ourtesco.info Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ourtesco.info/
Effective URL:
https://ourtesco.info/
Submission: On February 05 via api (February 5th 2024, 3:34:13 am UTC) from GB — Scanned from NL

Summary HTTP 179 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 32 IPs in 7 countries across 22 domains to perform 179 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ourtesco.info.
TLS certificate: Issued by GTS CA 1P5 on February 2nd 2024. Valid for: 3 months.

This is the only time ourtesco.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 47	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
24	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
7 18	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3 7	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	35.187.184.108 35.187.184.108	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	35.244.170.237 35.244.170.237	15169 (GOOGLE) (GOOGLE)
7	184.30.17.133 184.30.17.133	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1	64.233.167.157 64.233.167.157	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:ef0:278a:91b8:ee2b	16509 (AMAZON-02) (AMAZON-02)
1	34.160.236.64 34.160.236.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	130.162.160.243 130.162.160.243	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d::7	15169 (GOOGLE) (GOOGLE)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
5	2.18.161.148 2.18.161.148	16625 (AKAMAI-AS) (AKAMAI-AS)
179	32

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ourtesco.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ourtesco.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.217.18.2 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.172.123 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.187.184.108 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 108.184.187.35.bc.googleusercontent.com

rtb.ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.170.237 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 237.170.244.35.bc.googleusercontent.com

static.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 184.30.17.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-133.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:ef0:278a:91b8:ee2b (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.162.160.243 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d::7 (Ireland)

ASN15169 (GOOGLE, US)

r2---sn-c0q7lnz7.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.161.148 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-148.deploy.static.akamaitechnologies.com

travel198849194933.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157 ade.googlesyndication.com — Cisco Umbrella Rank: 356	693 KB
34	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594 bid.g.doubleclick.net — Cisco Umbrella Rank: 917	208 KB
27	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 336 gcdn.2mdn.net — Cisco Umbrella Rank: 1402 r2---sn-c0q7lnz7.c.2mdn.net — Cisco Umbrella Rank: 715224	1 MB
17	ourtesco.info 1 redirects ourtesco.info	189 KB
10	gstatic.com fonts.gstatic.com csi.gstatic.com www.gstatic.com	79 KB
8	moatads.com z.moatads.com — Cisco Umbrella Rank: 704 mb.moatads.com — Cisco Umbrella Rank: 809 px.moatads.com — Cisco Umbrella Rank: 660	115 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	4 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 imasdk.googleapis.com — Cisco Umbrella Rank: 485	139 KB
5	moatpixel.com travel198849194933.s.moatpixel.com — Cisco Umbrella Rank: 62221	1 KB
5	travelaudience.com rtb.ads.travelaudience.com — Cisco Umbrella Rank: 132732 ads.travelaudience.com — Cisco Umbrella Rank: 5893 static.travelaudience.com — Cisco Umbrella Rank: 80332	199 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	5 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	260 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 4684 www.googleadservices.com — Cisco Umbrella Rank: 145	591 B
3	google.com www.google.com — Cisco Umbrella Rank: 2	51 KB
2	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495 ups.analytics.yahoo.com — Cisco Umbrella Rank: 358	839 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 874 s.tribalfusion.com — Cisco Umbrella Rank: 2405	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 843 r.turn.com — Cisco Umbrella Rank: 4167	869 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1375	204 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 373	235 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 856	718 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 716	539 B
1	w.org s.w.org — Cisco Umbrella Rank: 3198	874 B
179	22

	Domain	Requested by
32	pagead2.googlesyndication.com	ourtesco.info pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
24	s0.2mdn.net	ourtesco.info s0.2mdn.net
22	tpc.googlesyndication.com	ourtesco.info googleads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com
17	ourtesco.info	1 redirects ourtesco.info
15	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
13	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net ourtesco.info
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	px.moatads.com	rtb.ads.travelaudience.com
6	csi.gstatic.com	imasdk.googleapis.com
5	travel198849194933.s.moatpixel.com
5	googleads4.g.doubleclick.net	ourtesco.info
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net ourtesco.info
3	imasdk.googleapis.com	googleads.g.doubleclick.net ourtesco.info
3	www.google.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	ourtesco.info googleads.g.doubleclick.net
2	www.googleadservices.com	ourtesco.info
2	r2---sn-c0q7lnz7.c.2mdn.net	ourtesco.info
2	ads.travelaudience.com	rtb.ads.travelaudience.com
2	rtb.ads.travelaudience.com	ourtesco.info rtb.ads.travelaudience.com
1	ups.analytics.yahoo.com
1	ade.googlesyndication.com
1	gcdn.2mdn.net	1 redirects
1	mb.moatads.com	z.moatads.com
1	odr.mookie1.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	r.turn.com	ourtesco.info
1	ad.turn.com	1 redirects
1	www.gstatic.com	googleads.g.doubleclick.net
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	z.moatads.com	rtb.ads.travelaudience.com
1	static.travelaudience.com	rtb.ads.travelaudience.com
1	partner.googleadservices.com	www.google.com
1	s.w.org	ourtesco.info
179	40

This site contains links to these domains. Also see Links.

Domain
login.ourtesco.com
payslipview.com

Subject Issuer	Validity	Valid
ourtesco.info GTS CA 1P5	`2024-02-02` - `2024-05-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2023-12-18` - `2025-01-17`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
rtb.ads.travelaudience.com R3	`2023-12-29` - `2024-03-28`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
ads.travelaudience.com R3	`2024-01-05` - `2024-04-04`	3 months	crt.sh
static.travelaudience.com R3	`2023-12-05` - `2024-03-04`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-16` - `2024-03-26`	2 months	crt.sh

This page contains 21 frames:

Primary Page: https://ourtesco.info/
Frame ID: 0BA82F347CE7C8D3B64A63F688E6F0D0
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/zrt_lookup_fy2021.html
Frame ID: 31F17970A493C1D3598FE937B9E44F09
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9442000290907361&output=html&adk=1812271804&adf=3025194257&lmt=1707104047&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fourtesco.info%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707104047064&bpp=388&bdt=164&idt=597&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2152444077790&frm=20&pv=2&ga_vid=762292052.1707104048&ga_sid=1707104048&ga_hid=1519862739&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080817%2C95323760%2C95320868%2C95324155%2C95324161&oid=2&pvsid=1699387297533897&tmod=243306583&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=606
Frame ID: 693DD22F9B5B88CDFBC2E19DA7A14AD9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9442000290907361&output=html&h=200&slotname=7608169653&adk=2653016058&adf=2653041513&pi=t.ma~as.7608169653&w=1200&fwrn=4&lmt=1707104047&rafmt=11&format=1200x200&url=https%3A%2F%2Fourtesco.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707104047452&bpp=4&bdt=551&idt=223&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2152444077790&frm=20&pv=1&ga_vid=762292052.1707104048&ga_sid=1707104048&ga_hid=1519862739&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080817%2C95323760%2C95320868%2C95324155%2C95324161&oid=2&pvsid=1699387297533897&tmod=243306583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=226
Frame ID: EEFA1E34A64856A56F5C35025EC07F9D
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9442000290907361&output=html&h=200&slotname=7608169653&adk=4161265742&adf=3799864534&pi=t.ma~as.7608169653&w=1148&fwrn=4&lmt=1707104047&rafmt=11&format=1148x200&url=https%3A%2F%2Fourtesco.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707104047456&bpp=1&bdt=556&idt=228&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2152444077790&frm=20&pv=1&ga_vid=762292052.1707104048&ga_sid=1707104048&ga_hid=1519862739&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080817%2C95323760%2C95320868%2C95324155%2C95324161&oid=2&pvsid=1699387297533897&tmod=243306583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=230
Frame ID: 2A492F8B34A80660C51342707F328E3B
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEOOFn8MEGIbHm_EBMAE&v=APEucNXn22jIQ4crqb2OMOvMDDXAovT_eSJ1Uv-t2Wx0GmaLXmzj--O5mNt2nCgdkmnjq8iIbeYzIitkyB1rtBJEaEG0q2ThZ2_dKNa1-5ABIARSgxT00RWPqqb9bdvMeCrIlDRvNEv_ED9uXeWsZUStFgCjsIZNtPgvZfM2aCcIkLkqvL0tKek
Frame ID: 0FAB539D8BCC9E146612F3B5123BCC53
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEOOFn8MEGMvFm_EBMAE&v=APEucNXyuBsZO3HjHHe1L5XJSReiW5N564vixsmPnrg-S3_P-W9xyQyjAFyJAZmIgW99yIXoC8YwZgFa5lzJ01PPsBLl7Hzf7YQ_sN3JW9VdyQo8QlSEfufYebJubCA5a5kS8gqOGnR5MejQ0i2iXdg1bwyI_njCPheWYaTc52NbeWsz_Ul3-hE
Frame ID: 1595BA437CBF702BBEB120D2820F0B6D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6F5108B3C3DAC237340E25752C36DEEB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5215E383B36ABCFEC25A35C8DC86A91E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250
Frame ID: B689B3F2867ECAB7E1934DDD6811D0F6
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9442000290907361&output=html&h=280&adk=628177680&adf=2514489389&pi=t.aa~a.2773900404~i.37~rp.4&daaos=1707023835935&w=1148&fwrn=4&fwrnh=100&lmt=1707104048&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9204228431&ad_type=text_image&format=1148x280&url=https%3A%2F%2Fourtesco.info%2F&fwr=0&pra=3&rh=200&rw=1148&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707104048238&bpp=1&bdt=1337&idt=1&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ef29a34fe7340f6%3AT%3D1707104047%3ART%3D1707104047%3AS%3DALNI_MZw1_PZvYKGWQKaZ3tan_O9cMhA8Q&gpic=UID%3D00000d50940c4472%3AT%3D1707104047%3ART%3D1707104047%3AS%3DALNI_MZiSeCsyuKknqPx8a4zmS8ITXxqCQ&eo_id_str=ID%3D3bc4c87d5414b324%3AT%3D1707104047%3ART%3D1707104047%3AS%3DAA-AfjbZln-Q0K7xYlCOTBtSpA9D&prev_fmts=0x0%2C1200x200%2C1148x200&nras=2&correlator=2152444077790&frm=20&pv=1&ga_vid=762292052.1707104048&ga_sid=1707104048&ga_hid=1519862739&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080817%2C95323760%2C95320868%2C95324155%2C95324161&oid=2&psts=AOrYGslCf94JyZKAnY3Hl46Fe2c2y896WRwzC33nVn96xgdWWdx5E-OXfbg6kKlhuaVdzrZQylhHMUpA-U0wecR9q_4gaOCG%2CAOrYGsl3jVSvLLhrfCTeRFJCqd-e9Am0Gv5LrK0IFxRRUw9oBGKtJ3wKswayjVfvDlKVUhaf2TTYM78TaQj0nOSxfGDI_YQn&pvsid=1699387297533897&tmod=243306583&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=13
Frame ID: 2978046919204BA52C480E41B7E1BD40
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7042151913438007344/index.html?ev=01_250
Frame ID: B3B3DC3F8E53E42C05DBA30BBF83C412
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: D0753DA1D118B40404481BB613641D44
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 795031A7CF2DA48D8B891EE00D09E277
Requests: 28 HTTP requests in this frame

Frame: https://rtb.ads.travelaudience.com/rtb?ads=30000051.2.0.70019759.0.0..0.NL.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015306.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpYXfL1fAZaX3KtD7nsEP-eWfwAzKkbX7ctPipc7RCsCNtwEQASAAYJEEggEXY2EtcHViLTk0NDIwMDAyOTA5MDczNjHIAQmpAkTCD6pwGbI-qAMByAMCqgS5AU_Q_RLBlFzj63NMOnhJkNEwIFQgvmNL0nNvvEMAkVUSpd5cR_TwVm48sf0gRPpTIY_u40uCOnkBACNR_VL2tMESfdEUPuObZEkJub3t3OjT6WWBl6cmWx4mywfTZAwBeOmWVAKIdfGUjQCqDjVwwfWEHZbXvmE8WglJXxnHWygp-pgKjRHkpAygwgQuGCv_vmo9HRPa0_5OiS4b6JLQFOBTfDtCvS9nho70P0e_mHzP534YjBBMaXGEgAbsp-mslJnIjWagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggjCIDhgBAQATICqgI6CIBAgICEgIAESL39wTpY84XukqKThAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3R7qM6TPlrmjXGxqvJCocTJn5UZQ%26client%3Dca-pub-9442000290907361%26adurl%3D&googlewinningprice=ZcBXLwAKu6UCJ73QAAfy-SwCeTPO5n0Bud2tYA&wpc=EUR&site=ourtesco.info&slotvisibility=1&gcpm=939479&gpos=1&bidder=bidder-rtb-production-54f649885b-j26w4&dv=3&uuid=&suid=&brq=Frv2DCMiJLfQLbqOQXGSNr10QS7dlvoxjHeXgw&ssp_id=0&l=en&ts=1707104047&uc=NL&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=rPEVLRXrRLq7PSkSHin99Rzk47SIAmm8Sg4q8wmVrxk=
Frame ID: 2584D4FAF48730A7DE6ECDD9E030BB1A
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js
Frame ID: C6C58A83BD205DF1CD381F290D64453A
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C27AAB4C7D871E809AB0CCC7DF638EA2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js
Frame ID: 1244983FB2F50D9F5D278038E80845E3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: F2766DC49C15F02AC327A52D8217BD69
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 28E1FBC62CB3766A1F7CEF0EAE3E56F5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4A5B12FC52C27044A5858E40A2EE68CB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Our Tesco - ourtesco.com/colleague

Page URL History Show full URLs

http://ourtesco.info/ HTTP 301
https://ourtesco.info/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

179
Requests

91 %
HTTPS

50 %
IPv6

22
Domains

40
Subdomains

32
IPs

7
Countries

3395 kB
Transfer

6676 kB
Size

20
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://login.ourtesco.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJub3RpZmljYXRpb24iOnsiaWNvbiI6ImNvbm5lY3Rpb24iLCJ0ZW1wbGF0ZV9pZCI6ImNvbm5lY3RpbmdfdG9fYXBwIiwibWVzc2FnZSI6IkNvbm5lY3RpbmcgdG8gKipPdXIgVGVzY28qKiIsInZhbHVlcyI6WyIqKk91ciBUZXNjbyoqIl0sInR5cGUiOiJpbmZvIn0sInVyaSI6Imh0dHBzOi8vbG9naW4ub3VydGVzY28uY29tL3RydXN0L29wZW5pZC1jb25uZWN0L3YyP2NsaWVudF9pZD04M2ZiY2UwMC0zNmY0LTAxMzgtOWU2OC0wNmYzYTc1OWIwOWEzNzU0NyZncmFudD0wOWNiNWE4Yi1jOTViLTQyY2UtOTIwZC03YjBmMDgzMzQ4YmUmb2xfb2lkY19pc3N1ZXJfdXJsPWh0dHBzJTNBJTJGJTJGbG9naW4ub3VydGVzY28uY29tJTJGb2lkYyUyRjIiLCJhcHBfaWQiOjM3ODM3MiwiYnJhbmRfaWQiOiJtYXN0ZXIiLCJpc3MiOiJNT05PUkFJTCIsImZmX211bHRpcGxlX2JyYW5kcyI6ZmFsc2UsImV4cCI6MTY5Njg2NDAxMiwicGFyYW1zIjp7fSwibWV0aG9kIjoiZ2V0IiwiYXVkIjoiQUNDRVNTIn0.0gP5Clo4gnRyv7SoszvLjDlRWJAMRvK1HFcBlYZ4hek#app=378372
Title: page

Search URL Search Domain Scan URL

URL: https://login.ourtesco.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJub3RpZmljYXRpb24iOnsiaWNvbiI6ImNvbm5lY3Rpb24iLCJ0ZW1wbGF0ZV9pZCI6ImNvbm5lY3RpbmdfdG9fYXBwIiwibWVzc2FnZSI6IkNvbm5lY3RpbmcgdG8gKipPdXIgVGVzY28qKiIsInZhbHVlcyI6WyIqKk91ciBUZXNjbyoqIl0sInR5cGUiOiJpbmZvIn0sInVyaSI6Imh0dHBzOi8vbG9naW4ub3VydGVzY28uY29tL3RydXN0L29wZW5pZC1jb25uZWN0L3YyP2NsaWVudF9pZD04M2ZiY2UwMC0zNmY0LTAxMzgtOWU2OC0wNmYzYTc1OWIwOWEzNzU0NyZncmFudD1iYjEzNWQyYS0xOWNhLTQxMzMtOTI4ZC1jZTMzZWNmOWRiODUmb2xfb2lkY19pc3N1ZXJfdXJsPWh0dHBzJTNBJTJGJTJGbG9naW4ub3VydGVzY28uY29tJTJGb2lkYyUyRjIiLCJhcHBfaWQiOjM3ODM3MiwiYnJhbmRfaWQiOiJtYXN0ZXIiLCJpc3MiOiJNT05PUkFJTCIsImZmX211bHRpcGxlX2JyYW5kcyI6ZmFsc2UsImV4cCI6MTY5Njg2NjExOCwicGFyYW1zIjp7fSwibWV0aG9kIjoiZ2V0IiwiYXVkIjoiQUNDRVNTIn0.TtFKyH-dX6FpYIt5pK5rkRVu8SpxiqqygNxH5vKHhCc#app=378372
Title: website

Search URL Search Domain Scan URL

URL: https://login.ourtesco.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJub3RpZmljYXRpb24iOnsiaWNvbiI6ImNvbm5lY3Rpb24iLCJ0ZW1wbGF0ZV9pZCI6ImNvbm5lY3RpbmdfdG9fYXBwIiwibWVzc2FnZSI6IkNvbm5lY3RpbmcgdG8gKipPdXIgVGVzY28qKiIsInZhbHVlcyI6WyIqKk91ciBUZXNjbyoqIl0sInR5cGUiOiJpbmZvIn0sInVyaSI6Imh0dHBzOi8vbG9naW4ub3VydGVzY28uY29tL3RydXN0L29wZW5pZC1jb25uZWN0L3YyP2NsaWVudF9pZD04M2ZiY2UwMC0zNmY0LTAxMzgtOWU2OC0wNmYzYTc1OWIwOWEzNzU0NyZncmFudD1mZDRlOGNhNi1kZjI3LTRhYjgtOTdiMy03NGIzOGQ3ZjgyYTgmb2xfb2lkY19pc3N1ZXJfdXJsPWh0dHBzJTNBJTJGJTJGbG9naW4ub3VydGVzY28uY29tJTJGb2lkYyUyRjIiLCJhcHBfaWQiOjM3ODM3MiwiYnJhbmRfaWQiOiJtYXN0ZXIiLCJpc3MiOiJNT05PUkFJTCIsImZmX211bHRpcGxlX2JyYW5kcyI6ZmFsc2UsImV4cCI6MTY5Njg2NTg3OSwicGFyYW1zIjp7fSwibWV0aG9kIjoiZ2V0IiwiYXVkIjoiQUNDRVNTIn0.-zO4Ar8U1hDCSmdmx2vFnAD7myPvh6RJDh8HPmck_kg#app=378372
Title: website

Search URL Search Domain Scan URL

URL: https://payslipview.com/mobile/login.aspx?returnurl=default.aspx
Title: website

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ourtesco.info/ HTTP 301
https://ourtesco.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNEC8qNbZJdmRgYxvciRAI&google_cver=1

Request Chain 39

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcBXMK2PogFL5..n1fSDKwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNEC8qNbZJdmRgYxvciRAI&google_cver=1&google_hm=2

Request Chain 40

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECP-6NhRL-iu6YMgORIcYdY&google_cver=1

Request Chain 41

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0NTIwNDg5ODgyMTE2Njk4

Request Chain 54

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNEC8qNbZJdmRgYxvciRAI&google_cver=1

Request Chain 55

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcBXMK2PogFL5..n1fSDKwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNEC8qNbZJdmRgYxvciRAI&google_cver=1&google_hm=2

Request Chain 56

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECP-6NhRL-iu6YMgORIcYdY&google_cver=1

Request Chain 57

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0NTIwNDg5ODgyMTE2Njk4

Request Chain 126

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDqtw-gnz3oHRu9ZaxotjZ4&google_cver=1&google_push=AXcoOmRRZwlgDDFsl37Cv4omTY7EdB_AMZLrVGngKFVdVIi-fhJPGvjnm_qmPJjv6BlZIqbsSfBIe9lNJKpk4HXtRatrsbRPYdfFmHk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk2MDg1NjU4NzUxNjE1MzcwNg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDqtw-gnz3oHRu9ZaxotjZ4&google_cver=1

Request Chain 127

https://a.tribalfusion.com/i.match?p=b6&u=CAESEPTNeNELQXTw6hLBvSh0nk8&google_cver=1&google_push=AXcoOmSA-UrHk5eip-X3W7ENRr7_GJxzzM51Ly9g3ZnZ-GP8huMjspOP1WEAqm9x6vI9jNveYt0JHp3tJ054OjVsyXGNC7lj7KW4_g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSA-UrHk5eip-X3W7ENRr7_GJxzzM51Ly9g3ZnZ-GP8huMjspOP1WEAqm9x6vI9jNveYt0JHp3tJ054OjVsyXGNC7lj7KW4_g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPTNeNELQXTw6hLBvSh0nk8&google_cver=1&google_push=AXcoOmSA-UrHk5eip-X3W7ENRr7_GJxzzM51Ly9g3ZnZ-GP8huMjspOP1WEAqm9x6vI9jNveYt0JHp3tJ054OjVsyXGNC7lj7KW4_g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSA-UrHk5eip-X3W7ENRr7_GJxzzM51Ly9g3ZnZ-GP8huMjspOP1WEAqm9x6vI9jNveYt0JHp3tJ054OjVsyXGNC7lj7KW4_g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 128

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFhOesqeCHmH985bYsfTPm0&google_cver=1&google_push=AXcoOmSc31QBBCVUclKQOIw9X3qtFDB0gzUSXrjAXMirnNUfNqSKpr-Ru3WPeqgFjD5drplxsc8PH4fPOCEO3Ibl_UNpH0koI2k6DOk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFhOesqeCHmH985bYsfTPm0&google_push=AXcoOmSc31QBBCVUclKQOIw9X3qtFDB0gzUSXrjAXMirnNUfNqSKpr-Ru3WPeqgFjD5drplxsc8PH4fPOCEO3Ibl_UNpH0koI2k6DOk

Request Chain 129

https://um.simpli.fi/gp_match?google_gid=CAESEPxhCv0K5mC04GkRuY0d7DQ&google_cver=1&google_push=AXcoOmTWy1UMF5IuqDYQRcHkJRwIGeyzsz5hxx-58FtW97YESYBptORzd9t7EguxJTGmzLPHwqpbaE7KsszErzdzQTfFA5BhUewOyLU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0620B54B19BB429984DA45EEEC67C773&google_push=AXcoOmTWy1UMF5IuqDYQRcHkJRwIGeyzsz5hxx-58FtW97YESYBptORzd9t7EguxJTGmzLPHwqpbaE7KsszErzdzQTfFA5BhUewOyLU

Request Chain 131

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDcPFnYqlC8urDG7zoVbsxw&google_cver=1&google_push=AXcoOmSmcxrgPa9BkibM-wtbjp2WCzmGV5LSE9p30uyRFn6c93eP9Os-m1YPQ6dQcfsXX3egCDqawUX10INPbmm57azH_mQBGKi8tNQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSmcxrgPa9BkibM-wtbjp2WCzmGV5LSE9p30uyRFn6c93eP9Os-m1YPQ6dQcfsXX3egCDqawUX10INPbmm57azH_mQBGKi8tNQ&google_hm=eS0ubk91amxoRTJwR1IwaTN4TEZVZERGTFVWMWc3ZFJLMH5B

Request Chain 140

https://gcdn.2mdn.net/videoplayback/id/45ccdb21269e5f08/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738640048/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/01FB437CD8D0DCDC56A2ABD9BAE0D7318AA9A348.0940649847A7841D551DDE170E1FD2A39EC30D7D/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-c0q7lnz7.c.2mdn.net/videoplayback/id/45ccdb21269e5f08/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738640048/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/628A4480470413CD00FFDF03C1A770FAA9552A3A.5F9A60B50BFBFB4749C74B42ED3088840C8BFADA/key/cms1/cms_redirect/yes/mh/vA/mip/2001:1af8:4700:a08a:4::5/mm/42/mn/sn-c0q7lnz7/ms/onc/mt/1707103150/mv/u/mvi/2/pl/60/file/file.mp4

Request Chain 143

https://googleads.g.doubleclick.net/pagead/adview?ai=CJRSTMFfAZc-YEayzjuwPnYmmiAupxemfdYWAuJmyEdzZHhABIIye7mBgkQSgAaGwr9MCyAEJqQJEwg-qcBmyPqgDAcgDywSqBNwBT9AYOhAz6CeAiAPv8VjU7lddX0THrBHtBEbkIO9gRbtUS8NtF8Do7e_zFisZgjAsAWxjek-MH4dT897u9qzJVX1wGBnjfwu0KcERl4oI4zXYa6cP2Az-0md3HVYWfYG9CJRaeTMyqVXopCZgsRcfRTx4oP8r84E45IBCBfFLJMl8DeXfwAk7zQ04Mdmw4hdd-EwNgJTCrSIajPCLya6Wsj-IXQxNGZZNnYb-flU43Q7QJtBJC3jk-rsJmr2gB3DXC6ZKMFOw1-rXjozOl4SeFNki_YgsPqroMkfXAsAE4Zq127oEiAWxxLvGS6AGLtgGAoAHx8_QrAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCQ3gOgCOATsAgC0gglCIDhgBAQARgfMgKqAjoIgECAgISAgARIvf3BOlj0yJGTopOEA5oJLWh0dHBzOi8vd3d3Lm15cGFyY2VsLm5sL2NhbXBhZ25lLW15Y29udHJhY3RzL4AKAcgLAdgTA4IUDxoNb3VydGVzY28uaW5mb4gUBdAVAZgWAYAXAbIXHAoaCAASFHB1Yi05NDQyMDAwMjkwOTA3MzYxGAA&sigh=bzuJ-X7ygWE&uach_m=%5BUACH%5D&ase=2&cid=CAQSOwAvHhf_Q_d9jHWjfuG4U4ssHMVHjcjzN84vZFfBfveILoGktjHdNkFZKQOlJ4a057Xhy9yGJ_OjLd8dGAE&template_id=5000&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217222002638085333956%22,%22debug_reporting%22:true,%22destination%22:%22https://myparcel.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22711710753%22],%2222%22:[%22true%22],%224%22:[%2202-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227134207004068067729%22}&andc=true

Request Chain 163

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPLPn5UCEM3_sPcDGNXcxIICIAEwAQ&v=APEucNUQ7K0Z9l9w3eWfKRCL0SjOmddF2wB3skIOx27BN7y_MJc-Z6jdor7CQcdzd3NgJxf9YRLSjQH7gNq-jyc_U2eGgqlw9g HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true

179 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ourtesco.info/
Redirect Chain

http://ourtesco.info/
https://ourtesco.info/

63 KB
16 KB

368ms
326ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ourtesco.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c954fb7689224aabb4d6876a386ae29a747cf7ca380c3ac6b1213faa5e0cf00a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8508188329c4383e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 05 Feb 2024 03:34:06 GMT
link: <https://ourtesco.info/wp-json/>; rel="https://api.w.org/" <https://ourtesco.info/wp-json/wp/v2/pages/64>; rel="alternate"; type="application/json" <https://ourtesco.info/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=feDr4il1VMYMXSP1UziJUlEOZMMZSeXXRuH6MMHhIXeGRr53nB13VYXonRtzCeTeRx5iybE%2FpgT6CwgLykr%2Fns%2F5VIch7UTHoDP%2FNU9u4%2F947JQgBzuxWefrFJQds6R8YgkZFb07D5Hvh2XC"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-litespeed-cache: hit
x-ua-compatible: IE=edge
x-xss-protection: 1;mode=block

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 85081880dbc5b7d0-AMS
Connection: keep-alive
Content-Type: text/html
Date: Mon, 05 Feb 2024 03:34:06 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxjAnZ1S8Ywvl3kyo82v4M2k0UM8S%2Bl5p5iSfghgtkgN24FoV%2FNVQyY6u5l8hJhjPoeQlPHEX%2BY%2BQu3EsH5VzV0%2FuMwHJ2Iq9DCPolZaESgxR3AYA4T7N%2BmIyCm3C%2BreB%2BbFUpgSZ7zhJzkG"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400
location: https://ourtesco.info/
vary: Accept-Encoding

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 112ms
63ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9442000290907361

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62f6667e46142478734d12f1a659ea0a118c194ad3c04ed06300588187bbe683

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ourtesco.info/
Origin: https://ourtesco.info
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51599
x-xss-protection: 0
server: cafe
etag: 1045088562687511290
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 05 Feb 2024 03:34:06 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 116ms
68ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4153850295758492

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd9757cf2e3ab280fa27fb56dc87f73ddbc1d09e3fa09e09d6c48a47d3321e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ourtesco.info/
Origin: https://ourtesco.info
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51595
x-xss-protection: 0
server: cafe
etag: 16840350838987853253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 05 Feb 2024 03:34:06 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6903878319317444

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59da375b1b9fba2e6b412240b715dd5a39fccb852cfec16a3c060e150d28dcd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ourtesco.info/
Origin: https://ourtesco.info
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51574
x-xss-protection: 0
server: cafe
etag: 13936178831256043692
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 05 Feb 2024 03:34:07 GMT

GET
H2 200 style.min.css
ourtesco.info/wp-includes/css/dist/block-library/ 108 KB
15 KB 464ms
462ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ourtesco.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1;mode=block
last-modified: Wed, 31 Jan 2024 01:24:50 GMT
server: cloudflare
etag: W/"1ae43-65b9a162-333dca;gz"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxFRz5Vleb7aEtSuFO7kGrmH8DogbxfoAb3hy5wP1U%2BTkEt%2Bx8eT6IBi7odLq8b5eg5HtefH1gH0B7bfQfBZ8lPYutFt84E75iFyfcJ%2Fhs0yuDgCCpWOYtaUZXDOldiZ8aVk8%2B8dvNPV4Ezn"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
cf-ray: 850818853aa9383e-FRA
expires: Tue, 04 Feb 2025 09:34:07 GMT

GET
H2 200 styles.css
ourtesco.info/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 329ms
328ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ourtesco.info/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.6

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1;mode=block
last-modified: Thu, 18 Jan 2024 06:08:20 GMT
server: cloudflare
etag: W/"b4e-65a8c054-334a05;gz"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iP12cL2hbiSQFiJRLoMxDbBl6T7XmwNM5%2FM21P7eplPWW6WGVrbqN5L2iW7wqACZf4q%2Fwl%2BORnzpCZyXjJR4M1Rm3ip90r24lswxHs%2F5BJC77IEsxoI8fmTnwXf0JLcYWtFGSN%2FqqQszvNEd"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
cf-ray: 850818853aaa383e-FRA
expires: Tue, 04 Feb 2025 09:34:07 GMT

GET
H2 200 widget-areas.min.css
ourtesco.info/wp-content/themes/generatepress/assets/css/components/ 3 KB
1 KB 330ms
329ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ourtesco.info/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.3.1

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6b4122b94b82886e32952c07c78d342647b3a38a2834f4489e0922308a95eab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1;mode=block
last-modified: Sun, 08 Oct 2023 15:19:27 GMT
server: cloudflare
etag: W/"d1e-6522c87f-33320c;gz"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6MmPPYtYQpuBWNRO4p4FjDV%2BCC3oHZb8YNBMWo90g09L14r4G0qG8vi8Er1l0YtoghIRgUfpAdIz0gvRD8n5aQxsXWHrZYPgMUvpUSangLA7y%2BQ3nnsxTmEs7A3MoCGEt4U0w%2BG32IiqSFE"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
cf-ray: 850818853aac383e-FRA
expires: Tue, 04 Feb 2025 09:34:07 GMT

GET
H2 200 main.min.css
ourtesco.info/wp-content/themes/generatepress/assets/css/ 19 KB
5 KB 339ms
338ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ourtesco.info/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.3.1

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1;mode=block
last-modified: Sun, 08 Oct 2023 15:19:27 GMT
server: cloudflare
etag: W/"4c6e-6522c87f-333210;gz"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58Wa1JIvcUn1VC4He8%2BgHWAH3CJCe3QtGquX5UaV07dMtAbjBwhcw1AusHbcKaxdr0OHQ1vgqEt0HdrYyhSKwzcHdaH10HjNcKw7rRaxeNhQSFI3vKx3J4zTLsdd0TQZy5QgFdRO81TTY%2FKU"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
cf-ray: 850818853aad383e-FRA
expires: Tue, 04 Feb 2025 09:34:07 GMT

GET
H2 200 css
fonts.googleapis.com/ 28 KB
2 KB 74ms
28ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic&display=auto&ver=3.3.1

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8beeef1cfa7b41c59dd29fd98f684cf1b7d24676fe9d7f7b632ce21e2dc4241

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Feb 2024 03:34:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 03:15:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Feb 2024 03:34:06 GMT

GET
H2 200 jquery.min.js Show response
ourtesco.info/wp-includes/js/jquery/ 86 KB
31 KB 530ms
529ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ourtesco.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1;mode=block
last-modified: Wed, 08 Nov 2023 01:16:11 GMT
server: cloudflare
etag: W/"15601-654ae15b-3337af;gz"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNljpxC7hCleFgH9zASim2c5S2NaBvIaKGri4CG%2FaEU0BtsGuIdygmYXO2RyMeAFitAGbbGkpBRQwxiKVMmadSoXD26MGwQFguvpmTVSgo9a6V%2B5xMO9RgSazCNAzr835RNaJLTqwKNRa0w1"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
cf-ray: 850818853aae383e-FRA
expires: Tue, 04 Feb 2025 09:34:07 GMT

GET
H2 200 jquery-migrate.min.js Show response
ourtesco.info/wp-includes/js/jquery/ 13 KB
5 KB 321ms
320ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ourtesco.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1;mode=block
last-modified: Sun, 08 Oct 2023 13:15:43 GMT
server: cloudflare
etag: W/"3509-6522ab7f-3337a8;gz"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1%2BdN58yroZQo8%2FVYFsMUMdB%2FpJng1UusUo1QKfqA6DAz9lHSjAh6NNeO3I4nwwfsnB8%2Bzfrj5Zf221cQAVzQfwaWG8bzGg3GUdn7pDF0AR%2FCEca2jPLNRcbS%2F1JcjLcP%2BTAv4twOhAm1zRB"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
cf-ray: 850818853ab0383e-FRA
expires: Tue, 04 Feb 2025 09:34:07 GMT

GET
H2 200 tesco.com-logo-1.png
ourtesco.info/wp-content/uploads/2023/10/ 22 KB
23 KB 488ms
488ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ourtesco.info/wp-content/uploads/2023/10/tesco.com-logo-1.png

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ae2b3edb1fdd7e6ee1348b1c0ea35619fe132260ad31cfbe3fd8db6215113c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 22683
x-xss-protection: 1;mode=block
last-modified: Sun, 08 Oct 2023 15:47:06 GMT
server: cloudflare
etag: "589b-6522cefa-104ddb;;;"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S14v%2BNvs4UhjOc9GTALRbkRnh23V37i3Jzn5vn3oyjIErWdlXFqkuSNWOKDIucgnwj64v%2Bfzlx%2B7StNlc2%2Bou%2FyOyG042DxssLS%2F8Vb2IcY%2FHP8sZU47X9eW95mK2TfTuLKTLssi9PBhtLNA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 850818853ab3383e-FRA
expires: Tue, 04 Feb 2025 09:34:07 GMT

GET
H2 200 Our-Tesco.jpg
ourtesco.info/wp-content/uploads/2023/10/ 20 KB
21 KB 516ms
515ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ourtesco.info/wp-content/uploads/2023/10/Our-Tesco.jpg

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5fa4a2e8f029af6308667a27defcdc36c42dc7d08045ad0097121867e144607

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 20898
x-xss-protection: 1;mode=block
last-modified: Mon, 09 Oct 2023 16:06:57 GMT
server: cloudflare
etag: "51a2-65242521-1051a0;;;"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uO3UsjW%2FQ6m6PCt6ET8br7hQfORpywEmRJZsOlMNu%2B6UbxnjezFSg0zpFWb2gR7Vebs56yURXEWQhRkF%2FwvUMaU2WoQLZwdubx6mXKY4Hlsj%2BsThhyNx2LcO%2B8LURlQY684F%2FtI5HO5nkHUS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 850818853ab2383e-FRA
expires: Tue, 04 Feb 2025 09:34:07 GMT

GET
H2 200 Our-Tesco-1.jpg
ourtesco.info/wp-content/uploads/2023/10/ 25 KB
25 KB 505ms
505ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ourtesco.info/wp-content/uploads/2023/10/Our-Tesco-1.jpg

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0826631ff8e622d859a07f31f720de75aae09793a4916c8fdbdf55c2889e7af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 25329
x-xss-protection: 1;mode=block
last-modified: Mon, 09 Oct 2023 16:08:39 GMT
server: cloudflare
etag: "62f1-65242587-1051a1;;;"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mbSHlUeP07Layr0T9p9%2BOo851YOQGiKwSUHBsQvYIoa2LAYcxwXLoMdbTMnzugo%2F1z8T8T5cckrPnOkypitEWOnKFuHq9dwd3sqfehdkB2eBMgiQx1%2Bx3HEaVH3LdrRcC98rctKKlizyzQF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 850818853ab5383e-FRA
expires: Tue, 04 Feb 2025 09:34:07 GMT

GET
H3 200 Our-Tesco-3.jpg
ourtesco.info/wp-content/uploads/2023/10/ 28 KB
28 KB 34ms
34ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ourtesco.info/wp-content/uploads/2023/10/Our-Tesco-3.jpg

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f67fc4e9c785ea68fcf05a552b69a03e070c38a844218174d7e16b6b9d092102

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5755224
alt-svc: h3=":443"; ma=86400
content-length: 28425
x-xss-protection: 1;mode=block
last-modified: Mon, 09 Oct 2023 16:09:41 GMT
server: cloudflare
etag: "6f09-652425c5-1051ad;;;"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2sler1MoSU2Hzh%2Fi1U%2FVGxxoi3B8fPC7ics55mvEmic9W%2FSwTlg8J0cYLba%2FjqQ2HEPTQ%2Bo2fca%2B6YAeTig8N0SHKuB%2B0LsKHzE%2FQfwMfUfS%2B%2FEqNSdnIeZyhhsICS%2BiUGbIJQsmqom9UIH5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 850818884fd179c9-LHR
expires: Fri, 29 Nov 2024 18:53:43 GMT

GET
BLOB 200
OK 356abd60-14fe-4975-a3f6-e4956deebf45
https://ourtesco.info/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ourtesco.info/356abd60-14fe-4975-a3f6-e4956deebf45
Requested by: Host: ourtesco.info
URL: https://ourtesco.info/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 email-decode.min.js Show response
ourtesco.info/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 43ms
43ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ourtesco.info/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Jan 2024 18:47:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b94449-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUjKE64pGP5eqgZ%2FfLhBFkv%2BL2Sm%2BwnAB2j1k2eA8bInoMz1kxRTYVQUYSRuxx6m4kexSLCSVq%2BoYOHUhF2i4SA%2Bz4DFHdivNQtyCyWXELF7DX3L4tHP9%2Fuird4f6Sg79NR0HfDPuMwSg3UA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 850818886fdd79c9-LHR
expires: Wed, 07 Feb 2024 03:34:07 GMT

GET
H3 200 index.js Show response
ourtesco.info/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
4 KB 34ms
33ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ourtesco.info/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.6

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 146001
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1;mode=block
last-modified: Thu, 18 Jan 2024 06:08:20 GMT
server: cloudflare
etag: W/"2b6d-65a8c054-334a2e;gz"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Y%2B4QT%2FOvPxwZ0QKWodfln1Xu2edJjD9UrrCms1ooeZbFb3lczeiZfEzQCkBWdK873zWQrV%2Fr9yG2dsO6UxDIdROWULbkAkJHpD%2FwfjE4dWKuFswf2lpo1Si5o5LQCzNNg56DlrDe60skGiF"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
cf-ray: 85081888a80879c9-LHR
expires: Sun, 02 Feb 2025 17:00:46 GMT

GET
H3 200 index.js Show response
ourtesco.info/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 35ms
34ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ourtesco.info/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.6

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1507601
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1;mode=block
last-modified: Thu, 18 Jan 2024 06:08:20 GMT
server: cloudflare
etag: W/"337e-65a8c054-334a12;gz"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpC9OcY22%2FABmHjlhXpYDYD5kzyEzLxEXGrARLwtLiHCdITFSTXyBSq3SVMCKbHbu5pMjXjzLIH5RH5jX4wa6P9wLnpfWB19i%2BPa9Cqt%2FLyalht3laiM7XTKSUdhvuDKRDaNE9%2B9NDNbfxgU"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
cf-ray: 85081888a80979c9-LHR
expires: Fri, 17 Jan 2025 22:47:25 GMT

GET
H3 200 menu.min.js Show response
ourtesco.info/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 36ms
35ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ourtesco.info/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.3.1

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7802729
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1;mode=block
last-modified: Sun, 08 Oct 2023 15:19:27 GMT
server: cloudflare
etag: W/"1b3f-6522c87f-333235;gz"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZnzBP9R3CWpe4a%2F6%2FwrE56WJ81cczLTkUBXaFSLahpjHeXbnayngicErAw1O24Vvp7X6eBCOTnOW99Rh4Ou5fvz4FsMZsaqNL5XF1qW1Guln4N4gaud8v4zIPQ7rSdVyhBNZLJXaRrEc%2BTH"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
cf-ray: 85081888a80c79c9-LHR
expires: Wed, 06 Nov 2024 02:08:38 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/ 406 KB
138 KB 124ms
84ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9442000290907361&plah=ourtesco.info&bust=31080817

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9442000290907361

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6bff28c18a405ca79c08a71d6a1163ce8141c38645002b1a65169b9083fb96c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140913
x-xss-protection: 0
server: cafe
etag: 7770147098445615931
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 03:34:07 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/ Frame 31F1 9 KB
5 KB 65ms
19ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9442000290907361

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ourtesco.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: nl-NL,nl;q=0.9

Response headers

age: 41365
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 16:04:42 GMT
etag: 3890843268177463596
expires: Sun, 18 Feb 2024 16:04:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 69ms
20ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic&display=auto&ver=3.3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ourtesco.info
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Wed, 31 Jan 2024 23:19:26 GMT
x-content-type-options: nosniff
age: 360881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:53:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jan 2025 23:19:26 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 73ms
25ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ourtesco.info
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Tue, 30 Jan 2024 07:15:17 GMT
x-content-type-options: nosniff
age: 505130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:53:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 07:15:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
50 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9442000290907361

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a78e90908481ef481b73760949a9bcdfdc2b52868886e4364387187a95efc591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ourtesco.info/
Origin: https://ourtesco.info
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51522
x-xss-protection: 0
server: cafe
etag: 14387102438472132237
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 05 Feb 2024 03:34:07 GMT

GET
H3 200 wp-emoji-release.min.js Show response
ourtesco.info/wp-includes/js/ 18 KB
5 KB 37ms
36ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ourtesco.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64797
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1;mode=block
last-modified: Sun, 08 Oct 2023 13:15:43 GMT
server: cloudflare
etag: W/"4904-6522ab7f-3338d8;gz"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxmYktDo0vtSZYqd0IykY35LP4rrk1FDazgOIPgJUP2jXQs4C%2FIyeFRI%2B0TzQ6RuNQhgTyP%2BaBIOUtm9CgWoiLdUucODgjSmm80x1GmAeVSDw480Q8BTJu6BfUD6VyPNFM7F8TgXEw2eAzoo"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31557600
cf-ray: 85081888e82f79c9-LHR
expires: Mon, 03 Feb 2025 15:34:10 GMT

GET
H2 200 1f60a.svg
s.w.org/images/core/emoji/14.0.0/svg/ 1 KB
874 B 48ms
13ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f60a.svg

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

bda4e6d76f6b82b87f43755d551b36dd7cfb0d0117fb798435270e7c1127a87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-nc: HIT ams 1
date: Mon, 05 Feb 2024 03:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 693D 177 KB
42 KB 436ms
435ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9442000290907361&output=html&adk=1812271804&adf=3025194257&lmt=1707104047&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fourtesco.info%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707104047064&bpp=388&bdt=164&idt=597&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2152444077790&frm=20&pv=2&ga_vid=762292052.1707104048&ga_sid=1707104048&ga_hid=1519862739&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080817%2C95323760%2C95320868%2C95324155%2C95324161&oid=2&pvsid=1699387297533897&tmod=243306583&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=606

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9442000290907361&plah=ourtesco.info&bust=31080817

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc330a2135977e928ab1fbb77105c3ca86110eec9dd36be75653dfbfc1bd61fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ourtesco.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43198
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 03:34:08 GMT
expires: Mon, 05 Feb 2024 03:34:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EEFA 108 KB
45 KB 293ms
293ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9442000290907361&output=html&h=200&slotname=7608169653&adk=2653016058&adf=2653041513&pi=t.ma~as.7608169653&w=1200&fwrn=4&lmt=1707104047&rafmt=11&format=1200x200&url=https%3A%2F%2Fourtesco.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707104047452&bpp=4&bdt=551&idt=223&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2152444077790&frm=20&pv=1&ga_vid=762292052.1707104048&ga_sid=1707104048&ga_hid=1519862739&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080817%2C95323760%2C95320868%2C95324155%2C95324161&oid=2&pvsid=1699387297533897&tmod=243306583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=226

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fa30ba732474b1cd5bee97ab665efcdd20d10364f17890831eee3bd0634ab07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ourtesco.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45892
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 03:34:07 GMT
expires: Mon, 05 Feb 2024 03:34:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2A49 108 KB
45 KB 373ms
373ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9442000290907361&output=html&h=200&slotname=7608169653&adk=4161265742&adf=3799864534&pi=t.ma~as.7608169653&w=1148&fwrn=4&lmt=1707104047&rafmt=11&format=1148x200&url=https%3A%2F%2Fourtesco.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707104047456&bpp=1&bdt=556&idt=228&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2152444077790&frm=20&pv=1&ga_vid=762292052.1707104048&ga_sid=1707104048&ga_hid=1519862739&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080817%2C95323760%2C95320868%2C95324155%2C95324161&oid=2&pvsid=1699387297533897&tmod=243306583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=230

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87730619237d40c2957b1c0ec2db39cd05bff37ec36dcfd9064c5cd1ba54de1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ourtesco.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45769
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 03:34:08 GMT
expires: Mon, 05 Feb 2024 03:34:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EEFA 42 B
63 B 51ms
51ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C2oR_ryxkrb34qIFgAetr1Pbd-rdf3Kv5r8YlOGd4w5MNV0rsrEwB-XlTx6QtZImyOo1BXKiY9U-oEqFaOHYeXpP8SJEYitPqsWcbmU4QI6lHapGQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9442000290907361&output=html&h=200&slotname=7608169653&adk=2653016058&adf=2653041513&pi=t.ma~as.7608169653&w=1200&fwrn=4&lmt=1707104047&rafmt=11&format=1200x200&url=https%3A%2F%2Fourtesco.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707104047452&bpp=4&bdt=551&idt=223&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2152444077790&frm=20&pv=1&ga_vid=762292052.1707104048&ga_sid=1707104048&ga_hid=1519862739&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080817%2C95323760%2C95320868%2C95324155%2C95324161&oid=2&pvsid=1699387297533897&tmod=243306583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=226

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0FAB 624 B
246 B 57ms
57ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEOOFn8MEGIbHm_EBMAE&v=APEucNXn22jIQ4crqb2OMOvMDDXAovT_eSJ1Uv-t2Wx0GmaLXmzj--O5mNt2nCgdkmnjq8iIbeYzIitkyB1rtBJEaEG0q2ThZ2_dKNa1-5ABIARSgxT00RWPqqb9bdvMeCrIlDRvNEv_ED9uXeWsZUStFgCjsIZNtPgvZfM2aCcIkLkqvL0tKek

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9442000290907361&output=html&h=200&slotname=7608169653&adk=2653016058&adf=2653041513&pi=t.ma~as.7608169653&w=1200&fwrn=4&lmt=1707104047&rafmt=11&format=1200x200&url=https%3A%2F%2Fourtesco.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707104047452&bpp=4&bdt=551&idt=223&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2152444077790&frm=20&pv=1&ga_vid=762292052.1707104048&ga_sid=1707104048&ga_hid=1519862739&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080817%2C95323760%2C95320868%2C95324155%2C95324161&oid=2&pvsid=1699387297533897&tmod=243306583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=226
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 03:34:08 GMT
expires: Mon, 05 Feb 2024 03:34:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame EEFA 111 KB
39 KB 128ms
31ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sun, 04 Feb 2024 14:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48076
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Feb 2024 14:12:52 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/ Frame EEFA 8 KB
3 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sun, 04 Feb 2024 20:23:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 20:23:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/ Frame EEFA 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sun, 04 Feb 2024 20:11:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 20:11:31 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame EEFA 41 KB
14 KB 70ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Tue, 30 Jan 2024 19:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 462370
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 19:07:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame EEFA 3 KB
1 KB 86ms
38ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sun, 04 Feb 2024 16:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 16:40:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame EEFA 20 KB
9 KB 67ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sun, 04 Feb 2024 16:28:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 16:28:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EEFA 205 KB
65 KB 81ms
33ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Feb 2024 03:34:08 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 0FAB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNEC8qNbZJdmRgYxvciRAI&google_cver=1

43 B
344 B

41ms
41ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNEC8qNbZJdmRgYxvciRAI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEOOFn8MEGIbHm_EBMAE&v=APEucNXn22jIQ4crqb2OMOvMDDXAovT_eSJ1Uv-t2Wx0GmaLXmzj--O5mNt2nCgdkmnjq8iIbeYzIitkyB1rtBJEaEG0q2ThZ2_dKNa1-5ABIARSgxT00RWPqqb9bdvMeCrIlDRvNEv_ED9uXeWsZUStFgCjsIZNtPgvZfM2aCcIkLkqvL0tKek
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pWmkmz%2Bak%2FXv%2FrjfOojzfAhyK4rV67eXv0VwEJLtz%2FU3LPdQhrLfYRsfLb2jnQt0PHb9r7ah7vSiaGJ3otuUs9q%2Fjf0MZdNnOndxWAJGW%2B7mKYaLeo4nAE5zMDU797b6%2Fh2O%2FLlX%2B4boA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8508188d0ff24d7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNEC8qNbZJdmRgYxvciRAI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0FAB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcBXMK2PogFL5..n1fSDKwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNEC8qNbZJdmRgYxvciRAI&google_cver=1&google_hm=2

43 B
733 B

31ms
31ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNEC8qNbZJdmRgYxvciRAI&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEOOFn8MEGIbHm_EBMAE&v=APEucNXn22jIQ4crqb2OMOvMDDXAovT_eSJ1Uv-t2Wx0GmaLXmzj--O5mNt2nCgdkmnjq8iIbeYzIitkyB1rtBJEaEG0q2ThZ2_dKNa1-5ABIARSgxT00RWPqqb9bdvMeCrIlDRvNEv_ED9uXeWsZUStFgCjsIZNtPgvZfM2aCcIkLkqvL0tKek
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1vjl8hvVejnoV%2FzZWLhNN41BlXTWLPnfzPUvpB2FtEKTUwnCSjLOtKYd%2BORUJjPDY7b2WDqWthdCE347b69mEPPa1nuhrGnO6exNsjfZNU9Ui%2BVlvWPykEoIxWbtsnPfoegibA2duvnfg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8508188d89d82bbc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNEC8qNbZJdmRgYxvciRAI&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 0FAB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECP-6NhRL-iu6YMgORIcYdY&google_cver=1

43 B
1 KB

20ms
19ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECP-6NhRL-iu6YMgORIcYdY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEOOFn8MEGIbHm_EBMAE&v=APEucNXn22jIQ4crqb2OMOvMDDXAovT_eSJ1Uv-t2Wx0GmaLXmzj--O5mNt2nCgdkmnjq8iIbeYzIitkyB1rtBJEaEG0q2ThZ2_dKNa1-5ABIARSgxT00RWPqqb9bdvMeCrIlDRvNEv_ED9uXeWsZUStFgCjsIZNtPgvZfM2aCcIkLkqvL0tKek

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
an-x-request-uuid: a178d8aa-b384-48c2-8030-1bf38bdd4ff2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 5.79.98.36; 5.79.98.36; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECP-6NhRL-iu6YMgORIcYdY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0FAB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0NTIwNDg5ODgyMTE2Njk4

170 B
243 B

30ms
30ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0NTIwNDg5ODgyMTE2Njk4

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
an-x-request-uuid: f51af948-328b-4179-a62d-7ca2a70c2d87
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0NTIwNDg5ODgyMTE2Njk4
x-proxy-origin: 5.79.98.36; 5.79.98.36; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame EEFA 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a67bd5875de4e7f674475929004457feb4c0fa28a0096a0bef690cbc9836b726

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type: image/png

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A49 42 B
63 B 51ms
51ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AWlw8mafHri_ohIbekHFPYWkWPSMnWAKWI7wX23Ob0Zkv6qFjZ3rzsnZWeP_81ZAF04x1UqZaG0zyHpICUQIXD-sYlAj7QqYlTbHHamW73mx2Wng4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9442000290907361&output=html&h=200&slotname=7608169653&adk=4161265742&adf=3799864534&pi=t.ma~as.7608169653&w=1148&fwrn=4&lmt=1707104047&rafmt=11&format=1148x200&url=https%3A%2F%2Fourtesco.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707104047456&bpp=1&bdt=556&idt=228&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2152444077790&frm=20&pv=1&ga_vid=762292052.1707104048&ga_sid=1707104048&ga_hid=1519862739&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080817%2C95323760%2C95320868%2C95324155%2C95324161&oid=2&pvsid=1699387297533897&tmod=243306583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=230

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1595 624 B
245 B 57ms
57ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEOOFn8MEGMvFm_EBMAE&v=APEucNXyuBsZO3HjHHe1L5XJSReiW5N564vixsmPnrg-S3_P-W9xyQyjAFyJAZmIgW99yIXoC8YwZgFa5lzJ01PPsBLl7Hzf7YQ_sN3JW9VdyQo8QlSEfufYebJubCA5a5kS8gqOGnR5MejQ0i2iXdg1bwyI_njCPheWYaTc52NbeWsz_Ul3-hE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9442000290907361&output=html&h=200&slotname=7608169653&adk=4161265742&adf=3799864534&pi=t.ma~as.7608169653&w=1148&fwrn=4&lmt=1707104047&rafmt=11&format=1148x200&url=https%3A%2F%2Fourtesco.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707104047456&bpp=1&bdt=556&idt=228&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2152444077790&frm=20&pv=1&ga_vid=762292052.1707104048&ga_sid=1707104048&ga_hid=1519862739&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080817%2C95323760%2C95320868%2C95324155%2C95324161&oid=2&pvsid=1699387297533897&tmod=243306583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=230

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9442000290907361&output=html&h=200&slotname=7608169653&adk=4161265742&adf=3799864534&pi=t.ma~as.7608169653&w=1148&fwrn=4&lmt=1707104047&rafmt=11&format=1148x200&url=https%3A%2F%2Fourtesco.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707104047456&bpp=1&bdt=556&idt=228&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2152444077790&frm=20&pv=1&ga_vid=762292052.1707104048&ga_sid=1707104048&ga_hid=1519862739&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080817%2C95323760%2C95320868%2C95324155%2C95324161&oid=2&pvsid=1699387297533897&tmod=243306583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=230
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 03:34:08 GMT
expires: Mon, 05 Feb 2024 03:34:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 2A49 111 KB
39 KB 73ms
67ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sun, 04 Feb 2024 14:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48076
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Feb 2024 14:12:52 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/ Frame 2A49 8 KB
3 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9442000290907361&output=html&h=200&slotname=7608169653&adk=4161265742&adf=3799864534&pi=t.ma~as.7608169653&w=1148&fwrn=4&lmt=1707104047&rafmt=11&format=1148x200&url=https%3A%2F%2Fourtesco.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707104047456&bpp=1&bdt=556&idt=228&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2152444077790&frm=20&pv=1&ga_vid=762292052.1707104048&ga_sid=1707104048&ga_hid=1519862739&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080817%2C95323760%2C95320868%2C95324155%2C95324161&oid=2&pvsid=1699387297533897&tmod=243306583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=230

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sun, 04 Feb 2024 20:23:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25823
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 20:23:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/ Frame 2A49 23 KB
9 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9442000290907361&output=html&h=200&slotname=7608169653&adk=4161265742&adf=3799864534&pi=t.ma~as.7608169653&w=1148&fwrn=4&lmt=1707104047&rafmt=11&format=1148x200&url=https%3A%2F%2Fourtesco.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707104047456&bpp=1&bdt=556&idt=228&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2152444077790&frm=20&pv=1&ga_vid=762292052.1707104048&ga_sid=1707104048&ga_hid=1519862739&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080817%2C95323760%2C95320868%2C95324155%2C95324161&oid=2&pvsid=1699387297533897&tmod=243306583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=230

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sun, 04 Feb 2024 20:11:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26557
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 20:11:31 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 2A49 41 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Tue, 30 Jan 2024 19:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 462370
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 19:07:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 2A49 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9442000290907361&output=html&h=200&slotname=7608169653&adk=4161265742&adf=3799864534&pi=t.ma~as.7608169653&w=1148&fwrn=4&lmt=1707104047&rafmt=11&format=1148x200&url=https%3A%2F%2Fourtesco.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707104047456&bpp=1&bdt=556&idt=228&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2152444077790&frm=20&pv=1&ga_vid=762292052.1707104048&ga_sid=1707104048&ga_hid=1519862739&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080817%2C95323760%2C95320868%2C95324155%2C95324161&oid=2&pvsid=1699387297533897&tmod=243306583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sun, 04 Feb 2024 16:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 16:40:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 2A49 20 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9442000290907361&output=html&h=200&slotname=7608169653&adk=4161265742&adf=3799864534&pi=t.ma~as.7608169653&w=1148&fwrn=4&lmt=1707104047&rafmt=11&format=1148x200&url=https%3A%2F%2Fourtesco.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707104047456&bpp=1&bdt=556&idt=228&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2152444077790&frm=20&pv=1&ga_vid=762292052.1707104048&ga_sid=1707104048&ga_hid=1519862739&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080817%2C95323760%2C95320868%2C95324155%2C95324161&oid=2&pvsid=1699387297533897&tmod=243306583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sun, 04 Feb 2024 16:28:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 16:28:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A49 205 KB
65 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9442000290907361&output=html&h=200&slotname=7608169653&adk=4161265742&adf=3799864534&pi=t.ma~as.7608169653&w=1148&fwrn=4&lmt=1707104047&rafmt=11&format=1148x200&url=https%3A%2F%2Fourtesco.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707104047456&bpp=1&bdt=556&idt=228&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=2152444077790&frm=20&pv=1&ga_vid=762292052.1707104048&ga_sid=1707104048&ga_hid=1519862739&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080817%2C95323760%2C95320868%2C95324155%2C95324161&oid=2&pvsid=1699387297533897&tmod=243306583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Feb 2024 03:34:08 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6F51 38 KB
13 KB 22ms
22ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 462350
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 19:08:18 GMT
expires: Wed, 29 Jan 2025 19:08:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2A49 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 053cdbdaaed80c551904596c06c0e1f011903b90acda2bb64899c12301e83c62

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1595
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNEC8qNbZJdmRgYxvciRAI&google_cver=1

43 B
774 B

37ms
37ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNEC8qNbZJdmRgYxvciRAI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEOOFn8MEGMvFm_EBMAE&v=APEucNXyuBsZO3HjHHe1L5XJSReiW5N564vixsmPnrg-S3_P-W9xyQyjAFyJAZmIgW99yIXoC8YwZgFa5lzJ01PPsBLl7Hzf7YQ_sN3JW9VdyQo8QlSEfufYebJubCA5a5kS8gqOGnR5MejQ0i2iXdg1bwyI_njCPheWYaTc52NbeWsz_Ul3-hE
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvNWUW1iwiACzcJrufg96u5h9We4jt2DdAfhcOdAELKi3iN2kJ4IKfzZJpA%2FP5HzHuyE%2Bx%2BE5A4TYeVZw2YG2w%2BsM6O%2B1FWGWr3hDVFnRaA%2Bs5P%2FPwrnySbcIuEWjuT1BgKxMPW7he1aOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8508188d49c22bbc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNEC8qNbZJdmRgYxvciRAI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1595
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcBXMK2PogFL5..n1fSDKwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNEC8qNbZJdmRgYxvciRAI&google_cver=1&google_hm=2

43 B
732 B

31ms
31ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNEC8qNbZJdmRgYxvciRAI&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEOOFn8MEGMvFm_EBMAE&v=APEucNXyuBsZO3HjHHe1L5XJSReiW5N564vixsmPnrg-S3_P-W9xyQyjAFyJAZmIgW99yIXoC8YwZgFa5lzJ01PPsBLl7Hzf7YQ_sN3JW9VdyQo8QlSEfufYebJubCA5a5kS8gqOGnR5MejQ0i2iXdg1bwyI_njCPheWYaTc52NbeWsz_Ul3-hE
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zBJSoN%2BcfTK8Kwn1GxDnrqLoOrTkPlPWsuVqZ7ocn2g2OkIHSdgpj8WG0eKx%2BMPXeDZm6lQN425QqfMnYoaV59vLuyUARAieWxh0QP2Jf%2FAPzfQgpx9mF2ehn7EQHapNYEaHQ8Y4P7CKw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8508188d89d92bbc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNEC8qNbZJdmRgYxvciRAI&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 1595
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECP-6NhRL-iu6YMgORIcYdY&google_cver=1

43 B
1 KB

19ms
19ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECP-6NhRL-iu6YMgORIcYdY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEOOFn8MEGMvFm_EBMAE&v=APEucNXyuBsZO3HjHHe1L5XJSReiW5N564vixsmPnrg-S3_P-W9xyQyjAFyJAZmIgW99yIXoC8YwZgFa5lzJ01PPsBLl7Hzf7YQ_sN3JW9VdyQo8QlSEfufYebJubCA5a5kS8gqOGnR5MejQ0i2iXdg1bwyI_njCPheWYaTc52NbeWsz_Ul3-hE

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
an-x-request-uuid: 53b9206d-f55a-4367-a125-7b79b502546e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 5.79.98.36; 5.79.98.36; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECP-6NhRL-iu6YMgORIcYdY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1595
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0NTIwNDg5ODgyMTE2Njk4

170 B
232 B

32ms
29ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0NTIwNDg5ODgyMTE2Njk4

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
an-x-request-uuid: a526df29-ddd2-4499-b462-f7d8d822ee7f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0NTIwNDg5ODgyMTE2Njk4
x-proxy-origin: 5.79.98.36; 5.79.98.36; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 5215 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 462350
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 19:08:18 GMT
expires: Wed, 29 Jan 2025 19:08:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/ 165 KB
56 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/reactive_library_fy2021.js?bust=31080817

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14a9a34ca6741b4720bf2860f507dfb7a8188a1f54f645a3676d63c188b83fcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57053
x-xss-protection: 0
server: cafe
etag: 3148899331762373997
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 03:34:08 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F51 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sun, 04 Feb 2024 17:00:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Feb 2025 17:00:06 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2489025940379087204/ Frame B689 15 KB
4 KB 94ms
31ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fb7449fb43df3cbbffb84cff32c131114a1d0a87f8c485121f43a58c3476e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 461063
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3569
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 19:29:45 GMT
expires: Wed, 29 Jan 2025 19:29:45 GMT
last-modified: Wed, 19 Jul 2023 12:44:02 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EEFA 0
0 102ms
61ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstITwY5aI1DnQg95Ao2ftrGpjrbfoqmIwJ-OTnEgc4pHsbM2KbIAi573_A9fPbwECJmH2saNOvVrFsmRbJK7vWAUfq5CmoP9a-JFgeDPGm20vibRQzqJN6DYYOwc6pNnvuEZAiQWnLPmIuSgQvUHC8NEV9VMmeLhMvmhS9jwTxzQsAmFm-VE_TcHcTOSle7mpYts2mIShBzlbhI8Pgw3QJDFxlcSqJAvLmv4IxpmRFmgnyahDh0LKUhbkOo-yLVJJXY3FbvQ3Gtj3TFBnzplfFJqINYSEIxmII_d8eqJB7hs4LNW-9j7xYrSE96uXeMwhUcSSvhwbVcqxqGDEqObUx8MkVElshsFeUfmK8l9y1sjbzgMGyXR0-DWkxDpEYcTDYNeGyE21wNy3lvGIQ8-FmLyr6-aQNpDIdMh7zOST0R2idmZhC_8CHbuo1SviAwSV5__BK9KbPlJZlw2gELg6MZIW0DbicNW4YYMkYlsT_UKXkkvsBvzdh1Y2J76VtNuZjrqoQuzkf5yEJRKv1x-uE40egZ4rQpvXEZQhykGzJm2jj3gPG5C6votQVNZ4Es0svw1VVSXy-WEegDOUZBBziTF2j2caBXCP7Y1ufT8mLgOcUJvczyZ-PsS5CEBmO1LhY7OX8fRZdKxrn0QpiGLUi5o8DJrLg2p2JgbJI1E6vj639c0h9r9_N2LcsNP0HSeBKK7JL36GXPj0HkXAu2N2zzImSAFvmxKAXk9fmpqY3gGRGhX4kkAu6POKtVNZApT0NWc9D04zNRnnTqwidA3dvFxVEwwVw6p1VUewN6d1htFSfVcQ4vFMJ-Lh0952qqmkqy-Fb7WkWuWf8jzJ-QHhCgV47bccN4Msi6y3MOwM2_3qodf6xyLdu7_WsInSdADVjzr8N0yIv1xQGlG-h_q1zmgwYSUzWfCQsdcvt4fuy9Hn0tx9GNWE9qgDqFTo7t7jj4BIqvAhmoZZ9DlpTu0B1sNFiTIhB4UXEPWMce2hbLTRikbllYv2vPrCU8xVFrYcJcaBYD-2CLKg2RFA30xVwWpnIzVghywyLvZ-LsgF6oys8ZWP3Vsq6LjPo96ByWIgBdAsf-ogulqFeMAUlWN29BmGomqWL47utiQk0VDqrwXT_wX3ajqCj6uQEcmnl0ggzt8zjg8KHsIqb_ePMB1hvCekSQTb1Oajy83LrvwIT-H6bh5_5J31Un-LdtlYE8FdLS2xwYnaaoTuSwuvCAFO0wUs63x2l8iijDfIDTymjmmbsRPojFG3eWXW_u--hoc1BGIwllgIEtJfpt11Qjq2jN5Y5tBg5nWnBhgWS5jwGR0cPSMR_jRSXk&sai=AMfl-YSO9og_6gB99biXxTN_zbG4Gk1SGyOhPxDylepd8YXY1s32vE4vvumNHOeMkpLUXE0gsgKRDFB8Nnfpv_6HiLfuGMgznK0fsRdRRIi3OzaepYld6i-VuZDvKan4-OtDCafUv63mNALurSQhIIs0T47p-ESzcimD3iyUmL_zkhtomgqqt-t_33xuUfvF4CBtpkG4eI0iYA56Zd4fCzQOTL_z6LvTThBZ-oN0e9g3sUjmqHwiD6MRTiM562qjKzPDOTzb6XMBmV5sN3gr8q9Z6-pevZOmyCU-H558HcofWZTaG7L8Id8HOL-AnGqrkJR0-sIZzcF5xf0-t7ZngzbKWMimXFxFreKu0L5rIopaORoGHOHk29BCsuDc2ew6DAQmmuGIS8FdNVUgLnhGUQJrlJZC70a2hjOnmQLHslanX0N1G4I4_0ONBwsl3qpGvQMqzkCVfft397xpng8jPQESdTkqJzrhygvH1RsKL4vPnOWRxbakt-2hbPo&sig=Cg0ArKJSzFesAhKLZJzdEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=244&cbvp=1&cstd=242&cisv=r20240131.26933&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Feb 2024 03:34:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2978 131 KB
44 KB 290ms
290ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9442000290907361&output=html&h=280&adk=628177680&adf=2514489389&pi=t.aa~a.2773900404~i.37~rp.4&daaos=1707023835935&w=1148&fwrn=4&fwrnh=100&lmt=1707104048&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9204228431&ad_type=text_image&format=1148x280&url=https%3A%2F%2Fourtesco.info%2F&fwr=0&pra=3&rh=200&rw=1148&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707104048238&bpp=1&bdt=1337&idt=1&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ef29a34fe7340f6%3AT%3D1707104047%3ART%3D1707104047%3AS%3DALNI_MZw1_PZvYKGWQKaZ3tan_O9cMhA8Q&gpic=UID%3D00000d50940c4472%3AT%3D1707104047%3ART%3D1707104047%3AS%3DALNI_MZiSeCsyuKknqPx8a4zmS8ITXxqCQ&eo_id_str=ID%3D3bc4c87d5414b324%3AT%3D1707104047%3ART%3D1707104047%3AS%3DAA-AfjbZln-Q0K7xYlCOTBtSpA9D&prev_fmts=0x0%2C1200x200%2C1148x200&nras=2&correlator=2152444077790&frm=20&pv=1&ga_vid=762292052.1707104048&ga_sid=1707104048&ga_hid=1519862739&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080817%2C95323760%2C95320868%2C95324155%2C95324161&oid=2&psts=AOrYGslCf94JyZKAnY3Hl46Fe2c2y896WRwzC33nVn96xgdWWdx5E-OXfbg6kKlhuaVdzrZQylhHMUpA-U0wecR9q_4gaOCG%2CAOrYGsl3jVSvLLhrfCTeRFJCqd-e9Am0Gv5LrK0IFxRRUw9oBGKtJ3wKswayjVfvDlKVUhaf2TTYM78TaQj0nOSxfGDI_YQn&pvsid=1699387297533897&tmod=243306583&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54da2951610583c64903ed2f1d883dd98a8ef2b50228f64128fce1ef053b62fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ourtesco.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 44655
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 03:34:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 async-ads.js Show response
www.google.com/adsense/search/ 137 KB
51 KB 76ms
29ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/search/async-ads.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9248d32a1863a0736e5bcfe7e2a09f8138eb702c3f3605b069dc196bb1b06ec8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "8047657871282554403"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Mon, 05 Feb 2024 03:34:08 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=ok&evt=place&vh=1200&eid=44808454&hl=en&pvc=1699387297533897

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7042151913438007344/ Frame B3B3 15 KB
4 KB 50ms
33ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7042151913438007344/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1cb75a4fb116b0f5cef1b90ac0c0c4121c7682a1c756ca9ac5320b6c73f24d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 406412
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3576
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 10:40:36 GMT
expires: Thu, 30 Jan 2025 10:40:36 GMT
last-modified: Wed, 19 Jul 2023 12:45:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2A49 0
0 62ms
62ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvAPhc9KeKBmzg21SPIjhJAQUN3BnwGy03NkpbjnTx9IiH9VMkZ0KT8AsfRGoq0BxWqTCQtT5tOXbKfdm8BFhXpr17HI3DiRYFwpecc32JaIz_3NXJwk4O_KODKame6vbbTKF2oK7GWSVV32cK3bpef6pHf3Dk2EwHJDF4ApUESJc2-0LLkzE3eQ8oY6Mrz142HYvmKb5eCNjU6roxTb7uJ4uv1lXbDC3E7UtQ_baFyXbbflfVkrJpuWUZsPnt5V8QPLh8l-KlSBOC_ANX2dhFWMdn8RsPgTTiZrI6QoW0ieJDKi36mRePRm09hsjMmNdzdM_OmqPZrDYMuyHvu3a_1EOWqIqmCP825K_hrf4ECF19sYUyyS52aPk1xDiT-q_jTe9aegI5HOszc06SHLodVj--Tqmm_DafMCi39Rnml-rRtmWsSXef_K2W-XIBusksv7y1QNSoqs4Jh3VCXG9YV9a76we4Jgg8D_kvXOMd2XTihJ5_Y6d1JB2kxmpSGe1QXeRmKdzdc3DautZw5wJnPjFDtc8Ax6SAkplBLMr5-k-TppNgSXcVimBNQWgbDp3p26PKWCGUGXtM35PKOBaFSu4z5Ti2UJ-Sry2Twq9TD57uvw_QRz_HspMjk_fNTIM2V0x1I5s2pW3oAE0M89VHkDasm8dlGfD0gcIf-2JXoT5S8b9eQ8Y2a7ESFVdqkmS1-9VVvZ-DewkiNoBXHwD6aulTp27C38RyPjnoEjGP2YVvPFwC7mCq9rSOiuAaH4JOaeGVrvgBt3zlsM6WFxLOcuSPV8irLV4EnNj8XAj5_GqoVqDH2Unr_GGgxGtJiJfmh_3WK-WJN3xfYVxo6MwarqspjTLMrHNQvEm341M4gpiQSXiSiy36XTxPcZqnrd3zCTyMRYONb15TvY3Wz2deAPZjN3p7Dwj5VMd6XRtsWypRgdP67Vjvh3h0Rn-X9UuKAnLytqPUHbueczvUmBdk7zPenJEH6h3zGkKmuJtLkl_AIrG_jcDBdXhVrCWgzVv7mkY_mk7pv9sYZ4_TbdljTaLIHCgLs0lKIg_-S_VnB_fMOz_Rf0AtlxnDr-CFvZRVcThB3b1Rc5YMGxVDsocKvHb8-U6wsYigIqJNXLkwTZryW1K7JM4DDPGnepJ22hYD8wwMrzvCuV7CkZwDwoaiF8TahVlTZ-G3StytsveEX0RcVFAtpSfdQqeZiigh2LzC25kJM4WPx8uqMpLFjJR18Fzen4af36dXQDpGDvPPxKJP67eGiIT1oWYhomI3xtelQ5JejFubjH9FpIVvp44qynRMBU4uxa-FPEezjoICbpkDGTdWj-lUxxzKD&sai=AMfl-YSNl7U0yG_wp8FvwGaqDqn7CNN2MsFfKQmPnnDTNaY8lK1qdha2ZJAIx4QDlTeBGIVBSVLBhnvzkiQ9ijbYsFdHewwXoMfpJQOk8XlRD118e_25KEdXafwnXwMwoyFaDA6PerFvJHo0Jx1fibwv1AeOY6PzL_c7H2k7DgDKUbXKk_BHAyaWAOkiKvr4AejgHPtU3L9IEpxGaQiLlsBYe0VGAO6WDnYzmL1eCxV5Aj5bMhp92LUZ8TAAR2Ve5143lOPNFaX5lfFUg-ROyN8VK5HH7U10DsF4zkubSNDGzit_LkIQ5kBpVaZNPAFSHRZ5wT2oW2ZLaW1s7sQ5wkib7AGYdJgNUf69d5MdweK1NErTNvODvQdo6RfCY1uhZzAuqwgAYKM2_-DUCvUbvwRDz22RPYN85VX2U78biPUXyuaB1gLBoZbUgqXf-yW3Uu-QFnQf-4h3omb0gAn05i6Ggv5ragaBND2JoNzLziTcVDig_p1fQqxXg44&sig=Cg0ArKJSzN0ZElgDJij1EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=199&cbvp=1&cstd=199&cisv=r20240131.12684&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Feb 2024 03:34:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 5215 39 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sun, 04 Feb 2024 17:00:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Feb 2025 17:00:06 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/ Frame D075 9 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ourtesco.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: nl-NL,nl;q=0.9

Response headers

age: 33011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 18:23:57 GMT
etag: 3890843268177463596
expires: Sun, 18 Feb 2024 18:23:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/ Frame 7950 9 KB
4 KB 20ms
19ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ourtesco.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: nl-NL,nl;q=0.9

Response headers

age: 33011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 18:23:57 GMT
etag: 3890843268177463596
expires: Sun, 18 Feb 2024 18:23:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 f1392a14826ddef15256a34960910a04.png
s0.2mdn.net/sadbundle/2489025940379087204/images/ Frame B689 18 KB
18 KB 33ms
32ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2489025940379087204/images/f1392a14826ddef15256a34960910a04.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323d244837d21d4cb380957be065e5bf6c462999f5c57e819d930eb72852cde3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Sat, 01 Feb 2025 10:57:46 GMT
date: Fri, 02 Feb 2024 10:57:46 GMT
x-content-type-options: nosniff
age: 232582
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18109
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:44:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 38e2cd035594a7193224ccbf4fad213b.svg
s0.2mdn.net/sadbundle/2489025940379087204/images/ Frame B689 3 KB
1 KB 64ms
64ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2489025940379087204/images/38e2cd035594a7193224ccbf4fad213b.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3816defd14e327f4ec663434fb2d95f86a599d0060b111b0465f032a3db90da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Wed, 29 Jan 2025 19:29:45 GMT
date: Tue, 30 Jan 2024 19:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 461063
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1052
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:44:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 4a4a89a511e3c557e9470dc86cd630dc.svg
s0.2mdn.net/sadbundle/2489025940379087204/images/ Frame B689 3 KB
1 KB 58ms
57ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2489025940379087204/images/4a4a89a511e3c557e9470dc86cd630dc.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f11ca81090a5bce6acb554a079840e80405ee855da33aed367d2e9ebb3209dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Tue, 04 Feb 2025 00:00:32 GMT
date: Mon, 05 Feb 2024 00:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12816
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:44:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 a9e71ecec4a763ada736427c13f025e5.svg
s0.2mdn.net/sadbundle/2489025940379087204/images/ Frame B689 170 B
190 B 40ms
40ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2489025940379087204/images/a9e71ecec4a763ada736427c13f025e5.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e047f5f59595215030c40abe18de908fc34088e477a3844491b4e17a70de74c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Wed, 29 Jan 2025 13:13:51 GMT
date: Tue, 30 Jan 2024 13:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 483617
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 160
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:44:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 8189e80d56cc588c9c71dd4964c73ee4.svg
s0.2mdn.net/sadbundle/2489025940379087204/images/ Frame B689 29 KB
7 KB 39ms
39ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2489025940379087204/images/8189e80d56cc588c9c71dd4964c73ee4.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fde8181f0fd193c53c534eb5fed1ed29fe7a496930834c9a8119ea74cb945c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Wed, 29 Jan 2025 19:29:45 GMT
date: Tue, 30 Jan 2024 19:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 461063
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7591
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:44:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 f68e5e7bca87e291529fb26f4062e323.svg
s0.2mdn.net/sadbundle/2489025940379087204/images/ Frame B689 3 KB
1 KB 57ms
56ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2489025940379087204/images/f68e5e7bca87e291529fb26f4062e323.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f62de547c38a73faa9cf610e7ec4a8c8a95fcff5b0fb1b97904d5d95be20fe8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Wed, 29 Jan 2025 19:29:45 GMT
date: Tue, 30 Jan 2024 19:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 461063
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1188
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:44:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 51527a0bda754d19b1de6fc8c291c2b6.svg
s0.2mdn.net/sadbundle/2489025940379087204/images/ Frame B689 4 KB
2 KB 55ms
55ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2489025940379087204/images/51527a0bda754d19b1de6fc8c291c2b6.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7b2b54734106066914320438fe9105730c413a2876426ddf04e3c259d404b05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Wed, 29 Jan 2025 19:29:45 GMT
date: Tue, 30 Jan 2024 19:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 461063
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1598
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:44:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 425b8ba6236740b0cb60926aef48113a.svg
s0.2mdn.net/sadbundle/2489025940379087204/images/ Frame B689 3 KB
1 KB 54ms
53ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2489025940379087204/images/425b8ba6236740b0cb60926aef48113a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06f004482e17cd781019152317a1e9d5a7d8ea0733b25ad2af8ad16429fbac03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Tue, 04 Feb 2025 00:00:32 GMT
date: Mon, 05 Feb 2024 00:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12816
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1280
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:44:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 cfb7527e83685fd84ba2c757ae95728e.svg
s0.2mdn.net/sadbundle/2489025940379087204/images/ Frame B689 144 B
170 B 44ms
43ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2489025940379087204/images/cfb7527e83685fd84ba2c757ae95728e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0841b43610f53c5ab7259c11e0a8935c2c4e749fd0af052bfdd01fdb7f259897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Wed, 29 Jan 2025 19:29:45 GMT
date: Tue, 30 Jan 2024 19:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 461063
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:44:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 be53ac0723efad8ca72eaae4df58884a.svg
s0.2mdn.net/sadbundle/2489025940379087204/images/ Frame B689 274 B
228 B 45ms
44ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2489025940379087204/images/be53ac0723efad8ca72eaae4df58884a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d124b41dad66f4b40e5aaecbc7fbb952b4b7cd38555ffa0cdafa0271d5acf76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2489025940379087204/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Tue, 04 Feb 2025 00:00:32 GMT
date: Mon, 05 Feb 2024 00:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12816
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:44:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 f81cf76d2e8b8cf6d9d4abe4be51714f.png
s0.2mdn.net/sadbundle/7042151913438007344/images/ Frame B3B3 16 KB
16 KB 42ms
41ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7042151913438007344/images/f81cf76d2e8b8cf6d9d4abe4be51714f.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7042151913438007344/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d3191444c8597e509c0ca9844048702d321a529286512a12d5ccbf45c68089f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7042151913438007344/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Thu, 30 Jan 2025 10:40:36 GMT
date: Wed, 31 Jan 2024 10:40:36 GMT
x-content-type-options: nosniff
age: 406412
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16321
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:45:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 4eee7c2e03c70ce4a341a285cbe3a792.svg
s0.2mdn.net/sadbundle/7042151913438007344/images/ Frame B3B3 3 KB
1 KB 65ms
64ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7042151913438007344/images/4eee7c2e03c70ce4a341a285cbe3a792.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7042151913438007344/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7c786a2a7a073fbef868449cdae1a0cfaed09461573ea0800646e60276033b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7042151913438007344/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Tue, 04 Feb 2025 00:50:28 GMT
date: Mon, 05 Feb 2024 00:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9820
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1044
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 32eef64424fce9ca8084cce11d8b3b4a.svg
s0.2mdn.net/sadbundle/7042151913438007344/images/ Frame B3B3 3 KB
1 KB 60ms
59ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7042151913438007344/images/32eef64424fce9ca8084cce11d8b3b4a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7042151913438007344/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a3e46e1ff87b9f01838d375e53a39e1c6383104290ff3e68e289a8e5045219c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7042151913438007344/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Thu, 30 Jan 2025 10:40:36 GMT
date: Wed, 31 Jan 2024 10:40:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 406412
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1208
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 f941dcfdfdeb9e9068d6b590a6cc9273.svg
s0.2mdn.net/sadbundle/7042151913438007344/images/ Frame B3B3 170 B
191 B 40ms
40ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7042151913438007344/images/f941dcfdfdeb9e9068d6b590a6cc9273.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7042151913438007344/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc36bd9cdbd1692cd345114deb91252274098250c23d83d2c2532180da3d964b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7042151913438007344/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Tue, 04 Feb 2025 00:50:28 GMT
date: Mon, 05 Feb 2024 00:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9820
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 161
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 6edcfb1545af6ef8f9ef0401ec9a4fc2.svg
s0.2mdn.net/sadbundle/7042151913438007344/images/ Frame B3B3 29 KB
7 KB 43ms
42ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7042151913438007344/images/6edcfb1545af6ef8f9ef0401ec9a4fc2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7042151913438007344/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

806da15529fd66fda2e849471c9e4ab2f05bcea16a62dc218e60a5b1935e49c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7042151913438007344/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Mon, 03 Feb 2025 16:01:38 GMT
date: Sun, 04 Feb 2024 16:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41550
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7591
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 d4722d8d6e9ff5fc45f612129f569df2.svg
s0.2mdn.net/sadbundle/7042151913438007344/images/ Frame B3B3 4 KB
2 KB 59ms
59ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7042151913438007344/images/d4722d8d6e9ff5fc45f612129f569df2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7042151913438007344/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5747b39683fc71c59e373bba83b1425f3c62472398da141228614a14ff2a5703

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7042151913438007344/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Thu, 30 Jan 2025 10:40:36 GMT
date: Wed, 31 Jan 2024 10:40:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 406412
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1553
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 d52d08749abc945ab0c475e8b2b7f9a3.svg
s0.2mdn.net/sadbundle/7042151913438007344/images/ Frame B3B3 3 KB
1 KB 58ms
57ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7042151913438007344/images/d52d08749abc945ab0c475e8b2b7f9a3.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7042151913438007344/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8e37f53485e559c076077dd5292c9c81e073f6f266668a97c3e2bb1ead24bdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7042151913438007344/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Tue, 04 Feb 2025 00:50:29 GMT
date: Mon, 05 Feb 2024 00:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9819
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1337
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 6d1359b8177a1159609148e87c267089.svg
s0.2mdn.net/sadbundle/7042151913438007344/images/ Frame B3B3 2 KB
1017 B 56ms
56ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7042151913438007344/images/6d1359b8177a1159609148e87c267089.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7042151913438007344/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

404efa75d314e3ee70ef743929d5ee6a69ded116a67e5caf59eff29394f9a418

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7042151913438007344/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Tue, 28 Jan 2025 12:22:56 GMT
date: Mon, 29 Jan 2024 12:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 573072
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 987
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 cfb7527e83685fd84ba2c757ae95728e.svg
s0.2mdn.net/sadbundle/7042151913438007344/images/ Frame B3B3 144 B
170 B 48ms
48ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7042151913438007344/images/cfb7527e83685fd84ba2c757ae95728e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7042151913438007344/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0841b43610f53c5ab7259c11e0a8935c2c4e749fd0af052bfdd01fdb7f259897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7042151913438007344/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Thu, 30 Jan 2025 10:40:36 GMT
date: Wed, 31 Jan 2024 10:40:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 406412
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 b800c2182f4a7d136b019f600563295b.svg
s0.2mdn.net/sadbundle/7042151913438007344/images/ Frame B3B3 274 B
228 B 47ms
46ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7042151913438007344/images/b800c2182f4a7d136b019f600563295b.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7042151913438007344/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4a4c2641a9214d4f262d9d53bce3f56e43c41a8b70cc152a206b422c6169737

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7042151913438007344/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Tue, 28 Jan 2025 12:22:56 GMT
date: Mon, 29 Jan 2024 12:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 573072
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 12:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 rtb Show response
rtb.ads.travelaudience.com/ Frame 2584 7 KB
4 KB 121ms
29ms Document
text/html 35.187.184.108
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.ads.travelaudience.com/rtb?ads=30000051.2.0.70019759.0.0..0.NL.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015306.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpYXfL1fAZaX3KtD7nsEP-eWfwAzKkbX7ctPipc7RCsCNtwEQASAAYJEEggEXY2EtcHViLTk0NDIwMDAyOTA5MDczNjHIAQmpAkTCD6pwGbI-qAMByAMCqgS5AU_Q_RLBlFzj63NMOnhJkNEwIFQgvmNL0nNvvEMAkVUSpd5cR_TwVm48sf0gRPpTIY_u40uCOnkBACNR_VL2tMESfdEUPuObZEkJub3t3OjT6WWBl6cmWx4mywfTZAwBeOmWVAKIdfGUjQCqDjVwwfWEHZbXvmE8WglJXxnHWygp-pgKjRHkpAygwgQuGCv_vmo9HRPa0_5OiS4b6JLQFOBTfDtCvS9nho70P0e_mHzP534YjBBMaXGEgAbsp-mslJnIjWagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggjCIDhgBAQATICqgI6CIBAgICEgIAESL39wTpY84XukqKThAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3R7qM6TPlrmjXGxqvJCocTJn5UZQ%26client%3Dca-pub-9442000290907361%26adurl%3D&googlewinningprice=ZcBXLwAKu6UCJ73QAAfy-SwCeTPO5n0Bud2tYA&wpc=EUR&site=ourtesco.info&slotvisibility=1&gcpm=939479&gpos=1&bidder=bidder-rtb-production-54f649885b-j26w4&dv=3&uuid=&suid=&brq=Frv2DCMiJLfQLbqOQXGSNr10QS7dlvoxjHeXgw&ssp_id=0&l=en&ts=1707104047&uc=NL&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=rPEVLRXrRLq7PSkSHin99Rzk47SIAmm8Sg4q8wmVrxk=

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.187.184.108 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

108.184.187.35.bc.googleusercontent.com

Software

Resource Hash

6437e7f6ed7c19fc133d88b715f1a6ab3818062e0fa249142db621b5b95da593

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 05 Feb 2024 03:34:08 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-engine-version: 0.0.0
x-host: deliveryengine-rtb-production-7df55568f9-hkg5c

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame C6C5 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sun, 04 Feb 2024 16:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 16:40:40 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame C6C5 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sun, 04 Feb 2024 16:28:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 16:28:58 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6C5 205 KB
65 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Feb 2024 03:34:08 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/ Frame 7950 23 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sun, 04 Feb 2024 16:28:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 16:28:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7950 10 KB
934 B 29ms
27ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d1dfe664e40212b463e2754344e0ec023d19985855c9828f6110546cb9f8129

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Feb 2024 03:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 01:50:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Feb 2024 03:34:08 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 7950 15 KB
3 KB 109ms
19ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Tue, 30 Jan 2024 19:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462374
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 19:07:54 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 7950 378 KB
132 KB 110ms
20ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Tue, 30 Jan 2024 18:50:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 463445
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134582
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 18:50:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 7950 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sun, 04 Feb 2024 16:28:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 16:28:58 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 380 B
591 B 119ms
63ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ourtesco.info&client=partner-pub-9442000290907361&product=SAS&callback=__sasCookie

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/async-ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da799b6883b20161c00c08ee9208a312b5cb73a250a6e30138e0f6d0c4ea202a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 240
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame EEFA 0
0 55ms
55ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstITwY5aI1DnQg95Ao2ftrGpjrbfoqmIwJ-OTnEgc4pHsbM2KbIAi573_A9fPbwECJmH2saNOvVrFsmRbJK7vWAUfq5CmoP9a-JFgeDPGm20vibRQzqJN6DYYOwc6pNnvuEZAiQWnLPmIuSgQvUHC8NEV9VMmeLhMvmhS9jwTxzQsAmFm-VE_TcHcTOSle7mpYts2mIShBzlbhI8Pgw3QJDFxlcSqJAvLmv4IxpmRFmgnyahDh0LKUhbkOo-yLVJJXY3FbvQ3Gtj3TFBnzplfFJqINYSEIxmII_d8eqJB7hs4LNW-9j7xYrSE96uXeMwhUcSSvhwbVcqxqGDEqObUx8MkVElshsFeUfmK8l9y1sjbzgMGyXR0-DWkxDpEYcTDYNeGyE21wNy3lvGIQ8-FmLyr6-aQNpDIdMh7zOST0R2idmZhC_8CHbuo1SviAwSV5__BK9KbPlJZlw2gELg6MZIW0DbicNW4YYMkYlsT_UKXkkvsBvzdh1Y2J76VtNuZjrqoQuzkf5yEJRKv1x-uE40egZ4rQpvXEZQhykGzJm2jj3gPG5C6votQVNZ4Es0svw1VVSXy-WEegDOUZBBziTF2j2caBXCP7Y1ufT8mLgOcUJvczyZ-PsS5CEBmO1LhY7OX8fRZdKxrn0QpiGLUi5o8DJrLg2p2JgbJI1E6vj639c0h9r9_N2LcsNP0HSeBKK7JL36GXPj0HkXAu2N2zzImSAFvmxKAXk9fmpqY3gGRGhX4kkAu6POKtVNZApT0NWc9D04zNRnnTqwidA3dvFxVEwwVw6p1VUewN6d1htFSfVcQ4vFMJ-Lh0952qqmkqy-Fb7WkWuWf8jzJ-QHhCgV47bccN4Msi6y3MOwM2_3qodf6xyLdu7_WsInSdADVjzr8N0yIv1xQGlG-h_q1zmgwYSUzWfCQsdcvt4fuy9Hn0tx9GNWE9qgDqFTo7t7jj4BIqvAhmoZZ9DlpTu0B1sNFiTIhB4UXEPWMce2hbLTRikbllYv2vPrCU8xVFrYcJcaBYD-2CLKg2RFA30xVwWpnIzVghywyLvZ-LsgF6oys8ZWP3Vsq6LjPo96ByWIgBdAsf-ogulqFeMAUlWN29BmGomqWL47utiQk0VDqrwXT_wX3ajqCj6uQEcmnl0ggzt8zjg8KHsIqb_ePMB1hvCekSQTb1Oajy83LrvwIT-H6bh5_5J31Un-LdtlYE8FdLS2xwYnaaoTuSwuvCAFO0wUs63x2l8iijDfIDTymjmmbsRPojFG3eWXW_u--hoc1BGIwllgIEtJfpt11Qjq2jN5Y5tBg5nWnBhgWS5jwGR0cPSMR_jRSXk&sai=AMfl-YSO9og_6gB99biXxTN_zbG4Gk1SGyOhPxDylepd8YXY1s32vE4vvumNHOeMkpLUXE0gsgKRDFB8Nnfpv_6HiLfuGMgznK0fsRdRRIi3OzaepYld6i-VuZDvKan4-OtDCafUv63mNALurSQhIIs0T47p-ESzcimD3iyUmL_zkhtomgqqt-t_33xuUfvF4CBtpkG4eI0iYA56Zd4fCzQOTL_z6LvTThBZ-oN0e9g3sUjmqHwiD6MRTiM562qjKzPDOTzb6XMBmV5sN3gr8q9Z6-pevZOmyCU-H558HcofWZTaG7L8Id8HOL-AnGqrkJR0-sIZzcF5xf0-t7ZngzbKWMimXFxFreKu0L5rIopaORoGHOHk29BCsuDc2ew6DAQmmuGIS8FdNVUgLnhGUQJrlJZC70a2hjOnmQLHslanX0N1G4I4_0ONBwsl3qpGvQMqzkCVfft397xpng8jPQESdTkqJzrhygvH1RsKL4vPnOWRxbakt-2hbPo&sig=Cg0ArKJSzFesAhKLZJzdEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=446&vt=11&dtpt=202&dett=3&cstd=242&cisv=r20240131.26933&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2A49 0
0 55ms
55ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvAPhc9KeKBmzg21SPIjhJAQUN3BnwGy03NkpbjnTx9IiH9VMkZ0KT8AsfRGoq0BxWqTCQtT5tOXbKfdm8BFhXpr17HI3DiRYFwpecc32JaIz_3NXJwk4O_KODKame6vbbTKF2oK7GWSVV32cK3bpef6pHf3Dk2EwHJDF4ApUESJc2-0LLkzE3eQ8oY6Mrz142HYvmKb5eCNjU6roxTb7uJ4uv1lXbDC3E7UtQ_baFyXbbflfVkrJpuWUZsPnt5V8QPLh8l-KlSBOC_ANX2dhFWMdn8RsPgTTiZrI6QoW0ieJDKi36mRePRm09hsjMmNdzdM_OmqPZrDYMuyHvu3a_1EOWqIqmCP825K_hrf4ECF19sYUyyS52aPk1xDiT-q_jTe9aegI5HOszc06SHLodVj--Tqmm_DafMCi39Rnml-rRtmWsSXef_K2W-XIBusksv7y1QNSoqs4Jh3VCXG9YV9a76we4Jgg8D_kvXOMd2XTihJ5_Y6d1JB2kxmpSGe1QXeRmKdzdc3DautZw5wJnPjFDtc8Ax6SAkplBLMr5-k-TppNgSXcVimBNQWgbDp3p26PKWCGUGXtM35PKOBaFSu4z5Ti2UJ-Sry2Twq9TD57uvw_QRz_HspMjk_fNTIM2V0x1I5s2pW3oAE0M89VHkDasm8dlGfD0gcIf-2JXoT5S8b9eQ8Y2a7ESFVdqkmS1-9VVvZ-DewkiNoBXHwD6aulTp27C38RyPjnoEjGP2YVvPFwC7mCq9rSOiuAaH4JOaeGVrvgBt3zlsM6WFxLOcuSPV8irLV4EnNj8XAj5_GqoVqDH2Unr_GGgxGtJiJfmh_3WK-WJN3xfYVxo6MwarqspjTLMrHNQvEm341M4gpiQSXiSiy36XTxPcZqnrd3zCTyMRYONb15TvY3Wz2deAPZjN3p7Dwj5VMd6XRtsWypRgdP67Vjvh3h0Rn-X9UuKAnLytqPUHbueczvUmBdk7zPenJEH6h3zGkKmuJtLkl_AIrG_jcDBdXhVrCWgzVv7mkY_mk7pv9sYZ4_TbdljTaLIHCgLs0lKIg_-S_VnB_fMOz_Rf0AtlxnDr-CFvZRVcThB3b1Rc5YMGxVDsocKvHb8-U6wsYigIqJNXLkwTZryW1K7JM4DDPGnepJ22hYD8wwMrzvCuV7CkZwDwoaiF8TahVlTZ-G3StytsveEX0RcVFAtpSfdQqeZiigh2LzC25kJM4WPx8uqMpLFjJR18Fzen4af36dXQDpGDvPPxKJP67eGiIT1oWYhomI3xtelQ5JejFubjH9FpIVvp44qynRMBU4uxa-FPEezjoICbpkDGTdWj-lUxxzKD&sai=AMfl-YSNl7U0yG_wp8FvwGaqDqn7CNN2MsFfKQmPnnDTNaY8lK1qdha2ZJAIx4QDlTeBGIVBSVLBhnvzkiQ9ijbYsFdHewwXoMfpJQOk8XlRD118e_25KEdXafwnXwMwoyFaDA6PerFvJHo0Jx1fibwv1AeOY6PzL_c7H2k7DgDKUbXKk_BHAyaWAOkiKvr4AejgHPtU3L9IEpxGaQiLlsBYe0VGAO6WDnYzmL1eCxV5Aj5bMhp92LUZ8TAAR2Ve5143lOPNFaX5lfFUg-ROyN8VK5HH7U10DsF4zkubSNDGzit_LkIQ5kBpVaZNPAFSHRZ5wT2oW2ZLaW1s7sQ5wkib7AGYdJgNUf69d5MdweK1NErTNvODvQdo6RfCY1uhZzAuqwgAYKM2_-DUCvUbvwRDz22RPYN85VX2U78biPUXyuaB1gLBoZbUgqXf-yW3Uu-QFnQf-4h3omb0gAn05i6Ggv5ragaBND2JoNzLziTcVDig_p1fQqxXg44&sig=Cg0ArKJSzN0ZElgDJij1EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=358&vt=11&dtpt=159&dett=3&cstd=199&cisv=r20240131.12684&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F51 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BvcDsL1fAZeCfK4KqnsEP38-SmA0AAAAAOAHgBAI&bg=!1dal1pnNAAa8BdJLnAU7ADQBe5WfODePDWyZxgSX98GkjSCHOkDsl7XmmQP5sF9yWSGz5rKvSr1TDk9qQAttIyGGYmf_AgAAAGNSAAAAAWgBBwoAWSTZh831gIqpiWvCYJiYoxFzGBWi3t3K1GfnorJPFWQDpHyjEU_qKkQ1v_H-GilDBe7EErcSpJt5cJ03IccvVuPKVSsVqVfrgI9MnabqFk4J1R4LxEJaZXO1mQL6oamkI0uydyHtBTGsrViUt0x34lNXkRLGtkHJiqODSGDWHlkK0lH3Kvwpzsz6SXczS2dXNUjyf_vrSP0UwQGZs0fLlL65iMPX9UcmTRS7Q0JygNGUVYYWrpyRlWOp0-ch2Ryvu1aBEzbhbgsMEJAOzfCEXZd3mjkN7VEhjuQN6iuJ7EU0s7I17mmKzZg9xr9wSM36l14g0KGNA--X6AhRUCxkLON8H7TLHShhtOjOcWEd2hFOW6UuOvnSvq-vGL2ikTmVwCH1MZYaSl4K9ckdJlduaBm2Yc3Gct5Pwo8oxiimO2Kinurc9w5Z5XrwnwbDDUrc0HeLEOUguzY755cJzRpQzRFEbk-_9ArIw1_n9HSipGtsOak8YwyU_V4FrY7JjwdXXYx96cfX1CY5EDxQCi50jFFOeshCqnKt3xoKHmOSuNiaC9M1UHkg6rCy3BvebFquVxBQiFUz7G6FrD4GavTgTg6juoes9iKhLw3bwijBPuLtUoqJGWcJXWodM5rjG2-3axlKPYTcoiodN28WXZQlfzFnAnLVWWmu4Mxj0zyNi3SeZNFCgIT4wxgPIcozD3gDxSXuyZ4kqNMIJqMoDbjr7I_Ncd6bcLz6fl6k_M3kDqNe35356DDcKVCr5wkC5btOPvjRhIXsThM5dMlE_8njnlaB6pHcnKqkZaM_zqGS8Dorpoi46Q9QqfKbL9EzQ22LW0jItHmKH8LDaqtqfjaIaVk9AjpYFvCo33VpmGANBDLN-iE9XiBdxng_0jZv1gDxYDKtsUdTOIcDoDfxBcJVNOHnNq-A4KSyDFrpeY5GrWwCVNZlN7XcPeq4Ew2nqhi-LNgL_dpz0KKQ9dqvgRKhr6vlAXeLXTwyzTmwZpHidZU4v0Tnpk6NVJT8TFtvlHkaaOl9PgTHprkA0Hp0p_wz7gKbCCv8iLYSHmEH82BrVzLcoyZxBblC5qataxD50nFhDs9PD3QcXeDfNB_ygjSKU50A4H1l2PgHaKSI8cV2yT3kVXMJMHsQ

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5215 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B_2ygL1fAZY3TK-annsEPtuydyAMAAAAAOAHgBAI&bg=!EBOlE1zNAAa8BdJLnAU7ADQBe5WfOCQkgRbwsjg8HUSvtJt1KOWH4fUuXAhGGmMpt41hcNAi83Ok5vtqXnSmvZ8DQbyiAgAAAHZSAAAAAWgBB5kC5JOgQTG9IMUES0Vl0Ywcz71aDx3ZrjRPQugLUbdDl8ej5EEBbXkspfpGPJZs0eSBS__hgdm-Ydaw0m5KJjteEbhiSFiVrURF3jyQ2kIEqUjRvMmNpBHPKOaeuvLuI1qMyhjeyicY2Giae5zPyy4ekf3e4zTCn9RyyUFZy9ja1XrfmbO-3cPpf_WOUBVXkdmVkuT-quAmbTZKGCEfumQtowD-yOV5XJQeuQUq_i13kWbN2FaAgUkQVkb6RETW7oXlw_-pozmi5C8lqiQUddixV6KZVVBZx5edW8VrtqKL0tTHLb6KlWjrQvgo2DvDD0yNk4yU4nFWjuA3ql2evAk6NS-mMjOoCwuKEXxuLeBMaAFxTT2xCEIK_ssvfEfk48pFH_8vpWlMj-w1C3aNaDnuaVIBmwjOktuOSlAPe1UAMtIoF-oqx49NDCVvdciA_0mMeFCGJ_-YSqZwb6T-SwRZ3shRDX3946kV_PEVBRC00QMKJJ0apoxCB5M_SMd5KqTP-Wdad2c-eyg7iS8crXJN0oAToInfKnOyhfsnCWBsIfchWXETVSI6KxoZM7FyLoyon_BYe9wciM8OuredCh6aTtmZdmg5mf6vfEfj3Fdgr3qHn_dkARzi_MS_0EpruaUGHi5yoSM3UStYPoRAqvCBrTyEbv8Qbgb6RDSJWPISyG7_3-sY9tyHQp8XTfrJ09AGHGp42Eq3oOZ3sF5CdgSFITxFaUGDomSsdYI7asGrHOr6mpTKJv5FBoHueaa6cizM36b7Z3YsCr8oo2Z0kD8FNX9b8auuOBEDJ2vN5mL8kjDtg77GTvlQV51KB58RSJZEx05isxN-4S_TxCH_Gmt8ECY5ZlJTeMV5F6yPq1YBrR_2uCn7d6UBQlimW4qeSaKvzl0-HpNt4Fgop4lj6lKdq5-km2HzYoW5v1jpI96UGwkaT8Y4HEXWujN_jdQHMW7nNE7j6syBaP5_s8G1C9h3IWzvLT01

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 el.ashx
ads.travelaudience.com/ Frame 2584 631 B
674 B 67ms
26ms Image
image/jpeg 35.190.0.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.travelaudience.com/el.ashx?__trackerRequestId=0.6583272844068869&adPos=&ai1=1%3B30000051%3B2%3B1%3B%3B%3B0%3B-1%3B%3B%3B%3B7sOMk32o1KNqb38Y2MsA0w%3D%3D%3B60015306%3B999%252c1%3B%3B%3B2%3B4%3B50000648%3B7sOMk32o1KNqb38Y2MsA0w%3D%3D%3BEUR%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B70019759%3BFrv2DCMiJLfQLbqOQXGSNr10QS7dlvoxjHeXgw%3BEUR%3B2%3B%3B%3B%3B%3B0%3B%3B&aid=&an=&ask=&at=1&bc=1&bd=bidder-rtb-production-54f649885b-j26w4&bnr=0&brq=Frv2DCMiJLfQLbqOQXGSNr10QS7dlvoxjHeXgw&di=&did=-1&dnt=&dv=3&ed=&ev=ic&fm=160x600&gcpm=939479&gctr=&ia=0&id5Decr=&id5Encr=&id5PID=&id5Src=&iid=&ilt=&ir=0&ld=&mai=&mat=1&mid=&na=&no=&oo=&pb=90000&pos_old=&rg=1&rts=&salt=18&sc=&site=ourtesco.info&ssp=0&sv=1&tsf=&ua=&uc=NL&ucy=&uuid=B325F88C-4304-4381-83FD-0718C026B0D6&view=&vrt=&vw=&wp=ZcBXLwAKu6UCJ73QAAfy-SwCeTPO5n0Bud2tYA
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000051.2.0.70019759.0.0..0.NL.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015306.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpYXfL1fAZaX3KtD7nsEP-eWfwAzKkbX7ctPipc7RCsCNtwEQASAAYJEEggEXY2EtcHViLTk0NDIwMDAyOTA5MDczNjHIAQmpAkTCD6pwGbI-qAMByAMCqgS5AU_Q_RLBlFzj63NMOnhJkNEwIFQgvmNL0nNvvEMAkVUSpd5cR_TwVm48sf0gRPpTIY_u40uCOnkBACNR_VL2tMESfdEUPuObZEkJub3t3OjT6WWBl6cmWx4mywfTZAwBeOmWVAKIdfGUjQCqDjVwwfWEHZbXvmE8WglJXxnHWygp-pgKjRHkpAygwgQuGCv_vmo9HRPa0_5OiS4b6JLQFOBTfDtCvS9nho70P0e_mHzP534YjBBMaXGEgAbsp-mslJnIjWagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggjCIDhgBAQATICqgI6CIBAgICEgIAESL39wTpY84XukqKThAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3R7qM6TPlrmjXGxqvJCocTJn5UZQ%26client%3Dca-pub-9442000290907361%26adurl%3D&googlewinningprice=ZcBXLwAKu6UCJ73QAAfy-SwCeTPO5n0Bud2tYA&wpc=EUR&site=ourtesco.info&slotvisibility=1&gcpm=939479&gpos=1&bidder=bidder-rtb-production-54f649885b-j26w4&dv=3&uuid=&suid=&brq=Frv2DCMiJLfQLbqOQXGSNr10QS7dlvoxjHeXgw&ssp_id=0&l=en&ts=1707104047&uc=NL&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=rPEVLRXrRLq7PSkSHin99Rzk47SIAmm8Sg4q8wmVrxk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: 25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:08 GMT
content-encoding: gzip
x-engine-version: 0.0.0
via: 1.1 google
server: nginx/1.21.6
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
content-type: image/jpeg
x-host: tde-deliveryengine-production-676d5d7c4d-n4bg4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 160x600_Dubai_Adventure_DU.gif
static.travelaudience.com/img/import/Dubai_DMO/Adventure/DU/ Frame 2584 173 KB
174 KB 58ms
17ms Image
image/gif 35.244.170.237
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.travelaudience.com/img/import/Dubai_DMO/Adventure/DU/160x600_Dubai_Adventure_DU.gif
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000051.2.0.70019759.0.0..0.NL.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015306.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpYXfL1fAZaX3KtD7nsEP-eWfwAzKkbX7ctPipc7RCsCNtwEQASAAYJEEggEXY2EtcHViLTk0NDIwMDAyOTA5MDczNjHIAQmpAkTCD6pwGbI-qAMByAMCqgS5AU_Q_RLBlFzj63NMOnhJkNEwIFQgvmNL0nNvvEMAkVUSpd5cR_TwVm48sf0gRPpTIY_u40uCOnkBACNR_VL2tMESfdEUPuObZEkJub3t3OjT6WWBl6cmWx4mywfTZAwBeOmWVAKIdfGUjQCqDjVwwfWEHZbXvmE8WglJXxnHWygp-pgKjRHkpAygwgQuGCv_vmo9HRPa0_5OiS4b6JLQFOBTfDtCvS9nho70P0e_mHzP534YjBBMaXGEgAbsp-mslJnIjWagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggjCIDhgBAQATICqgI6CIBAgICEgIAESL39wTpY84XukqKThAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3R7qM6TPlrmjXGxqvJCocTJn5UZQ%26client%3Dca-pub-9442000290907361%26adurl%3D&googlewinningprice=ZcBXLwAKu6UCJ73QAAfy-SwCeTPO5n0Bud2tYA&wpc=EUR&site=ourtesco.info&slotvisibility=1&gcpm=939479&gpos=1&bidder=bidder-rtb-production-54f649885b-j26w4&dv=3&uuid=&suid=&brq=Frv2DCMiJLfQLbqOQXGSNr10QS7dlvoxjHeXgw&ssp_id=0&l=en&ts=1707104047&uc=NL&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=rPEVLRXrRLq7PSkSHin99Rzk47SIAmm8Sg4q8wmVrxk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.170.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 237.170.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7e343d2efe18c711882f9f458ec30caaf07b556286fcdc32516a2ba3da5e8607

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:14:59 GMT
age: 1149
x-guploader-uploadid: ABPtcPoPTGOXZ1JtHq3EWhl1f7jMDQhRLDjBAQjYKj3vKmsjHpEQUeaYPLQV4gaDA9YPT9HEfxg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177499
last-modified: Wed, 17 Jan 2024 09:07:17 GMT
server: UploadServer
etag: "195757d4d64abc6b75d0fc56ab0481da"
vary: Origin
x-goog-generation: 1705482437272168
x-goog-hash: crc32c=2BpBeg==, md5=GVdX1NZKvGt10PxWqwSB2g==
content-type: image/gif
cache-control: public, max-age=3600
x-goog-stored-content-length: 177499
accept-ranges: bytes
expires: Mon, 05 Feb 2024 04:14:59 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/travel198849194933/ Frame 2584 334 KB
113 KB 82ms
21ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/travel198849194933/moatad.js
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000051.2.0.70019759.0.0..0.NL.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015306.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpYXfL1fAZaX3KtD7nsEP-eWfwAzKkbX7ctPipc7RCsCNtwEQASAAYJEEggEXY2EtcHViLTk0NDIwMDAyOTA5MDczNjHIAQmpAkTCD6pwGbI-qAMByAMCqgS5AU_Q_RLBlFzj63NMOnhJkNEwIFQgvmNL0nNvvEMAkVUSpd5cR_TwVm48sf0gRPpTIY_u40uCOnkBACNR_VL2tMESfdEUPuObZEkJub3t3OjT6WWBl6cmWx4mywfTZAwBeOmWVAKIdfGUjQCqDjVwwfWEHZbXvmE8WglJXxnHWygp-pgKjRHkpAygwgQuGCv_vmo9HRPa0_5OiS4b6JLQFOBTfDtCvS9nho70P0e_mHzP534YjBBMaXGEgAbsp-mslJnIjWagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggjCIDhgBAQATICqgI6CIBAgICEgIAESL39wTpY84XukqKThAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3R7qM6TPlrmjXGxqvJCocTJn5UZQ%26client%3Dca-pub-9442000290907361%26adurl%3D&googlewinningprice=ZcBXLwAKu6UCJ73QAAfy-SwCeTPO5n0Bud2tYA&wpc=EUR&site=ourtesco.info&slotvisibility=1&gcpm=939479&gpos=1&bidder=bidder-rtb-production-54f649885b-j26w4&dv=3&uuid=&suid=&brq=Frv2DCMiJLfQLbqOQXGSNr10QS7dlvoxjHeXgw&ssp_id=0&l=en&ts=1707104047&uc=NL&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=rPEVLRXrRLq7PSkSHin99Rzk47SIAmm8Sg4q8wmVrxk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8ad699b94dcb8ac5c24ab5f4e6bfaa6fa8ddd26d90ff42fc3e395a8310684512

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:08 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 10:56:36 GMT
server: AmazonS3
x-amz-request-id: 5ADD2SR6FVQW52ZN
etag: "37dd62b52cf0e911ad78369a74658368"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=50421
accept-ranges: bytes
content-length: 115629
x-amz-id-2: pDgLJ/GC6iJcEq1w9HPnL5hxp5Yl0hMIxYlTeVWDpPG0k8FmTDjsCf81esmNtOs4aNdcYCs9Jaw=

GET
H2 200 creative.js Show response
ads.travelaudience.com/js/ Frame 2584 56 KB
20 KB 59ms
20ms Script
application/javascript 35.190.0.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.travelaudience.com/js/creative.js?version=0.0.0
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000051.2.0.70019759.0.0..0.NL.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015306.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpYXfL1fAZaX3KtD7nsEP-eWfwAzKkbX7ctPipc7RCsCNtwEQASAAYJEEggEXY2EtcHViLTk0NDIwMDAyOTA5MDczNjHIAQmpAkTCD6pwGbI-qAMByAMCqgS5AU_Q_RLBlFzj63NMOnhJkNEwIFQgvmNL0nNvvEMAkVUSpd5cR_TwVm48sf0gRPpTIY_u40uCOnkBACNR_VL2tMESfdEUPuObZEkJub3t3OjT6WWBl6cmWx4mywfTZAwBeOmWVAKIdfGUjQCqDjVwwfWEHZbXvmE8WglJXxnHWygp-pgKjRHkpAygwgQuGCv_vmo9HRPa0_5OiS4b6JLQFOBTfDtCvS9nho70P0e_mHzP534YjBBMaXGEgAbsp-mslJnIjWagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggjCIDhgBAQATICqgI6CIBAgICEgIAESL39wTpY84XukqKThAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3R7qM6TPlrmjXGxqvJCocTJn5UZQ%26client%3Dca-pub-9442000290907361%26adurl%3D&googlewinningprice=ZcBXLwAKu6UCJ73QAAfy-SwCeTPO5n0Bud2tYA&wpc=EUR&site=ourtesco.info&slotvisibility=1&gcpm=939479&gpos=1&bidder=bidder-rtb-production-54f649885b-j26w4&dv=3&uuid=&suid=&brq=Frv2DCMiJLfQLbqOQXGSNr10QS7dlvoxjHeXgw&ssp_id=0&l=en&ts=1707104047&uc=NL&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=rPEVLRXrRLq7PSkSHin99Rzk47SIAmm8Sg4q8wmVrxk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: 8ee937ac0792d4568fbbbeabba37fd92c9d601cd2a6b864216ffe15d4b1eabec

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: public
date: Mon, 05 Feb 2024 03:34:08 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 02 Feb 2024 07:23:18 GMT
server: nginx/1.21.6
etag: W/"65bc9866-e1b5"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=86400, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Feb 2024 03:34:08 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7950 0
234 B 77ms
20ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ls8do9zs&c=4585659002692&slotId=2292829501346&qqid=COfK7pKik4QDFdC9JwId-fIHyA&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7950 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cmm7lL1fAZaf3KtD7nsEP-eWfwAzZhsKFdf3wiN2JEufB9P0IEAEgjJ7uYGCRBMgBBakCRMIPqnAZsj6oAwHIA5uEgIAEqgT3AU_QMG-_St3rjD4K012gTuWnp7Uopd48KtdZfPzAweNyryZTQ8iLKnTZszvDFSKqP1xe-iunSo5hosCkfVMjuOVLNeDnIBt9y5nuNFCZafmBsILYjhF2MwkKXU6vm2a4_bI1HAw1MuYhFmDrOrF7syhMdXZycmZXWr10QX7TaFK6BFmAKPexLbJ00A08YIERtG7fWwZw8PaGw17ANpS1YQCcLU3k3PaZGVRv2U6flz6Gg6BQlXpbsk8dhN5TSuQiUwAR9uCBFbt5kJL_zMaBFi98mOScV_XNxcXWKt9bPR0Fm2z6np90S6LVf90pVLQfEJcr426gibLABJWKiLnCBOAEA4gFq7mM4U2QBgGgBnbYBgKAB5CD8dEDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAKAI4BOwCALSCCUIgOGAEBABGB8yAqoCOgiAQICAhICABEi9_cE6WPOF7pKik4QDgAoByAsB4AsBgAwBqg0CTkywE820jBbIE5CdnuQD2BMKghQPGg1vdXJ0ZXNjby5pbmZviBQC2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1707104048543&ai=Cmm7lL1fAZaf3KtD7nsEP-eWfwAzZhsKFdf3wiN2JEufB9P0IEAEgjJ7uYGCRBMgBBakCRMIPqnAZsj6oAwHIA5uEgIAEqgT3AU_QMG-_St3rjD4K012gTuWnp7Uopd48KtdZfPzAweNyryZTQ8iLKnTZszvDFSKqP1xe-iunSo5hosCkfVMjuOVLNeDnIBt9y5nuNFCZafmBsILYjhF2MwkKXU6vm2a4_bI1HAw1MuYhFmDrOrF7syhMdXZycmZXWr10QX7TaFK6BFmAKPexLbJ00A08YIERtG7fWwZw8PaGw17ANpS1YQCcLU3k3PaZGVRv2U6flz6Gg6BQlXpbsk8dhN5TSuQiUwAR9uCBFbt5kJL_zMaBFi98mOScV_XNxcXWKt9bPR0Fm2z6np90S6LVf90pVLQfEJcr426gibLABJWKiLnCBOAEA4gFq7mM4U2QBgGgBnbYBgKAB5CD8dEDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAKAI4BOwCALSCCUIgOGAEBABGB8yAqoCOgiAQICAhICABEi9_cE6WPOF7pKik4QDgAoByAsB4AsBgAwBqg0CTkywE820jBbIE5CdnuQD2BMKghQPGg1vdXJ0ZXNjby5pbmZviBQC2BQB0BUB-BYBgBcB6BcF

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7950 0
54 B 68ms
21ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ls8do9zz&c=4585659002692&slotId=2292829501346&qqid=COfK7pKik4QDFdC9JwId-fIHyA&fb=outstream-lima&ulv=1&cll=1&met.4=arp_a_s.og&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 7950 31 KB
18 KB 97ms
44ms XHR
text/xml 64.233.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CHog9MHQbX86c1de1futC5DAg3jr3rTyc1ZfFwRmxb-QY42ij5w6d_Teji7GW5SpqbQ_BNkXy_q83W1q_OceyOcZDiTw&cry=1&dbm_d=AKAmf-CVz2DO67L08Kb3iB7WVEiWr7Y5ZTjPb2i5EkZG3GyqgoDaSiChiD2SgfhM0xdcFc0s_2Ns-k-GwWqxM6GxxcZhdAE-5MrHMyWLKZan6hhAt2HDijUmb-OrhTvvhdZVu4HY83mSoNMvlK44cYYuc9MqH3lDOG2NSDRamcRtU_wXr8C49dIXExkZP6UbFVhcnnLa2FAxVjYNbOdNp_SxDXeI0zdYkZ1_O6avshADzcfXjNMS_P_yB3zj8y2QZHw_PJzSsE9QRVjLVkprop57psL76_6jAWBVaE8dQqkyagxRt-cV1ZIIREFlSQFE0YGaQwfu9GNB4sHWPlvPWdxzF85NoWul8El8eOF7cRNYWHXWywZlhUoVO8kAwTPx3-ukBt9fdn-X9331OIvw8-IbmZGizzUIxoMTEqpD-5rPwip9tkakbeejWF6AhAmJU8OGFSFm85olFgeowsBLTP_YDeMA9S1gooWUQCMBBqCXXzVWdVD9_csPsh-sWy0cR1ca7apqwi0sIYGuW7Ux59ODn599gqNF5DK1Ba3sZ-hIP2d6TsNPzH2c_JudJl1y-I_KwjfS7bF_5BM3NyjHWz40I8k5ONw51yTUWq1LLYtYhtLgJ7jqanICEQTy8aeviHWfDhnFZvU_TDtvO3vOEJ0j4_Ja-iH5nK3unicvlaW6fIJ4SSOEwdRDYGhjisZsuUO23NZLCOWHDQwzP7OotaYWTgQZHktnim7MUDWXjx31KKCrVFwCz-md7uBnZ3khYVGSwnmf6WEq6Iu5TYtLfHC8laX5MICWcZ4bK0Z1hMvtwc-HJfkJ-qvydGyDyJexqOgaGe1PkowGDT-Lwtv7KoEk6eLJIa7FKLbc0hOOBuZvQm2lOpqnLsQsYQ4FqtrAIT9FWYO-vSpp11GuUFNDO-ice62oXMCo2V_nEehAmWIPgVSFo5YKcUmyX68WO4Np4u4JgJX0D7GmZqMBIOgj5eJxsSrcBRNnwQibo-F0Dyaf6NmxJpbiZyPHcSnUJSdEs1egkE8aj-5_0MAmFtfEyM02xOF5Ub2y1V1lh52dIs6sfJBQk2lO_p9GudzQpeYcOWnZ6fZQ5Q8QIosaI3xD4k9Q347usBCFX5WiHjjaagooF-ziDRKbrL0m2wDoPQpdWG7_w9r3qPEcSHfir7dAln4TmfvXge2ulJLYXRHJEnvgYUTRG5WISnAEc0mxLgE9nVlWpywtLhscMULTsE-RARlmU7gtwkuzYurr7RgBK1mgWXfAMc6fxXtDBlbQWRR-sGldXxut_zkUryCcgOAm58TiIewmQf0Oz-R2cYeMB_dIY8eQH98d9AG5sPvvt-miwgp-X5M-DdmVz9KqiLl1NKwVd5Zkhz6Mq39vgznkpRHXNLlUlL_KPgv-F_y3L6lpCKb4iWmpYHnJFgx7vtuchuMlMKfo_o-qZVWQrJwKuTvOP_7ElXbOXUJwad0YnJgrueM2Oj5Sor4ixP_8RdKMMbrCDze9lTfTPe8bify1aiQIAK6p1cxmoDD8fybpB2SnIgAssBk7xCiIQ0PeMekjpqQHY3kdweHxT_Nq8gOBBTaGhfhtEJ1FvN6x0OIyP2QXYZ0MYHGleOMTMcaWfftAOgCjev7PEk4T_VlNCFDeS8rMPF3R0OITIMPC5D3DO6sjQcnjRQtPwBD-thGZeIljOg9ZBKwEOQA_W571CP1gBA2ts0uWyyHDcTVi4VmG2cevpRBSg8ar5FqTo6wDcA2HJTnqXbN4wil7-jBQ3SiAoe700pnBAnkS9g08mpHyHo1t1GoN1b29QDLANIhAA_1KnUM1F7w25xhMMOhwvSHLjjkm8SpLhbVQbOY-OzMggiOZQ_2dtnMwlQLNyuytZv39jc4HqFYIBuPPVnqmCKleGoNpFXMc1zjhX54zQLr_EDtS0LJwkYZIj2XYwc2n6SUeVF4RdXDjJ0-BaigE7p2IM7Lm5GULhfQQTEaJo6jMjq0hSH2p1gmlI4UlNvJTJrOSKHdi3I6CSxZ13EYUhcwr2FKcDvS2Pw3ppF0ksUSe2wE_JcWiSdIaxk2V13jcnUvpK_KFXP9g7rvPK6yxPgfT6KiRfD_lHo7aqsKWgIFRdLV48_0Kf96LoFn-nJH2GDoqDGmPhjZjTi2_TenkuEbs3SgqdiQa8R0PWNimIK7crMBCoJm0ldvzW7jfrLxaUi7NJBiQkyC1eFD6LmvFgbTD9V-fBbcel-mkXG18qJUuc-kDkgIPjz9wPVDCWu98BVzo9NvOeDbH1oUzN3sm-a1hm2tzJUaNxLcDTWwsA_4KUU-PJLlYKezruXw1EosGwUBrebtLSG_lgNwKlwoilg8NHxuIaJQhreGJRYXrm4I_Kl4h9j3Kxmar5iaDjZN0iwTSGJ-zpC0FdghtSDp_F9Lh5ZC3oEUWm5uvDeNdtVYmpRhKPM5oGEnMpHKfvm-jQRDCDwm50cp-XTzqmTeQ0orUI6WIGiqVzmp61JzHVDvAS7evK7RakST-aT-tp5GwI8xi8tJ1HwrCJccz1O8iu4F-MSfGqSp9Dq8fV_VFURkGMiuNqx7dVYR0S7BBcVD4JzfgpYRX2K26XdI7UjiFizCpbL6zYMSnXS4qzTdXEIRyz4DCA0dKcMq2AM1WpurScHYa_kgojIOMlrEaxNcyTYKc0NPZDQEV_7hd5JYJIlTCv1vemEofAGP-oWBwcXfgx6rPqqmYV_uJF9y3QnX88q9oLeQvYxA8c0Og-kHtoG1PfnvXCCOJi1RItcW383qglVHlZ0-9E8jaJI-Srp3dAQWk8lKyft4-FRsT_TxrttlX6tetnATwDnObKDSHFXGNM3YrLx4MXKTwwQh0e7PFJSKtRaA8okZt6r6lzx6axT9E94xApauqA-7Mc4b_80ccAy7EI6J_hkdTdFZ3coPsLQLbFAjqysfxWpy6We7mgJb-eRDOExp0-uDnr_oAH2vha0aFi8eyVdjmPNI7OYBhNllxEL4D-o5KjGcqq3HlP0TudUs9XPX7OaPR1nW1Id4GSKmJtckJdAdcLzLyNnp1UmuZysiR4JlcVemPMPhAfpPEa_6V-ki4fEFIGQBGQvJ5yqTdDgxq-OPqp4IeNrEiduGENLo_vQeNcYXNGpgvXdbIU3LIU-vKB5zr-h1xVxM81Fl4EcUYynGlL3_EN_tncPHAAH856fBXS21Y_oDNOi6a6XiSToWmeOCT490bnlaevlYdikVX_QoPwSFUHF4H2HGn5zJdl_lgn5P_nftmOV3VpL5XyfB3WIy8MYg5kKOqpPel9OpGUgKTPcUWVM4lOVZ2UK7CdHjpqIlEGe8TquszK2F3ZZ-2ghk0J-xs1Ah2PuS7Pw2tv4MCZaHrcNW0ilECmf85eCteZG84V9KfgQdc-Hm2SXltpuEmek8weqPnIDgKzeqeofu2kkXiHaE7GI81wn6fxUUlT0yZdTfqG--bKPK5sIXEFjSHT97kF6vjIpZSyG7u_6u-wPTutBNmZs6sm4x0Yohnyoxd1SPtNSgN6ZYe0w-hk109A3U0sZ4AuTpheH_SAOclwFFZgbcIPuJsbEBJNJaTbvYgduINdvrG59e7udnfO8Y3_8H4qyvsSOd9r2vLfzAXJbO5DcL7kGv4CzMZSpL_dlQUARhcFtd_J0ydwi85cn26hLcxAMECdWcwQbfDoCFg0M0sFauRccavB_m4IBFKGdyqBnjl3xQQf4Du4R_j_oc61OH9&cid=CAQSTgAvHhf_R3z3suP9857Gl4e5OzYCA9dU2InHIlTgx_77GPshJYQftMitVQYnhQ6XeDtVoIwHUCPXrZlSqJDJshLjjwCalik4hKWnfU5xxBgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f157.1e100.net

Software

cafe /

Resource Hash

77efde81e165680d3d383acf35f4ee781c7a4b5bb806c6390ee819b756e65891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17453
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2978 14 KB
1 KB 29ms
28ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9442000290907361&output=html&h=280&adk=628177680&adf=2514489389&pi=t.aa~a.2773900404~i.37~rp.4&daaos=1707023835935&w=1148&fwrn=4&fwrnh=100&lmt=1707104048&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9204228431&ad_type=text_image&format=1148x280&url=https%3A%2F%2Fourtesco.info%2F&fwr=0&pra=3&rh=200&rw=1148&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707104048238&bpp=1&bdt=1337&idt=1&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ef29a34fe7340f6%3AT%3D1707104047%3ART%3D1707104047%3AS%3DALNI_MZw1_PZvYKGWQKaZ3tan_O9cMhA8Q&gpic=UID%3D00000d50940c4472%3AT%3D1707104047%3ART%3D1707104047%3AS%3DALNI_MZiSeCsyuKknqPx8a4zmS8ITXxqCQ&eo_id_str=ID%3D3bc4c87d5414b324%3AT%3D1707104047%3ART%3D1707104047%3AS%3DAA-AfjbZln-Q0K7xYlCOTBtSpA9D&prev_fmts=0x0%2C1200x200%2C1148x200&nras=2&correlator=2152444077790&frm=20&pv=1&ga_vid=762292052.1707104048&ga_sid=1707104048&ga_hid=1519862739&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080817%2C95323760%2C95320868%2C95324155%2C95324161&oid=2&psts=AOrYGslCf94JyZKAnY3Hl46Fe2c2y896WRwzC33nVn96xgdWWdx5E-OXfbg6kKlhuaVdzrZQylhHMUpA-U0wecR9q_4gaOCG%2CAOrYGsl3jVSvLLhrfCTeRFJCqd-e9Am0Gv5LrK0IFxRRUw9oBGKtJ3wKswayjVfvDlKVUhaf2TTYM78TaQj0nOSxfGDI_YQn&pvsid=1699387297533897&tmod=243306583&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e845fcb50a34be246ce18c0187a8662517a3a7a45673ab56ef124fe70da00dd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Feb 2024 03:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 02:34:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Feb 2024 03:34:08 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 2978 2 KB
822 B 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sun, 04 Feb 2024 15:22:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43875
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 15:22:53 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/ Frame 2978 23 KB
9 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sun, 04 Feb 2024 16:28:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 16:28:58 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 2978 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sun, 04 Feb 2024 16:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 16:40:40 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 2978 20 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sun, 04 Feb 2024 16:28:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 16:28:58 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2978 0
0 29ms
28ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT7U5R5gBoMYdVyMGSJ9YHnuYBpqRyLPKKD9ttP01iyWzOF0_44XC_yn9zzD0GWJB-smuJkPXFBH4l56Soiczr44z6BTg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9442000290907361&output=html&h=280&adk=628177680&adf=2514489389&pi=t.aa~a.2773900404~i.37~rp.4&daaos=1707023835935&w=1148&fwrn=4&fwrnh=100&lmt=1707104048&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9204228431&ad_type=text_image&format=1148x280&url=https%3A%2F%2Fourtesco.info%2F&fwr=0&pra=3&rh=200&rw=1148&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707104048238&bpp=1&bdt=1337&idt=1&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ef29a34fe7340f6%3AT%3D1707104047%3ART%3D1707104047%3AS%3DALNI_MZw1_PZvYKGWQKaZ3tan_O9cMhA8Q&gpic=UID%3D00000d50940c4472%3AT%3D1707104047%3ART%3D1707104047%3AS%3DALNI_MZiSeCsyuKknqPx8a4zmS8ITXxqCQ&eo_id_str=ID%3D3bc4c87d5414b324%3AT%3D1707104047%3ART%3D1707104047%3AS%3DAA-AfjbZln-Q0K7xYlCOTBtSpA9D&prev_fmts=0x0%2C1200x200%2C1148x200&nras=2&correlator=2152444077790&frm=20&pv=1&ga_vid=762292052.1707104048&ga_sid=1707104048&ga_hid=1519862739&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080817%2C95323760%2C95320868%2C95324155%2C95324161&oid=2&psts=AOrYGslCf94JyZKAnY3Hl46Fe2c2y896WRwzC33nVn96xgdWWdx5E-OXfbg6kKlhuaVdzrZQylhHMUpA-U0wecR9q_4gaOCG%2CAOrYGsl3jVSvLLhrfCTeRFJCqd-e9Am0Gv5LrK0IFxRRUw9oBGKtJ3wKswayjVfvDlKVUhaf2TTYM78TaQj0nOSxfGDI_YQn&pvsid=1699387297533897&tmod=243306583&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2978 205 KB
65 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Feb 2024 03:34:08 GMT

GET
H2 200 ddb466d8785cb75acd721f17b1b8dd87.js Show response
www.gstatic.com/mysidia/ Frame 2978 37 KB
16 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Tue, 30 Jan 2024 18:57:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 463008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15487
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 03:17:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 Apr 2024 18:57:20 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C27A 1 KB
646 B 21ms
21ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: nl-NL,nl;q=0.9

Response headers

age: 66038
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 09:13:30 GMT
etag: 48472445140208031
expires: Mon, 05 Feb 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/3040729758210985167/ Frame 2978 27 KB
27 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3040729758210985167/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bab279998c2611f423c748e4ec9fdd2f72b3fc9acc15833211d378ddb5c9bc4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

expires: Wed, 29 Jan 2025 23:55:31 GMT
date: Tue, 30 Jan 2024 23:55:31 GMT
x-content-type-options: nosniff
age: 445117
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27988
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 13:53:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 2978 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0a5a884eb6794a286f62db1fdcf257ba96b7d6c74a00ef4c0c00be8726ef3ae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7950 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff8f9cc6d890b7f914eb11491ac52cdb6a4dba24cf8c7d7da0808a211b9ba158

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2978 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ef3110dc82803dc45170f9d009e7f3deb05f87f75c1ec819b63228c0f8a9177

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame C27A
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDqtw-gnz3oHRu9ZaxotjZ4&google_cver=1&google_push=AXcoOmRRZwlgDDFsl37Cv4omTY7EdB_AMZLrVGngKFVdVIi-fhJPGvjnm_qmPJjv6BlZIqbsSfBIe9lNJKpk4HXtRatrsbRPYdfFmHk
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk2MDg1NjU4NzUxNjE1MzcwNg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDqtw-gnz3oHRu9ZaxotjZ4&google_cver=1

43 B
398 B

61ms
18ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDqtw-gnz3oHRu9ZaxotjZ4&google_cver=1
Requested by: Host: ourtesco.info
URL: https://ourtesco.info/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDqtw-gnz3oHRu9ZaxotjZ4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame C27A
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEPTNeNELQXTw6hLBvSh0nk8&google_cver=1&google_push=AXcoOmSA-UrHk5eip-X3W7ENRr7_GJxzzM51Ly9g3ZnZ-GP8huMjspOP1WEAqm9x6vI9jNveYt0JHp3tJ054OjVsyXGNC7lj7KW4_...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPTNeNELQXTw6hLBvSh0nk8&google_cver=1&google_push=AXcoOmSA-UrHk5eip-X3W7ENRr7_GJxzzM51Ly9g3ZnZ-GP8huMjspOP1WEAqm9x6vI9jNveYt0JHp3tJ054OjVsyXGNC7lj7KW...

43 B
447 B

239ms
220ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPTNeNELQXTw6hLBvSh0nk8&google_cver=1&google_push=AXcoOmSA-UrHk5eip-X3W7ENRr7_GJxzzM51Ly9g3ZnZ-GP8huMjspOP1WEAqm9x6vI9jNveYt0JHp3tJ054OjVsyXGNC7lj7KW4_g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSA-UrHk5eip-X3W7ENRr7_GJxzzM51Ly9g3ZnZ-GP8huMjspOP1WEAqm9x6vI9jNveYt0JHp3tJ054OjVsyXGNC7lj7KW4_g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:09 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 850818917f95bb5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 9391
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPTNeNELQXTw6hLBvSh0nk8&google_cver=1&google_push=AXcoOmSA-UrHk5eip-X3W7ENRr7_GJxzzM51Ly9g3ZnZ-GP8huMjspOP1WEAqm9x6vI9jNveYt0JHp3tJ054OjVsyXGNC7lj7KW4_g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSA-UrHk5eip-X3W7ENRr7_GJxzzM51Ly9g3ZnZ-GP8huMjspOP1WEAqm9x6vI9jNveYt0JHp3tJ054OjVsyXGNC7lj7KW4_g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 850818902f00bb5b-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C27A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFhOesqeCHmH985bYsfTPm0&google_push=AXcoOmSc31QBBCVUclKQOIw9X3qtFDB0gzUSXrjAXMirnNUfNqSKpr-Ru3...

170 B
188 B

34ms
34ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFhOesqeCHmH985bYsfTPm0&google_push=AXcoOmSc31QBBCVUclKQOIw9X3qtFDB0gzUSXrjAXMirnNUfNqSKpr-Ru3WPeqgFjD5drplxsc8PH4fPOCEO3Ibl_UNpH0koI2k6DOk

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-ams21071-AMS
pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1707104049.651058,VS0,VE91
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFhOesqeCHmH985bYsfTPm0&google_push=AXcoOmSc31QBBCVUclKQOIw9X3qtFDB0gzUSXrjAXMirnNUfNqSKpr-Ru3WPeqgFjD5drplxsc8PH4fPOCEO3Ibl_UNpH0koI2k6DOk
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C27A
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEPxhCv0K5mC04GkRuY0d7DQ&google_cver=1&google_push=AXcoOmTWy1UMF5IuqDYQRcHkJRwIGeyzsz5hxx-58FtW97YESYBptORzd9t7EguxJTGmzLPHwqpbaE7KsszErzdzQTfFA5BhUewOyLU
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0620B54B19BB429984DA45EEEC67C773&google_push=AXcoOmTWy1UMF5IuqDYQRcHkJRwIGeyzsz5hxx-58FtW97YESYBptORzd9t7EguxJTGmzLPHwqpbaE7KsszErzd...

170 B
188 B

31ms
31ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0620B54B19BB429984DA45EEEC67C773&google_push=AXcoOmTWy1UMF5IuqDYQRcHkJRwIGeyzsz5hxx-58FtW97YESYBptORzd9t7EguxJTGmzLPHwqpbaE7KsszErzdzQTfFA5BhUewOyLU

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 05 Feb 2024 03:34:08 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0620B54B19BB429984DA45EEEC67C773&google_push=AXcoOmTWy1UMF5IuqDYQRcHkJRwIGeyzsz5hxx-58FtW97YESYBptORzd9t7EguxJTGmzLPHwqpbaE7KsszErzdzQTfFA5BhUewOyLU
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 04 Feb 2024 03:34:08 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame C27A 43 B
235 B 65ms
17ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJRFHzKaettQAlGWI06bYYE&google_cver=1&google_push=AXcoOmRrknCnp1wCHNE_n8W3C1HsDYT7P_kySdI7UWRkPP3qiA1_pS2tiHmehasg0dEMUdRj4_0FH7PxB2RU3_n2ejGlppSADbX5wi0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9442000290907361&output=html&h=280&adk=628177680&adf=2514489389&pi=t.aa~a.2773900404~i.37~rp.4&daaos=1707023835935&w=1148&fwrn=4&fwrnh=100&lmt=1707104048&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9204228431&ad_type=text_image&format=1148x280&url=https%3A%2F%2Fourtesco.info%2F&fwr=0&pra=3&rh=200&rw=1148&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707104048238&bpp=1&bdt=1337&idt=1&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ef29a34fe7340f6%3AT%3D1707104047%3ART%3D1707104047%3AS%3DALNI_MZw1_PZvYKGWQKaZ3tan_O9cMhA8Q&gpic=UID%3D00000d50940c4472%3AT%3D1707104047%3ART%3D1707104047%3AS%3DALNI_MZiSeCsyuKknqPx8a4zmS8ITXxqCQ&eo_id_str=ID%3D3bc4c87d5414b324%3AT%3D1707104047%3ART%3D1707104047%3AS%3DAA-AfjbZln-Q0K7xYlCOTBtSpA9D&prev_fmts=0x0%2C1200x200%2C1148x200&nras=2&correlator=2152444077790&frm=20&pv=1&ga_vid=762292052.1707104048&ga_sid=1707104048&ga_hid=1519862739&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080817%2C95323760%2C95320868%2C95324155%2C95324161&oid=2&psts=AOrYGslCf94JyZKAnY3Hl46Fe2c2y896WRwzC33nVn96xgdWWdx5E-OXfbg6kKlhuaVdzrZQylhHMUpA-U0wecR9q_4gaOCG%2CAOrYGsl3jVSvLLhrfCTeRFJCqd-e9Am0Gv5LrK0IFxRRUw9oBGKtJ3wKswayjVfvDlKVUhaf2TTYM78TaQj0nOSxfGDI_YQn&pvsid=1699387297533897&tmod=243306583&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=13
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 05 Feb 2024 03:34:08 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C27A
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDcPFnYqlC8urDG7zoVbsxw&google_cver=1&google_push=AXcoOmSmcxrgPa9BkibM-wtbjp2WCzmGV5LSE9p30uyRFn6c93eP9Os-m1YPQ6dQcfsXX3egCDqawUX10INPbmm57azH_mQ...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSmcxrgPa9BkibM-wtbjp2WCzmGV5LSE9p30uyRFn6c93eP9Os-m1YPQ6dQcfsXX3egCDqawUX10INPbmm57azH_mQBGKi8tNQ&google_hm=eS0ubk91amxoRTJwR1I...

170 B
188 B

30ms
30ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSmcxrgPa9BkibM-wtbjp2WCzmGV5LSE9p30uyRFn6c93eP9Os-m1YPQ6dQcfsXX3egCDqawUX10INPbmm57azH_mQBGKi8tNQ&google_hm=eS0ubk91amxoRTJwR1IwaTN4TEZVZERGTFVWMWc3ZFJLMH5B

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 05 Feb 2024 03:34:08 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSmcxrgPa9BkibM-wtbjp2WCzmGV5LSE9p30uyRFn6c93eP9Os-m1YPQ6dQcfsXX3egCDqawUX10INPbmm57azH_mQBGKi8tNQ&google_hm=eS0ubk91amxoRTJwR1IwaTN4TEZVZERGTFVWMWc3ZFJLMH5B
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame C27A 42 B
204 B 55ms
19ms Image
image/gif 34.160.236.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEMMkArMRz8QDEJU1OBBYz0Q&google_push=AXcoOmTSFrLp7cYUxzbrfF0vDqL-BY0rryFL2EE7Z2BXkLFN1ai8VYlMJ2IQ5G89kusYvda7MhgHXUEa7PtyO-RKM1u7AeRt2m4pcfQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9442000290907361&output=html&h=280&adk=628177680&adf=2514489389&pi=t.aa~a.2773900404~i.37~rp.4&daaos=1707023835935&w=1148&fwrn=4&fwrnh=100&lmt=1707104048&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9204228431&ad_type=text_image&format=1148x280&url=https%3A%2F%2Fourtesco.info%2F&fwr=0&pra=3&rh=200&rw=1148&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707104048238&bpp=1&bdt=1337&idt=1&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ef29a34fe7340f6%3AT%3D1707104047%3ART%3D1707104047%3AS%3DALNI_MZw1_PZvYKGWQKaZ3tan_O9cMhA8Q&gpic=UID%3D00000d50940c4472%3AT%3D1707104047%3ART%3D1707104047%3AS%3DALNI_MZiSeCsyuKknqPx8a4zmS8ITXxqCQ&eo_id_str=ID%3D3bc4c87d5414b324%3AT%3D1707104047%3ART%3D1707104047%3AS%3DAA-AfjbZln-Q0K7xYlCOTBtSpA9D&prev_fmts=0x0%2C1200x200%2C1148x200&nras=2&correlator=2152444077790&frm=20&pv=1&ga_vid=762292052.1707104048&ga_sid=1707104048&ga_hid=1519862739&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2750&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080817%2C95323760%2C95320868%2C95324155%2C95324161&oid=2&psts=AOrYGslCf94JyZKAnY3Hl46Fe2c2y896WRwzC33nVn96xgdWWdx5E-OXfbg6kKlhuaVdzrZQylhHMUpA-U0wecR9q_4gaOCG%2CAOrYGsl3jVSvLLhrfCTeRFJCqd-e9Am0Gv5LrK0IFxRRUw9oBGKtJ3wKswayjVfvDlKVUhaf2TTYM78TaQj0nOSxfGDI_YQn&pvsid=1699387297533897&tmod=243306583&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:08 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C27A 0
12 B 29ms
29ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IUYYB_q9DA9Fi9DMMNhXuksTTZi1uwxgpMxBaN51MsdSVgQpmjCCcresRTQEBl8PjnbIH6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7950 0
0 55ms
55ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5hJfL1fAZaf3KtD7nsEP-eWfwAzZhsKFdf3wiN2JEufB9P0IEAEgjJ7uYGCRBMgBBakCRMIPqnAZsj6oAwGqBPQBT9Awb79K3euMPgrTXaBO5aentSil3jwq11l8_MDB43KvJlNDyIsqdNmzO8MVIqo_XF76K6dKjmGiwKR9UyO45Us14OcgG33Lme40UJlp-YGwgtiOEXYzCQpdTq-bZrj9sjUcDDUy5iEWYOs6sXuzKEx1dnJyZldavXRBftNoUroEWYAo97EtsnTQDTxggRG0bt9bBnDw9obDXsA2lLVhAJwtTeTc9pkZVG_ZTp-XPoaDoFDNe4m-R1cC7MGzZ-U1kNboP2YIY57GH2abSzAqCnY77rVPPWREkluRQHQTBYZgk-dGWupkjs2Ea_YyJC2SUNVOsMAElYqIucIE4AQDiAWruYzhTZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdtgGAoAHkIPx0QOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChC5rgsY1dzEggKgCOATsAgC0gglCIDhgBAQARgfMgKqAjoIgECAgISAgARIvf3BOljzhe6SopOEA4AKAcgLAbATzbSMFsgTkJ2e5APYEwqCFA8aDW91cnRlc2NvLmluZm-IFALYFAHQFQGAFwGyFxwKGggAEhRwdWItOTQ0MjAwMDI5MDkwNzM2MRgA6BcF&sigh=4eMTYh0J8HY&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_R3z3suP9857Gl4e5OzYCA9dU2InHIlTgx_77GPshJYQftMitVQYnhQ6XeDtVoIwHUCPXrZlSqJDJshLjjwCalik4hKWnfU5xxBgB&vt=10&cbvp=2&vis=1&nis=5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1
Attribution-Reporting-Eligible: event-source
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Feb 2024 03:34:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 n.js Show response
mb.moatads.com/ Frame 2584 112 B
290 B 161ms
68ms Script
text/html 130.162.160.243
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/n.js?e=35&ol=4125599237&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DVC8p%3D%2Fi%24%2Bc%3DN%2CNl%3F%3Ba7%2B%22%406U.hayWkKBF%22cpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bmx%7BimP%3DK_%3CMC%23VRzx82If%25.b%5EhekO2m%2F%26u~q%60RP%3CG.G%24c%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-7OMlZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-csYy9DU1NqKUTA%3D%3D&sc=1&os=1-WA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=0&qe=0&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fourtesco.info&t=1707104048629&de=420935028566&m=0&ar=805b0ce1b97-clean&iw=4a25902&q=2&cb=1&ym=0&cu=1707104048629&ll=2&lm=3&ln=1&r=0&em=0&en=0&d=30000051%3A50000648%3A60015306%3A70019759&zMoatSSP=0&zMoatDeal=-1&zMoatSubdomain=ourtesco.info&zMoatIMPID=Frv2DCMiJLfQLbqOQXGSNr10QS7dlvoxjHeXgw&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fourtesco.info&id=0&ii=2&bo=googleads.g.doubleclick.net&bd=160x600&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=ourtesco.info&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=207009&na=1115218027&cs=0&ord=1707104048629&jv=725074806&callback=DOMlessLLDcallback_97084008
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/travel198849194933/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 3053ad39e1a688da77ec6bd3ae22f2082eec48317d4ef4c1db901f7e728dfc07

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:08 GMT
server: istio-envoy
etag: "704b4265918ab60174e2167bda60d996c73ffdef"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 20
timing-allow-origin: *
content-length: 112

GET
H2 200 pixel.gif
px.moatads.com/ Frame 2584 43 B
265 B 29ms
21ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fourtesco.info&t=1707104048629&de=420935028566&m=0&ar=805b0ce1b97-clean&iw=4a25902&q=3&cb=1&ym=0&cu=1707104048629&ll=2&lm=3&ln=1&r=0&em=0&en=0&d=30000051%3A50000648%3A60015306%3A70019759&zMoatSSP=0&zMoatDeal=-1&zMoatSubdomain=ourtesco.info&zMoatIMPID=Frv2DCMiJLfQLbqOQXGSNr10QS7dlvoxjHeXgw&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fourtesco.info&id=0&ii=2&bo=googleads.g.doubleclick.net&bd=160x600&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=ourtesco.info&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=207009&na=650203422&cs=0
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000051.2.0.70019759.0.0..0.NL.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015306.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpYXfL1fAZaX3KtD7nsEP-eWfwAzKkbX7ctPipc7RCsCNtwEQASAAYJEEggEXY2EtcHViLTk0NDIwMDAyOTA5MDczNjHIAQmpAkTCD6pwGbI-qAMByAMCqgS5AU_Q_RLBlFzj63NMOnhJkNEwIFQgvmNL0nNvvEMAkVUSpd5cR_TwVm48sf0gRPpTIY_u40uCOnkBACNR_VL2tMESfdEUPuObZEkJub3t3OjT6WWBl6cmWx4mywfTZAwBeOmWVAKIdfGUjQCqDjVwwfWEHZbXvmE8WglJXxnHWygp-pgKjRHkpAygwgQuGCv_vmo9HRPa0_5OiS4b6JLQFOBTfDtCvS9nho70P0e_mHzP534YjBBMaXGEgAbsp-mslJnIjWagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggjCIDhgBAQATICqgI6CIBAgICEgIAESL39wTpY84XukqKThAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3R7qM6TPlrmjXGxqvJCocTJn5UZQ%26client%3Dca-pub-9442000290907361%26adurl%3D&googlewinningprice=ZcBXLwAKu6UCJ73QAAfy-SwCeTPO5n0Bud2tYA&wpc=EUR&site=ourtesco.info&slotvisibility=1&gcpm=939479&gpos=1&bidder=bidder-rtb-production-54f649885b-j26w4&dv=3&uuid=&suid=&brq=Frv2DCMiJLfQLbqOQXGSNr10QS7dlvoxjHeXgw&ssp_id=0&l=en&ts=1707104047&uc=NL&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=rPEVLRXrRLq7PSkSHin99Rzk47SIAmm8Sg4q8wmVrxk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

unused62: 8096267
pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 05 Feb 2024 03:34:08 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvbQoi-E.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 2978 33 KB
33 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvbQoi-E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49f9117b94a5252fe9275626b5dd68af08e0b445517dc246e5b444fb617036da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Tue, 30 Jan 2024 20:16:32 GMT
x-content-type-options: nosniff
age: 458256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34024
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:40:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 20:16:32 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7950 0
54 B 17ms
17ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~ls8doa08&c=4585659002692&slotId=2292829501346&qqid=COfK7pKik4QDFdC9JwId-fIHyA&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 7950 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Tue, 30 Jan 2024 19:01:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 19:01:46 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-c0q7lnz7.c.2mdn.net/videoplayback/id/45ccdb21269e5f08/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738640048/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 7950
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/45ccdb21269e5f08/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738640048/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r2---sn-c0q7lnz7.c.2mdn.net/videoplayback/id/45ccdb21269e5f08/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738640048/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

164ms
35ms

Fetch
video/mp4

2a00:1450:400d::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-c0q7lnz7.c.2mdn.net/videoplayback/id/45ccdb21269e5f08/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738640048/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/628A4480470413CD00FFDF03C1A770FAA9552A3A.5F9A60B50BFBFB4749C74B42ED3088840C8BFADA/key/cms1/cms_redirect/yes/mh/vA/mip/2001:1af8:4700:a08a:4::5/mm/42/mn/sn-c0q7lnz7/ms/onc/mt/1707103150/mv/u/mvi/2/pl/60/file/file.mp4

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

HTTP/1.1

Server

2a00:1450:400d::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date: Mon, 05 Feb 2024 03:34:08 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1337028
Last-Modified: Wed, 27 Dec 2023 12:26:48 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 05 Feb 2024 03:34:08 GMT

Redirect headers

date: Mon, 05 Feb 2024 03:34:08 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 653
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-c0q7lnz7.c.2mdn.net/videoplayback/id/45ccdb21269e5f08/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738640048/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/628A4480470413CD00FFDF03C1A770FAA9552A3A.5F9A60B50BFBFB4749C74B42ED3088840C8BFADA/key/cms1/cms_redirect/yes/mh/vA/mip/2001:1af8:4700:a08a:4::5/mm/42/mn/sn-c0q7lnz7/ms/onc/mt/1707103150/mv/u/mvi/2/pl/60/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 7950 453 B
585 B 27ms
27ms Image
image/png 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-9442000290907361

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:08 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
expires: Mon, 05 Feb 2024 04:24:08 GMT

GET
H2 200 js-err
rtb.ads.travelaudience.com/ Frame 2584 35 B
354 B 22ms
21ms Image
image/gif 35.187.184.108
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.ads.travelaudience.com/js-err?description=Script%20error.&url=&line=0&col=0&parent_url=https%3A%2F%2Frtb.ads.travelaudience.com%2Frtb%3Fads%3D30000051.2.0.70019759.0.0..0.NL.-1..7sOMk32o1KNqb38Y2MsA0w%253D%253D.60015306.OTk5JTJjMQ%3D%3D...7sOMk32o1KNqb38Y2MsA0w%253D%253D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ%3D%3D.2.0%26p%3D90000%26x%3D160%26y%3D600%26click%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCpYXfL1fAZaX3KtD7nsEP-eWfwAzKkbX7ctPipc7RCsCNtwEQASAAYJEEggEXY2EtcHViLTk0NDIwMDAyOTA5MDczNjHIAQmpAkTCD6pwGbI-qAMByAMCqgS5AU_Q_RLBlFzj63NMOnhJkNEwIFQgvmNL0nNvvEMAkVUSpd5cR_TwVm48sf0gRPpTIY_u40uCOnkBACNR_VL2tMESfdEUPuObZEkJub3t3OjT6WWBl6cmWx4mywfTZAwBeOmWVAKIdfGUjQCqDjVwwfWEHZbXvmE8WglJXxnHWygp-pgKjRHkpAygwgQuGCv_vmo9HRPa0_5OiS4b6JLQFOBTfDtCvS9nho70P0e_mHzP534YjBBMaXGEgAbsp-mslJnIjWagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggjCIDhgBAQATICqgI6CIBAgICEgIAESL39wTpY84XukqKThAP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3R7qM6TPlrmjXGxqvJCocTJn5UZQ%2526client%253Dca-pub-9442000290907361%2526adurl%253D%26googlewinningprice%3DZcBXLwAKu6UCJ73QAAfy-SwCeTPO5n0Bud2tYA%26wpc%3DEUR%26site%3Dourtesco.info%26slotvisibility%3D1%26gcpm%3D939479%26gpos%3D1%26bidder%3Dbidder-rtb-production-54f649885b-j26w4%26dv%3D3%26uuid%3D%26suid%3D%26brq%3DFrv2DCMiJLfQLbqOQXGSNr10QS7dlvoxjHeXgw%26ssp_id%3D0%26l%3Den%26ts%3D1707104047%26uc%3DNL%26at%3D1%26ia%3D0%26mai%3D%26mat%3D1%26ir%3D0%26an%3D%26rg%3D1%26hm%3DrPEVLRXrRLq7PSkSHin99Rzk47SIAmm8Sg4q8wmVrxk%3D

Requested by

Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000051.2.0.70019759.0.0..0.NL.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015306.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpYXfL1fAZaX3KtD7nsEP-eWfwAzKkbX7ctPipc7RCsCNtwEQASAAYJEEggEXY2EtcHViLTk0NDIwMDAyOTA5MDczNjHIAQmpAkTCD6pwGbI-qAMByAMCqgS5AU_Q_RLBlFzj63NMOnhJkNEwIFQgvmNL0nNvvEMAkVUSpd5cR_TwVm48sf0gRPpTIY_u40uCOnkBACNR_VL2tMESfdEUPuObZEkJub3t3OjT6WWBl6cmWx4mywfTZAwBeOmWVAKIdfGUjQCqDjVwwfWEHZbXvmE8WglJXxnHWygp-pgKjRHkpAygwgQuGCv_vmo9HRPa0_5OiS4b6JLQFOBTfDtCvS9nho70P0e_mHzP534YjBBMaXGEgAbsp-mslJnIjWagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggjCIDhgBAQATICqgI6CIBAgICEgIAESL39wTpY84XukqKThAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3R7qM6TPlrmjXGxqvJCocTJn5UZQ%26client%3Dca-pub-9442000290907361%26adurl%3D&googlewinningprice=ZcBXLwAKu6UCJ73QAAfy-SwCeTPO5n0Bud2tYA&wpc=EUR&site=ourtesco.info&slotvisibility=1&gcpm=939479&gpos=1&bidder=bidder-rtb-production-54f649885b-j26w4&dv=3&uuid=&suid=&brq=Frv2DCMiJLfQLbqOQXGSNr10QS7dlvoxjHeXgw&ssp_id=0&l=en&ts=1707104047&uc=NL&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=rPEVLRXrRLq7PSkSHin99Rzk47SIAmm8Sg4q8wmVrxk=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.187.184.108 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

108.184.187.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://rtb.ads.travelaudience.com/rtb?ads=30000051.2.0.70019759.0.0..0.NL.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015306.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpYXfL1fAZaX3KtD7nsEP-eWfwAzKkbX7ctPipc7RCsCNtwEQASAAYJEEggEXY2EtcHViLTk0NDIwMDAyOTA5MDczNjHIAQmpAkTCD6pwGbI-qAMByAMCqgS5AU_Q_RLBlFzj63NMOnhJkNEwIFQgvmNL0nNvvEMAkVUSpd5cR_TwVm48sf0gRPpTIY_u40uCOnkBACNR_VL2tMESfdEUPuObZEkJub3t3OjT6WWBl6cmWx4mywfTZAwBeOmWVAKIdfGUjQCqDjVwwfWEHZbXvmE8WglJXxnHWygp-pgKjRHkpAygwgQuGCv_vmo9HRPa0_5OiS4b6JLQFOBTfDtCvS9nho70P0e_mHzP534YjBBMaXGEgAbsp-mslJnIjWagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggjCIDhgBAQATICqgI6CIBAgICEgIAESL39wTpY84XukqKThAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3R7qM6TPlrmjXGxqvJCocTJn5UZQ%26client%3Dca-pub-9442000290907361%26adurl%3D&googlewinningprice=ZcBXLwAKu6UCJ73QAAfy-SwCeTPO5n0Bud2tYA&wpc=EUR&site=ourtesco.info&slotvisibility=1&gcpm=939479&gpos=1&bidder=bidder-rtb-production-54f649885b-j26w4&dv=3&uuid=&suid=&brq=Frv2DCMiJLfQLbqOQXGSNr10QS7dlvoxjHeXgw&ssp_id=0&l=en&ts=1707104047&uc=NL&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=rPEVLRXrRLq7PSkSHin99Rzk47SIAmm8Sg4q8wmVrxk=
Origin: https://rtb.ads.travelaudience.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:08 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
access-control-allow-origin: https://rtb.ads.travelaudience.com
content-type: image/gif

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 2978
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CJRSTMFfAZc-YEayzjuwPnYmmiAupxemfdYWAuJmyEdzZHhABIIye7mBgkQSgAaGwr9MCyAEJqQJEwg-qcBmyPqgDAcgDywSqBNwBT9AYOhAz6CeAiAPv8VjU7lddX0THrBHtBEbkIO9gRbt...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217222002638085333956%22,%22debug_reporting%22:true,%22destination%22:%22https://myparcel.nl%22,%22event_report_window%22:%...

0
0

94ms
52ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217222002638085333956%22,%22debug_reporting%22:true,%22destination%22:%22https://myparcel.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22711710753%22],%2222%22:[%22true%22],%224%22:[%2202-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227134207004068067729%22}&andc=true

Requested by

Host: ourtesco.info
URL: https://ourtesco.info/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:08 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"17222002638085333956","debug_reporting":true,"destination":"https://myparcel.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["711710753"],"22":["true"],"4":["02-05"],"6":["true"]},"priority":"500","source_event_id":"7134207004068067729"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Feb 2024 03:34:08 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Feb 2024 03:34:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17222002638085333956","debug_reporting":true,"destination":"https://myparcel.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["711710753"],"22":["true"],"4":["02-05"],"6":["true"]},"priority":"500","source_event_id":"7134207004068067729"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 csi
csi.gstatic.com/ Frame 7950 0
17 B 17ms
17ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~ls8doa3k&c=4585659002692&slotId=2292829501346&qqid=COfK7pKik4QDFdC9JwId-fIHyA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=500&br=392&mt=video%2Fmp4&vs=480x854&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=59&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.rv~atrd.ry~videopreviewvisible.sr&ua_e=1&ple=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 1244 50 KB
19 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Tue, 30 Jan 2024 16:33:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 471666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19644
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jan 2025 16:33:02 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame F276 23 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 360882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 23:19:26 GMT
expires: Thu, 30 Jan 2025 23:19:26 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame F276 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sun, 04 Feb 2024 17:00:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Feb 2025 17:00:06 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 115ms
50ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 05 Feb 2024 03:34:08 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 66ms
66ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240131&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cada586e76429db28056987dca447a37ef551b7df85ab954a010916915f1e9a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12309
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C6C5 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fced8fc8607b3212435555d4e45b6473488227807b7a4b12120aa51b32ab7b10

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C6C5 0
20 B 60ms
60ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CudcVL1fAZaX3KtD7nsEP-eWfwAzKkbX7ctPipc7RCsCNtwEQASAAYJEEggEXY2EtcHViLTk0NDIwMDAyOTA5MDczNjHIAQmpAkTCD6pwGbI-qAMByAMCqgS2AU_Q_RLBlFzj63NMOnhJkNEwIFQgvmNL0nNvvEMAkVUSpd5cR_TwVm48sf0gRPpTIY_u40uCOnkBACNR_VL2tMESfdEUPuObZEkJub3t3OjT6WWBl6cmWx4mywfTZAwBeOmWVAKIdfGUjQCqDjVwwfWEHZbXvmE8WglJXxnHWygp-pgKjRHkpAygwgQuGCv_vig_PIFIfRFHFsEyTQXVhl9LWzHvtwF_Nj17OtUKLVHj_-6TexnTgAbsp-mslJnIjWagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggjCIDhgBAQATICqgI6CIBAgICEgIAESL39wTpY84XukqKThAOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTQ0MjAwMDI5MDkwNzM2MRgA&sigh=6Q2WKgywv6s&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_R3z3suP9857Gl4e5OzYCA9dU2InHIlTgx_77GPshJYQftMitVQYnhQ6XeDtVoIwHUCPXrZlSqJDJshLjjwCalik4hKWnfU5xxBgB&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Feb 2024 03:34:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F276 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B57iGMFfAZZ79JZmvnsEP4tSYiA0AAAAAOAHgBAI&bg=!TE-lTwDNAAa8BdJLnAU7ADQBe5WfOIfj10WlzODnzDrzCoDG5Xhcm24g-qooX36DzIIFQDLLH_6khqWv_b4tuIT5a8n5AgAAAC1SAAAAAmgBBwoASmE6QhQF2Bfu_Pnkn8xSnwwYM4e61Ysi0mcpTN2rngncIgx2NtiNpUw4XjMpFc4vPDimwzxHBbHXEEVKrIM8JOG_PjOYw6y87AwamQLom9mBVJOgvhPUEO_4RSLnowcj1AWPDxw26PJT-kOti4_y9hW83OmdihZDVCDkG580D9jqCYwgIkaUKWIose2TNDTxPePxLPoTnhcf0NHALGsdW46XyJijxfrXb_qpl8JUFfJw2fnTsK_Tf-LwpwrCAeL3w0yyKVaUO3fYD6QoJnjV6aTj1An3_wiWfNQaUlfHnJA7vBN-RdzEQzJfUlH8zz5Uqm3Vy8q0jsdjByyGXVChNQY5pr5dWxeWLby1s_0VLWdJBI_zZ5t-vgwDYgoP3guE9s4EPZ8-MBnWHk8jkQknRFtYQaGdQe_VAtTQQbntdVr12IH50ovbn-VPYp_hJCvi6ic0Btx13V3UgX7VDQl0kHW5NgEdmKV7FM5Ub0ZM4jQdsxD4ZZcLWeaGv2bc13Viju9ZE9cqoVR1iKOpaqqpMC7DhUL2bF9FliF7nAaGIRMOuTUaOOqUBf0-LvQ5u2r3_lbanjnA8B7bnWZwtBFv-VxA7f71C3nC5TCl1EoSwMBsb0SvvRNAIQxH1fuNSgk7uManzw--gsCB0og6VnS-uS1bxL_zxTescswqGu7g7nj1L-jyFj3tKCvreF96TaJr5AGsfJzm4MTk9r7QBdYj-By2WdTUVmOlY9PFJRVD27PMwba2XWeWvVrmQUO4okf2tRhKwFAXrftKTBlBIWEHIoiI_SeBe2lXLpnWEXPi1Wh5LN8nUl4v9Af1I6JWG456q1k8du4b-I3rF3LJM1UIPEdtpUTdoncHKPtnAlsJzWATjk7VihjlOInFN8myOlspotKusPHGfJ3IWzFQjU93pPAyZuWHsrIQDxgVJAGvufqCq5viIIsAtA7C58tyxRAxJwf4F1jpO7T7qyB0-D6PbLetiOHsqnWRCphj09EkYSe4b2Bt02xOpzBvoHJG16gG45k-2RjvxjOJruv_CoV1aMrXVnFqMjfGIRmXdt8ZGU12y_mYQvJ-4CYWtD0lWYhOu3pLr_v5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 03:34:08 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 28E1 13 KB
5 KB 20ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ourtesco.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 37955
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 17:01:33 GMT
expires: Mon, 03 Feb 2025 17:01:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4A5B 829 B
559 B 29ms
28ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

02e7e360cacfd38553a3e1cea4ac7a96f591985e9e4ce2527c24a54bbf602029

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2Kwc7Vgmg1yHt9T-u2N-OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ourtesco.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2Kwc7Vgmg1yHt9T-u2N-OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 03:34:08 GMT
expires: Mon, 05 Feb 2024 03:34:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 206 file.mp4
r2---sn-c0q7lnz7.c.2mdn.net/videoplayback/id/45ccdb21269e5f08/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738640048/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 7950 1 MB
1 MB 69ms
33ms Media
video/mp4 2a00:1450:400d::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d720e85b80f8c08c1e1b6a4ea4ac61e7e71264f482d50523a6c9a0abae0f5480

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Range: bytes=0-

Response headers

expires: Mon, 05 Feb 2024 03:34:09 GMT
date: Mon, 05 Feb 2024 03:34:09 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1337027/1337028
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1337028
last-modified: Wed, 27 Dec 2023 12:26:48 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4A5B 0
0 51ms
51ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240131&jk=1699387297533897&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 28E1 39 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Sun, 04 Feb 2024 17:00:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Feb 2025 17:00:06 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 28E1 0
11 B 20ms
20ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?02-lVw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dc_oe=ChMIntWmk6KThAMVmZcnAh1iKgbREAAYACDZ-59jOhoIzf-w9wMQlYqIucIEGJCdnuQDIP3wiN2JEkITCOfK7pKik4QDFdC9JwId-fIHyA;dc_rmcid=CAQSTgAvHhf_R3z3suP9857Gl4e5OzYCA9dU2InHIlTgx_77GPshJYQftMitVQYnhQ6XeDtVoIw...
ade.googlesyndication.com/ddm/activity/ Frame 7950 42 B
401 B 126ms
52ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIntWmk6KThAMVmZcnAh1iKgbREAAYACDZ-59jOhoIzf-w9wMQlYqIucIEGJCdnuQDIP3wiN2JEkITCOfK7pKik4QDFdC9JwId-fIHyA;dc_rmcid=CAQSTgAvHhf_R3z3suP9857Gl4e5OzYCA9dU2InHIlTgx_77GPshJYQftMitVQYnhQ6XeDtVoIwHUCPXrZlSqJDJshLjjwCalik4hKWnfU5xxBgB;eps=CIDhgBAQARgfMgKqAjoIgECAgISAgARIvf3BOljzhe6SopOEAw;met=1;acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D18176%26vmtime%3D2%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D876693281%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1707104049061;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7950 42 B
68 B 57ms
56ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cmm7lL1fAZaf3KtD7nsEP-eWfwAzZhsKFdf3wiN2JEufB9P0IEAEgjJ7uYGCRBMgBBakCRMIPqnAZsj6oAwHIA5uEgIAEqgT3AU_QMG-_St3rjD4K012gTuWnp7Uopd48KtdZfPzAweNyryZTQ8iLKnTZszvDFSKqP1xe-iunSo5hosCkfVMjuOVLNeDnIBt9y5nuNFCZafmBsILYjhF2MwkKXU6vm2a4_bI1HAw1MuYhFmDrOrF7syhMdXZycmZXWr10QX7TaFK6BFmAKPexLbJ00A08YIERtG7fWwZw8PaGw17ANpS1YQCcLU3k3PaZGVRv2U6flz6Gg6BQlXpbsk8dhN5TSuQiUwAR9uCBFbt5kJL_zMaBFi98mOScV_XNxcXWKt9bPR0Fm2z6np90S6LVf90pVLQfEJcr426gibLABJWKiLnCBOAEA4gFq7mM4U2QBgGgBnbYBgKAB5CD8dEDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAKAI4BOwCALSCCUIgOGAEBABGB8yAqoCOgiAQICAhICABEi9_cE6WPOF7pKik4QDgAoByAsB4AsBgAwBqg0CTkywE820jBbIE5CdnuQD2BMKghQPGg1vdXJ0ZXNjby5pbmZviBQC2BQB0BUB-BYBgBcB6BcF&sigh=nq5dIXnEO2M&label=part2viewed&ad_mt=2&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D18176%26vmtime%3D2%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D876693281%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1707104049061

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7950 0
28 B 65ms
64ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstU0UEoDeiE2c2st2NVHAYhVixIP-4mwTiHavW-IhaaidO2obj5QxwHC_p1CfWJ4KQspx2NXUCTn8bLZ64U3oom5I0s_BxwcbJtdxMc_bBCIZpXE06aKrNHQ44fZGqUhACvL7PH87bmK8WZqb-yuosfi4y01RkdH8lg7auqH_1nHmJ4w8iXCDghBB8bUgc2fnai-dSip-2k_O984HVKrrDNXfsMIW89P3sGaD6Nk0CQyin7BX-6PYRzBlE2NNBaeans1GG6g_-hcxeVulehB3yXJS9ad7_qpbM6T1rZIMoqr5PgwEK-VRueVRJ0TryonBY7ieLJ0xzUJpY5xAIkqlDbimnN-xIq7lGyNV6id3y5wfiOdF3GNHPiAtmmFucGgObmb-Ae1tbTXybFIG0Pgyg7MWKpCBI1qIeZHsL1Vz4_75tbYb33bXrQOGe8arpS-shuT1fpU3Z1rfcSLV3KLP2xQIOFfPPm4D15VxyeLso8Pt0ncAPtWZIWeagqRNhkmoFaih1lhgl6o3hb0gHXpczqxYjV-Q3H8NL-4VoLa6IS3pdWMMe_FHfmyXB_kMtMy3Y6UEj4k_QSmti2wer6P7eP10Ocr-kT8jE5bGEfKLZO0Z-89eoEtvAEe24UZFMZ_hKhTX9rzq9GAJ1B-R9sSeGlrFrlmf2vquX4OAFA8Ja03ygqOm44ojcSURkq-hunt6HqsSODbtjqFxb2SXxJ9K10VuyAumemp3PaUq7KYrie0TnUEKgfhKsp_6V8WEwNmAwK0NR5TBARUQ65TFu5ZVCRd0Rg3asjfMwzurZeox76x58yC-fNOtQT_92jnxPSX2roMPrTF9MJMN45i72La4ovhkK1WIL32suyft6OLfRtDiIje3_7G0Bj3ATfZjOS5IES-Y87A_FhS4DDGjrL4RZWAOd08be_it_qtYcFYeZhd51tn-F4EKYmPrNgrRbFonpMiNWpA6OS_jp5bMO2fotkzRSzzi2CbjZAQjP8JD0pXTNf2vn94GIlW-zINLvlNmjDcBmJSSIiUGVpRfzwFILl0ijuacrBcOkpeAcpxlt2DGVmCCvWK8-y_LO-1P2DsnCDn-dsKLjEyXc2T-Zg6P4MtNXgd6nROTah3rOHJ3-4K9ShPe3xG4flieDj3ymhryLEb2iuTTZIvj3bTA0PaoEtuh7335yVhXTW2y14z2HTo495eXaLZiQ7zmqkwg9l8bJgcyGdZIBzr_NbWTAXW9a1WUp-QofV82N98hl9DeJrVHEl4DXitFca9Ymz&sai=AMfl-YQQXc-HbrFzQQdt_u2VIiFSw-Ml8RX5hy05qaNSO_kqhHSX9gERp1Z_kMA1BhXk1RMbv40J7ku6jUe-wewoIM0zd6Zgj4v8Fh1ZyFAULqrdRK3R_VwuWXFbmSrZ9ap59bR1nfRLG464GAa6h4s2y7mWIUEIZrQKxUPPSuKM24gxJFkgSLntEnaIdHve8V8U_uvc43gIICrvHOE2mzZOJkCrXUUUPIIJQWhHIZ0imTGxtCKQOH1jhxvGwd5psiYxBH-EN3TPLKODR6lo05hgyVOq_KeC2laDCI9a9w&sig=Cg0ArKJSzGrjPF0a9DUnEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Feb 2024 03:34:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58269/ Frame 7950
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPLPn5UCEM3_sPcDGNXcxIICIAEwAQ&v=APEucNUQ7K0Z9l9w3eWfKRCL0SjOmddF2wB3skIOx27BN7y_MJc-Z6jdor7CQcdzd3NgJxf9YRLSjQH7gNq-jyc_U2eGgqlw9g
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true

0
125 B

134ms
64ms

Image
text/plain

3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true

Protocol

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date: Mon, 05 Feb 2024 03:34:09 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date: Mon, 05 Feb 2024 03:34:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7950 0
25 B 54ms
53ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7950 42 B
69 B 56ms
55ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2RXyRw_pnauoZZmrPRju2bp_19K_I8jSZb8ExSD_ZFdNLyT9EHvqZ0qG98ofLkpr2THRh6pKt7NB6ajf0foComnlI8a5lYzu-wZwNhGXjBxHAsm5XsBklEnlXCekm_5MbDkxb6_vOyj-D5OdrEAc&sai=AMfl-YQEuTj2zFQMf8qM8NvovN7gnyzDakwrMXCeFpuO5GqT8A03RQMGukrxEJb5yEp4gwRdghrd62BVaEz_rfMqAjvBXWaAczwoVnFH9O8WIu1jyT2UqsRb7kq3vmJCzVbnsxM5euT0tUx2aykRvBkC&sig=Cg0ArKJSzHobAJ_SKLbzEAE&cid=CAQSTgAvHhf_R3z3suP9857Gl4e5OzYCA9dU2InHIlTgx_77GPshJYQftMitVQYnhQ6XeDtVoIwHUCPXrZlSqJDJshLjjwCalik4hKWnfU5xxBgB&id=lidarv&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D18176%26vmtime%3D2%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D876693281%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1707104049061&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7950 42 B
68 B 58ms
57ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cmm7lL1fAZaf3KtD7nsEP-eWfwAzZhsKFdf3wiN2JEufB9P0IEAEgjJ7uYGCRBMgBBakCRMIPqnAZsj6oAwHIA5uEgIAEqgT3AU_QMG-_St3rjD4K012gTuWnp7Uopd48KtdZfPzAweNyryZTQ8iLKnTZszvDFSKqP1xe-iunSo5hosCkfVMjuOVLNeDnIBt9y5nuNFCZafmBsILYjhF2MwkKXU6vm2a4_bI1HAw1MuYhFmDrOrF7syhMdXZycmZXWr10QX7TaFK6BFmAKPexLbJ00A08YIERtG7fWwZw8PaGw17ANpS1YQCcLU3k3PaZGVRv2U6flz6Gg6BQlXpbsk8dhN5TSuQiUwAR9uCBFbt5kJL_zMaBFi98mOScV_XNxcXWKt9bPR0Fm2z6np90S6LVf90pVLQfEJcr426gibLABJWKiLnCBOAEA4gFq7mM4U2QBgGgBnbYBgKAB5CD8dEDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAKAI4BOwCALSCCUIgOGAEBABGB8yAqoCOgiAQICAhICABEi9_cE6WPOF7pKik4QDgAoByAsB4AsBgAwBqg0CTkywE820jBbIE5CdnuQD2BMKghQPGg1vdXJ0ZXNjby5pbmZviBQC2BQB0BUB-BYBgBcB6BcF&sigh=nq5dIXnEO2M&label=vast_creativeview&ad_mt=2&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D18176%26vmtime%3D2%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D876693281%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1707104049061

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 7950 0
17 B 17ms
17ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~ls8doa4h&c=4585659002692&slotId=2292829501346&qqid=COfK7pKik4QDFdC9JwId-fIHyA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=500&br=392&mt=video%2Fmp4&vs=480x854&dm=18000&umsem=0&event_name=first_play&asset_bytes=200263&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.12m~ff.12s~videopreviewstarted.12s
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame 2584 43 B
251 B 85ms
23ms Image
image/gif 2.18.161.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=119&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=ourtesco.info&L1id=30000051&L2id=50000648&L3id=60015306&L4id=70019759&S1id=googleads.g.doubleclick.net&S2id=160x600&ord=1707104048629&r=420935028566&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatSubdomain=ourtesco.info&zMoatIMPID=Frv2DCMiJLfQLbqOQXGSNr10QS7dlvoxjHeXgw&bedc=1&nosend&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 05 Feb 2024 03:34:09 GMT

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame 2584 43 B
251 B 86ms
24ms Image
image/gif 2.18.161.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=119&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=ourtesco.info&L1id=30000051&L2id=50000648&L3id=60015306&L4id=70019759&S1id=googleads.g.doubleclick.net&S2id=160x600&ord=1707104048629&r=420935028566&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatSubdomain=ourtesco.info&zMoatIMPID=Frv2DCMiJLfQLbqOQXGSNr10QS7dlvoxjHeXgw&bedc=1&nosend&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 05 Feb 2024 03:34:09 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 2584 43 B
265 B 22ms
21ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fstatic.travelaudience.com%2Fimg%2Fimport%2FDubai_DMO%2FAdventure%2FDU%2F160x600_Dubai_Adventure_DU.gif&i=TRAVELAUDIENCE_DISPLAY1&ol=4125599237&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DVC8p%3D%2Fi%24%2Bc%3DN%2CNl%3F%3Ba7%2B%22%406U.hayWkKBF%22cpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bmx%7BimP%3DK_%3CMC%23VRzx82If%25.b%5EhekO2m%2F%26u~q%60RP%3CG.G%24c%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-7OMlZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-csYy9DU1NqKUTA%3D%3D&sc=1&os=1-WA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fourtesco.info&id=0&ii=2&f=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fourtesco.info&t=1707104048629&de=420935028566&cu=1707104048629&m=542&ar=805b0ce1b97-clean&iw=4a25902&cb=1&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=163&lg=1&lh=16&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A522%3A522%3A464%3A322&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=119&cd=0&ah=119&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000051%3A50000648%3A60015306%3A70019759&bo=googleads.g.doubleclick.net&bd=160x600&gw=travel198849194933&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=ourtesco.info&zMoatSubdomain=ourtesco.info&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=Frv2DCMiJLfQLbqOQXGSNr10QS7dlvoxjHeXgw&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=2&jm=-1&tc=0&fs=207009&na=2127404644&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

unused62: 8096267
pragma: no-cache
date: Mon, 05 Feb 2024 03:34:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 05 Feb 2024 03:34:09 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 2584 43 B
265 B 22ms
21ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=4125599237&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DVC8p%3D%2Fi%24%2Bc%3DN%2CNl%3F%3Ba7%2B%22%406U.hayWkKBF%22cpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bmx%7BimP%3DK_%3CMC%23VRzx82If%25.b%5EhekO2m%2F%26u~q%60RP%3CG.G%24c%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-7OMlZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-csYy9DU1NqKUTA%3D%3D&sc=1&os=1-WA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fourtesco.info&id=0&ii=2&f=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fourtesco.info&t=1707104048629&de=420935028566&cu=1707104048629&m=619&ar=805b0ce1b97-clean&iw=4a25902&cb=1&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=163&lg=1&lh=16&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A522%3A522%3A464%3A322&aa=0&ad=41&cn=0&gk=41&gl=0&ik=41&ic=41&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=119&cd=119&ah=119&am=119&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000051%3A50000648%3A60015306%3A70019759&bo=googleads.g.doubleclick.net&bd=160x600&gw=travel198849194933&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=ourtesco.info&zMoatSubdomain=ourtesco.info&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=Frv2DCMiJLfQLbqOQXGSNr10QS7dlvoxjHeXgw&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=2&jm=-1&tc=0&fs=207009&na=270584820&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

unused62: 8096267
pragma: no-cache
date: Mon, 05 Feb 2024 03:34:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 05 Feb 2024 03:34:09 GMT

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame 2584 43 B
251 B 19ms
19ms Image
image/gif 2.18.161.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=41&fi=1&apd=200&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=ourtesco.info&L1id=30000051&L2id=50000648&L3id=60015306&L4id=70019759&S1id=googleads.g.doubleclick.net&S2id=160x600&ord=1707104048629&r=420935028566&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=ourtesco.info&zMoatIMPID=Frv2DCMiJLfQLbqOQXGSNr10QS7dlvoxjHeXgw&bedc=1&nosend&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 05 Feb 2024 03:34:09 GMT

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame 2584 43 B
251 B 20ms
20ms Image
image/gif 2.18.161.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=41&fi=1&apd=200&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=ourtesco.info&L1id=30000051&L2id=50000648&L3id=60015306&L4id=70019759&S1id=googleads.g.doubleclick.net&S2id=160x600&ord=1707104048629&r=420935028566&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=ourtesco.info&zMoatIMPID=Frv2DCMiJLfQLbqOQXGSNr10QS7dlvoxjHeXgw&bedc=1&nosend&q=4&nu=1&ib=0&dc=1&ob=1&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 05 Feb 2024 03:34:09 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EEFA 42 B
64 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJeFSUVQ73cTVBvmNU2csDqIca827f1FmN33T9cjcDYMF-UT8o7neI3-EN9D1Ts4qEoyVQMD32QO761-YBaHIStqH_HJikIEyYu8-LXYB_cZU9DrbOdbDIuAz4na5ji6PdAA06mtioRsieYvhzeQYTVTGlrqk2Pt9A&sai=AMfl-YQICbNHFsmBkkICuT_j2GTJ7QA6Eh1RGFrLUUFeKBhrs3j18KkunSnGYvxencj74lkOJz_L-TiIOR-2TUwb-XB46-KzoFhA7inNAD-Ae3fKq4_ccXyoam6PbME7J7W1cvWZy-V_C53Y8dcjISJ_&sig=Cg0ArKJSzEAuCmazzS7HEAE&cid=CAQSTgAvHhf_WGiRsV9-7_fqWKazPX2p_W9-8_qbb0YBF0lrYtNJoa8LWeG1wJbQpxWu_WjgJxfP_DD7sAIcRojGqOlcLILzZQ2bsYME6KJ2vRgB&id=lidar2&mcvt=1000&p=0,1,124.24449920654297,1006&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2653016058&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=303684800&rst=1707104047679&rpt=603&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2A49 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWms1Z_TC8QEmM6AsGfgfSYgNlYVqa8WwMWvtFh_3pH-VDXs453cttdVMsnWjSKN0NUdkgNhsemLlBxfyvVlze2HyJOEajzgXDzszjeZadzduJJ_NQKIAqXqwnxcaFOQws5poNSMx8KXIoiQjyPEbVu4DudSvT8wv-&sai=AMfl-YREupzshFZ_2OJxZStTkuogE28xvYJb88qa25nyIb17KPgx8ZDyASJFsjGv6QTeZxAjY9sX1jH5D_ute5Y7PBAS5KiKGRY3pyuE_nEvkZC0Jf-4WtKxz0ePXIapY28GDRgPXU7sxGA7mAx1Iwzg&sig=Cg0ArKJSzBEBnjRS5QIAEAE&cid=CAQSTgAvHhf_R4aXbvsYNCcikB-f2-L8CmmlyTe8wB5FRkLwy_6LXwZRJUODHQzJKY8fJV5tlOVFcy17v9DrTA_Jl30McxMMEh5ZAx6A-l6-wBgB&id=lidar2&mcvt=1001&p=0,1,124.24449920654297,1006&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4161265742&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=303684800&rst=1707104047687&rpt=597&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 54ms
54ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240131&jk=1699387297533897&bg=!AQKlAk3NAAa8BdJLnAU7ADQBe5WfOPjZ7JQDFJMxXVVKdTO71dYOLRwOZH0Yc7zB7Y2yn207I110f6CxfIhqpYtrI1AlAgAAADRSAAAAAmgBBwoAi7x2oGs9AQDB2VexBafwM6FNgigEK1lNWgRqbkgmZlP56-rT8Cv2GZ5gqLd36LO2M-TYaveTeLmgpxryTN6lPv3Z_ZWe0Mo4LRExlmfkWXLsdQCci5hbrkQDGyVr3tWj6NH4OhOW2KmOsKMaZfF6okJVYOx4uZ-8Ms3vovT8ssEmRotMNq1dOnGgULOZAs5Ec9a8u4BnjBSGERouiGYxwZEkE_VeRtgBiOcZa9-SDpLPnZwIXMi5G8VqoOdwTZ26Yc0rvPVu68XWuaCvXi0EcmXW2JUzt74SuphX3B2fGon7RtrWj4Oo4enzrshH3tCXt7VT4A8xlelvdg1PGl5War-o4qM8NuMu5A_-w4_5Rk7uNFSh9SHeUCCc3t-ZxyMVg5eElh22aC_Wj42gchCGI0wwOciTJFjU1tz02lFPRFV2h7GFcqs361rDrVFQ08w8D4rSgg3c-dEC7kbC8InyBiDqZEX-cF1X78HYdwAD2cr7rc26679dcm-tdobljyP7o5IHYlt31BRRh-hERwO3wthSwXAEPYLrwtcDXsoX4HbHODUefZFER3OZdMiBlgwV4ZZUSB-bTWidqjJ8J89TdbmmUN_yZzVrWsWOSR3Pt6mraaZqxTlcXbGMxEIGa0svbdoRKeI2kqoKxJdub8xzHR6_W-7mF5fgimEYjOiEfLgBg8Hu6uv643XPeONE6RHx5P_YaTEYnhQUrJDVQVzxvn4D5nKsCpvhVC2_7vFwW-PxvQX_JUnkdGlaTx0JDmH9IOLGQPkTDwMvY5dSyob4yfTcbIxXwni33d558czLLch_9ktCUR3qUNg3CdprY_NxRxD9sxqvt8actWyF5E2DqWAvE_jaZlw9j0F6i_QrR53MYjYI44WvIGlM-NHThTNFurePi1yLdResw37JjGdPfSxbHHCJ5M7xILog-NQx36iiz11ZOiHVxEOI-hIBihAGhPZJuqpFCZz_hmO09W1UryGVcXucxqEPJIJG4la-CdIg1bWqrWT4fvTmYlgo3E6gAhtYy_Dw3Wfgx0nemwDTRN0mRA4LHUQDN-gJVcBu4yZjMycQEgWQycymE2jiE3fwRA2JkHLZCX70kJQsg-YXpSXiGyoK4MdKSpGzOZ34hW6_cG-7ZJipM1HTCPYX
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ourtesco.info/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame 7950 0
17 B 17ms
17ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~ls8doaei&c=4585659002692&slotId=2292829501346&qqid=COfK7pKik4QDFdC9JwId-fIHyA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=500&br=392&mt=video%2Fmp4&vs=480x854&dm=18000&met.4=vfl.176
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C6C5 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0JAX_AMvnMCw3OUrhfnksApa8kxjeruogk6FLR4UJj2Ubf_G7oiURof_HmiigvESbHdULKqdKUUrBidE86wOuUUQDoDKw1uREUR54Zj-KAeojN4lrbVIOdt5ljF2RRZTzCqVcYg&sig=Cg0ArKJSzF7vyl4CIJVMEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=303684800&rst=1707104048354&rpt=99&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 2584 43 B
265 B 23ms
23ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=4125599237&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DVC8p%3D%2Fi%24%2Bc%3DN%2CNl%3F%3Ba7%2B%22%406U.hayWkKBF%22cpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bmx%7BimP%3DK_%3CMC%23VRzx82If%25.b%5EhekO2m%2F%26u~q%60RP%3CG.G%24c%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-7OMlZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-csYy9DU1NqKUTA%3D%3D&sc=1&os=1-WA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fourtesco.info&id=0&ii=2&f=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fourtesco.info&t=1707104048629&de=420935028566&cu=1707104048629&m=1623&ar=805b0ce1b97-clean&iw=4a25902&cb=1&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=163&lg=1&lh=16&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A522%3A522%3A464%3A322&aa=1&ad=1045&cn=41&gn=1&gk=1045&gl=41&ik=1045&ic=1045&ez=1&co=1045&cp=1004&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1004&cd=119&ah=1004&am=119&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000051%3A50000648%3A60015306%3A70019759&bo=googleads.g.doubleclick.net&bd=160x600&gw=travel198849194933&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=ourtesco.info&zMoatSubdomain=ourtesco.info&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=Frv2DCMiJLfQLbqOQXGSNr10QS7dlvoxjHeXgw&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=207009&na=7068786&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

unused62: 8096267
pragma: no-cache
date: Mon, 05 Feb 2024 03:34:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 05 Feb 2024 03:34:10 GMT

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame 2584 43 B
251 B 22ms
21ms Image
image/gif 2.18.161.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1004&tet=1045&fi=1&apd=1204&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=ourtesco.info&L1id=30000051&L2id=50000648&L3id=60015306&L4id=70019759&S1id=googleads.g.doubleclick.net&S2id=160x600&ord=1707104048629&r=420935028566&t=iv&os=1&fi2=0&div1=1&ait=0&zMoatSubdomain=ourtesco.info&zMoatIMPID=Frv2DCMiJLfQLbqOQXGSNr10QS7dlvoxjHeXgw&bedc=1&nosend&q=5&nu=1&ib=0&dc=1&ob=1&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 05 Feb 2024 03:34:10 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 2584 43 B
265 B 23ms
23ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=4125599237&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DVC8p%3D%2Fi%24%2Bc%3DN%2CNl%3F%3Ba7%2B%22%406U.hayWkKBF%22cpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bmx%7BimP%3DK_%3CMC%23VRzx82If%25.b%5EhekO2m%2F%26u~q%60RP%3CG.G%24c%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-7OMlZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-csYy9DU1NqKUTA%3D%3D&sc=1&os=1-WA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fourtesco.info&id=0&ii=2&f=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fourtesco.info&t=1707104048629&de=420935028566&cu=1707104048629&m=1623&ar=805b0ce1b97-clean&iw=4a25902&cb=1&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=163&lg=1&lh=16&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A522%3A522%3A464%3A322&aa=1&ad=1045&cn=1045&gn=1&gk=1045&gl=1045&ik=1045&ic=1045&ez=1&co=1045&cp=1004&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1004&cd=1004&ah=1004&am=1004&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000051%3A50000648%3A60015306%3A70019759&bo=googleads.g.doubleclick.net&bd=160x600&gw=travel198849194933&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=ourtesco.info&zMoatSubdomain=ourtesco.info&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=Frv2DCMiJLfQLbqOQXGSNr10QS7dlvoxjHeXgw&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=207009&na=75249301&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

unused62: 8096267
pragma: no-cache
date: Mon, 05 Feb 2024 03:34:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 05 Feb 2024 03:34:10 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 2584 43 B
265 B 21ms
21ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=4125599237&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DVC8p%3D%2Fi%24%2Bc%3DN%2CNl%3F%3Ba7%2B%22%406U.hayWkKBF%22cpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bmx%7BimP%3DK_%3CMC%23VRzx82If%25.b%5EhekO2m%2F%26u~q%60RP%3CG.G%24c%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-7OMlZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-csYy9DU1NqKUTA%3D%3D&sc=1&os=1-WA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fourtesco.info&id=0&ii=2&f=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fourtesco.info&t=1707104048629&de=420935028566&cu=1707104048629&m=1624&ar=805b0ce1b97-clean&iw=4a25902&cb=1&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=163&lg=1&lh=16&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A522%3A522%3A464%3A322&aa=1&ad=1045&cn=1045&gn=1&gk=1045&gl=1045&ik=1045&ic=1045&ez=1&co=1045&cp=1004&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1004&cd=1004&ah=1004&am=1004&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000051%3A50000648%3A60015306%3A70019759&bo=googleads.g.doubleclick.net&bd=160x600&gw=travel198849194933&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=ourtesco.info&zMoatSubdomain=ourtesco.info&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=Frv2DCMiJLfQLbqOQXGSNr10QS7dlvoxjHeXgw&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=207009&na=1917697578&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

unused62: 8096267
pragma: no-cache
date: Mon, 05 Feb 2024 03:34:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 05 Feb 2024 03:34:10 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7950 42 B
69 B 58ms
58ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2RXyRw_pnauoZZmrPRju2bp_19K_I8jSZb8ExSD_ZFdNLyT9EHvqZ0qG98ofLkpr2THRh6pKt7NB6ajf0foComnlI8a5lYzu-wZwNhGXjBxHAsm5XsBklEnlXCekm_5MbDkxb6_vOyj-D5OdrEAc&sai=AMfl-YQEuTj2zFQMf8qM8NvovN7gnyzDakwrMXCeFpuO5GqT8A03RQMGukrxEJb5yEp4gwRdghrd62BVaEz_rfMqAjvBXWaAczwoVnFH9O8WIu1jyT2UqsRb7kq3vmJCzVbnsxM5euT0tUx2aykRvBkC&sig=Cg0ArKJSzHobAJ_SKLbzEAE&cid=CAQSTgAvHhf_R3z3suP9857Gl4e5OzYCA9dU2InHIlTgx_77GPshJYQftMitVQYnhQ6XeDtVoIwHUCPXrZlSqJDJshLjjwCalik4hKWnfU5xxBgB&id=lidarv&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,199,119,265%26tos%3D1800,200,0,0,0%26mtos%3D1800,2000,2000,2000,2000%26amtos%3D0,0,0,0,0%26mcvt%3D2000%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2161%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D43%26pst%3D200%26dur%3D18176%26vmtime%3D2166%26dtos%3D2000%26dtoss%3D1%26dvs%3D2000%26dfvs%3D1800%26dvpt%3D2161%26is%3D33554707%26i0%3D33554450%26ic%3D257%26cs%3D33554707%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D876693281%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2000&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0%26t%3D1707104049061

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 03:34:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-21 03:33:20	Name: IDE Value: AHWqTUnl5An63y__SZMnLozMqjwN0CurVAHoKyIB5AdPbfbs-MgmtAVw0WhNwlGn
.ourtesco.info/	1970-01-21 03:33:20	Name: __gads Value: ID=6ef29a34fe7340f6:T=1707104047:RT=1707104047:S=ALNI_MZw1_PZvYKGWQKaZ3tan_O9cMhA8Q
.ourtesco.info/	1970-01-21 03:33:20	Name: __gpi Value: UID=00000d50940c4472:T=1707104047:RT=1707104047:S=ALNI_MZiSeCsyuKknqPx8a4zmS8ITXxqCQ
.ourtesco.info/	1970-01-20 22:30:56	Name: __eoi Value: ID=3bc4c87d5414b324:T=1707104047:RT=1707104047:S=AA-AfjbZln-Q0K7xYlCOTBtSpA9D
.adnxs.com/	1970-01-20 20:21:20	Name: XANDR_PANID Value: UmpNWdlulv3eyh3M1enmG4BC4VjXvnjGGKwzNqR7pxO-zcyIBjFlSpg5RD0irTjFZhaanups5l1rIep2Vnw3bb9eFIjRKulm-LcR--FO6No.
.adnxs.com/	1970-01-21 03:47:44	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:21:20	Name: uuid2 Value: 734520489882116698
.casalemedia.com/	1970-01-21 02:57:20	Name: CMID Value: ZcBXMK2PogFL5..n1fSDKwAA
.casalemedia.com/	1970-01-20 20:21:20	Name: CMPS Value: 2180
.casalemedia.com/	1970-01-20 20:21:20	Name: CMPRO Value: 2180
.adnxs.com/	1970-01-20 20:21:20	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In1>AG7+!@wnfH8K6pQK`!5=E<L5?%KB8mJ78/ORE9_icTW5w0cB4LD6>?MMHVeh_+4%nugO%v4VB%nnQo#w[k
.travelaudience.com/	1970-01-21 03:39:05	Name: _tracker Value: %7B%22pb%22%3A%2290000%22%2C%22UUID%22%3A%22B325F88C-4304-4381-83FD-0718C026B0D6%22%7D
.ourtesco.info/	1970-01-21 03:33:20	Name: __gsas Value: ID=314055541c634701:T=1707104048:RT=1707104048:S=ALNI_MaqxsxV57uLviMIKYritcynOcax0A
.doubleclick.net/	1970-01-20 22:30:56	Name: APC Value: AfxxVi7Kn7b93y05MZC7zU1b5-WkB8RO16Gdc2JKPcwzzTEPBDTVxA
.simpli.fi/	1970-01-21 02:58:46	Name: suid Value: 0620B54B19BB429984DA45EEEC67C773
.turn.com/	1970-01-20 22:30:56	Name: uid Value: 3960856587516153706
.yahoo.com/	1970-01-21 02:57:41	Name: A3 Value: d=AQABBDBXwGUCEODMPmzfAgi3B5fuoOKbU8kFEgEBAQGowWXKZQAAAAAA_eMAAA&S=AQAAAuwzEzSMlkHrEY7FIt30LD0
.everesttech.net/	1970-01-21 02:57:20	Name: everest_g_v2 Value: g_surferid~ZcBXMAAAAatotAA9
.googleadservices.com/	1970-01-20 20:21:20	Name: ar_debug Value: 1
.tribalfusion.com/	1970-01-20 20:21:20	Name: ANON_ID Value: aXntuJOZb3VgUEjUAujyprQWVdZbajbZcyiJREQMtXCjqSDniiGEW2Frk1mhZajBSomeSUw6R2do01XDpKHDGq8daCkY

101 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.google.com/adsense/search/async-ads.js(Line 196) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
violation	error	URL: https://z.moatads.com/travel198849194933/moatad.js(Line 139) Message: Permissions policy violation: accelerometer is not allowed in this document.
javascript	warning	URL: https://z.moatads.com/travel198849194933/moatad.js(Line 139) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ourtesco.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ade.googlesyndication.com
ads.travelaudience.com
bid.g.doubleclick.net
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
mb.moatads.com
odr.mookie1.com
ourtesco.info
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
px.moatads.com
r.turn.com
r2---sn-c0q7lnz7.c.2mdn.net
rtb.ads.travelaudience.com
s.tribalfusion.com
s.w.org
s0.2mdn.net
static.travelaudience.com
sync-tm.everesttech.net
tpc.googlesyndication.com
travel198849194933.s.moatpixel.com
um.simpli.fi
ups.analytics.yahoo.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z.moatads.com
104.18.36.155
130.162.160.243
142.250.186.130
151.101.2.49
172.217.18.2
172.217.18.98
184.30.17.133
192.0.77.48
2.18.161.148
2001:4860:4802:32::3
2001:678:cb4:bbbb::11
2606:4700::6812:18ad
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2006
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:400d::7
2a05:d018:d29:3605:ef0:278a:91b8:ee2b
2a06:98c1:3120::3
2a06:98c1:3121::3
3.71.149.231
34.160.236.64
34.91.62.186
35.187.184.108
35.190.0.66
35.214.149.91
35.244.170.237
37.252.172.123
64.233.167.157
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
02e7e360cacfd38553a3e1cea4ac7a96f591985e9e4ce2527c24a54bbf602029
0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2
053cdbdaaed80c551904596c06c0e1f011903b90acda2bb64899c12301e83c62
06f004482e17cd781019152317a1e9d5a7d8ea0733b25ad2af8ad16429fbac03
0826631ff8e622d859a07f31f720de75aae09793a4916c8fdbdf55c2889e7af5
0841b43610f53c5ab7259c11e0a8935c2c4e749fd0af052bfdd01fdb7f259897
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
14a9a34ca6741b4720bf2860f507dfb7a8188a1f54f645a3676d63c188b83fcc
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
2ae2b3edb1fdd7e6ee1348b1c0ea35619fe132260ad31cfbe3fd8db6215113c4
3053ad39e1a688da77ec6bd3ae22f2082eec48317d4ef4c1db901f7e728dfc07
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
323d244837d21d4cb380957be065e5bf6c462999f5c57e819d930eb72852cde3
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
3816defd14e327f4ec663434fb2d95f86a599d0060b111b0465f032a3db90da2
3d124b41dad66f4b40e5aaecbc7fbb952b4b7cd38555ffa0cdafa0271d5acf76
404efa75d314e3ee70ef743929d5ee6a69ded116a67e5caf59eff29394f9a418
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49f9117b94a5252fe9275626b5dd68af08e0b445517dc246e5b444fb617036da
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fb7449fb43df3cbbffb84cff32c131114a1d0a87f8c485121f43a58c3476e1b
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54da2951610583c64903ed2f1d883dd98a8ef2b50228f64128fce1ef053b62fb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5747b39683fc71c59e373bba83b1425f3c62472398da141228614a14ff2a5703
59da375b1b9fba2e6b412240b715dd5a39fccb852cfec16a3c060e150d28dcd9
5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94
5d1dfe664e40212b463e2754344e0ec023d19985855c9828f6110546cb9f8129
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f6667e46142478734d12f1a659ea0a118c194ad3c04ed06300588187bbe683
6437e7f6ed7c19fc133d88b715f1a6ab3818062e0fa249142db621b5b95da593
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d3191444c8597e509c0ca9844048702d321a529286512a12d5ccbf45c68089f
77efde81e165680d3d383acf35f4ee781c7a4b5bb806c6390ee819b756e65891
7a3e46e1ff87b9f01838d375e53a39e1c6383104290ff3e68e289a8e5045219c
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7e343d2efe18c711882f9f458ec30caaf07b556286fcdc32516a2ba3da5e8607
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
7ef3110dc82803dc45170f9d009e7f3deb05f87f75c1ec819b63228c0f8a9177
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
806da15529fd66fda2e849471c9e4ab2f05bcea16a62dc218e60a5b1935e49c3
87730619237d40c2957b1c0ec2db39cd05bff37ec36dcfd9064c5cd1ba54de1d
8ad699b94dcb8ac5c24ab5f4e6bfaa6fa8ddd26d90ff42fc3e395a8310684512
8ee937ac0792d4568fbbbeabba37fd92c9d601cd2a6b864216ffe15d4b1eabec
9248d32a1863a0736e5bcfe7e2a09f8138eb702c3f3605b069dc196bb1b06ec8
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
9fa30ba732474b1cd5bee97ab665efcdd20d10364f17890831eee3bd0634ab07
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a4c2641a9214d4f262d9d53bce3f56e43c41a8b70cc152a206b422c6169737
a67bd5875de4e7f674475929004457feb4c0fa28a0096a0bef690cbc9836b726
a78e90908481ef481b73760949a9bcdfdc2b52868886e4364387187a95efc591
a8beeef1cfa7b41c59dd29fd98f684cf1b7d24676fe9d7f7b632ce21e2dc4241
a8e37f53485e559c076077dd5292c9c81e073f6f266668a97c3e2bb1ead24bdb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bab279998c2611f423c748e4ec9fdd2f72b3fc9acc15833211d378ddb5c9bc4b
bc330a2135977e928ab1fbb77105c3ca86110eec9dd36be75653dfbfc1bd61fb
bda4e6d76f6b82b87f43755d551b36dd7cfb0d0117fb798435270e7c1127a87e
c954fb7689224aabb4d6876a386ae29a747cf7ca380c3ac6b1213faa5e0cf00a
cada586e76429db28056987dca447a37ef551b7df85ab954a010916915f1e9a8
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
cd9757cf2e3ab280fa27fb56dc87f73ddbc1d09e3fa09e09d6c48a47d3321e8f
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d720e85b80f8c08c1e1b6a4ea4ac61e7e71264f482d50523a6c9a0abae0f5480
da799b6883b20161c00c08ee9208a312b5cb73a250a6e30138e0f6d0c4ea202a
e047f5f59595215030c40abe18de908fc34088e477a3844491b4e17a70de74c9
e1cb75a4fb116b0f5cef1b90ac0c0c4121c7682a1c756ca9ac5320b6c73f24d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5fa4a2e8f029af6308667a27defcdc36c42dc7d08045ad0097121867e144607
e6b4122b94b82886e32952c07c78d342647b3a38a2834f4489e0922308a95eab
e845fcb50a34be246ce18c0187a8662517a3a7a45673ab56ef124fe70da00dd6
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f0a5a884eb6794a286f62db1fdcf257ba96b7d6c74a00ef4c0c00be8726ef3ae
f11ca81090a5bce6acb554a079840e80405ee855da33aed367d2e9ebb3209dd4
f62de547c38a73faa9cf610e7ec4a8c8a95fcff5b0fb1b97904d5d95be20fe8d
f67fc4e9c785ea68fcf05a552b69a03e070c38a844218174d7e16b6b9d092102
f6bff28c18a405ca79c08a71d6a1163ce8141c38645002b1a65169b9083fb96c
f7b2b54734106066914320438fe9105730c413a2876426ddf04e3c259d404b05
f7c786a2a7a073fbef868449cdae1a0cfaed09461573ea0800646e60276033b5
fc36bd9cdbd1692cd345114deb91252274098250c23d83d2c2532180da3d964b
fced8fc8607b3212435555d4e45b6473488227807b7a4b12120aa51b32ab7b10
fde8181f0fd193c53c534eb5fed1ed29fe7a496930834c9a8119ea74cb945c96
ff8f9cc6d890b7f914eb11491ac52cdb6a4dba24cf8c7d7da0808a211b9ba158

ourtesco.info Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

179 Requests

91 %HTTPS

50 %IPv6

22 Domains

40 Subdomains

32 IPs

7 Countries

3395 kBTransfer

6676 kBSize

20 Cookies

4 Outgoing links

Page URL History

Redirected requests

179 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ourtesco.info Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

179
Requests

91 %
HTTPS

50 %
IPv6

22
Domains

40
Subdomains

32
IPs

7
Countries

3395 kB
Transfer

6676 kB
Size

20
Cookies

179 HTTP transactions
6 data transactions