXccwscbLj56aRab0DJIp8Gut...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NjQ3MjI1NjQ1NTc2ODIxNQ%3D%3D&google_push=AXcoOmSuwwN_7qiifPf0ed4HcBHIEa1QnlBc08dgS6gKDhquIe9hxmloiKq4GRvYjWXccwscbLj56aRab0DJIp8GutrRdIi7_mTlvbE
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NjQ3MjI1NjQ1NTc2ODIxNQ%3D%3D&google_push=AXcoOmSuwwN_7qiifPf0ed4HcBHIEa1QnlBc08dgS6gKDhquIe9hxmloiKq4GRvYjWXccwscbLj56aRab0DJIp8GutrRdIi7_mTlvbE
Date
Fri, 08 Sep 2023 15:08:39 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 31A4
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEKBeif3LjcZCn9kUZjttcro&google_cver=1&google_push=AXcoOmSxDv0QQTLwn7VSUmUKQdRpj82VuoQOKYFFB52C2YeRxUE81VLJBzcgFo_p_v79ChEaslFfEOO93OEZ4AzmCOa8qpw...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEKBeif3LjcZCn9kUZjttcro&google_cver=1&google_push=AXcoOmSxDv0QQTLwn7VSUmUKQdRpj82VuoQOKYFFB52C2YeRxUE81VLJBzcgFo_p_v79ChEaslFfEOO93OEZ4AzmCOa8q...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSxDv0QQTLwn7VSUmUKQdRpj82VuoQOKYFFB52C2YeRxUE81VLJBzcgFo_p_v79ChEaslFfEOO93OEZ4AzmCOa8qpwyCpZAig
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSxDv0QQTLwn7VSUmUKQdRpj82VuoQOKYFFB52C2YeRxUE81VLJBzcgFo_p_v79ChEaslFfEOO93OEZ4AzmCOa8qpwyCpZAig
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSxDv0QQTLwn7VSUmUKQdRpj82VuoQOKYFFB52C2YeRxUE81VLJBzcgFo_p_v79ChEaslFfEOO93OEZ4AzmCOa8qpwyCpZAig
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 31A4
0
40 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J4yGJLYKRs8dF01WUEfhCRSbJI0BVth2V_QrKgS5WJ8OF4wuHC5R1RRolCFk2C36caY4YJ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3896020557&pi=t.aa~a.3133131374~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4046&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Pw2jI9TuDy&p=https%3A//tt.vg&dtd=53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0986
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QECEAAAAAAMHjQDAECg0QESEAAAAAQEDzQDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAADNzDyLQDAECg0QFCEAAAAAkLn9QDAECg0QFSEAAAAAAAAqQDAECg0QFiEAAAAAAAAUQDAECg0QGCEAAAAzM6uMQDAECg0QMiEAAAAAMDPTPzAECg0QMyEAAAAAAADwPzAECg0QNCEAAAAAAADwPzAECg0QNSEAAAAAAADwPzAECg0QNiEAAAAAAADwPzAECg0QNyEAAAAAAADwPzAECg0QOCEAAAAAzMz0PzAECg0QOSEAAACambl8QDAECg0QOiEAAAA0MxN_QDAECg0QOyEAAADNzDCLQDAECg0QPCEAAADNzDCLQDAECg0QPSEAAACamT2LQDAECg0QPiEAAAAAAFCMQDAECg0QPyEAAAAAAFCMQDAECg0QQCEAAABmZsqMQDAEEhpDUHFQbmMtbG00RURGU1NCVUFZZHI1RUtydyIMdGV4dC9yeXVrX21zKBU=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/6b2333ff0b6a934f314e6b5957720264.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Sep 2023 15:08:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame 8EE3
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3291032931&pi=t.aa~a.3133132311~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280&nras=3&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3073&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZRQ56lCdm9&p=https%3A//tt.vg&dtd=49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 06:41:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
30431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 06:41:27 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 6141
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CLNmu9Tj7ZLKgPJCMwuIPyq2asAe2_NTscqfRgfrkEQoQASDZkPltYJGEoIWMGKAB7LPywAHIAQmoAwHIA8sEqgS7AU_QXvCugApRIKDyCSmyYaNqcXE2DcmYvyVhRe0TjIeZH2QKAI3PLoA...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222445392885001231822%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222445392885001231822%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%224%22:[%2209-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223591566620828231905%22}&andc=true
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:08:39 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"2445392885001231822","debug_reporting":true,"destination":"https://madmuscles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["404527596"],"4":["09-08"],"6":["true"]},"priority":"500","source_event_id":"3591566620828231905"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 08 Sep 2023 15:08:39 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 08 Sep 2023 15:08:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2445392885001231822","debug_reporting":true,"destination":"https://madmuscles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["404527596"],"4":["09-08"],"6":["true"]},"priority":"500","source_event_id":"3591566620828231905"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame 6F95
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4327943744181213&output=html&h=280&adk=1553151457&adf=3896020557&pi=t.aa~a.3133131374~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1694178517&rafmt=1&to=qs&pwprc=5460404912&format=1110x280&url=https%3A%2F%2Ftt.vg%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694185717883&bpp=1&bdt=1980&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D522201f6c1369dd8-2248d32cc6e300fd%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA&gpic=UID%3D00000c7044dbb60f%3AT%3D1694185717%3ART%3D1694185717%3AS%3DALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=5127701079112&frm=20&pv=1&ga_vid=1597887283.1694185717&ga_sid=1694185717&ga_hid=1087910904&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4046&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076839%2C31077221%2C31077329%2C31076998%2C31077743%2C44798323%2C20222282&oid=2&pvsid=3296435410371696&tmod=172121394&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Pw2jI9TuDy&p=https%3A//tt.vg&dtd=53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 06:41:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
30432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 06:41:27 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227441542534460456563%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%224%22:[%2209-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22175904581492539553%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 08 Sep 2023 15:08:39 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222445392885001231822%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%224%22:[%2209-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223591566620828231905%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 08 Sep 2023 15:08:39 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230906&jk=3296435410371696&bg=!_P-l_7DNAAa6D61Rmg87ADQBe5WfOGv7HT6f9I07pdu2hkKqw2Tdfj7u45xwOy1yeCPNqTqcRtOBEiwZkS1nJAYabXXjAgAAAhhSAAAAImgBBwoAEBXg-36p1TxWZg-t0gmRYcCZArAfZJDOs6gjIaZm57Zr_iPnKrMvBzzB8fjp8DOeszCY7N70QcZBYr_mo6UxFRo37yjbf6gLh-WyMrJG815WvMzrQTGHykkpgrohSwPwB7Bj90ksP9FvsY0PynzYHTi_Qijo94ojZcM_vM6gwx57LDRu8Mek-hJEnfyMgvZGcsJSLTjK8nmSfMu9mu8-RGCD_4fPws1EaQWq1BeRlL1-h53Utu58hS2Y8-FJB3fXdjnR7f7DqhERYl1-Rtm88-s46qfjWEyrurJS6PuUdXnHjxLin7as6UlBwwI-YAxQKVKFTwwU53jQdbT5L5nN7CqhuSnbB_Wuhql1Nw3UXQBvMRVF1YHsFnGrQqdSVz0xSK8CshpR9TbZqebd4uwUjJ93ScUv0k7UnLSTuW47f__NNOUo8miRvO05ofTNz8kVqUsMW8jVRYNyq1pmzhxfuhV9G5jgn94ACeSXrm277ar0amd3kOfsGzJzlUE-xa7IjNn6jv8hWOdDCmCphFtsKTs0g8vNJc9LtSd0cn0AGzk7veIPxUs9XL-ZCwVMwTiaCju5yDypeQEdc3ZIJoLu6orvRq4JSmYFfGTKiM8jsIoOur_Ftajfkw1Ixlhmh9gez64fQauQylkO2fjTZSJWJMV2PMRAzBrFnRYBYlIbnGhdpPV4JQBFKl6a_imqrEwurjrrVQl30UarT72LjiE7CqyB4AlfnShje_Z1zN7jyGDl-lLxBfHwGzezXAyG7NNOABsXqQZD1I_nbq5rtUcw9Vq9ZLuzEt2DAMn-ss-aeVSRUgpi2V_uaRQiY6vf370NL-xY0N18Xmaos9r7YFPFCb692YAFE3spj1te-JeSwQwLsOMPB8b8QaDEUZcCNUZAIYhHdzem5sNRJnKsKjn1oPVPlN96sLNJwMMfyqSuHucFxgkn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tt.vg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture string| appurl function| gtag object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| recaptcha object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| $ function| jQuery object| bootstrap function| SVGInjector object| feather function| initCookieConsent function| ClipboardJS function| Typed object| lang function| livesearch undefined| Coupon object| SvgInjector undefined| Tooltip undefined| Dropdown undefined| PasswordText undefined| Pricing undefined| ScrollTo undefined| Select object| cc function| refreshlinks function| triggerShortModal object| __cfBeacon object| closure_lm_948694 function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| GoogleGcLKhOms object| googletag

24 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ACWY-nqB9HaBPkysTHJO4XagaMU1b9UERGg-J29cDF6SBe6cnUey0F7kMyPhFoYatTgir7mAF-DGfOHph4E56a0
tt.vg/ Name: PHPSESSID
Value: hdgl7fikbem8ns7g6nh68sal1l
.tt.vg/ Name: _ga_5GBHM4THHH
Value: GS1.1.1694185716.1.0.1694185716.0.0.0
.tt.vg/ Name: _ga
Value: GA1.1.1597887283.1694185717
.tt.vg/ Name: __gads
Value: ID=522201f6c1369dd8-2248d32cc6e300fd:T=1694185717:RT=1694185717:S=ALNI_MYZDvSQo7Rr0SbQ5QA48t_8u3H_ZA
.tt.vg/ Name: __gpi
Value: UID=00000c7044dbb60f:T=1694185717:RT=1694185717:S=ALNI_Ma8tfgc5Ga4oMxzqVydwUI6nJcv5g
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUlEP3Yd6OmQ39w_MLJuBHUzpApT7trQiDX8FEZaVgR4gPI8DUHfi1qwKfVh6zY
.adform.net/ Name: C
Value: 1
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2256C94609-6198-4A73-9AE3-402737144507%22%7D
.agkn.com/ Name: ab
Value: 0001%3AgWcMp54HV1k4qOn2QCT7IsdNRrnRG4P8
.agkn.com/ Name: u
Value: C|0CEAsjfV2LI31dgAAAAAAAQ13AQCAAQpAAAAAAA
.turn.com/ Name: uid
Value: 9044333251184081783
.yahoo.com/ Name: A3
Value: d=AQABBPY4-2QCEATMp6rYVOYvdicOPDFblPMFEgEBAQGK_GQFZQAAAAAA_eMAAA&S=AQAAAuKoaRL9r6aYU-m4PfYPZsI
.de17a.com/ Name: guid
Value: 1.7939648408675978229
.adform.net/ Name: uid
Value: 2731972899843604543
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZPs49gAAA1QvhAAb
.blismedia.com/ Name: b
Value: 64FB38F7A36CE7942373ABA1BLIS
.simpli.fi/ Name: suid
Value: 580C5501BE4A4886BE44F55DA5333891
.adfarm1.adition.com/ Name: UserID1
Value: 7276472256455768215
.w55c.net/ Name: wfivefivec
Value: YuvfmtMZ1QED675
.googleadservices.com/ Name: ar_debug
Value: 1
.innovid.com/ Name: uuid
Value: c72f4b98-3aa1-4f9c-a70c-ef720a8ba18e-20230908 11:08:39
.w55c.net/ Name: matchgoogle
Value: 5

1 Console Messages

Source Level URL
Text
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271802&client=ca-pub-4327943744181213&fa=2&ifi=9&uci=a!9&btvi=4&xpc=JkFAvcbPEf&p=https%3A//tt.vg
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ads.travelaudience.com
ag.innovid.com
c1.adform.net
cm.g.doubleclick.net
d.agkn.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
region1.google-analytics.com
static.cloudflareinsights.com
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
tt.vg
um.simpli.fi
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.185.194
142.250.185.226
151.101.66.49
178.250.7.11
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
213.155.156.169
23.32.185.35
2606:4700::6810:3865
2a00:1450:4001:801::2008
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:809::200a
2a00:1450:4001:81c::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2001
2a02:fa8:8806:16::1370
2a05:d018:d29:3601:ad5e:1111:f66a:1a0c
2a05:d01c:1d8:8101:e7cf:72f5:7230:231d
2a06:98c1:3121::3
3.120.226.29
34.96.105.8
35.190.0.66
35.204.158.49
37.157.3.30
52.28.12.14
85.114.159.93
0764fbaf28b48639aa8a4c6244d07b22341d958094f4d8a7c62b6936fa9c2a4a
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0b85a8e385320b3d0c0a9028e62b5da43d5ecb5f37197a40e5d50f5770c2b8bf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
12116847297eb16ae5aa1d26b27a0b4704afcc352272ab89cd6d28a27b2604be
139a90853100a3a4afa575e33a8134a26d92cabbd26044c62f93ccc938dbb7c1
1435a2a19b76f9d5eed674522edd480f798f8c6333ef8b8801cf6d48fecd4df4
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1823500ee86a20d18d69defa16b1d7d64299d5840faf4b65b421e621cd1e527b
1a5c551d5ba0de7a7a02e17897757c35a37b64c9572c764050dbd363f2942a97
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c97ebae421dce1f7b742e5a013983a24a2ff057683807db4c6eb19684cde76a
1e175dd26d031cdf33a0a896583176a726094d0fc2b3202f4a2221c81125c51f
220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9
27df2f0f5920beb815e662147728283d9eec37973b40f8917072f581381f4079
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
310bd640fec7a71439624dcd3283d6c509f5b22eeb1c852a53dbfd2172290b64
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
345d7f0379689f4d88d39b40b97e5995308eaa22e37756f10d9f4353361652a2
36ef63420f2a82374d016a378bf127ba8d3c761c8dcad295188b1690a17a0108
39b5f0a136ac9c139981b89e2ee615ac75fed86c0761c7ebf87d827be7d86e5e
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e4aff932cafd42e55b1af0534929b42c42cce514e67029b00d55992cd96f5fa
3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dc661f636f195609c6a56234a8e61501290e70790ae3c9bba1557fb84f88edc
4de345d3f90760591212a452045ae5c182464aed92a8102bc3a9aaa74e074df5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5a1815609e1b500701e8a9c63a4ee98c47794025a0de9bbc7b8a3fdc4419e6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58fdbb37ecb0c8a4d514714e322edef085c1f9d71e703b3925b054437f446166
5a691e7977d42de2b33ab6fe8187a95b7abd495195cdaa46e79c10646ab7dc86
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5abf15a26a478ac77e618025342d863fb02b1172e3fab32094835968066d8f7b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dfcdd882f92d647a26beb3d974ef2ef27b96bcef8b01abaef32b8bbb2d38ef9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
648775f95901e24afe12a1a5b904fc38eef9642ea4592a4ad842592771d54592
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6637ea3139ffb01e240829717a4f8c195d7be6b81780ed643000b49833d8d6d1
69cbb616ed3029ae2297dd4d8a7b4a0730351eca47ab42571ea156acfb8be801
6a53e358d9729b82f3b59887f709dc13bc0164e6fbfbfd639940f820901386d7
6a87a2de940fcd825afbdd64763da4afbb96732da942bc0e07763e17566bc1f8
6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f
70a61061ecf9e6f6a497315d699b281ec1e9505dba1fd9331f02ef5416a6ebaa
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
79bb81d44f615837825118dee9e9661f580abb6b0ce0a379877664f75202c42e
7a5f1b1a775539fd7153b19c1edb543b046dd57fb0ca540fa448749fc722d130
800015905e0e95d7e7eae80f0e6eacf3863d05206ae99104686ee275f19e010c
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
887d6a17e3f465e3781be9292d4f17676e9e41034a21898de4de3ada1cf35bec
88a9860b28e38cafd65ac1901077ffa5d37817d2de73383ca5dbe6b72cb3c266
8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2
8d274e977b640d39506371649567debcb77f8020778ede7a3330e9980ea0198c
9005a4ac3cbc5b2fdb5cac983ebf17f6475ebad68a943665388cf491cd820a54
93d7958f2697364abf4319f36486e5694fea3f7d2feb75bed984122b279f20a3
95d7aa853769ad4fd368ac28f201ab903c567ef7719ee542016f40a73841c96b
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a697d96688d0600a1ecf1b4fa93b32925dab543e8e2b31dd6ff4ae45af7cbb78
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8
ac84bffc3d89597ab409def208a58323afab2c7343ca590362d00700b7923ece
aebe5fb20305fbd48bd5d6f99d58b950b566d493f6273ab726afd53bf8dd0fda
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
bb7936a32a8b9cbb7ff3bce813abaf70972a497b9d08f19784bc95ebbfec8477
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
bf427039f141cd2a1b2be39923bb64324368a9e138dfcec86a1323fa86e20977
c0af31c6ff066af42be01942d97b843c037874f184e1c96f0a6bdf3946a4d1b9
c1bd51e114753f99252a3a188249026e184becda90451dec0a1643bfcf85e297
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
cbf2e4cd581d67fbba13a88584802bb9977c8ed6c3c28d5a3529d5df0529703b
cc2d4f11ee9c751dc07fb81b4da0ed12dbc60ab0b1f4d293182b857a6522bbbb
cf4644d1714253e3191325bb5d1f02df845679a152df5a976db08e2242d6becc
d0afa34695933663b97d3ff2846d107957e82f9ab49423d784512b4abbf542da
d326e1beb637fb1a95450797ec2eef966c01a063ef1d8e5903013f80e719bce7
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dfc61864aa62f4ceed96524edc2e7279d6a47a369036c292b5a0f18f36bd93ac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e648f2d9271f52d280739f4ba4bb8016c226b1d4ecb5558cca1e392bdfdcf563
ea07a5cd4bca6f776675e57677b6a021a4e1916fb4bd439fb5af3087f47e9c33
f002de98a08348d79f04c198fafc8571cc50d2c0d73c2e38ad498784b87af74f
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
f37d261feb967d601b207da30b4304bb14274310399c93105caeeb080db84c19
f79b4bcd8580176cef84bc7a633291696808f11418ac91be5356b315a3e04eb0
fa578bc87be816b3db85edd15e8300cddb9eadf04a973f6d6d4e45e65c41a15f
fc981871b8271bea9270a3af4f77bb50d37101e555dd6801fe7ecf9e26a9b12b