www.j-hero.com Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.j-hero.com/
Effective URL:
https://www.j-hero.com/
Submission: On January 15 via api (January 15th 2024, 9:14:50 am UTC) from US — Scanned from NL

Summary HTTP 499 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 66 IPs in 11 countries across 50 domains to perform 499 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is www.j-hero.com.
TLS certificate: Issued by GTS CA 1P5 on December 18th 2023. Valid for: 3 months.

This is the only time www.j-hero.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 26	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
6	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
44	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
44	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
8	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 2	184.86.251.139 184.86.251.139	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	23.32.238.234 23.32.238.234	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1 27	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 12	162.159.138.232 162.159.138.232	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0d::9c	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 6	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
18	23.32.238.171 23.32.238.171	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
17	2.18.121.202 2.18.121.202	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	138.199.37.209 138.199.37.209	60068 (CDN77 ^_^) (CDN77 ^_^)
2	138.199.37.213 138.199.37.213	60068 (CDN77 ^_^) (CDN77 ^_^)
18	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2 4	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
23	162.159.129.233 162.159.129.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9 31	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3 7	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:400c:c06::54	15169 (GOOGLE) (GOOGLE)
3	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1 6	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
10	146.75.122.113 146.75.122.113	54113 (FASTLY) (FASTLY)
1	159.69.70.9 159.69.70.9	24940 (HETZNER-AS) (HETZNER-AS)
10	2.16.238.11 2.16.238.11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	71.18.5.241 71.18.5.241	396986 (BYTEDANCE) (BYTEDANCE)
1 4	136.243.149.243 136.243.149.243	24940 (HETZNER-AS) (HETZNER-AS)
2	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2.16.100.152 2.16.100.152	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	85.114.131.235 85.114.131.235	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 4	95.101.185.124 95.101.185.124	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1 2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	18.184.81.93 18.184.81.93	16509 (AMAZON-02) (AMAZON-02)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5 5	37.157.2.229 37.157.2.229	198622 (ADFORM) (ADFORM)
3 3	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	23.36.163.226 23.36.163.226	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3	23.197.10.234 23.197.10.234	16625 (AKAMAI-AS) (AKAMAI-AS)
3	95.101.111.174 95.101.111.174	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	108.138.36.55 108.138.36.55	16509 (AMAZON-02) (AMAZON-02)
4	147.160.191.131 147.160.191.131	396986 (BYTEDANCE) (BYTEDANCE)
2	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 4	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2a05:d018:d29... 2a05:d018:d29:3602:567b:9400:1b2a:e999	16509 (AMAZON-02) (AMAZON-02)
6 6	213.155.156.180 213.155.156.180	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	52.58.114.78 52.58.114.78	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:264... 2600:9000:2646:1000:a:deb0:3380:93a1	16509 (AMAZON-02) (AMAZON-02)
17	95.100.80.78 95.100.80.78	16625 (AKAMAI-AS) (AKAMAI-AS)
3	35.156.126.108 35.156.126.108	16509 (AMAZON-02) (AMAZON-02)
9	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
499	66

26 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.j-hero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.86.251.139 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-139.deploy.static.akamaitechnologies.com

www.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.32.238.234 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-234.deploy.static.akamaitechnologies.com

lf16-tiktok-web.ttwstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 162.159.138.232 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

discord.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 23.32.238.171 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-171.deploy.static.akamaitechnologies.com

sf16-website-login.neutral.ttwstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2.18.121.202 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-121-202.deploy.static.akamaitechnologies.com

p16-sign-sg.tiktokcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p16-sign-va.tiktokcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.199.37.209 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 218040468.fra.cdn77.com

p77-sign-sg-lite.tiktokcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.199.37.213 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 559277417.fra.cdn77.com

p77-sign-va-lite.tiktokcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 162.159.129.233 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.discordapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 142.250.184.194 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.141 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.74.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 146.75.122.113 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

v19-web-newkey.tiktokcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.70.9 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.9.70.69.159.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.16.238.11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-11.deploy.static.akamaitechnologies.com

mcs-ie.tiktokw.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 71.18.5.241 (United States)

ASN396986 (BYTEDANCE, US)

mon-i18n.tiktokv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.149.243 (Ludwigshafen am Rhein, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de

hal900030.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.100.152 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-100-152.deploy.static.akamaitechnologies.com

libraweb.tiktokw.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.131.235 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21039.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.101.185.124 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-185-124.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.81.93 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-81-93.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.2.229 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.254 (London, United Kingdom) 3 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.36.163.226 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-226.deploy.static.akamaitechnologies.com

mssdk-va.byteoversea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.197.10.234 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-10-234.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.101.111.174 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-174.deploy.static.akamaitechnologies.com

ajs-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.36.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-55.muc50.r.cloudfront.net

agen-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 147.160.191.131 (United States)

ASN396986 (BYTEDANCE, US)

mon-va.byteoversea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:19ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:567b:9400:1b2a:e999 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.155.156.180 (Sweden) 6 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.114.78 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-114-78.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2646:1000:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 95.100.80.78 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-80-78.deploy.static.akamaitechnologies.com

cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stat.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.156.126.108 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-126-108.eu-central-1.compute.amazonaws.com

ad-events.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	828 KB
60	doubleclick.net 11 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 309589	224 KB
58	wp.com c0.wp.com — Cisco Umbrella Rank: 8666 i0.wp.com — Cisco Umbrella Rank: 3696 stats.wp.com — Cisco Umbrella Rank: 2723 pixel.wp.com — Cisco Umbrella Rank: 2679	2 MB
31	tiktokcdn.com p16-sign-sg.tiktokcdn.com — Cisco Umbrella Rank: 1551 p16-sign-va.tiktokcdn.com — Cisco Umbrella Rank: 1295 p77-sign-sg-lite.tiktokcdn.com — Cisco Umbrella Rank: 29849 p77-sign-va-lite.tiktokcdn.com — Cisco Umbrella Rank: 11017 v19-web-newkey.tiktokcdn.com — Cisco Umbrella Rank: 52298	5 MB
26	j-hero.com 1 redirects www.j-hero.com	341 KB
23	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 954 cdn.flashtalking.com — Cisco Umbrella Rank: 1296 ad-events.flashtalking.com — Cisco Umbrella Rank: 1404 stat.flashtalking.com — Cisco Umbrella Rank: 1445 secure.flashtalking.com — Cisco Umbrella Rank: 2387	105 KB
23	discordapp.com cdn.discordapp.com — Cisco Umbrella Rank: 3270	616 KB
21	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1230 syndication.twitter.com — Cisco Umbrella Rank: 1527	615 KB
21	ttwstatic.com lf16-tiktok-web.ttwstatic.com — Cisco Umbrella Rank: 16766 sf16-website-login.neutral.ttwstatic.com — Cisco Umbrella Rank: 7690	1 MB
18	google.com 1 redirects apis.google.com — Cisco Umbrella Rank: 106 region1.analytics.google.com — Cisco Umbrella Rank: 2616 www.google.com — Cisco Umbrella Rank: 2 accounts.google.com — Cisco Umbrella Rank: 23 adservice.google.com — Cisco Umbrella Rank: 98	242 KB
17	gstatic.com fonts.gstatic.com ssl.gstatic.com www.gstatic.com	174 KB
12	ad-score.com js.ad-score.com — Cisco Umbrella Rank: 3066 data.ad-score.com — Cisco Umbrella Rank: 2906	487 KB
12	tiktokv.com mon-i18n.tiktokv.com — Cisco Umbrella Rank: 5438	4 KB
12	tiktokw.eu mcs-ie.tiktokw.eu — Cisco Umbrella Rank: 43981 libraweb.tiktokw.eu — Cisco Umbrella Rank: 38088	4 KB
12	discord.com 1 redirects discord.com — Cisco Umbrella Rank: 2485	1 MB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 75	300 KB
7	byteoversea.com mssdk-va.byteoversea.com — Cisco Umbrella Rank: 30379 mon-va.byteoversea.com — Cisco Umbrella Rank: 6390	7 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	4 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 ajax.googleapis.com — Cisco Umbrella Rank: 369	38 KB
6	de17a.com 6 redirects d5p.de17a.com — Cisco Umbrella Rank: 5298	2 KB
6	ftstatic.com ajs-assets.ftstatic.com — Cisco Umbrella Rank: 1744 agen-assets.ftstatic.com — Cisco Umbrella Rank: 1473	87 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	389 KB
5	adform.net 5 redirects c1.adform.net — Cisco Umbrella Rank: 583	4 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 38309 hal900030.redintelligence.net — Cisco Umbrella Rank: 248852	11 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	5 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 874 s.tribalfusion.com — Cisco Umbrella Rank: 2405	2 KB
4	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1376	776 B
4	facebook.com 2 redirects www.facebook.com — Cisco Umbrella Rank: 107	3 KB
3	onetag-sys.com 3 redirects onetag-sys.com — Cisco Umbrella Rank: 707	1 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 357	445 B
3	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 358 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495	2 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 875	2 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3445	207 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	725 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 764	796 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 524	400 B
2	w.org s.w.org — Cisco Umbrella Rank: 3198	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	88 KB
2	google.nl www.google.nl — Cisco Umbrella Rank: 9209	515 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	tiktok.com 1 redirects www.tiktok.com — Cisco Umbrella Rank: 4170	22 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	139 KB
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5893	556 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 373	146 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 856	714 B
1	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 70174	96 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 231	2 KB
1	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 410	24 KB
0	spotxchange.com Failed sync.search.spotxchange.com Failed
499	50

	Domain	Requested by
44	i0.wp.com	www.j-hero.com
44	pagead2.googlesyndication.com	www.j-hero.com pagead2.googlesyndication.com c0.wp.com googleads.g.doubleclick.net tpc.googlesyndication.com
31	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net www.j-hero.com
31	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
26	www.j-hero.com	1 redirects www.j-hero.com
23	cdn.discordapp.com	www.j-hero.com
21	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
18	platform.twitter.com	c0.wp.com platform.twitter.com syndication.twitter.com
18	sf16-website-login.neutral.ttwstatic.com	www.tiktok.com sf16-website-login.neutral.ttwstatic.com www.j-hero.com
12	mon-i18n.tiktokv.com	sf16-website-login.neutral.ttwstatic.com
12	p16-sign-va.tiktokcdn.com	www.tiktok.com www.j-hero.com
12	discord.com	1 redirects www.j-hero.com discord.com
12	c0.wp.com	www.j-hero.com
10	mcs-ie.tiktokw.eu	sf16-website-login.neutral.ttwstatic.com
10	v19-web-newkey.tiktokcdn.com	www.tiktok.com
9	data.ad-score.com	js.ad-score.com
9	cdn.flashtalking.com	ajs-assets.ftstatic.com www.j-hero.com
9	www.youtube.com	www.j-hero.com www.youtube.com apis.google.com
8	apis.google.com	www.j-hero.com apis.google.com www.youtube.com accounts.google.com
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
6	d5p.de17a.com	6 redirects
6	ssl.gstatic.com	accounts.google.com www.j-hero.com
6	www.googletagservices.com	googleads.g.doubleclick.net
6	www.google.com	1 redirects www.j-hero.com googleads.g.doubleclick.net tpc.googlesyndication.com
6	fonts.googleapis.com	www.j-hero.com googleads.g.doubleclick.net
5	stat.flashtalking.com	www.j-hero.com
5	c1.adform.net	5 redirects
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
5	p16-sign-sg.tiktokcdn.com	www.tiktok.com www.j-hero.com
4	mon-va.byteoversea.com	sf16-website-login.neutral.ttwstatic.com
4	sync.teads.tv	1 redirects googleads.g.doubleclick.net www.j-hero.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	hal900030.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900030.redintelligence.net
4	ad.doubleclick.net	googleads.g.doubleclick.net
4	www.facebook.com	2 redirects connect.facebook.net
3	secure.flashtalking.com	www.j-hero.com
3	ad-events.flashtalking.com	www.j-hero.com
3	js.ad-score.com	ajs-assets.ftstatic.com
3	agen-assets.ftstatic.com	ajs-assets.ftstatic.com
3	ajs-assets.ftstatic.com	servedby.flashtalking.com
3	servedby.flashtalking.com	googleads.g.doubleclick.net
3	mssdk-va.byteoversea.com	sf16-website-login.neutral.ttwstatic.com
3	onetag-sys.com	3 redirects
3	match.adsrvr.org	googleads.g.doubleclick.net
3	syndication.twitter.com	platform.twitter.com syndication.twitter.com
3	lf16-tiktok-web.ttwstatic.com	www.j-hero.com www.tiktok.com
2	pm.w55c.net	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	s.tribalfusion.com	www.j-hero.com
2	a.tribalfusion.com	2 redirects
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	www.googleadservices.com	www.j-hero.com
2	dis.criteo.com	googleads.g.doubleclick.net
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	8019191.fls.doubleclick.net	1 redirects www.j-hero.com
2	libraweb.tiktokw.eu	sf16-website-login.neutral.ttwstatic.com
2	s.w.org	www.j-hero.com
2	accounts.google.com	apis.google.com www.j-hero.com
2	p77-sign-va-lite.tiktokcdn.com	www.tiktok.com www.j-hero.com
2	p77-sign-sg-lite.tiktokcdn.com	www.tiktok.com www.j-hero.com
2	connect.facebook.net	www.j-hero.com connect.facebook.net
2	www.google.nl	www.j-hero.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.tiktok.com	1 redirects lf16-tiktok-web.ttwstatic.com
2	www.googletagmanager.com	www.j-hero.com www.googletagmanager.com
1	ads.travelaudience.com	1 redirects
1	adservice.google.com	8019191.fls.doubleclick.net
1	x.bidswitch.net	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	ups.analytics.yahoo.com	googleads.g.doubleclick.net
1	cdn.contentspread.net	hal900030.redintelligence.net
1	ajax.googleapis.com	hal900030.redintelligence.net
1	hal9000.redintelligence.net	googleads.g.doubleclick.net
1	yt3.ggpht.com	www.youtube.com
1	pixel.wp.com	www.j-hero.com
1	region1.analytics.google.com	www.googletagmanager.com
1	stats.wp.com	www.j-hero.com
1	cdn.ampproject.org	www.j-hero.com
0	sync.search.spotxchange.com Failed	googleads.g.doubleclick.net
499	82

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
j-hero.com GTS CA 1P5	`2023-12-18` - `2024-03-17`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
discord.com Cloudflare Inc ECC CA-3	`2023-10-20` - `2024-10-19`	a year	crt.sh
*.ttwstatic.com RapidSSL ECC CA 2018	`2023-11-15` - `2024-12-15`	a year	crt.sh
*.google.nl GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.www.tiktok.com RapidSSL ECC CA 2018	`2023-11-09` - `2024-12-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-24` - `2024-01-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.neutral.ttwstatic.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-06-30` - `2024-07-30`	a year	crt.sh
*.tiktokcdn.com RapidSSL ECC CA 2018	`2023-07-13` - `2024-08-12`	a year	crt.sh
1712227574.rsc.cdn77.org R3	`2023-12-08` - `2024-03-07`	3 months	crt.sh
1006686430.rsc.cdn77.org R3	`2023-12-08` - `2024-03-07`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
discordapp.com Cloudflare Inc ECC CA-3	`2023-10-20` - `2024-10-19`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
syndication.twitter.com R3	`2023-12-11` - `2024-03-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
redintelligence.net R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
*.tiktokw.eu RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
*.tiktokv.com RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-09-17`	a year	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2023-12-18` - `2025-01-17`	a year	crt.sh
contentspread.net R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.byteoversea.com RapidSSL TLS ECC CA G1	`2023-05-04` - `2024-06-03`	a year	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-09-14`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.ftstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh
cdn.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-04` - `2024-05-03`	a year	crt.sh
ad-events.flashtalking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-17` - `2024-09-03`	a year	crt.sh

This page contains 47 frames:

Primary Page: https://www.j-hero.com/
Frame ID: 3F6052EE08910CA33169950D1D02ED09
Requests: 134 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: F63D4F7E837A3585BE8A47D378C88D5A
Requests: 1 HTTP requests in this frame

Frame: https://discord.com/widget?id=828956130666348554&theme=dark
Frame ID: 017345F56F455693B2188C202EDC57EC
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=90&slotname=8356089636&adk=909181225&adf=945503801&pi=t.ma~as.8356089636&w=728&lmt=1705310082&format=728x90&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310081947&bpp=5&bdt=867&idt=188&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=1275441021063&frm=20&pv=2&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=629&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=834481197&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=194
Frame ID: 152A63DCC93EBC3D98D0AC81ED3F8BA5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&adk=3826760629&adf=1341073466&lmt=1705310082&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310081960&bpp=4&bdt=881&idt=185&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=834481197&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=199
Frame ID: B472BDFF4F6E938F1E56D179DBC3250E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=600&slotname=8054381891&adk=2469100880&adf=542241476&pi=t.ma~as.8054381891&w=300&lmt=1705310082&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310081969&bpp=19&bdt=889&idt=191&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=728x90%2C0x0&nras=1&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1002&ady=1979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=834481197&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=193
Frame ID: 6523D8E72375194DD83343C20328DCC6
Requests: 15 HTTP requests in this frame

Frame: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Frame ID: FCCCE7E48B9C8093DF247E682366A825
Requests: 69 HTTP requests in this frame

Frame: https://discord.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: 16494EFB694AB1642D3B5E0400F51143
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjogrzGATAB&v=APEucNXtyt5eRTLv6uIbsg6DQXXbZHlHq1TtcSMM13P_iL1Z9oD951RALrolLUbGA4dKsG-C8O5NOXAyC-qT6BXFrZvusFWk_Pzzz0PCYOLMZSs6bxL600ta1qQqvjuBjLZXBflbzg2k9bnlBYrThlafYjaaXy-kp0-I9uYpz9Bvyn_i69OO5Ao
Frame ID: 6467D5AA9EA966BBF7ED7E09270B717C
Requests: 5 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCNPBMjTj8WF0K28WGlwG8Mg&layout=full&theme=dark&count=default&origin=https%3A%2F%2Fwww.j-hero.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.nl.ALXhQhU1_MU.O%2Fd%3D1%2Frs%3DAHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w%2Fm%3D__features__
Frame ID: C242804A32E2BE86803C53A8402889A6
Requests: 6 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df25e2c7ad31ed9%2526domain%253Dwww.j-hero.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.j-hero.com%25252Ff2639a1088d657%2526relation%253Dparent.parent%26container_width%3D298%26height%3D500%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FJHERODOTCOM%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26width%3D300
Frame ID: 5F33635E3F66A30BFBA3836C3419135F
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.j-hero.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.nl.ALXhQhU1_MU.O%2Fd%3D1%2Frs%3DAHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w%2Fm%3D__features__
Frame ID: 6A5533B4AC4F8AA687F870F3E92AC8AE
Requests: 5 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.j-hero.com
Frame ID: 2B4E40DD73E3D148BEA73C45B3E093E7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6834A5E6EC1D0054E0E2CF602F355CDE
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=2567986831&pi=t.aa~a.3602219927~rp.1&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0&prev_slotnames=8054381891&nras=2&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1290&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=3
Frame ID: 14AF48A570259DF5057CF890BC83EA22
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=280&adk=3889316871&adf=264656653&pi=t.aa~a.3577929496~rp.4&w=678&fwrn=1&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=678x280&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2010&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250&prev_slotnames=8054381891&nras=3&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=1951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=19
Frame ID: E1C96F16EBC311CB2FE9199A0FC364F6
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=4004496541&pi=t.aa~a.3602248092~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280&prev_slotnames=8054381891&nras=4&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=26
Frame ID: E730F31ED26093293B33C0CD4A546FD0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=280&adk=3889316871&adf=600027505&pi=t.aa~a.3108947081~rp.4&w=678&fwrn=1&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=678x280&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=2&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280%2C326x250&prev_slotnames=8054381891&nras=5&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=30
Frame ID: 0C1C08519B089A1FFC0AF7D47150F8FD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=2004900475&pi=t.aa~a.2363856613~rp.3&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2010&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280%2C326x250%2C678x280&prev_slotnames=8054381891&nras=6&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=4097&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=32
Frame ID: 81C1145A844737D6B61BF72007C9E2E8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1a9eb64ef69948%2526domain%253Dwww.j-hero.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.j-hero.com%25252Ff2639a1088d657%2526relation%253Dparent.parent%26container_width%3D298%26height%3D500%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FJHERODOTCOM%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26width%3D300
Frame ID: A16A563E055B641792434609705BE832
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCNPBMjTj8WF0K28WGlwG8Mg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.nl.ALXhQhU1_MU.O%2Fd%3D1%2Frs%3DAHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w%2Fm%3D__features__
Frame ID: 0883C035C368B75B48E01A9E216150F2
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html?fsb=1
Frame ID: DE3F8875EA4B86A72E2D6A13E8FAD95A
Requests: 6 HTTP requests in this frame

Frame: https://syndication.twitter.com/srv/timeline-profile/screen-name/JHEROCOM?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=500px&origin=https%3A%2F%2Fj-hero.com%2F&partner=jetpack&sessionId=8095b1120d61630a7cce339cdb9ec1e3d4af95b7&showHeader=true&showReplies=false&siteScreenName=jherocom&theme=light&transparent=false&widgetsVersion=2615f7e52b7e0%3A1702314776716
Frame ID: DA89A1FBD41D53D9BE1701BA36C0D04B
Requests: 17 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: D9175A0760BE0A766AF4CED23C5860E8
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 27DE87973051065BD44660082594770E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYieCJggIwAQ&v=APEucNVpukRdIH6BET6tomwrfnwpHm-ZQf8zze8IxFRyJfZ2y5gtPpulUYmWVrgKv_qEPDZ7mRaMDWyHJP0Jze0FGiDRU2MBjoOAhcc42XVAaFTq00HbWM4q5JEj6TgTNGyF0tTXmlT7CfQW2jHzJIqE2OfTwtb11j8zV2nYGgEgwGFLG2p4HIE
Frame ID: 9BD6EFE8AB5BDD1418F54BFC683B459B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: FD4ED1DCE1420154866904D543CEED8E
Requests: 32 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CNu0j46H34MDFZlMHgIdC_kAEA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=733369069409.3687
Frame ID: 976521B383A1EE1FE46931D77B7C840C
Requests: 2 HTTP requests in this frame

Frame: https://hal900030.redintelligence.net/request_content.php?s=33378500045426904444460012570030&a=777ffa8b
Frame ID: E7F7E720D82952A36B6E86C06D6F57D1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYieCJggIwAQ&v=APEucNXmr_iTKediF5_twPQWLRTfWPRjUFV99NKi24ROCcKeaGswS5ert5yEqvfdT1jU86oqmsIFyYMFXeg3FKblfO3C2nBh_Y8ZrdMYp99nEjxIaVZoLJxgRndX2WRFMhuqzqp6cFNaewby-eC9Fv_qxMvdOXkXI5LM2-ag_v_r3yohFPUQaRk
Frame ID: F90165491603F09EAFC750429F15ADF1
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: FBAF91B9EB77F04DA2F9156D3F03B819
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYieCJggIwAQ&v=APEucNWnmpgH8_YEafUNJPhSTgQNDlHMLobAD26epOa9fSWNLv8HnRk97GIvLw6ggAQHoJqUEQTeJSxAxmzlnF461XY5ZsHIC5_u45aE4ud3FxKyawMb7_-bPMn3hjsa9ZN0-tjB9h-C7kUKekSzIJ5VFWRUudd7Dg6BBF8fk5H2QCpO8p_FhpI
Frame ID: 203745A686896B25B4E56B3F859443D4
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 8BF2423FD0A228E47CE37F4D50998911
Requests: 31 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E1483A83A6142FC43F93E83231070B1B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: CF9D60DBBA9C6E89345A229BE6FADD79
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: FE6B1B50319B3E760D7B22340750B9D9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9650DD74A343CBF24A98C6E4A48558B9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 32628317865762653C9A8C224EF3AB16
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D4B7149D4869B6EEC99E2E1ED14EDA77
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7EDD7C98EDED77DE7BA2FBA3813DC814
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0864FF84F5D8202C835EC695FD79DC1B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E693CD7584B07C3C5E27A66FF1A4C1FD
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: BBA98C9BD8FABD483274518B955B3688
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 33AD8E696517784F3C8225722D610F1D
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: CCA37B6B491176D952F256A8101C61C6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F2673837E9B7EAFEBC15BD3A47D8D86B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D857ABBD8D323B73718A868F5E814F3A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - J-HERO.COM [เว็บไซต์ฮีโร่อันดับหนึ่งของประเทศไทย]

Page URL History Show full URLs

http://www.j-hero.com/ HTTP 301
https://www.j-hero.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

499
Requests

91 %
HTTPS

36 %
IPv6

50
Domains

82
Subdomains

66
IPs

11
Countries

14398 kB
Transfer

34035 kB
Size

37
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/JHERODOTCOM
Title: facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/jherocom
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/j_hero_com/
Title: instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCNPBMjTj8WF0K28WGlwG8Mg/
Title: Youtube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.j-hero.com/ HTTP 301
https://www.j-hero.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://www.tiktok.com/embed.js HTTP 302
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js

Request Chain 120

https://discord.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://discord.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Request Chain 160

https://www.facebook.com/v2.9/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25e2c7ad31ed9%26domain%3Dwww.j-hero.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.j-hero.com%252Ff2639a1088d657%26relation%3Dparent.parent&container_width=298&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FJHERODOTCOM%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=true&width=300 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df25e2c7ad31ed9%2526domain%253Dwww.j-hero.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.j-hero.com%25252Ff2639a1088d657%2526relation%253Dparent.parent%26container_width%3D298%26height%3D500%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FJHERODOTCOM%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26width%3D300

Request Chain 184

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDcvfw4Ce3kWfZ_YSePB_gQ&google_cver=1

Request Chain 185

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaT3ghdq48G-VONJk0tLoAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDcvfw4Ce3kWfZ_YSePB_gQ&google_cver=1

Request Chain 186

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIvNf02afrBilL0fvcNtDsY&google_cver=1

Request Chain 187

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc1OTE5NzM1MTUxNzI1NzM%3D

Request Chain 222

https://hal900030.redintelligence.net/request.php?zone=b1ecwdixnimz&nw=20&renderingType=javascript&namespace=8a472eca8f&subid=&uid=b002fba07a3d8ace&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCH7hPgvekZbKRDP2diM0PqN6v6AjM-YagadO0x__3D_AuEAEgiq3IVWCRBMgBCakCnF5Mi3Zfsj6oAwHIA5sEqgT4AU_QlDpLVj7dd4kr-nwaDwwOSVXnTyJnq_IoeSTbc0_25UdxjpZ3mGGfNwstg0-00DSn9i6iB3saiyaO4LoRocBTsIyyXAathsVedvymehsvemqlTy1xgxNYtVhr68nh8U17F9ks9WkRrL5W1yqebFjCBKaQtGhuizbGpp6DR984nWOg-Cmlq439SoIi4yIhvfSapmyMF0m7HsLSWjD7M_0Dvk56qSQecgLhepchxoLZb_8Yd1PWzpdASyKF5Hp4VpURz3UR4f_0FbVfTFBmgUJstxNHkxa-CgBbd4_cqhT4FcRLryxp_JsyIXgpF6ORRRoVMolWQ3alwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WNXCuI2H34MDgAoBmAsByAsBgAwBqg0CTkywE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_r1iL3g6hap5lub-_0E6dTGFn7JVk7ndeZA4Gjw6BANlPBh40yyY7ulN5CrX5HHR9SFiUxcA2dwpmWFjUkcw5h4n-UXl0iHh4slsYAQ%26sig%3DAOD64_17RHKX-PjEAeQ10Wq2CChjltQpNg%26client%3Dca-pub-9448684550121500%26dbm_c%3DAKAmf-DYSPtUkiCra6WZgMw9eXdhDS85A9qc3Lj45yTF0DfQAo0HsfwGiPMffmZovKFiI7ldok4BO4-DCsSI3xAKAZSbI5GpPR2I9_ivSZSs5ONVGquk7N2FWzXtsE4YDDbDj59nTV0FDXh8u-kRcM7rM26DZ_bm6zghNBhcDWB8KWWy1kgmZTo%26cry%3D1%26dbm_d%3DAKAmf-C03ouY3P3okpZ-1BjoBhZSj7Nnkt6ChOzH7eHhvdD-RVJuenMMTB62EIhbWZzpV5c5Ger1Qd1McQMWe2Z6Jy5kXErb4ACCo5fIFiHeg7Lgif92NLrdCYNYO1kNorjm0-2qMPDLur1bh2bYPQ6MomkH6SuzInpPhYvlJLtuigrdC0ixpNv_g9rn7Qzpzpc3zcyA1CsimUeCktU7CORKk_ibucASO0P-jLsvaOGfYOh8JBERlBUaZMt2DLjXKBvGWtatz-VIyLMclbHcpflSbye3bLrrvfUgc-KglAfdahfrsQ9AfEeE0ghT-Rrju-Ipdt1rwiY_hBj9S6Tv8Ior9jS-8EDI-clT9o_msCDLYDHABF-UF5ZAz8f2nYY1hpaelCZntPAX69Ad3hwrnRgEiL6zCMwm4-JOApnfC0buD8BrYp5yxupISpPU8hDQf-x0DAw6Algw5j3WBpyX9LMpWpK1ZsDmp3KP5LtvEJsBvTHH_vs4n1IUKsZM-LyPfgHs4kROKbXtemmNLPidUeOrYQgzSDZuvpnmztLSY0hFE_IQjEE-V1qkCUY1ss6sUAlPJpOXHmoI%26adurl%3D&documentReferer=https%3A%2F%2Fwww.j-hero.com%2F&ancestorOrigins=https%3A%2F%2Fwww.j-hero.com&random=2017140464218&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900030.redintelligence.net/request.php?zone=b1ecwdixnimz&nw=20&renderingType=javascript&namespace=8a472eca8f&subid=&uid=b002fba07a3d8ace&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCH7hPgvekZbKRDP2diM0PqN6v6AjM-YagadO0x__3D_AuEAEgiq3IVWCRBMgBCakCnF5Mi3Zfsj6oAwHIA5sEqgT4AU_QlDpLVj7dd4kr-nwaDwwOSVXnTyJnq_IoeSTbc0_25UdxjpZ3mGGfNwstg0-00DSn9i6iB3saiyaO4LoRocBTsIyyXAathsVedvymehsvemqlTy1xgxNYtVhr68nh8U17F9ks9WkRrL5W1yqebFjCBKaQtGhuizbGpp6DR984nWOg-Cmlq439SoIi4yIhvfSapmyMF0m7HsLSWjD7M_0Dvk56qSQecgLhepchxoLZb_8Yd1PWzpdASyKF5Hp4VpURz3UR4f_0FbVfTFBmgUJstxNHkxa-CgBbd4_cqhT4FcRLryxp_JsyIXgpF6ORRRoVMolWQ3alwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WNXCuI2H34MDgAoBmAsByAsBgAwBqg0CTkywE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_r1iL3g6hap5lub-_0E6dTGFn7JVk7ndeZA4Gjw6BANlPBh40yyY7ulN5CrX5HHR9SFiUxcA2dwpmWFjUkcw5h4n-UXl0iHh4slsYAQ%26sig%3DAOD64_17RHKX-PjEAeQ10Wq2CChjltQpNg%26client%3Dca-pub-9448684550121500%26dbm_c%3DAKAmf-DYSPtUkiCra6WZgMw9eXdhDS85A9qc3Lj45yTF0DfQAo0HsfwGiPMffmZovKFiI7ldok4BO4-DCsSI3xAKAZSbI5GpPR2I9_ivSZSs5ONVGquk7N2FWzXtsE4YDDbDj59nTV0FDXh8u-kRcM7rM26DZ_bm6zghNBhcDWB8KWWy1kgmZTo%26cry%3D1%26dbm_d%3DAKAmf-C03ouY3P3okpZ-1BjoBhZSj7Nnkt6ChOzH7eHhvdD-RVJuenMMTB62EIhbWZzpV5c5Ger1Qd1McQMWe2Z6Jy5kXErb4ACCo5fIFiHeg7Lgif92NLrdCYNYO1kNorjm0-2qMPDLur1bh2bYPQ6MomkH6SuzInpPhYvlJLtuigrdC0ixpNv_g9rn7Qzpzpc3zcyA1CsimUeCktU7CORKk_ibucASO0P-jLsvaOGfYOh8JBERlBUaZMt2DLjXKBvGWtatz-VIyLMclbHcpflSbye3bLrrvfUgc-KglAfdahfrsQ9AfEeE0ghT-Rrju-Ipdt1rwiY_hBj9S6Tv8Ior9jS-8EDI-clT9o_msCDLYDHABF-UF5ZAz8f2nYY1hpaelCZntPAX69Ad3hwrnRgEiL6zCMwm4-JOApnfC0buD8BrYp5yxupISpPU8hDQf-x0DAw6Algw5j3WBpyX9LMpWpK1ZsDmp3KP5LtvEJsBvTHH_vs4n1IUKsZM-LyPfgHs4kROKbXtemmNLPidUeOrYQgzSDZuvpnmztLSY0hFE_IQjEE-V1qkCUY1ss6sUAlPJpOXHmoI%26adurl%3D&documentReferer=https%3A%2F%2Fwww.j-hero.com%2F&ancestorOrigins=https%3A%2F%2Fwww.j-hero.com&random=2017140464218&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 234

https://www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a9eb64ef69948%26domain%3Dwww.j-hero.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.j-hero.com%252Ff2639a1088d657%26relation%3Dparent.parent&container_width=298&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FJHERODOTCOM%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=true&width=300 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1a9eb64ef69948%2526domain%253Dwww.j-hero.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.j-hero.com%25252Ff2639a1088d657%2526relation%253Dparent.parent%26container_width%3D298%26height%3D500%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FJHERODOTCOM%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26width%3D300

Request Chain 274

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 283

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=733369069409.3687 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CNu0j46H34MDFZlMHgIdC_kAEA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=733369069409.3687

Request Chain 316

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDcvfw4Ce3kWfZ_YSePB_gQ&google_cver=1

Request Chain 317

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaT3ghdq48G-VONJk0tLoAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDcvfw4Ce3kWfZ_YSePB_gQ&google_cver=1

Request Chain 318

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIvNf02afrBilL0fvcNtDsY&google_cver=1

Request Chain 319

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc1OTE5NzM1MTUxNzI1NzM%3D

Request Chain 333

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM0twdtOifGw1zAnz35hfmA&google_cver=1

Request Chain 335

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEGcoNjzhqU7SDNFf_HnIdW8&google_cver=1

Request Chain 337

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBN-nh9tydwfXdlTKq4hf8s&google_cver=1

Request Chain 345

https://um.simpli.fi/gp_match?google_gid=CAESECzC8TyxA20uE4D1hczuCao&google_cver=1&google_push=AXcoOmTGGI6JU04MaH71owtRPW-uZka3AapsoTmdDHuGDLokTOZQradzAtkr8H916S5xyye_2sGlOF5m6ZPtKUqJodeeKN_0FAleDw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F3B3D11A291146E4A6EFEF40AB9759B7&google_push=AXcoOmTGGI6JU04MaH71owtRPW-uZka3AapsoTmdDHuGDLokTOZQradzAtkr8H916S5xyye_2sGlOF5m6ZPtKUqJodeeKN_0FAleDw

Request Chain 349

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELgdb4_MdIEY08s5uuJcWIs&google_cver=1&google_push=AXcoOmSSE1CGDlD05rqNE5uVu8I7enZFwR1cJ1CWx76Ni5vTPDSPXTWvl68oBFdB3bVzD-l0nABV0JjGgXk4pa40tL9xCqPSPcxKimE HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELgdb4_MdIEY08s5uuJcWIs&google_cver=1&google_push=AXcoOmSSE1CGDlD05rqNE5uVu8I7enZFwR1cJ1CWx76Ni5vTPDSPXTWvl68oBFdB3bVzD-l0nABV0JjGgXk4pa40tL9xCqPSPcxKimE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQ5NjA5MTM2NDc3MTcxMjM5MQ&google_push=AXcoOmSSE1CGDlD05rqNE5uVu8I7enZFwR1cJ1CWx76Ni5vTPDSPXTWvl68oBFdB3bVzD-l0nABV0JjGgXk4pa40tL9xCqPSPcxKimE

Request Chain 350

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMzUxyYALJmvRXHx7psAD_w&google_cver=1&google_push=AXcoOmSeHQvy3GeOXOA09Y79SE07rxQt15OHUrHvrhXIWwdlM6m8zV7Z5Uss4JnwbUeQ2LSXC8iHdYDewt-vyl79oZflkamAQdT6_Ls HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSeHQvy3GeOXOA09Y79SE07rxQt15OHUrHvrhXIWwdlM6m8zV7Z5Uss4JnwbUeQ2LSXC8iHdYDewt-vyl79oZflkamAQdT6_Ls

Request Chain 357

https://googleads.g.doubleclick.net/pagead/adview?ai=CYg3Qg_ekZY3wCLuhiM0P-bqTkALVs-LdcbP6yYiSC2QQASCKrchVYJEEoAHHvunFA8gBCakCnF5Mi3Zfsj6oAwHIA8sEqgTaAU_Qp8lrO2EzKcLwzOh6BxMcF8ZCnMGCwlmohc_Z8oi-MYbAgQb59DCgEGhAmWH1_fkuoKrU0jkEHJPRcMOG4uxPuV-XyqjfxpSvlxX0YYF-cEFYu-Zwm6hUmMcdSL9wcuCkyFa5QFG9sL4vGhgUXdIeYSAN6cwSeEfFE-s8k30D1dpvd4LJ-I8xg4YHibrX3wt42RVoBPkj0Xxm78vn6Mhk-oNUeWWlwV1s2OMqPBx87Rjo7y1CclKHSAf2CEL-J4v9lFTry5iP_RhCTnNwqEr2BLR7sIP2ASfMwASF3a2bwgKIBYmExc0gkgUECAQYAZIFBAgFGASgBi6AB6HBljqoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDW9QPSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WMSl8o2H34MDmgkSaHR0cHM6Ly9icnVuZW4ubmwvgAoByAsBogwIKgYKBKy6sQK4E-QD2BMNiBQI0BUBgBcBshccChoIABIUcHViLTk0NDg2ODQ1NTAxMjE1MDAYAA&sigh=8pH7nYBZXxU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_CyrHZhcU3IlMDrLwIsnR3y6LmmxaH8FeqMKPAz_57oEbbtwAPBGBzc6lhouro-o83dlEwm9jGAE&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211585912952816274259%22,%22debug_reporting%22:true,%22destination%22:%22https://brunen.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22951738183%22],%2222%22:[%22true%22],%224%22:[%2201-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22667501286245966353%22}&andc=true

Request Chain 398

https://a.tribalfusion.com/i.match?p=b6&u=CAESEH2Ltg8LaK8q35jdLINUdJA&google_cver=1&google_push=AXcoOmRz0OG3lEivPhHGtxt4hkP93dqIlY-mCQ7XHblBYSlhgP-9CaMXygQcDNVlwpdFOPk_BITCjWy_O9_lgEt5EcK1LgPR8ZDLEL0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRz0OG3lEivPhHGtxt4hkP93dqIlY-mCQ7XHblBYSlhgP-9CaMXygQcDNVlwpdFOPk_BITCjWy_O9_lgEt5EcK1LgPR8ZDLEL0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH2Ltg8LaK8q35jdLINUdJA&google_cver=1&google_push=AXcoOmRz0OG3lEivPhHGtxt4hkP93dqIlY-mCQ7XHblBYSlhgP-9CaMXygQcDNVlwpdFOPk_BITCjWy_O9_lgEt5EcK1LgPR8ZDLEL0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRz0OG3lEivPhHGtxt4hkP93dqIlY-mCQ7XHblBYSlhgP-9CaMXygQcDNVlwpdFOPk_BITCjWy_O9_lgEt5EcK1LgPR8ZDLEL0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 399

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECUy-6DBY1Nb1d2gcTmHpCs&google_cver=1&google_push=AXcoOmQuWA3EcuL2ZMcaE-ovAt9Z2hUCng07823vF9DIhwSsflCFSvGSftpc5enMB-lqPHirdf04Arb_jfGqRHQLpG4mMNXD6mkmOE8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQuWA3EcuL2ZMcaE-ovAt9Z2hUCng07823vF9DIhwSsflCFSvGSftpc5enMB-lqPHirdf04Arb_jfGqRHQLpG4mMNXD6mkmOE8&google_hm=eS1KcWNvdm5kRTJwRnMwTEJDNGtfQWo5OFlnTzNvbGVTS35B

Request Chain 400

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELgdb4_MdIEY08s5uuJcWIs&google_cver=1&google_push=AXcoOmTqapn4V1sALql9aGRYJryChuvgcnF-HuTVeZgQJyyatAzms0E_brG0Qk0_JfixS68p6YJuFs7UVVgBrU_meX_SmENLtS-NlQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQ5NjA5MTM2NDc3MTcxMjM5MQ&google_push=AXcoOmTqapn4V1sALql9aGRYJryChuvgcnF-HuTVeZgQJyyatAzms0E_brG0Qk0_JfixS68p6YJuFs7UVVgBrU_meX_SmENLtS-NlQ

Request Chain 401

https://d5p.de17a.com/cookies/google?google_gid=CAESEK86pE3zf5DeMz1pUZh6GYY&google_cver=1&google_push=AXcoOmRa_A3Hkv55Yx24kj-e3fw5cUef-pFqPord83ODdLMT3_o142XDjMHsZlgN38xMrtVqvmNhZ5NEi4kepgDWt-OZ4pm8HXRmWRw HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEK86pE3zf5DeMz1pUZh6GYY&google_cver=1&google_push=AXcoOmRa_A3Hkv55Yx24kj-e3fw5cUef-pFqPord83ODdLMT3_o142XDjMHsZlgN38xMrtVqvmNhZ5NEi4kepgDWt-OZ4pm8HXRmWRw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRa_A3Hkv55Yx24kj-e3fw5cUef-pFqPord83ODdLMT3_o142XDjMHsZlgN38xMrtVqvmNhZ5NEi4kepgDWt-OZ4pm8HXRmWRw

Request Chain 402

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMzUxyYALJmvRXHx7psAD_w&google_cver=1&google_push=AXcoOmRiB7WsJc-V6UtGMKpKHmG0Bo4Skm8V95aoAUkrIzGqBIP-m06RIwz6P8Em_M0tGLrzaP6FSRhIi38Snic-TqQOdRa91gzJZc0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRiB7WsJc-V6UtGMKpKHmG0Bo4Skm8V95aoAUkrIzGqBIP-m06RIwz6P8Em_M0tGLrzaP6FSRhIi38Snic-TqQOdRa91gzJZc0

Request Chain 403

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECW4BGoLhjUXA2JWVIE3uPU&google_cver=1&google_push=AXcoOmR_u1FYO1-JWohSVlGbdoIakYN9Z0C10fj0quUHtj13Lw0fHUeSVJCUN1Bmc3txoflv0Y3EYQxt32ZrYKJdz1iOfNRjCoacYNlH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmR_u1FYO1-JWohSVlGbdoIakYN9Z0C10fj0quUHtj13Lw0fHUeSVJCUN1Bmc3txoflv0Y3EYQxt32ZrYKJdz1iOfNRjCoacYNlH HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 407

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJk7E0Bhjj9sKm7QMduAnUE&google_cver=1&google_push=AXcoOmSesxL6GY1jPNKtXpw-HpVe6I_Mh7a4tm7yzsUMTXmpoOzZ7q4Pxu3NsVmJpAWJHyAoog4mD9fVxKKOg5lqeu4Mz3K8y_C9gE8 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=prIV-KNCScIJ5F1knJvCnQ&google_push=AXcoOmSesxL6GY1jPNKtXpw-HpVe6I_Mh7a4tm7yzsUMTXmpoOzZ7q4Pxu3NsVmJpAWJHyAoog4mD9fVxKKOg5lqeu4Mz3K8y_C9gE8

Request Chain 408

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECUy-6DBY1Nb1d2gcTmHpCs&google_cver=1&google_push=AXcoOmRqH1u-gYN64BNSmthJfZNO_Vx1_KsMDU2ISmeq57ELWJib9IlK_TbUvdWM6UczWE8aMzhQsc4SJG5UVRKUtW7sgc68tOx5CYU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRqH1u-gYN64BNSmthJfZNO_Vx1_KsMDU2ISmeq57ELWJib9IlK_TbUvdWM6UczWE8aMzhQsc4SJG5UVRKUtW7sgc68tOx5CYU&google_hm=eS1SbmRJS21WRTJwRkhwcDRpQjdYQkZtejNjaWp6dDJ0Zn5B

Request Chain 409

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELgdb4_MdIEY08s5uuJcWIs&google_cver=1&google_push=AXcoOmQljTcZBGQcWhA8snzcC23QDN586qlTyksNKR-2VK9yAUGvf1Jyubevf9g47_nR52QxpI4uxGDXyI4f34AYvjv0EX_NhPbQqgQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQ5NjA5MTM2NDc3MTcxMjM5MQ&google_push=AXcoOmQljTcZBGQcWhA8snzcC23QDN586qlTyksNKR-2VK9yAUGvf1Jyubevf9g47_nR52QxpI4uxGDXyI4f34AYvjv0EX_NhPbQqgQ

Request Chain 410

https://d5p.de17a.com/cookies/google?google_gid=CAESEK86pE3zf5DeMz1pUZh6GYY&google_cver=1&google_push=AXcoOmSXb5YRnsjpIG9YMUBu-WV5HezM5UCjU_pn1vTrkSSO7y7BHKQKnaYGmsuphiRV5_w9X5IJKqa-8RenI8twtXNJ-xVJrqiTuNI HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEK86pE3zf5DeMz1pUZh6GYY&google_cver=1&google_push=AXcoOmSXb5YRnsjpIG9YMUBu-WV5HezM5UCjU_pn1vTrkSSO7y7BHKQKnaYGmsuphiRV5_w9X5IJKqa-8RenI8twtXNJ-xVJrqiTuNI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSXb5YRnsjpIG9YMUBu-WV5HezM5UCjU_pn1vTrkSSO7y7BHKQKnaYGmsuphiRV5_w9X5IJKqa-8RenI8twtXNJ-xVJrqiTuNI

Request Chain 411

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELgdb4_MdIEY08s5uuJcWIs&google_cver=1&google_push=AXcoOmQCFVEkE7ekEnNFCFOJwqW5C1xaPBNnAmXJe_OLjaRvSBvWcrGERNxTtfXSYsJXcuiOgEzyP702cf8DJE4wWRDQMJt3CEZFRe4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQ5NjA5MTM2NDc3MTcxMjM5MQ&google_push=AXcoOmQCFVEkE7ekEnNFCFOJwqW5C1xaPBNnAmXJe_OLjaRvSBvWcrGERNxTtfXSYsJXcuiOgEzyP702cf8DJE4wWRDQMJt3CEZFRe4

Request Chain 413

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEO-dUQuFK6PUFVAE41id4ew&google_cver=1&google_push=AXcoOmS1nd4VgGoXZe01aKih8AGQCWR6yF9kzZETDGsD5V3BTYPKNly_01AAthTOQSYYVtlV3jM7zEnppvLZgMaQbtktb1F7Uv1RTAs HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmS1nd4VgGoXZe01aKih8AGQCWR6yF9kzZETDGsD5V3BTYPKNly_01AAthTOQSYYVtlV3jM7zEnppvLZgMaQbtktb1F7Uv1RTAs&google_hm=JDo1214CyJ-fSeB1cS3XDw

Request Chain 414

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIXHDqU9F3NQ8xBwM09yH0s&google_cver=1&google_push=AXcoOmSYRrT1bN62NUbSSbJQUba11bVtkuT0PvLgBUHRPPIr-SUlpd7YG2M1N7CtDItOB1xauywzr5EmwVRk8Yem0kC8H3xK6G6l9qU HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIXHDqU9F3NQ8xBwM09yH0s&google_cver=1&google_push=AXcoOmSYRrT1bN62NUbSSbJQUba11bVtkuT0PvLgBUHRPPIr-SUlpd7YG2M1N7CtDItOB1xauywzr5EmwVRk8Yem0kC8H3xK6G6l9qU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NnZyVWoxQ20xUnBqM201&google_gid=CAESEIXHDqU9F3NQ8xBwM09yH0s&google_cver=1&google_push=AXcoOmSYRrT1bN62NUbSSbJQUba11bVtkuT0PvLgBUHRPPIr-SUlpd7YG2M1N7CtDItOB1xauywzr5EmwVRk8Yem0kC8H3xK6G6l9qU

Request Chain 415

https://a.tribalfusion.com/i.match?p=b6&u=CAESEH2Ltg8LaK8q35jdLINUdJA&google_cver=1&google_push=AXcoOmQ5lD5AD8IiWnvGH5xsmDQx4HKimAJbdotdKKF2mdMDsA27VhjhJFMz4xucubqaocOGfJ5ItyR3eRkgsmbHLXxKBEZgS-oyRQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ5lD5AD8IiWnvGH5xsmDQx4HKimAJbdotdKKF2mdMDsA27VhjhJFMz4xucubqaocOGfJ5ItyR3eRkgsmbHLXxKBEZgS-oyRQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH2Ltg8LaK8q35jdLINUdJA&google_cver=1&google_push=AXcoOmQ5lD5AD8IiWnvGH5xsmDQx4HKimAJbdotdKKF2mdMDsA27VhjhJFMz4xucubqaocOGfJ5ItyR3eRkgsmbHLXxKBEZgS-oyRQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ5lD5AD8IiWnvGH5xsmDQx4HKimAJbdotdKKF2mdMDsA27VhjhJFMz4xucubqaocOGfJ5ItyR3eRkgsmbHLXxKBEZgS-oyRQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 417

https://d5p.de17a.com/cookies/google?google_gid=CAESEK86pE3zf5DeMz1pUZh6GYY&google_cver=1&google_push=AXcoOmQoQVmzxs3pwsozaxyVDMGN2wgYIuZ8gdiCuudzlFMcdw1Y8FBr9a4VlVMWsHfVl_0JE12DX5tfbQ9s57BflL5EIZe9BcaumhA HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEK86pE3zf5DeMz1pUZh6GYY&google_cver=1&google_push=AXcoOmQoQVmzxs3pwsozaxyVDMGN2wgYIuZ8gdiCuudzlFMcdw1Y8FBr9a4VlVMWsHfVl_0JE12DX5tfbQ9s57BflL5EIZe9BcaumhA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQoQVmzxs3pwsozaxyVDMGN2wgYIuZ8gdiCuudzlFMcdw1Y8FBr9a4VlVMWsHfVl_0JE12DX5tfbQ9s57BflL5EIZe9BcaumhA

Request Chain 419

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMzUxyYALJmvRXHx7psAD_w&google_cver=1&google_push=AXcoOmQqyukumArjNhTu1I9lKSbyafLZFYalzgyj7iS7u2sLXIaALwSsv-9pWpb0Sn2lDR7nchzvDOegixO2INr4wAjdPKPvmQgOSQQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQqyukumArjNhTu1I9lKSbyafLZFYalzgyj7iS7u2sLXIaALwSsv-9pWpb0Sn2lDR7nchzvDOegixO2INr4wAjdPKPvmQgOSQQ

499 HTTP transactions
19 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.j-hero.com/
Redirect Chain

http://www.j-hero.com/
https://www.j-hero.com/

259 KB
31 KB

1724ms
1690ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 301905656407d5c7cc47f4c3f2bf4f83992e4e76c74de2262576555fce5a1ee9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 845d027c2ca866f6-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 15 Jan 2024 09:14:41 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
link: <https://www.j-hero.com/wp-json/>; rel="https://api.w.org/", <https://www.j-hero.com/wp-json/wp/v2/pages/917>; rel="alternate"; type="application/json", <https://wp.me/Pa1P7q-eN>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eU3RfZNloJQVRoiyeSthTY8knUzH7LmIhukuPR%2FEhoIDE6K1khBM3SKCul8RrZmPoYRd7HD77hIHdYKyablJaXg%2BEDJrYN2Ppx6i9HV0HU5PRZelHxUVZkxbA4aoopgudw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
x-litespeed-tag: b91_HTTP.200
x-nginx-cache: WordPress

Redirect headers

CF-RAY: 845d027bce030e84-AMS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 15 Jan 2024 09:14:39 GMT
Expires: Mon, 15 Jan 2024 10:14:39 GMT
Location: https://www.j-hero.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bH%2Fy%2Fmif2AmA5aiRPqOTTvkCV%2BNnd7hj9Gvt9HHSS2yNxV3i1W9LmQs%2BIQaCWeN%2B94gqdfAmVRAkDFfIRSM2BRayteKpS2NKTQGVo11G4dK4sswIpuKj6FiReclzMN26sg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
c0.wp.com/c/6.4.2/wp-includes/css/dist/block-library/ 107 KB
13 KB 46ms
13ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Sun, 05 Nov 2023 19:40:32 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 14 Jan 2025 09:14:41 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/ 11 KB
3 KB 46ms
13ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 14 Jan 2025 09:14:41 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/ 4 KB
1 KB 45ms
12ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 14 Jan 2025 09:14:41 GMT

GET
H2 200 blocks.style.build.css
www.j-hero.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/ 173 B
596 B 541ms
531ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.j-hero.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css?ver=2.0.80
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 136cf7e0d9d35b112b1519e512a12767a73e2fe2d73875eedc65a74844332332

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Sat, 30 Dec 2023 21:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ayc0Ki7niAUjJh96N3juTvd05imVWWTHjVHgUxkI0BK5YfT1LJkffY0wK%2FbmH8%2FaY910jS%2FyNl8egyRuynQbYd%2BY%2FRD0V3hX6b4cLEo3RH%2B7QA268LTzxVgiizpqFR4KSw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 845d0286dd7a66f6-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 utilities.css
www.j-hero.com/wp-content/plugins/bluehost-wordpress-plugin/vendor/newfold-labs/wp-module-patterns/assets/build/ 24 KB
5 KB 497ms
491ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.j-hero.com/wp-content/plugins/bluehost-wordpress-plugin/vendor/newfold-labs/wp-module-patterns/assets/build/utilities.css?ver=0.1.12
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32355f3e016ccddfe1d09b584c311b0bdee34fb0234673422e465e1c439b36a1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Thu, 04 Jan 2024 21:34:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Znizher8o%2BvtUQhHu37VdguQUxw%2FBjzB2Ep8e8j%2B1ru9F2rCupD%2FhKijVAEIowvKDUAWuWIQVokik91v5T9tCtheQ%2BdfNLISFGM45olqUV8CfUp5IJjXXxO65%2Ft86cE3Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 845d0286dd8466f6-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 skin.css
www.j-hero.com/wp-content/plugins/flowplayer6-video-player/lib/skin/ 39 KB
7 KB 615ms
609ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.j-hero.com/wp-content/plugins/flowplayer6-video-player/lib/skin/skin.css?ver=6.4.2
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 782b3e0ef347e8dd5cc8c2171ae2141abe5e9f30557628af80dc6a20d2bd77d7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Wed, 16 Nov 2022 12:09:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzmNISaL9ELm07eaSKDdwqXKc4tC4ryBZhYAtVJMrmcLwYHEINnYR8cM4OEEljJ2tWWai%2Fp%2BlaXxsGr4cwSDVdEu63pwGeb83o0GTnkA8jRqVRh6xlpMuQt9t8jOdrfq0A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 845d0286dd8666f6-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 dashicons.min.css
c0.wp.com/c/6.4.2/wp-includes/css/ 58 KB
35 KB 43ms
14ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/css/dashicons.min.css

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 14 Jan 2025 09:14:41 GMT

GET
H2 200 frontend.min.css
www.j-hero.com/wp-content/plugins/post-views-counter/css/ 217 B
412 B 500ms
494ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.j-hero.com/wp-content/plugins/post-views-counter/css/frontend.min.css?ver=1.4.3
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc2a604a1e6f73444e8db5d749a64c62899943e68ad07feeee39050b4fdb32cb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Mon, 20 Nov 2023 21:35:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zC0BNdhYjsW%2BjAYRmHeGwrTt0CtpvOPM7LNAHPmpc1bZUPbYY%2Ftp5%2BWGsxtUxcWTaQRq4sCCs6a55XBSx3b7ogY8iErZuOj8j%2BBUTSCB%2BaPoEePYyMwANl3UydwsaP9dw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 845d0286dd8766f6-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 quiz-maker-public.css
www.j-hero.com/wp-content/plugins/quiz-maker/public/css/ 60 KB
11 KB 620ms
615ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.j-hero.com/wp-content/plugins/quiz-maker/public/css/quiz-maker-public.css?ver=6.5.1.6
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f98cd4afcd2d9e3f26332d83b533ce7b62fc8c9dc93900588a1a897ea1f8c5ae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Fri, 12 Jan 2024 09:34:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P16cZmC1%2FIeLPfZrDdtAlGC8QnnWwSdGekncnUVHKLmc15WXhUKPBESVMY0oz4uIr9G%2F%2F2oA57cOp%2BPo1YqODbXIIM0j%2BJ3chOfowpp4%2FFeg6OZsLs013PRv26%2BtXsSG3w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 845d0286dd8866f6-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
www.j-hero.com/wp-content/themes/mh-magazine/ 87 KB
16 KB 639ms
633ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.j-hero.com/wp-content/themes/mh-magazine/style.css?ver=3.8.6
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1d2e598746447f4a54c87810caebfd512c8240bfc199edede0c8777e07b8cb8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Tue, 26 Feb 2019 21:58:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4uC6O1uWU6i6JdYzKGnUJwPYF83dN%2BCFKUdYrELsJEQK0BknclepaEKPKNfKKqLBCkoINiJiYmQlqIFoq5dSJsLClaCNF7n%2Fi%2FEJ1s5Yxvmw93sqoyKW9AMbXTBqiyKAhA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 845d0286dd8a66f6-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 font-awesome.min.css
www.j-hero.com/wp-content/themes/mh-magazine/includes/ 30 KB
7 KB 501ms
496ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.j-hero.com/wp-content/themes/mh-magazine/includes/font-awesome.min.css
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Tue, 26 Feb 2019 21:58:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BlQH8bReey1KiIhB7xv3hUEK6vGza1893GwBjqNELlh6ZiYvik3Gm%2BKNUjt81YpzYpTSCOetc5zfx%2BwtZJBenhegpO0MTyOCUfp8FDA3HneFZV%2B%2BgF%2B29BVNpzOfrhhDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 845d0286dd8b66f6-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 28 KB
2 KB 77ms
27ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

70818de63f12149a5f69b63b38ef22c8dacd86943a50ec86c2a2f5998a40fccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 08:52:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jan 2024 09:14:41 GMT

GET
H2 200 cff-style.min.css
www.j-hero.com/wp-content/plugins/custom-facebook-feed/assets/css/ 17 KB
4 KB 504ms
500ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.j-hero.com/wp-content/plugins/custom-facebook-feed/assets/css/cff-style.min.css?ver=4.2.1
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 321412f90dbd945fd109249ded4b28c181d0c525689c6528adc2cde73f1723f0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Tue, 02 Jan 2024 21:34:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pL4EVQ%2FcwV6xliQx%2Fl1kNzDEonNFjzgBAVlO1Cc4zfPW%2BdX1ohzBY3S%2BXTQk4dTXYvwXS0JPNocHXE%2BPmuefYoBX%2FeGxveM7FLETchfqtSETQo7p%2FemLaY2HTj5ivwDK1g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 845d0286dd8c66f6-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 font-awesome.min.css
www.j-hero.com/wp-content/plugins/custom-facebook-feed/assets/css/ 30 KB
7 KB 476ms
472ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.j-hero.com/wp-content/plugins/custom-facebook-feed/assets/css/font-awesome.min.css?ver=4.7.0
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Tue, 02 Jan 2024 21:34:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2ByppXPZ%2BIopEW9VeInCPQgDvLXkj2NPojyKkLyMNcozzQO3dVFjiXycO3WIBHdKSb48WhQhRzfQTrZIANx7BRijit6%2BiMGHTmWfrPSd7O25vSn0KIQxVz%2FWnbKinjsGzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 845d0286dd8e66f6-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 front.min.css
www.j-hero.com/wp-content/plugins/cookie-notice/css/ 5 KB
1 KB 506ms
502ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.j-hero.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=2.4.13
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029dedf319bc4536d9c663ae9c0b10c95d1e9f5dd1de0aa73172e9e89ae254cc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Tue, 28 Nov 2023 21:34:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WV634kqCJxfJS6Gpj%2BbEQKw58QK29jpYFJsJB9G47nvAPcjJLpsOY2AwjPPE53Y%2FN69ynBP%2FPqciuMTRkvRgeygzbAAPQ0m6zKJ%2FKFsz87aNVF4s1ONBKzwMYOZFCqTl2w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 845d0286dd8f66f6-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 1 KB
545 B 80ms
31ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mitr%3A400&ver=6.4.2

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7290d8841f7cf5ed56801d04a06a85072f4e5e00134b3661d9c04e868ec696c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:14:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jan 2024 09:14:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
549 B 79ms
30ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Sarabun&ver=6.4.2

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

690d50a20cd5d3476bf540ca7d585f3b21f33b09bcb3417656cb65680e3e2d0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:14:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jan 2024 09:14:41 GMT

GET
H2 200 social-logos.min.css
c0.wp.com/p/jetpack/13.0/_inc/social-logos/ 13 KB
8 KB 40ms
13ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/13.0/_inc/social-logos/social-logos.min.css

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8e974b6ae4f0e09293655569f14af299bd59572ce397d0f9546df10eb89b671d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 26 Dec 2023 12:52:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 14 Jan 2025 09:14:41 GMT

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/13.0/css/ 99 KB
19 KB 39ms
12ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/13.0/css/jetpack.css

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

274928f2bf62780b9b7e9d27705d30ed9647c4243ae6a0abf1fa53fc1b6c1989

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 08 Jan 2024 20:42:15 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 14 Jan 2025 09:14:41 GMT

GET
H2 200 utilities.js Show response
www.j-hero.com/wp-content/plugins/bluehost-wordpress-plugin/vendor/newfold-labs/wp-module-patterns/assets/build/ 2 KB
1 KB 489ms
486ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.j-hero.com/wp-content/plugins/bluehost-wordpress-plugin/vendor/newfold-labs/wp-module-patterns/assets/build/utilities.js?ver=0.1.12
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3563447ec7acfe08507fa9f659f667c6c09db23c523686596557db9aa96ecbbb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2053
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
alt-svc: h3=":443"; ma=86400
x-nginx-cache: WordPress
cf-bgj: minify
last-modified: Thu, 04 Jan 2024 21:34:51 GMT
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FjWv3tQe77mv50yp97XSozBo7SOaDOh4UWpaEU2sep1MwapEO2jbGORQ9tNMdI5YABeONkCCAZXF%2FVQgCpgLUfg%2B38YE85fakEvuznZa9dD9MGdoqNohfdpSSBnISFraIw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 845d0286eda966f6-AMS

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/jquery/ 86 KB
29 KB 41ms
14ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/jquery/jquery.min.js

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 14 Jan 2025 09:14:41 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/jquery/ 13 KB
5 KB 41ms
14ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 14 Jan 2025 09:14:41 GMT

GET
H2 200 flowplayer.min.js Show response
www.j-hero.com/wp-content/plugins/flowplayer6-video-player/lib/ 161 KB
51 KB 798ms
796ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.j-hero.com/wp-content/plugins/flowplayer6-video-player/lib/flowplayer.min.js?ver=6.4.2
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f7496a1a6d7efd31274d5b6b58e30257632f3d707ca2db0358857bda06b539a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Wed, 16 Nov 2022 12:09:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ArRhRBjR1KG0JsCKuUPYiLo0wJgg7kTC2LQigylnwrFODkQbWmAKPcceao87eG9ZZx1L7Inj%2BNENSAZOQKWUEsrzxNmIngBY5O8sd1guBQJfFy5Et6XaZJ7PiBxuWlIzw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 845d0286edb266f6-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 scripts.js Show response
www.j-hero.com/wp-content/themes/mh-magazine/js/ 38 KB
12 KB 625ms
622ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.j-hero.com/wp-content/themes/mh-magazine/js/scripts.js?ver=3.8.6
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8df7667db11a1cbae8ba0332258e0d3da3c26d2bab794bdcf8805df869482200

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Tue, 26 Feb 2019 21:58:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i319W4R%2F4jT2nRCgdcxKqRrUFhlW7Ji67hO3JkpzCLObdmmIIkGvh%2FfCpmbWRi2SwZwKoFEqz0ix%2B%2F%2F%2FhKWlQ0wjA%2Fb%2BoE%2Ff%2BhuW4ITk13Qh0nEjpbFuKnSg7b7l3SWKig%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 845d0286edb566f6-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 front.min.js Show response
www.j-hero.com/wp-content/plugins/cookie-notice/js/ 8 KB
3 KB 499ms
491ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.j-hero.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.13
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Tue, 28 Nov 2023 21:34:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BB2O7ivOUnomRV4BQ7emmhKgG0xunJq0pWvAJ7x9bozlam9Wk3aX1B17nEOF2iHhUWB5GeRNU4eO%2FMjmJpxwUekiswwi%2BUKz7zwnb3uavlzc%2BkfbWmXhADgyQc5CoKSNog%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 845d028c3b4406c2-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
51 KB 88ms
33ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134698961-1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

970b0e57a42832a8cc80af7f61f493ae2d73a8bf6b122e39ade1311e6e089944

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51999
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 15 Jan 2024 09:14:42 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
24 KB 107ms
26ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e19ff24b75696e9906de7e3fb216caa47f4587e16e2be5952d4ed621ddd7203b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 15 Jan 2024 09:14:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23147
x-xss-protection: 0
server: sffe
etag: "e3c28d511ee10871"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 15 Jan 2024 09:14:42 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 199 KB
67 KB 145ms
98ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6edd6bc557357686027ec87100f74028b783002bccb55e51e98c938a57c86dff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68487
x-xss-protection: 0
server: cafe
etag: 3607193211190041518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 15 Jan 2024 09:14:41 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 105ms
67ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9448684550121500&host=ca-host-pub-2644536267352236

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e342968dd46b0a9f1122f545e5d5edfbb3f6f68e3d18b2db6a4783c01d4024c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.j-hero.com/
Origin: https://www.j-hero.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51832
x-xss-protection: 0
server: cafe
etag: 247946199752263239
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 15 Jan 2024 09:14:42 GMT

GET
H2 200 cropped-logowp_2021Edit.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2020/12/ 30 KB
30 KB 46ms
13ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2020/12/cropped-logowp_2021Edit.jpg?w=1250&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

bd6decebc89f978d993068f4994b61fdacfebf0f972414e11843f5399363e3c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 30630
x-nc: HIT ams 3
last-modified: Fri, 12 Jan 2024 01:24:06 GMT
server: nginx
etag: "c5337dcf1f677805"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2020/12/cropped-logowp_2021Edit.jpg>; rel="canonical"
expires: Sun, 11 Jan 2026 13:24:06 GMT

GET
H2 200 BoonBoomger_Trademark_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/09/ 31 KB
31 KB 119ms
86ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/09/BoonBoomger_Trademark_cover.jpg?resize=996%2C523&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

7102703e5700aa0201a24b32c645b7aeaeab25d59bc09c47b38b3e03c6766ef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 31692
x-nc: MISS ams 8
last-modified: Mon, 15 Jan 2024 09:14:41 GMT
server: nginx
etag: "accd083ff4de29b8"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/09/BoonBoomger_Trademark_cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:41 GMT

GET
H2 200 KingOhger-x-Fortnite.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/09/ 90 KB
91 KB 188ms
155ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/09/KingOhger-x-Fortnite.jpg?resize=996%2C523&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

422adf67992face4719be5220057cd0e289f0a2cf5b95649f46824b4dc11e5f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 92374
x-nc: MISS ams 2
last-modified: Mon, 15 Jan 2024 09:14:41 GMT
server: nginx
etag: "dfa81f195164f3d1"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/09/KingOhger-x-Fortnite.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:41 GMT

GET
H2 200 20230824_222405_0000.png
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/08/ 353 KB
353 KB 23ms
23ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/08/20230824_222405_0000.png?w=992&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

9deefb74205ed15e2dc639867adae8e1f804ac00e735a6a7e948f7f33d5281d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 360960
x-nc: MISS ams 7
last-modified: Mon, 15 Jan 2024 09:14:41 GMT
server: nginx
etag: "3fbe3e5f9adf96d1"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/08/20230824_222405_0000.png>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:41 GMT

GET
H3 200 gotchard_cast_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/08/ 69 KB
70 KB 136ms
133ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/08/gotchard_cast_cover.jpg?resize=996%2C523&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

d6b1feac9e5bf407012a3fcf906271073e1e8dece1ca415c400510f604bd6f09

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 70978
x-nc: MISS ams 4
last-modified: Mon, 15 Jan 2024 09:14:41 GMT
server: nginx
etag: "e5f601518462552a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/08/gotchard_cast_cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:41 GMT

GET
H3 200 Loki-S2_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/07/ 29 KB
30 KB 97ms
91ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/07/Loki-S2_cover.jpg?resize=996%2C523&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

04492e4b2ab4485a529ff3b7c4000eebe6dc453f378477d0b5f0e24d0c09b711

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 30152
x-nc: MISS ams 4
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "b5e8b52be005d2d0"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/07/Loki-S2_cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
H3 200 King_Caucasus_Kabuto_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/07/ 106 KB
107 KB 174ms
167ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/07/King_Caucasus_Kabuto_cover.jpg?resize=996%2C523&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

53fb898f253fcce714825dbc8fe4f72976148d64c788583a3d592e3950f66036

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 108916
x-nc: MISS ams 3
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "ed24c6ecda58cbf4"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/07/King_Caucasus_Kabuto_cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
H3 200 Gotchardriver_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/07/ 87 KB
87 KB 162ms
155ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/07/Gotchardriver_cover.jpg?resize=996%2C523&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

c3871a07937613600d1003f707c3380700180ffbbb0aeeb56901bb5007e7abd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 88670
x-nc: MISS ams 7
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "eabaf8d8166fd847"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/07/Gotchardriver_cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
H3 200 kamenrider_gotchard_first_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/07/ 69 KB
69 KB 1422ms
1415ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/07/kamenrider_gotchard_first_cover.jpg?resize=996%2C523&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

f4c0a510f9a9b12132334022a3ac925eed43a78e6c72f39f1359b4634958b1aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 70222
x-nc: MISS ams 4
last-modified: Mon, 15 Jan 2024 09:14:43 GMT
server: nginx
etag: "ccbeb91c1847f497"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/07/kamenrider_gotchard_first_cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:43 GMT

GET
H3 200 decker_final_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/07/ 62 KB
62 KB 120ms
113ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/07/decker_final_cover.jpg?resize=930%2C523&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

67dd481ef95f765eb130abbf6979b0cc00119705bf66bc945d07a2ccdd216a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 63610
x-nc: MISS ams 5
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "b66c6f5d5e3b8b9d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/07/decker_final_cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
H3 200 kr_Gotchard_cover2.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/06/ 52 KB
52 KB 108ms
101ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/06/kr_Gotchard_cover2.jpg?resize=996%2C523&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

222784481f1e7af61f83fa54e7d594f02fd6a61ac0e139cdf33c90a7b0fb5909

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 53350
x-nc: MISS ams 6
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "994d6dc5fefd8367"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/06/kr_Gotchard_cover2.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
BLOB 200
OK 93525f75-9851-47cd-bac0-c4e0097c94ba
https://www.j-hero.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.j-hero.com/93525f75-9851-47cd-bac0-c4e0097c94ba
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 email-decode.min.js Show response
www.j-hero.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 15ms
15ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.j-hero.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Dec 2023 10:36:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"658bfe17-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qgldKzKQFZZZmfeB28o72OnyNWrFcckhkqrl6uXFWJo2Dur8ht%2FR0DhF%2B8E7EMQEEqj%2Fv7l5V3aMTnArVftpXN2JynyR9dqcZ7DlnZCaE4hjV2UlTX%2BYj1YAgy3x6%2BIElw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 845d02880d8406c2-AMS
expires: Wed, 17 Jan 2024 09:14:41 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 56 KB
22 KB 87ms
27ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

899c78c4aa4d073a5ca140c39575eccd446e383820bbde6c7894d6511bbf183c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 15 Jan 2024 09:14:41 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "94aaa05c3cdd9b6b"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jan 2024 09:14:41 GMT

GET
H2

200

embed_v1.0.11.js Show response
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/
Redirect Chain

https://www.tiktok.com/embed.js
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js

46 KB
16 KB

81ms
20ms

Script
application/javascript

23.32.238.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Server: 23.32.238.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 30e803abeaebdfe344b4c2ab06dac344d5e9ca947cfd73c9dc5d97061b1e622b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: a04e6c0
date: Mon, 15 Jan 2024 09:14:42 GMT
content-encoding: gzip
gzip-server: KFC
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
content-md5: a2mC7RA9gA0jSaiCieTPqA==
x-check-cacheable: YES
x-cache: TCP_MEM_HIT from a23-32-238-230.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53314474) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 19,23.32.238.188
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 15144
x-tos-request-id: 48f660a71c2e5ce863a71c2e-af54b31
x-tos-response-time: Sat, 24 Dec 2022 15:35:10 GMT
last-modified: Thu, 03 Nov 2022 00:46:48 GMT
server: nginx
x-tt-logid: 202212241923529BE5894CB9BC0D5DD8A6
etag: CPXr0NbkkPsCEAE=
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=1790606
access-control-allow-credentials: false
x-tt-trace-host: 0110470ab938728df0b8f0941937cce062a64070455503055738e78975a5ef55deaab43b0618cd62f0c1ad82c7dcde01e8d08b04a4d04f8cf9945e35220c267dd9e5c44f98bb72bc3791f75839dedf811ca73ed0a7a3730c758f7f462991df5096cbfb4446d940bf9857a2aa10ba9de6d8cefffe3d1dcc54eddd8028c48cc47629
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

x-akamai-request-id: 389cbddb.370d4012
date: Mon, 15 Jan 2024 09:14:42 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24011509144144139CDEBEB46300D7C7-6012F66D350549FB-00
x-cache: TCP_MISS from a184-84-216-139.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
x-parent-response-time: 24,184.84.216.139
server-timing: cdn-cache; desc=MISS, edge; dur=23, origin; dur=1
content-length: 136
proxy-status: 0000201302026000
pragma: no-cache
server: TLB
x-tt-logid: 2024011509144144139CDEBEB46300D7C7
x-cache-remote: TCP_MISS from a23-72-36-60.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
content-type: text/html
location: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 1,23.72.36.60
x-tt-trace-host: 01c554b38239ff32bc286f6ab99ac6c3aa999d39734b88e56383dce400f1cf0a8aad740815306d4a478c93b5085c35c6abe1eedb7f0fac8619d7bb0e10ef28750d2289b83d6c06a465192d4134b48be347
expires: Mon, 15 Jan 2024 09:14:42 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 26 KB
10 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6053703697ae93ca885bf2fa5f4d8bb7749d33f66fbf3bd907f76631062d697d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10633
x-xss-protection: 0
server: cafe
etag: 4998549277301261756
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 15 Jan 2024 09:14:41 GMT

GET
H3 200 gotchard_cast_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/08/ 19 KB
20 KB 116ms
110ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/08/gotchard_cast_cover.jpg?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

b7feff50b45f6c2a51cfb7f7f7b1d68f8179e0e6a5942d261eb69396b874e7cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 19868
x-nc: MISS ams 4
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "6836af4c6250676e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/08/gotchard_cast_cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
H3 200 Gotchardriver_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/07/ 23 KB
24 KB 102ms
96ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/07/Gotchardriver_cover.jpg?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

57b39ce0f85a918c2b80b5ff26068f39e6bae8b5d8ab648aa7ac9c85f3722bc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 23818
x-nc: MISS ams 7
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "002d1c7099f8cd62"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/07/Gotchardriver_cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
H3 200 kamenrider_gotchard_first_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/07/ 18 KB
19 KB 1614ms
1609ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/07/kamenrider_gotchard_first_cover.jpg?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

8dacacec915f3ee1ce13f81b29a42029be9cc520cb1d2c516995d0bb05f6f5ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 18840
x-nc: MISS ams 4
last-modified: Mon, 15 Jan 2024 09:14:43 GMT
server: nginx
etag: "3496280842713a0a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/07/kamenrider_gotchard_first_cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:43 GMT

GET
H3 200 kr_Gotchard_cover2.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/06/ 17 KB
18 KB 79ms
73ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/06/kr_Gotchard_cover2.jpg?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

202c1177a5a885ae2eef47c9cc8836dc157bb6f9c8665367156657b5c26f5ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 17604
x-nc: MISS ams 6
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "07f6602911543137"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/06/kr_Gotchard_cover2.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
H3 200 KAMEN-RIDER-GOTCHARD_trademark_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/05/ 15 KB
15 KB 1456ms
1451ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/05/KAMEN-RIDER-GOTCHARD_trademark_cover.jpg?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

badfa074305e76d87a0f35cae2add583b7fd4f8b5bd922b14cb595d1376ed593

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 15050
x-nc: MISS ams 5
last-modified: Mon, 15 Jan 2024 09:14:43 GMT
server: nginx
etag: "9516efe21b71305f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/05/KAMEN-RIDER-GOTCHARD_trademark_cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:43 GMT

GET
H3 200 Reviw_ShinKR1_Cover.png
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/05/ 45 KB
46 KB 166ms
160ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/05/Reviw_ShinKR1_Cover.png?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

364f5d459428d487841936e811d891cdc390d6c39c9ddae84155ff9a4b47b079

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 46534
x-nc: MISS ams 6
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "3723ffd3ca4ddbaa"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/05/Reviw_ShinKR1_Cover.png>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
H3 200 SR-%E0%B8%A3%E0%B8%AD%E0%B8%9A%E0%B8%9E%E0%B8%B4%E0%B9%80%E0%B8%A8%E0%B8%A9.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/05/ 17 KB
18 KB 19ms
14ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/05/SR-%E0%B8%A3%E0%B8%AD%E0%B8%9A%E0%B8%9E%E0%B8%B4%E0%B9%80%E0%B8%A8%E0%B8%A9.jpg?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

c35120d0268808fb40a53787c20c3a398e1cd1dde2426c3b1f83f00308ec85fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 17632
x-nc: HIT ams 8
last-modified: Fri, 12 Jan 2024 01:22:13 GMT
server: nginx
etag: "b7c36d8b79fe45f2"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/05/SR-%E0%B8%A3%E0%B8%AD%E0%B8%9A%E0%B8%9E%E0%B8%B4%E0%B9%80%E0%B8%A8%E0%B8%A9.jpg>; rel="canonical"
expires: Sun, 11 Jan 2026 13:22:13 GMT

GET
H3 200 107.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/03/ 11 KB
11 KB 68ms
62ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/03/107.jpg?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

78ca3a647dcc8a33fbcf0220e02e5e9cf7f82bea3b12ce94f2d84a827a7037a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 11124
x-nc: MISS ams 1
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "3d16f28429bbe0a3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/03/107.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
H3 200 UT-ShinJapanHeroes_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/02/ 12 KB
13 KB 25ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/02/UT-ShinJapanHeroes_cover.jpg?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

fc4bc292c56d1936dd14ac852eaa70d42eafdf94c36bfb98e2320d6687181c50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 12492
x-nc: HIT ams 6
last-modified: Fri, 12 Jan 2024 01:21:14 GMT
server: nginx
etag: "403039f6a47e1546"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/02/UT-ShinJapanHeroes_cover.jpg>; rel="canonical"
expires: Sun, 11 Jan 2026 13:21:14 GMT

GET
H3 200 dx-typhoon_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/02/ 18 KB
18 KB 79ms
74ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/02/dx-typhoon_cover.jpg?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

3895a52083e976f28951f001c0636902da776f20348b9033bd2ab27df1862610

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 18268
x-nc: MISS ams 1
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "0ceab9cc34789c3c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/02/dx-typhoon_cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
H3 200 BoonBoomger_Trademark_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/09/ 11 KB
11 KB 58ms
53ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/09/BoonBoomger_Trademark_cover.jpg?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

4f2a608843d8eea79b40b728b3e769ab1a8e9c0948e4beae2c6bbc3ff4762d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 11208
x-nc: MISS ams 8
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "212d003f57f8636f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/09/BoonBoomger_Trademark_cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
H3 200 KingOhger-x-Fortnite.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/09/ 25 KB
25 KB 91ms
86ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/09/KingOhger-x-Fortnite.jpg?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

f45c30e27274a675e8a922f3ac1aaf61fc23bce57e6b0b751a381c851f39be48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 25272
x-nc: MISS ams 2
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "42cc8f6b4fb3be86"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/09/KingOhger-x-Fortnite.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
H3 200 20230824_222405_0000.png
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/08/ 73 KB
74 KB 134ms
129ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/08/20230824_222405_0000.png?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

19d59e7a9a61e8fd7988ebd75ffdc85be3a2d5b629ad4c1ce81be185c91c8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 74878
x-nc: MISS ams 7
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "83d2b16effa09621"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/08/20230824_222405_0000.png>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
H3 200 King_Caucasus_Kabuto_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/07/ 24 KB
25 KB 82ms
77ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/07/King_Caucasus_Kabuto_cover.jpg?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

12b0b0f3d1cd295e10687f03d815a36861ee17c926a7dcea2c58a5536b46f90d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 25074
x-nc: MISS ams 3
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "735bb9788ef5665d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/07/King_Caucasus_Kabuto_cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
H3 200 108.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/04/ 21 KB
22 KB 85ms
81ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/04/108.jpg?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

f3a1fd8266856287b3f458f6b1624b8369d1d742d14fe682d5a59170aed5cea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 21994
x-nc: MISS ams 5
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "fab56150c8de94d0"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/04/108.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
H3 200 SuperSentai_Toyhistory45th_cover.jpeg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/04/ 26 KB
27 KB 1427ms
1422ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/04/SuperSentai_Toyhistory45th_cover.jpeg?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

3d38705530099ee015a032832487d5de395e8f0b26f8f151a4c3333dee1036f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 26924
x-nc: MISS ams 7
last-modified: Mon, 15 Jan 2024 09:14:43 GMT
server: nginx
etag: "10c1eb04977d4506"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/04/SuperSentai_Toyhistory45th_cover.jpeg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:43 GMT

GET
H3 200 Screenshot_1-1.png
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/04/ 102 KB
102 KB 2439ms
2434ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/04/Screenshot_1-1.png?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

56cea3f2a787719669b410f3f06a8cebda7aa41cf6a74318aa0c4e30a9085336

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:44 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 104052
x-nc: MISS ams 2
last-modified: Mon, 15 Jan 2024 09:14:44 GMT
server: nginx
etag: "ae2ab73de0c65f2c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/04/Screenshot_1-1.png>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:44 GMT

GET
H3 200 King-Ohger_Ep1_cover2.jpeg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/03/ 25 KB
25 KB 1445ms
1440ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/03/King-Ohger_Ep1_cover2.jpeg?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

fa97af6b6b0f6968b5ac1aa45a051ac24641c87d4b6ce4d2636e3fb3b8480cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 25370
x-nc: MISS ams 8
last-modified: Mon, 15 Jan 2024 09:14:43 GMT
server: nginx
etag: "4a048e7bde107cdb"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/03/King-Ohger_Ep1_cover2.jpeg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:43 GMT

GET
H3 200 king-ohger-cast_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/02/ 25 KB
25 KB 82ms
77ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/02/king-ohger-cast_cover.jpg?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

334b09328822f102c9634c24ad9c79a174600e9f0287cd9679ec30ee7b6992f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 25570
x-nc: MISS ams 3
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "602602ec0aed29e7"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/02/king-ohger-cast_cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
H3 200 king-ohger_cover.jpeg
i0.wp.com/www.j-hero.com/wp-content/uploads/2022/12/ 25 KB
25 KB 1320ms
1315ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2022/12/king-ohger_cover.jpeg?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

0e3fdee6391fb1526f7f7aac516904fee53d4581b51eff509f18c6e7bcd7815a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 25094
x-nc: MISS ams 8
last-modified: Mon, 15 Jan 2024 09:14:43 GMT
server: nginx
etag: "93bab77abf9ebb16"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2022/12/king-ohger_cover.jpeg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:43 GMT

GET
H3 200 249334973_593075105451571_2244778277591688337_n.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2022/12/ 19 KB
19 KB 80ms
76ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2022/12/249334973_593075105451571_2244778277591688337_n.jpg?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

eeba6a113ffd1115c3e7b7eb7b28889130ebe4e51c6f556957c88e5a6babb072

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 19450
x-nc: MISS ams 5
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "e2febfdc1054e0c6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2022/12/249334973_593075105451571_2244778277591688337_n.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
H3 200 power_rangers_cosmicfury_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2022/08/ 2 KB
2 KB 72ms
68ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2022/08/power_rangers_cosmicfury_cover.jpg?resize=80%2C60&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

e33299037d93b04eec33ecdc17b0531bf9fbf3aa40f06c1718fcda322d00394d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 1770
x-nc: MISS ams 1
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "82f1d9a9faa32441"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2022/08/power_rangers_cosmicfury_cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
H3 200 austin_Pr_news_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2022/05/ 2 KB
2 KB 1318ms
1314ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2022/05/austin_Pr_news_cover.jpg?resize=80%2C60&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

427aad7688786d7ce77c767f69f8754f365d91b50335e650e10ab167cc54c376

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 1544
x-nc: MISS ams 4
last-modified: Mon, 15 Jan 2024 09:14:43 GMT
server: nginx
etag: "3841e87b37c998d2"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2022/05/austin_Pr_news_cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:43 GMT

GET
H3 200 GAVAN-THE-MOVIE_YT_Cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2022/11/ 22 KB
22 KB 73ms
69ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2022/11/GAVAN-THE-MOVIE_YT_Cover.jpg?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

4f442072c1ef763d3fedb0351e2bf7f3d10f470298939f776f333a91704151d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 22364
x-nc: MISS ams 7
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "dc4b3a7042681a1b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2022/11/GAVAN-THE-MOVIE_YT_Cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
H3 200 75550407_10157080884994862_3281205579346870272_n.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2022/04/ 994 B
1 KB 75ms
71ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2022/04/75550407_10157080884994862_3281205579346870272_n.jpg?resize=80%2C60&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

a75625bcb8b2f8a5639ff1506332ea4e38e004b77adc00091a33baae1b25b41d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 994
x-nc: MISS ams 7
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "f3c6251f2a4b154f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2022/04/75550407_10157080884994862_3281205579346870272_n.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
H3 200 page.png
i0.wp.com/www.j-hero.com/wp-content/uploads/2021/09/ 9 KB
10 KB 2356ms
2353ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2021/09/page.png?resize=80%2C60&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

4823a41de8e6d461ee1e1068116eeb58c1f46ebfc2dd81f3a00caa5f23237fed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:44 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 9634
x-nc: MISS ams 4
last-modified: Mon, 15 Jan 2024 09:14:44 GMT
server: nginx
etag: "13ab64a55364858a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2021/09/page.png>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:44 GMT

GET
H3 200 Gotchardriver_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/07/ 2 KB
3 KB 78ms
75ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/07/Gotchardriver_cover.jpg?resize=80%2C60&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

b02e88fd9517be25d7e992a8af15798a422e594e8914b7f278dd3e94bd626d42

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 2518
x-nc: MISS ams 7
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "c3cf177d6501e81e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/07/Gotchardriver_cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
H3 200 dx-typhoon_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/02/ 2 KB
2 KB 57ms
53ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/02/dx-typhoon_cover.jpg?resize=80%2C60&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

5a10e8865fd881cc22a110c827bcaf70d541adb0908a6d54b650c47878937e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 1952
x-nc: MISS ams 1
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "0b95dd5e6d87769d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/02/dx-typhoon_cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
H3 200 decker_final_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/07/ 19 KB
19 KB 69ms
66ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/07/decker_final_cover.jpg?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

2a9264617bb426759645b999a0f8f10f4df1bb52a848f084f7f8b19a64ec221b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 19452
x-nc: MISS ams 5
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "72849143ad6cc832"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/07/decker_final_cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
H3 200 Ultraman_Netflix_Final_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/04/ 15 KB
16 KB 1369ms
1365ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/04/Ultraman_Netflix_Final_cover.jpg?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

15efe884a76072948bc24e51bb71c97960947c15e13d5c0caed0c600a7b25d4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 15694
x-nc: MISS ams 8
last-modified: Mon, 15 Jan 2024 09:14:43 GMT
server: nginx
etag: "6a11ba8078434635"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/04/Ultraman_Netflix_Final_cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:43 GMT

GET
H3 200 Gundam-New-Collection-BackpackTumbler-RX-78-2_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2023/01/ 15 KB
16 KB 1531ms
1527ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2023/01/Gundam-New-Collection-BackpackTumbler-RX-78-2_cover.jpg?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

679d4e1c3deae5fe7f53f50bbd5c7295386301b73c6e86c6ad089d32fa304fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 15660
x-nc: MISS ams 4
last-modified: Mon, 15 Jan 2024 09:14:43 GMT
server: nginx
etag: "d3e711fab810f61c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2023/01/Gundam-New-Collection-BackpackTumbler-RX-78-2_cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:43 GMT

GET
H3 200 super-mario-bros-themovie_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2022/11/ 10 KB
11 KB 1406ms
1402ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2022/11/super-mario-bros-themovie_cover.jpg?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

3f23a5bc5ae61c539d06a8904fd1e8f163c225dd3bab0ae8bd55d4c4e1ef352c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 10668
x-nc: MISS ams 3
last-modified: Mon, 15 Jan 2024 09:14:43 GMT
server: nginx
etag: "9db16de0c39ea9ca"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2022/11/super-mario-bros-themovie_cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:43 GMT

GET
H3 200 uncharted_movie_cover.jpg
i0.wp.com/www.j-hero.com/wp-content/uploads/2021/10/ 14 KB
14 KB 70ms
65ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.j-hero.com/wp-content/uploads/2021/10/uncharted_movie_cover.jpg?resize=326%2C245&ssl=1

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

cd5045feb326715cef412711171595c01ac62afdaefb1de315f170b96cd18144

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 14188
x-nc: MISS ams 5
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: nginx
etag: "0952159bdbb8842b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.j-hero.com/wp-content/uploads/2021/10/uncharted_movie_cover.jpg>; rel="canonical"
expires: Wed, 14 Jan 2026 21:14:42 GMT

GET
H3 200 jquery.yottie-lite.bundled.js Show response
www.j-hero.com/wp-content/plugins/yottie-lite/assets/yottie-lite/dist/ 321 KB
81 KB 909ms
909ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.j-hero.com/wp-content/plugins/yottie-lite/assets/yottie-lite/dist/jquery.yottie-lite.bundled.js?ver=1.3.3
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af09083ec6c480dde4512723fb4c9452dda5c6d3ca064badc03fa55542c07393

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Mon, 04 Feb 2019 21:35:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kqP00gS19CVYhwzG0iH%2Fa87AQSLkllNl80%2BXTtu8JEpF29VD4%2BEFKElMUg5jTGOS%2BJf%2F0i6%2FRf4ayxJSZjZu9YnqgNI%2Fi%2F%2Bm1PbmDMe%2BYex7%2FN4XOJAKKVGOVHFvWnPKg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 845d0288eed106c2-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 image-cdn.js Show response
www.j-hero.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/ 701 B
855 B 476ms
476ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.j-hero.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Thu, 11 Jan 2024 21:35:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITQ2%2FyR3rzFIa0eQTs%2FzFwkmn%2Bo3BdUNWgKzujOMswxX3wdudMxoHGenjT0WoffaH04SOTYvnED5U2tys3lYAYpHx%2FhblTAyfOln5jo6U1cGhZSmyPsSBYPFyc855MG%2FwA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 845d02894f5e06c2-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 ssba.js Show response
www.j-hero.com/wp-content/plugins/simple-share-buttons-adder/js/ 3 KB
2 KB 484ms
475ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.j-hero.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=1702503289
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1afeb9a2d9a01296c575126784a1d2ab736334ac419227c76be847640f9354b8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Wed, 13 Dec 2023 21:34:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FSmNvgB2hRof7MONhW0fGJibxLGN3jCImaRfG3V6POqJpWC5xyl%2BhHoqebKVC0SFYKx2%2FAqq8TMUeLgiDrHDDxdEky6541D1lHjIWGEUo%2Br8LPSYyZkZ8s9AwWyfU7CJw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 845d028c3b3e06c2-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 shortcodes.js Show response
www.j-hero.com/wp-content/plugins/social-polls-by-opinionstage/public/js/ 432 B
745 B 486ms
477ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.j-hero.com/wp-content/plugins/social-polls-by-opinionstage/public/js/shortcodes.js?ver=19.8.18
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52eb5cd34d6c335b53dba09cade6cee960f5461bf1d926ff56456887ded02a00

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Wed, 01 Nov 2023 21:34:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RaWfyWHkZbkxrsOfbG1bkwMP8UtPgKJYydQNFBluE3%2BHgzvUywk%2BxaF020U0IohlwVRod8qMhuKXrU9c4drIH8Tq77YlFHinV1GAPlJ0ZHPVxKjqtX%2F5oQ3gD8OyoMTmEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 845d028c3b4106c2-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 cff-scripts.min.js Show response
www.j-hero.com/wp-content/plugins/custom-facebook-feed/assets/js/ 42 KB
14 KB 618ms
610ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.j-hero.com/wp-content/plugins/custom-facebook-feed/assets/js/cff-scripts.min.js?ver=4.2.1
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23b7d97e49b583ca2949e8ef9a5b2badd67db17614d6e0934848f66d39d1dd17

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Tue, 02 Jan 2024 21:34:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4PxJfvTvvuKP3ojMZUR%2B5V1m31wuJhW0yPEuxkBYk1zPYB5NIH7pRm6031iYMnFog9aBx%2BBKERvygeqMdEYlZi2VKFI%2Fewm6QCXvco1tuMS%2BoYz1QVxGeiUD6Bf%2FpBrpUg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 845d028c3b4206c2-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 facebook-embed.min.js Show response
c0.wp.com/p/jetpack/13.0/_inc/build/ 639 B
682 B 25ms
12ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/13.0/_inc/build/facebook-embed.min.js

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a5950c0c5ca80c85d524deccd4d0b2c34d3567ec90e568e670fcd858cf6a2ead

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 11 Jan 2022 17:52:08 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 14 Jan 2025 09:14:41 GMT

GET
H2 200 twitter-timeline.min.js Show response
c0.wp.com/p/jetpack/13.0/_inc/build/ 265 B
606 B 25ms
12ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/13.0/_inc/build/twitter-timeline.min.js

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

68002d1756ab74bbd8c95d977ff8af585ab56706e59b0524a56a9788acf8e482

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 15 Jan 2024 09:14:41 GMT
strict-transport-security: max-age=15552000
last-modified: Tue, 14 Nov 2023 17:55:07 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
content-length: 265
expires: Tue, 14 Jan 2025 09:14:41 GMT

GET
H2 200 e-202403.js Show response
stats.wp.com/ 7 KB
3 KB 46ms
12ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202403.js
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT ams
date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14377-1704402358485.9985
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Mon, 13 Jan 2025 15:14:43 GMT

GET
H3 200 ads.js Show response
www.j-hero.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ 968 B
844 B 484ms
476ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.j-hero.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.80
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 935a3dedf56a63b7ae889aa5c8d090135428a8e2d5a40d756120d87c7daa38ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Sat, 30 Dec 2023 21:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJHFdnWYhidZ2OaAnm5m41x5rEdp0O%2FuqFF4bet2H2L5JLQC%2Bp9gihiN0XMY6vU%2Bc9ZSTbQXEQLJakJDPfRzdbZqiz3AWHRkC5z9TRU7mhkpSZ1m8c1BXSCKKduP7p62ig%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 845d028c3b4306c2-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jetpack-carousel.min.js Show response
c0.wp.com/p/jetpack/13.0/_inc/build/carousel/ 23 KB
8 KB 25ms
13ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/13.0/_inc/build/carousel/jetpack-carousel.min.js

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

66e324493b6a145a004d03c0548370be06c879ef95e8072ff8247d0964b26499

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 18 Dec 2023 16:25:23 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 14 Jan 2025 09:14:41 GMT

GET
H2 200 sharing.min.js Show response
c0.wp.com/p/jetpack/13.0/_inc/build/sharedaddy/ 9 KB
3 KB 25ms
13ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/13.0/_inc/build/sharedaddy/sharing.min.js

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9e1dae23d3ad3212f67d09ca79a50003c32953c36bab976f634c9b38d8a8c6dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 07 Mar 2023 19:14:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 14 Jan 2025 09:14:41 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame F63D 9 KB
4 KB 75ms
18ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.j-hero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 27328
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 01:39:14 GMT
etag: 9219409622527106327
expires: Mon, 29 Jan 2024 01:39:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 app_show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 309 KB
105 KB 91ms
87ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/app_show_ads_impl_with_ama_fy2021.js?client=ca-pub-9448684550121500&plah=www.j-hero.com&sbust=44805326

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe22e680a8ee7639ce8d61b2b4e3b6b84e9627c88fcf285a41e410e77ef31f8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107406
x-xss-protection: 0
server: cafe
etag: 519240838967452673
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 15 Jan 2024 09:14:41 GMT

GET
H2 200 DtVjJx26TKEr37c9aBVJnw.woff2
fonts.gstatic.com/s/sarabun/v15/ 11 KB
12 KB 69ms
20ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sarabun/v15/DtVjJx26TKEr37c9aBVJnw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Sarabun&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c18a7096d8615e2b30d7fbaccb64fe00b6cffccf671c3c4ca53244640722202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.j-hero.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 09:09:26 GMT
x-content-type-options: nosniff
age: 518716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11452
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 09:09:26 GMT

GET
H2 200 pxiLypw5ucZF-Tw4MQ.woff2
fonts.gstatic.com/s/mitr/v11/ 22 KB
22 KB 72ms
23ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mitr/v11/pxiLypw5ucZF-Tw4MQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mitr%3A400&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329c63d1e60592a56dbb383ce4d1281d543cd7615ecaa0db98ffb5ef154ef2c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.j-hero.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 11:54:02 GMT
x-content-type-options: nosniff
age: 249640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22228
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:51:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 11:54:02 GMT

GET
H3 200 fontawesome-webfont.woff2
www.j-hero.com/wp-content/plugins/custom-facebook-feed/assets/fonts/ 75 KB
76 KB 766ms
762ms Font
font/woff2 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.j-hero.com/wp-content/plugins/custom-facebook-feed/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/wp-content/plugins/custom-facebook-feed/assets/css/font-awesome.min.css?ver=4.7.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.j-hero.com/wp-content/plugins/custom-facebook-feed/assets/css/font-awesome.min.css?ver=4.7.0
Origin: https://www.j-hero.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
alt-svc: h3=":443"; ma=86400
content-length: 77160
x-nginx-cache: WordPress
last-modified: Tue, 02 Jan 2024 21:34:57 GMT
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9sBb1DWIATep10jGKFJKm0EPJTPzKZZqjjujTTN2Oo%2BPDppEmLZvxZH84hzlLc%2Fo1EE29J2tTbRkkFhHyw3eUqBV6%2FYOPLJ7TbIV6bVBF17NL%2BjrBUC9ghyXDTpmROJNtw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 845d028c4b4706c2-AMS

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70c44a9df364a5e5779a64d3b6bace4a0939ad6649859f59e30d4df5bbfbf7d6

Request headers

Referer
Origin: https://www.j-hero.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 79ms
40ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.j-hero.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 06:07:43 GMT
x-content-type-options: nosniff
age: 356819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 06:07:43 GMT

GET
H2 200 widget Show response
discord.com/ Frame 0173 2 KB
2 KB 97ms
61ms Document
text/html 162.159.138.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/widget?id=828956130666348554&theme=dark

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8974ca819840398ee32f8ff2f5551b21968f17cc6eb040bae452bdbbd82d2459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.j-hero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 845d028c8b2066cf-AMS
content-encoding: br
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:42 GMT
last-modified: Thu, 05 Oct 2023 23:01:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: interest-cohort=()
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oVF8dghn%2FkG0sTGbclL%2FqOHQNHBb9uLxeHtxV7DEH%2BdSAm0TgVP2avhs6dPp1A9N63EoWbEenPXynRZsJy33A6TOHhSRC3LKFyxnfzgJFMa2lakA0WSC0Ik0hln"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-build-id: 8688a61c63e65df22fb849a73b303b75a3bca43d
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 DtVjJx26TKEr37c9aAFJn2QN.woff2
fonts.gstatic.com/s/sarabun/v15/ 9 KB
10 KB 84ms
55ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sarabun/v15/DtVjJx26TKEr37c9aAFJn2QN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Sarabun&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7255a0ff175fc2330ee58fb2e55efc5edbc54d2f4546220b7b639c1fe601b443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.j-hero.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:45:32 GMT
x-content-type-options: nosniff
age: 552550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9676
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 23:45:32 GMT

GET
H2 200 pxiLypw5ucZF-Sg4Maj_.woff2
fonts.gstatic.com/s/mitr/v11/ 14 KB
14 KB 85ms
57ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mitr/v11/pxiLypw5ucZF-Sg4Maj_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mitr%3A400&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f182e9af89b104eaeceb40e923e37c9f0fee9e2f205e4bd88c2819a18a093444

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.j-hero.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:24:26 GMT
x-content-type-options: nosniff
age: 226216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14172
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:51:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 18:24:26 GMT

GET
H2 200 index.c28a9f9cf58c0cfb74b1.css
discord.com/assets/ Frame 0173 125 KB
17 KB 37ms
37ms Stylesheet
text/css 162.159.138.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/assets/index.c28a9f9cf58c0cfb74b1.css

Requested by

Host: discord.com
URL: https://discord.com/widget?id=828956130666348554&theme=dark

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d67c0937d3e83180de80fe7acfa1903276f193f83a6845b069f87bd4b4f4a831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://discord.com/widget?id=828956130666348554&theme=dark
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Sep 2023 21:57:40 GMT
server: cloudflare
etag: W/"a3d977528c57cccef14644b54c0a22ba"
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: https://discord.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0u8LKPhLzM1wS7915U%2B1LkWN35qwliqxf56c4B3o3C18MMav1Yc8qSrmdptcugJ7V9Tw0WRMf788huKd2q43cC14FXAnnAmTkwOheygmXQRy2zdpVhc2czDXixO1"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
cf-ray: 845d028d1bdc66cf-AMS

GET
H2 200 050107a671106733d869.js Show response
discord.com/assets/ Frame 0173 3 MB
706 KB 37ms
37ms Script
application/javascript 162.159.138.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/assets/050107a671106733d869.js

Requested by

Host: discord.com
URL: https://discord.com/widget?id=828956130666348554&theme=dark

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34fa76fe6fbe2df439a2f59f0b51c7fb760add093267cdde7fcb63c625c3a0e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://discord.com/widget?id=828956130666348554&theme=dark
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Oct 2023 22:45:15 GMT
server: cloudflare
etag: W/"6a4492248e70f6469195aa9c94db47ba"
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
access-control-allow-origin: https://discord.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0icLHMFeMFNVNyvYQoZOcr2ygmG2iu5ktJiIMx%2BbRLoW59Y%2FAbr6KlYYz7ef8Xoc62DcpnyfRpj%2B78ogvXv%2BZPimQavkpHQ%2FT9uTQwvk9PSbXPCtl1Q9hOf6cVvN"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
cf-ray: 845d028d1be066cf-AMS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
88 KB 37ms
35ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ENR3T43FQJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134698961-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

93bde517dcabd16f3aa4ddf851b124d0e32519d313224c04d039c7920e3183c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89786
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 15 Jan 2024 09:14:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 65ms
18ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134698961-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 15 Jan 2024 07:48:13 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5189
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 15 Jan 2024 09:48:13 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 152A 716 B
578 B 312ms
311ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=90&slotname=8356089636&adk=909181225&adf=945503801&pi=t.ma~as.8356089636&w=728&lmt=1705310082&format=728x90&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310081947&bpp=5&bdt=867&idt=188&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=1275441021063&frm=20&pv=2&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=629&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=834481197&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=194

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/app_show_ads_impl_with_ama_fy2021.js?client=ca-pub-9448684550121500&plah=www.j-hero.com&sbust=44805326

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aea93023a2d274263f6101924a63becedad2b7cbd5053606e9198f979d3e617e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.j-hero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:42 GMT
expires: Mon, 15 Jan 2024 09:14:42 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B472 253 KB
58 KB 818ms
818ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&adk=3826760629&adf=1341073466&lmt=1705310082&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310081960&bpp=4&bdt=881&idt=185&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=834481197&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=199

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f36c6a626a123c7de8f76abd40df8233e96dcf259ef9a98d03eb57bf18d27d3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.j-hero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 59087
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:42 GMT
expires: Mon, 15 Jan 2024 09:14:42 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6523 26 KB
11 KB 374ms
374ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=600&slotname=8054381891&adk=2469100880&adf=542241476&pi=t.ma~as.8054381891&w=300&lmt=1705310082&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310081969&bpp=19&bdt=889&idt=191&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=728x90%2C0x0&nras=1&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1002&ady=1979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=834481197&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=193

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1348be68ae96ce3d5e8dcb0aeb86a35e758fea510bdcb99a32bb3c49959a61be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.j-hero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11505
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:42 GMT
expires: Mon, 15 Jan 2024 09:14:42 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 embed_lib_v1.0.11.css
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/ 4 KB
2 KB 23ms
21ms Stylesheet
text/css 23.32.238.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.css
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-234.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: 03bdc578df22c63b243c4f3e898dd7d083c65b24205260541b0abc072cc38e5a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-encoding: gzip
x-expires-ms: 1695680369553
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
content-md5: zJ2Nyh55L+w+3gi0qlc5pw==
x-check-cacheable: YES
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
x-tos-request-id: 49dfd7108618ab1765108618-af54b35
x-tos-response-time: Sun, 24 Sep 2023 18:55:20 GMT
x-tt-logid: 2023092522192702D9E5496030DBCD9840
etag: "cc9d8dca1e792fec3ede08b4aa5739a7"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-request-ip: fdbd:dc51:ff:8:0:244:9:243
cache-control: max-age=1344177
x-tt-trace-host: 010371553e2e56e569fce7c6f0b5f606e02537aa12919bdb54e60c2ec97447ac88690318c0d22769dee39a82b66296ee2d91f4e8d84eaca257239c40d52c117ec5e99e61684dc0492eff2bbb4a549edfb629d4f716f9c21a837f9c22253003c4815e49b9be232a662d5108698c3993eae355528044958e57e2cb34753f3335169f
x-response-cache: edge_hit
access-control-allow-headers: *
x-akamai-request-id: a04e746
date: Mon, 15 Jan 2024 09:14:42 GMT
x-cache: TCP_MEM_HIT from a23-32-238-230.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53314474) (-)
x-parent-response-time: 895,23.48.22.180
content-length: 1362
last-modified: Thu, 03 Nov 2022 00:46:48 GMT
server: TLB
access-control-max-age: 86400
access-control-allow-credentials: false
x-response-cinfo: fdbd:dc51:ff:8:0:244:9:243
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 embed_lib_v1.0.11.js Show response
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/ 15 KB
6 KB 21ms
20ms Script
application/javascript 23.32.238.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2895e5ed5c744e60706d7b9ca2659c79555abd6a8a876b547b82bb89299fc6a3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-encoding: gzip
x-expires-ms: 1690697061922
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
content-md5: 6f9KK8Y3c/2Yh2WZTLuA2Q==
x-check-cacheable: YES
x-bdcdn-cache-status: TCP_MISS
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=268
x-tos-request-id: 56d386c5fd64bef964c5fd64-af5441b
x-tos-response-time: Sun, 30 Jul 2023 06:04:20 GMT
x-tt-logid: 20230730060419B606CD18FE1339D75109
etag: "CNX5z9bkkPsCEAE="
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
x-request-ip: fdbd:dc51:4000:283:a::138
cache-control: max-age=1834641
x-tt-trace-host: 01fc5541eca403340d90acc77f37b806561d2f01a12188d2327cf6954edae27efa3512d59687a2b18700652027e984743b2bf4e75dfa289344a593725dbdc2fc4ffd1a5584db039b4b24dd2c3d64b3ed328035c85293611371b9a8eaa36dca0087229b422c23c6089b322f19f0cafd418c9d4daf6ecd3cc323b2e953ed6756b1a8
x-response-cache: miss
access-control-allow-headers: *
x-akamai-request-id: a04e747
date: Mon, 15 Jan 2024 09:14:42 GMT
x-cache: TCP_MEM_HIT from a23-32-238-230.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53314474) (-)
x-parent-response-time: 49,23.192.47.228
content-length: 5449
last-modified: Thu, 03 Nov 2022 00:46:48 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-credentials: false
x-response-cinfo: fdbd:dc51:4000:283:a::138
accept-ranges: bytes
timing-allow-origin: *

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 43ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ENR3T43FQJ&gtm=45je41a0v882092637&_p=1705310081915&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1525255968.1705310082&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1705310082&sct=1&seg=0&dl=https%3A%2F%2Fwww.j-hero.com%2F&dt=Home%20-%20J-HERO.COM%20%5B%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B9%84%E0%B8%8B%E0%B8%95%E0%B9%8C%E0%B8%AE%E0%B8%B5%E0%B9%82%E0%B8%A3%E0%B9%88%E0%B8%AD%E0%B8%B1%E0%B8%99%E0%B8%94%E0%B8%B1%E0%B8%9A%E0%B8%AB%E0%B8%99%E0%B8%B6%E0%B9%88%E0%B8%87%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B9%80%E0%B8%97%E0%B8%A8%E0%B9%84%E0%B8%97%E0%B8%A2%5D&en=page_view&_fv=1&_ss=1&tfd=2901
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ENR3T43FQJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.j-hero.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 67ms
22ms Ping
text/plain 2a00:1450:400c:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ENR3T43FQJ&cid=1525255968.1705310082&gtm=45je41a0v882092637&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ENR3T43FQJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.j-hero.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 97ms
30ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ENR3T43FQJ&cid=1525255968.1705310082&gtm=45je41a0v882092637&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1861660788

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 @j_hero.com Show response
www.tiktok.com/embed/ Frame FCCC 112 KB
21 KB 357ms
356ms Document
text/html 184.86.251.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Requested by: Host: lf16-tiktok-web.ttwstatic.com
URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-139.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: eb8af542ba20247fbbb6ffa6735e228adca4f317d7a1f0f5a60a1bb2942323a0

Request headers

Referer: https://www.j-hero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 15 Jan 2024 09:14:42 GMT
expires: Mon, 15 Jan 2024 09:14:42 GMT
pragma: no-cache
server: TLB
server-timing: cdn-cache; desc=MISS, edge; dur=22, origin; dur=312 inner; dur=309
x-akamai-request-id: 389cd5b9.370d42a3
x-cache: TCP_MISS from a184-84-216-139.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
x-cache-remote: TCP_MISS from a23-72-36-60.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
x-origin-response-time: 312,23.72.36.60
x-parent-response-time: 334,184.84.216.139
x-pumbaa-web-avail: 1
x-tt-logid: 2024011509144144139CDEBEB46300D7D2
x-tt-trace-host: 01c554b38239ff32bc286f6ab99ac6c3aa999d39734b88e56383dce400f1cf0a8aad740815306d4a478c93b5085c35c6abe1eedb7f0fac8619d7bb0e10ef28750ddaf126ca0716f89390b919bc0f2bb46e734c296581411dff301448faf65db156df6cddcbdd7aafb73153f9a5d9525ce1
x-tt-trace-id: 00-24011509144144139CDEBEB46300D7D2-6012F66D35054A27-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e40392e86c82f3bce196182c21ed8467cca4aea225e451db8fd16ca727fa52d8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 25ms
25ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=2067121018&t=pageview&_s=1&dl=https%3A%2F%2Fwww.j-hero.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20J-HERO.COM%20%5B%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B9%84%E0%B8%8B%E0%B8%95%E0%B9%8C%E0%B8%AE%E0%B8%B5%E0%B9%82%E0%B8%A3%E0%B9%88%E0%B8%AD%E0%B8%B1%E0%B8%99%E0%B8%94%E0%B8%B1%E0%B8%9A%E0%B8%AB%E0%B8%99%E0%B8%B6%E0%B9%88%E0%B8%87%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B9%80%E0%B8%97%E0%B8%A8%E0%B9%84%E0%B8%97%E0%B8%A2%5D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=629615192&gjid=1075716051&cid=1525255968.1705310082&tid=UA-134698961-1&_gid=47671798.1705310082&_r=1&gtm=457e41a0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=87464299

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.j-hero.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.j-hero.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 widget.json Show response
discord.com/api/guilds/828956130666348554/ Frame 0173 8 KB
5 KB 305ms
305ms XHR
application/json 162.159.138.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/api/guilds/828956130666348554/widget.json

Requested by

Host: discord.com
URL: https://discord.com/assets/050107a671106733d869.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.138.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f01bde5f465a974970f4deb8af7c38064f58dd2838bbb5629f4af5a6c98c626

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; default-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://discord.com/widget?id=828956130666348554&theme=dark
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'; default-src 'none'
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKWwPBegYhrB4oGxTt5sFzzWQDdNVofoq37JeMZUI0PC%2B4DJmOm0hQjrCzryJR9lDaqp6PClswM%2FANud137qpxRAs0wLUdiZ9ryq2fSxJWfVxzbLLznhw50Rg7IT"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: public, max-age=300
cf-ray: 845d028e8b260e50-AMS
expires: Mon, 15 Jan 2024 09:19:42 GMT

GET
H3 200 8f20d57d7d0ea34489dcdd432437f71c.svg
discord.com/assets/ Frame 0173 5 KB
3 KB 31ms
31ms Image
image/svg+xml 162.159.138.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discord.com/assets/8f20d57d7d0ea34489dcdd432437f71c.svg

Requested by

Host: discord.com
URL: https://discord.com/assets/index.c28a9f9cf58c0cfb74b1.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.138.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

030a48bdceecea284c28a35adf5b0f72dd3ef87274efa511da1fd1250434f240

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://discord.com/assets/index.c28a9f9cf58c0cfb74b1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Mar 2023 18:28:00 GMT
server: cloudflare
etag: W/"8f20d57d7d0ea34489dcdd432437f71c"
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
access-control-allow-origin: https://discord.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfNuX9Ar%2F%2FlZwYhvGWyXGM%2FiTktHXjANUMk6ziWea1pPV65n59wxtdeQsvjTVdxv9L23LiHXla%2BqNZcoCLc%2BaJL%2BKGcv67MdlHJaBGjGLEQrNlsJrFDWO30CX0g8"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
cf-ray: 845d028e8b340e50-AMS

GET
H3 200 ff5eccde83f118cea0224ebbb9dc3179.woff2
discord.com/assets/ Frame 0173 39 KB
39 KB 34ms
34ms Font
font/woff2 162.159.138.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/assets/ff5eccde83f118cea0224ebbb9dc3179.woff2

Requested by

Host: discord.com
URL: https://discord.com/assets/index.c28a9f9cf58c0cfb74b1.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.138.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13da02ce62b1a388a7c8d6f3bd286fe774ee2b91ac63d281523e80b2a8a063bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://discord.com/assets/index.c28a9f9cf58c0cfb74b1.css
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 39724
x-xss-protection: 1; mode=block
last-modified: Fri, 02 Jun 2023 20:46:12 GMT
server: cloudflare
etag: "ff5eccde83f118cea0224ebbb9dc3179"
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://discord.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hamggAHvlPHLw5opNxFqW1Yz7jiQvRyUiNZ60ADqiNd%2B2AxbTAJlb7d4ERxhpljRcrMYTEmW89i7xn9i9VDbBU9tISS0Nfxd7J7QqMX9GAPLfMqgQTbCVkRNxF6T"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 845d028e8b370e50-AMS

GET
H3 200 3d6549bf2f38372c054eafb93fa358a9.woff2
discord.com/assets/ Frame 0173 37 KB
38 KB 57ms
56ms Font
font/woff2 162.159.138.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/assets/3d6549bf2f38372c054eafb93fa358a9.woff2

Requested by

Host: discord.com
URL: https://discord.com/assets/index.c28a9f9cf58c0cfb74b1.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.138.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e401b056dc1eb48d44a01407ceb54372bbc44797d3259069ce96a96dfd8c104

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://discord.com/assets/index.c28a9f9cf58c0cfb74b1.css
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 38156
x-xss-protection: 1; mode=block
last-modified: Fri, 02 Jun 2023 20:46:12 GMT
server: cloudflare
etag: "3d6549bf2f38372c054eafb93fa358a9"
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://discord.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fS1a4DUK7CFfZyS0XPQ15ResOAJzN%2FYCp9e3Bj1bsxvNJrj%2FcDtBKCBYecBVkPhzdLpzUO%2F6DY0YlBmvPPU%2FSIGtDCn4%2FiMz%2FhEq6D7u2RVojx58jL52qUGMC9Sn"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 845d028e8b380e50-AMS

GET
H3 200 7f63813838e283aea62f1a68ef1732c2.woff2
discord.com/assets/ Frame 0173 39 KB
39 KB 69ms
68ms Font
font/woff2 162.159.138.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/assets/7f63813838e283aea62f1a68ef1732c2.woff2

Requested by

Host: discord.com
URL: https://discord.com/assets/index.c28a9f9cf58c0cfb74b1.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.138.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

440ad8b1449985479bc37265e9912bbf2bf56fe9ffd14709358a8e9c2d5f8e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://discord.com/assets/index.c28a9f9cf58c0cfb74b1.css
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 39424
x-xss-protection: 1; mode=block
last-modified: Fri, 02 Jun 2023 20:46:12 GMT
server: cloudflare
etag: "7f63813838e283aea62f1a68ef1732c2"
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://discord.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPpXI5pDle%2FQCvlmT4HU8QWvaly8zsFaaf0ADKBMTTBgPyOCORenqhpUj8%2FIi86TKIlEWZASQtHduq%2BjN%2BI7kZ60pdW%2BfixUqy44FyeQBBYMuDr2hAOUa07Uiznz"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 845d028e8b3d0e50-AMS

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 23ms
22ms XHR
text/plain 2a00:1450:400c:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-134698961-1&cid=1525255968.1705310082&jid=629615192&gjid=1075716051&_gid=47671798.1705310082&_u=YCDACUAABAAAACAAI~&z=1767205145

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.j-hero.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.j-hero.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

main.js Show response
discord.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame 1649
Redirect Chain

https://discord.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://discord.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

7 KB
4 KB

20ms
20ms

Script
application/javascript

162.159.138.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Server

162.159.138.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67ef0ad06789a0c4d738a7d2cfee597946270caba8f576a6e15fe04e57cb4f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BlEn4oEAzJtacNSjwJ8EI0uHqTmO9vIhihYAnoDqJmmHXuOJ0JB5VUhCU0qpSDgH7H9lNgQnjkuG61wUB6eOdg7jpAKl4gyOW%2BawIsoemaP0qBowuSOZ26KDRdua"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 845d028f1bcd0e50-AMS
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 15 Jan 2024 09:14:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qt9z%2F1p%2Fd6dfcJsFxam6HVmZafAResz1X6ThOnr9RxT%2FYzpI%2BY6C24x4Zu4%2FmWs%2BI08E%2BSD%2BDi%2ByGeCWZL2QilGk5DhZhqlsMvvH3A0%2FbnGaJBj%2FoZEK51zUxDi"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 845d028eeba10e50-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 108ms
41ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/wp-content/plugins/yottie-lite/assets/yottie-lite/dist/jquery.yottie-lite.bundled.js?ver=1.3.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

012836af0a51bc628cc3eb10b36ac2b6a1dc5c6b118f95c6e5c0a66bb2c14966

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 15 Jan 2024 09:14:42 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 56ms
19ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fc3e4edfb15709a4c3a9bf3a7d2cfb9a9cc7f97ec9ae5a38d1587d2f7edd6fd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 15 Jan 2024 09:14:42 GMT
content-md5: 75ZOZ3TBQph2pjUQ7taf5w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints
x-fb-debug: mbWZvvqlKUnoJYOrWnajd6D/5R05314DV1x//AQcnycVYzgCFvFBGZClg6WhjaKZAstV0HbORnj2SWYkeCswZg==
x-fb-content-md5: cd204c15cd3f5331a2f1d13b21978e55
cross-origin-opener-policy: same-origin-allow-popups
etag: "d901df15701be295ede98d3f619defa7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Mon, 15 Jan 2024 09:23:56 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 77ms
32ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-134698961-1&cid=1525255968.1705310082&jid=629615192&_u=YCDACUAABAAAACAAI~&z=1262644675

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-134698961-1&cid=1525255968.1705310082&jid=629615192&_u=YCDACUAABAAAACAAI~&z=1262644675

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 845d028c8b2066cf Show response
discord.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 1649 0
565 B 35ms
35ms XHR
text/plain 162.159.138.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/cdn-cgi/challenge-platform/h/b/jsd/r/845d028c8b2066cf

Requested by

Host: discord.com
URL: https://discord.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.138.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhTvzdjeKE8kiH%2FVN1rQu1gsYND0lzRra60leTnUo9%2BIU2ryegCn9BQnHIa2skfmEsMW0DJHAC9Ife86bk889roim0naOMmS34Lzz67zRRm5x4MzLnBgE5S3RP1w"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 845d028f9c390e50-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 297 KB
85 KB 40ms
19ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=501e734e0a604aeddf61830dc77c28a9

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

77db9785098e09345f7de193f32ff66a6901ece220cd21f3e1d084363896ca81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.j-hero.com/
Origin: https://www.j-hero.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 15 Jan 2024 09:14:42 GMT
content-md5: T7NQb5ucvSC9K/+9qDTkkA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86933
reporting-endpoints
x-fb-debug: WnBXjwu4vlgb4tOGC0K81KC2ug8vWx1GRy+bbQ7piy6tiGOuBVeA1d9s171l6g0K1RAFMq98PJMVEWJLJAd5+A==
x-fb-content-md5: 12a05db31ee3d2bcde678a84073f9728
cross-origin-opener-policy: same-origin-allow-popups
etag: "3fa1fe4467ca79941858fa55aaf37d5b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 14 Jan 2025 07:39:59 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/80b90bfd/www-widgetapi.vflset/ 216 KB
67 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca5a691ea0a5a7485c48827ef56c36cb4414693c72ef5f6a0067e5c9d3e00261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 16:36:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59865
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68600
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 13 Jan 2025 16:36:57 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?_=1705310081731

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/c/6.4.2/wp-includes/js/jquery/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19badffa5d1c4fb2bd91af06baad8e12aac3f3a3fe97a858aa3cf9ef4fe55b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51832
x-xss-protection: 0
server: cafe
etag: 16295421240291177870
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 15 Jan 2024 09:14:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6523 42 B
63 B 56ms
55ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AtwoGGoaetFe2s2Pl8H7ZQdRm85TY05I7BkYrP0NnWNUsIrrasYqJ_MEAVrBjckwwWhqxQkH7D8kxqKdbO-bcgMVXXa9yuyuNZUXYkNW1Kq1CEKX4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=600&slotname=8054381891&adk=2469100880&adf=542241476&pi=t.ma~as.8054381891&w=300&lmt=1705310082&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310081969&bpp=19&bdt=889&idt=191&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=728x90%2C0x0&nras=1&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1002&ady=1979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=834481197&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=193

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6523 89 KB
31 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 15 Jan 2024 09:14:42 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 6523 3 KB
1 KB 69ms
24ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 08:26:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2868
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 08:26:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 6523 20 KB
9 KB 67ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50071
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 19:20:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6523 205 KB
65 KB 36ms
29ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jan 2024 09:14:42 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6467 624 B
246 B 61ms
61ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjogrzGATAB&v=APEucNXtyt5eRTLv6uIbsg6DQXXbZHlHq1TtcSMM13P_iL1Z9oD951RALrolLUbGA4dKsG-C8O5NOXAyC-qT6BXFrZvusFWk_Pzzz0PCYOLMZSs6bxL600ta1qQqvjuBjLZXBflbzg2k9bnlBYrThlafYjaaXy-kp0-I9uYpz9Bvyn_i69OO5Ao

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=600&slotname=8054381891&adk=2469100880&adf=542241476&pi=t.ma~as.8054381891&w=300&lmt=1705310082&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310081969&bpp=19&bdt=889&idt=191&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=728x90%2C0x0&nras=1&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1002&ady=1979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=834481197&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=193
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:42 GMT
expires: Mon, 15 Jan 2024 09:14:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.696/ Frame FCCC 74 KB
20 KB 148ms
70ms Script
application/javascript 23.32.238.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.696/index.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: af775583ea19948c74a6d6ac7269448b4a65d249fe451f77b17166e0e627d8a3

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 2548d05f
date: Mon, 15 Jan 2024 09:14:42 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: YTETM6Hdyug/bSC1b84K8w==
x-cache: TCP_MEM_HIT from a23-32-238-167.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53314474) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=1
storage-tier: Standard
content-length: 19260
last-modified: Tue, 09 Jan 2024 12:17:23 GMT
opc-request-id: iad-1:dFF1jNxOhIrH-M2PA40xRDx97zWo74aTbvKEBvW9amhgK6wf7N19BgOtgjRPGSs2
x-api-id: native
etag: 357d16ff-f85e-46ca-bd93-e75b732a933c
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: 4a61c54b-6708-45f0-a9a5-81593ac4eb6a
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 14 Feb 2024 09:14:42 GMT

GET
H2 200 slardar.web.pre.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok-infra/csp/sdk-pre/ Frame FCCC 1 KB
2 KB 143ms
65ms Script
application/javascript 23.32.238.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok-infra/csp/sdk-pre/slardar.web.pre.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bd113bf16c8248ed5f35534237857f87f43acdc099257ec1a7f2656f05011b63

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 2548d064
date: Mon, 15 Jan 2024 09:14:42 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: P5/hYxgBxxHLk5gY8cMwoA==
x-cache: TCP_MEM_HIT from a23-32-238-167.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53314474) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 678
last-modified: Tue, 21 Nov 2023 21:56:32 GMT
opc-request-id: iad-1:Ng0vlCiZ8UwY-9aHKOov1nTRZl0Ec2ftoJNvrmTTk3rcuy0H6C-jWyITyD1q-lTp
x-api-id: native
etag: c252952a-75dc-4fd5-ad7b-ce37b1ff5a0c
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: 767d9985-b13e-4bda-ba96-917bfea9f7be
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 14 Feb 2024 09:14:42 GMT

GET
H2 200 frontity-public-path.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/ Frame FCCC 1 KB
1 KB 98ms
20ms Script
application/javascript 23.32.238.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/frontity-public-path.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 392591bbc5502ea4dafe821ceda74651b94c6d6a2060f20d1f7763f7b2ae8d45

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 2548d063
date: Mon, 15 Jan 2024 09:14:42 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: bEo+DSwLnUpa/0CVx3s3Zw==
x-cache: TCP_MEM_HIT from a23-32-238-167.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53314474) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 532
last-modified: Thu, 21 Dec 2023 02:05:53 GMT
opc-request-id: iad-1:cJbBKvbHvXO_csWIoOycVHw9zTsVffi45IBhf3t2j3-kDHIais_oKbI8IFNpQQy5
x-api-id: native
etag: 2240973f-b40b-4f20-b031-92136906ed96
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: 32252873-2191-4ea4-8638-0fe78e33324c
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
x-origin-response-time: 767,23.192.44.239
timing-allow-origin: *
expires: Wed, 14 Feb 2024 09:14:42 GMT

GET
H2 200 webmssdk.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/webmssdk/1.0.0.95/ Frame FCCC 706 KB
209 KB 98ms
20ms Script
application/javascript 23.32.238.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/webmssdk/1.0.0.95/webmssdk.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d7b8b5392a78695a914e1ceca108c0ef344624883f93f1c872c84c8f9fc601

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 2548d065
date: Mon, 15 Jan 2024 09:14:42 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: pCmy+XQ8AXYvEAnYlwEEyA==
x-cache: TCP_MEM_HIT from a23-32-238-167.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53314474) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 212949
last-modified: Tue, 12 Dec 2023 22:43:12 GMT
opc-request-id: iad-1:67P9CDn9UkDnOpMaccMg--IG5n1Ui-QsZCo_G7KAHa6hBsDFI6CHtOlm8owW1bZo
x-api-id: native
etag: 6b2392e4-cd66-4627-8385-4fdc6793b130
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: 19b7da1e-1792-400a-a966-f8d6ddca3612
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 14 Feb 2024 09:14:42 GMT

GET
H2 200 tiktok-embed.module.541f3889c9f29bc98170.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/ Frame FCCC 2 MB
542 KB 100ms
22ms Script
application/javascript 23.32.238.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/tiktok-embed.module.541f3889c9f29bc98170.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d766dfc45ab20fc94bcc3f46dd8215e2baef8b1dd02466a650c1ac88f4dee802

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 2548d05e
date: Mon, 15 Jan 2024 09:14:42 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: F5x8nkNVylIHp5U9GKX6WA==
x-cache: TCP_MEM_HIT from a23-32-238-167.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53314474) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=1
storage-tier: Standard
content-length: 553601
last-modified: Thu, 11 Jan 2024 19:54:29 GMT
opc-request-id: iad-1:RisbqxAqgP6YFetpyxghYp8xUPGAFAjQq_P6rVSliz5qW-Ht1N-HIFl8VE_WsHV7
x-api-id: native
etag: ae3e1dde-9c11-4481-9af6-a035ec9869ae
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: ebb2e662-fbad-4bc0-a513-68eae440f954
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 14 Feb 2024 09:14:42 GMT

GET
H2 200 playlistCard.module.f0f40c8b6997941d8443.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/ Frame FCCC 42 KB
13 KB 97ms
19ms Script
application/javascript 23.32.238.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/playlistCard.module.f0f40c8b6997941d8443.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1cdb22fd145f0de9b180551fd7537af3cd67bf81892575cdb048398a2f7469ed

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 2548d05d
date: Mon, 15 Jan 2024 09:14:42 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: 1Xl7ITYnsj6P87DkAiM7zQ==
x-cache: TCP_MEM_HIT from a23-32-238-167.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53314474) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=1
storage-tier: Standard
content-length: 12069
last-modified: Thu, 11 Jan 2024 04:16:17 GMT
opc-request-id: iad-1:orcB1N3u4TPJw6dCR8MAHQtrS_k_sE_b6eSc0JaZxe1AVg7O4F6QntgiMV6BO7Gu
x-api-id: native
etag: 7bafe250-201f-4217-bc85-6d6fbcb4648c
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: 54722d7b-e74a-450f-b15e-1248e581873d
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 09:14:42 GMT

GET
H2 200 70f79e9a0dfd7505ec12e9663cae29ff.jpeg
p16-sign-sg.tiktokcdn.com/aweme/100x100/tos-alisg-avt-0068/ Frame FCCC 6 KB
8 KB 71ms
19ms Image
image/jpeg 2.18.121.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-sg.tiktokcdn.com/aweme/100x100/tos-alisg-avt-0068/70f79e9a0dfd7505ec12e9663cae29ff.jpeg?lk3s=a5d48078&x-expires=1705482000&x-signature=uJ7mklqSulDZYolr15FzVcCZ9V0%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.121.202 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-121-202.deploy.static.akamaitechnologies.com
Software: TLB / ImageX
Resource Hash: a75f04c5bc8994196e9fe7f02718d1e61ffe0f99ea4b0410fccbd2fd7951d521

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 2c3207c3.9d08895
date: Mon, 15 Jan 2024 09:14:42 GMT
x-crop-loc: (0,0)-(200,200)
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
nw-session-id: 20231019165803C522F89079CBE15A6335cgcrh12tt
x-powered-by: ImageX
x-cache: TCP_MISS from a2-18-120-202.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 5,2.18.120.202
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085629
server-timing: cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, inner; dur=2
x-length: 6566
content-length: 6566
last-modified: Thu, 19 Oct 2023 16:58:04 GMT
server: TLB
x-tt-logid: 20231019165803C522F89079CBE15A6335
x-response-date: Thu, 19 Oct 2023 16:58:04 GMT
x-cache-remote: TCP_HIT from a23-75-16-152.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
x-imagex-extra: {"algo.succ":"crop","enc":{"h":100,"nq":95,"q":95,"w":100}}
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-10-19T16:58:04.289261823Z 93
x-request-ip: fdbd:dc51:ff:1:1:245:34:32
cache-control: max-age=31536000
x-response-cinfo: fdbd:dc51:ff:1:1:245:34:32
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
x-tt-trace-host: 018d12581a2f0f2f057494bde89a284cdd5d08f54d4ac4ddb4b2561a88b010af8d30d157dc270de847158a1c7f75750c3e7c9a7f63125bf86ea51352ef0e239b4ffebd028b09fe3b7cafcce7989ddcff6763cb336ba7ac6c7fcdba05d283eb90d6a414de293ed3721e2378e188394eb868815e80b4d315889bf4131ec45efb9ee5

GET
H2 200 playButton-e9bf7461aa077c84a9b77816c47dc3c4.png
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/ Frame FCCC 477 B
1 KB 44ms
43ms Image
image/png 23.32.238.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/playButton-e9bf7461aa077c84a9b77816c47dc3c4.png
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 13eafced6e4d89ca730683b212509d3efb57c6a8b75503cb02b66fe3352ce370

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 2548d08e
date: Mon, 15 Jan 2024 09:14:42 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: 6b90YaoHfISpt3gWxH3DxA==
x-cache: TCP_MEM_HIT from a23-32-238-167.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53314474) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 477
last-modified: Thu, 12 Oct 2023 01:04:56 GMT
opc-request-id: iad-1:GflRJACf5mRtpHj1ib04oztmUNcAcOHT4yHQO7EjD5p4i0or9GFDnHovTfhYWyiH
x-api-id: native
etag: 34e21628-38d8-44ba-a1aa-6e95c0b1a8e7
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: image/png
version-id: c407a197-3569-4d3e-a406-86f520fadddf
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 09:14:42 GMT

GET
H2 200 24ed2d3a4af74aaf8f624238d639be0e_1705138775
p16-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/ Frame FCCC 231 KB
232 KB 1087ms
1087ms Image
image/jpeg 2.18.121.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/24ed2d3a4af74aaf8f624238d639be0e_1705138775?x-expires=1705482000&x-signature=kkHtRmB8HdUNQ5ErpIfxJPGZwAs%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.121.202 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-121-202.deploy.static.akamaitechnologies.com
Software: TLB / ImageX
Resource Hash: d1fc7ff024d262b4a77b3c840996c8736fa7bce2bfed3338d7a01e33e7f3cff0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 26115d2f.33d1f3cd.9d088fa
date: Mon, 15 Jan 2024 09:14:43 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
x-tt-trace-id: 00-2401130943144C28DF5C331EB10DD125-52B458B040F73775-00
nw-session-id: 202401130943144C28DF5C331EB10DD125n8zhf13tt
x-powered-by: ImageX
x-cache: TCP_MISS from a2-18-120-202.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 1018,2.17.160.79, 1020,2.18.120.202
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085629
server-timing: cdn-cache; desc=HIT, edge; dur=1022, origin; dur=0, inner; dur=39
x-length: 236582
content-length: 236582
last-modified: Sat, 13 Jan 2024 09:43:16 GMT
server: TLB
x-tt-logid: 202401130943144C28DF5C331EB10DD125
x-response-date: Sat, 13 Jan 2024 09:43:16 GMT
x-cache-remote: TCP_MISS from a2-17-160-79.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2024-01-13T09:43:16.016621067Z 37
x-request-ip: fdbd:dc53:3:777::17
x-origin-response-time: 44,23.46.16.247
x-tt-trace-host: 01075a448ac6d63b02d37d8213a903d8cdb96d181d4e5f0ff0b54564d6aa9e67c8309fdf47a84e1deb029de86037df2ce3d558a66f6f5c41e4948f990b146c96306751518aa1c8bf87db326b436d553136d1ad650d66d1d69cf229fb7dd61235aa996948bcbf94c3ca67dc3d86e572627d9a84b2252eb6db8f29a6853c7455f5f6
x-response-cinfo: fdbd:dc53:3:777::17
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *
cache-control: max-age=31364883

GET
H2 200 o4flu4ReE6DmYZAECPFv6IOMB6pDQQBrTtEJ0A
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame FCCC 149 KB
150 KB 141ms
141ms Image
image/jpeg 2.18.121.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/o4flu4ReE6DmYZAECPFv6IOMB6pDQQBrTtEJ0A?x-expires=1705482000&x-signature=v9N3gKhsVi4Z5iXevDJKWj8lU5M%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.121.202 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-121-202.deploy.static.akamaitechnologies.com
Software: TLB / ImageX
Resource Hash: 75651e75d59ca341853730936c76682a23cd606627fc841da998620c1fa247a1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 5792d1fd.55bdf7d5.9d089ae
date: Mon, 15 Jan 2024 09:14:42 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-check-cacheable: YES
x-tt-trace-id: 00-240115091441085435E25B8E9A7B5C17-4E1F66723CA6F081-00
nw-session-id: 2024011500003357940208211C8A27FADAp5qsl21tt
x-powered-by: ImageX
x-cache: TCP_MISS from a2-18-120-202.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 123,23.209.124.10, 128,2.18.120.202
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1498632
server-timing: cdn-cache; desc=MISS, edge; dur=108, origin; dur=20, inner; dur=1
x-length: 152183
content-length: 152183
last-modified: Mon, 15 Jan 2024 00:00:34 GMT
server: TLB
x-tt-logid: 2024011500003357940208211C8A27FADA
x-response-date: Mon, 15 Jan 2024 00:00:34 GMT
x-cache-remote: TCP_MISS from a23-209-124-10.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2024-01-15T00:00:34.752982268Z 85
x-request-ip: fdbd:dc61:b:333::52
x-origin-response-time: 27,23.55.62.29
x-tt-trace-host: 0159893ee4a12b1cb10c7d855a7ad5d8a64c2d855f5a1ab38961825729eddcab1cb12830d7927a3dc2ec3fed0a95ef9649eabd67a531670c5e0ae2ac390efde79a12f016b0ffc6134c0584dfbcc0a24753da1f14c41f869f691e8b679f9a078128ac9d2a244fe64cf8716cd4a64ada2b90
x-response-cinfo: fdbd:dc61:b:333::52
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
cache-control: max-age=31502693

GET
H2 200 95ae26c8ceae448caa857cdb79959256_1703490929
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame FCCC 315 KB
316 KB 18ms
17ms Image
image/jpeg 2.18.121.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/95ae26c8ceae448caa857cdb79959256_1703490929?x-expires=1705482000&x-signature=CQJuycUpjacD6bWx8dFTFG4J4O4%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.121.202 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-121-202.deploy.static.akamaitechnologies.com
Software: TLB / ImageX
Resource Hash: e873e49bddadb10f21d5fc6713e2f59c21a4b1e0b3fc539caa82fcaca870ab1c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 14cf8b29.9d08a4f
date: Mon, 15 Jan 2024 09:14:42 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
x-tt-trace-id: 00-240106235443E8DA3BA58501608E55FC-0DF737D854A61A8C-00
nw-session-id: 2024010613451261614E5E28E77B1B33CDxm2s721tt
x-powered-by: ImageX
x-cache: TCP_MISS from a2-18-120-202.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 2,2.18.120.202
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1498632
server-timing: cdn-cache; desc=HIT, edge; dur=3, origin; dur=0, inner; dur=2
x-length: 322581
content-length: 322581
last-modified: Sat, 06 Jan 2024 13:45:13 GMT
server: TLB
x-tt-logid: 2024010613451261614E5E28E77B1B33CD
x-response-date: Sat, 06 Jan 2024 13:45:13 GMT
x-cache-remote: TCP_HIT from a2-18-120-152.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2024-01-06T13:45:13.61301519Z 49
x-request-ip: fdbd:dc61:3:47::12
x-origin-response-time: 23,23.55.62.70
x-tt-trace-host: 01c958b4b1e5c1c24060df42ebef0875f15074ec0f27d712ba027d211b282af68fa8565a8fcec56bcd357c9b57bb23e8920de8a790517ef9c545516957b6ccb273666cb74915e3c03d98a83dcec15928c377e797b43c0cf099fcb1bf5f1ed32f8e40f73a37c3d091741d99287c3719ca9b
x-response-cinfo: fdbd:dc61:3:47::12
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
cache-control: max-age=30774643

GET
H2 200 82a9983264db4772add5f239b1f8ff45_1703329852
p77-sign-sg-lite.tiktokcdn.com/obj/tos-alisg-p-0037/ Frame FCCC 401 KB
402 KB 110ms
35ms Image
image/jpeg 138.199.37.209
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p77-sign-sg-lite.tiktokcdn.com/obj/tos-alisg-p-0037/82a9983264db4772add5f239b1f8ff45_1703329852?x-expires=1705482000&x-signature=VCgFyaiwDeERkuK3MeTUEM%2FB8C8%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.209 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 218040468.fra.cdn77.com
Software: CDN77-Turbo / ImageX
Resource Hash: 3f620b8703c68bb3349639ceb405966343701f3b8c8c49ab43dfee5730f73af2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-pop: frankfurtDE
x-tt-trace-tag: id=00;cdn-cache=miss
x-tt-trace-id: 00-240114000150688AEDAC0D63196EA2FA-1FE34CE6557D74D9-00
age: 1016134
x-bdcdn-cache-status: TCP_HIT
server-timing: inner; dur=6
x-77-nzt: EggBiscl0AFBDAGKxyUxAdcT0wEA
x-77-age: 119571
x-tt-logid: 20240102054616DFB4380A7804967F6428
x-response-date: Tue, 02 Jan 2024 05:46:17 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2024-01-02T05:46:17.951854251Z 121
cache-control: max-age=31536000
x-request-ip: fdbd:dc51:ff:2:1:245:55:115
x-tt-trace-host: 01e7ca64f5668b4f18c9161a4fd070ded105ee541c0fb0a139508e35746cf58ac0eeac79b3a3f0b9740d693be822ba489e3aa72389b2e44712ef02fc90ade3d99e0ef277f1988e3daefd17d4a5d891811ba10f901e226f50cd01c70e4684a55a234a93298132d289db73db62ced889f7e4
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
date: Mon, 15 Jan 2024 09:14:42 GMT
via: n234-039-195
nw-session-id: 20240102054616DFB4380A7804967F6428r9lgf12tt
x-powered-by: ImageX
x-77-cache: HIT
x-length: 410164
x-accel-date: 1705190511
content-length: 410164
x-cache-lb: MISS
x-accel-expires: @1736726511
last-modified: Tue, 02 Jan 2024 05:46:17 GMT
server: CDN77-Turbo
x-77-nzt-ray: 9408ff0ca5bee35d82f7a465839fda32
x-response-cinfo: fdbd:dc51:ff:2:1:245:55:115
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 6456daccc9db4b1d928f44b39f235c29_1703698997
p16-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/ Frame FCCC 245 KB
246 KB 1030ms
1029ms Image
image/jpeg 2.18.121.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/6456daccc9db4b1d928f44b39f235c29_1703698997?x-expires=1705482000&x-signature=zsHpZqn%2FI4YFQiljx6kZrNzk2Pk%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.121.202 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-121-202.deploy.static.akamaitechnologies.com
Software: TLB / ImageX
Resource Hash: b7d84a9a6e7e0f7fc0677ab1d113605a021f2dba8418120287b46864f0d89b6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 1900420b.ac6113e.9d08a50
date: Mon, 15 Jan 2024 09:14:43 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
x-tt-trace-id: 00-2312271743464AAE098C512AFD29924E-0B0BA5506C564788-00
nw-session-id: 202312271743464AAE098C512AFD29924Ert7n212tt
x-powered-by: ImageX
x-cache: TCP_MISS from a2-18-120-202.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 1012,23.209.124.24, 1016,2.18.120.202
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085629
server-timing: cdn-cache; desc=HIT, edge; dur=1016, origin; dur=0, inner; dur=171
x-length: 250546
content-length: 250546
last-modified: Wed, 27 Dec 2023 17:43:48 GMT
server: TLB
x-tt-logid: 202312271743464AAE098C512AFD29924E
x-response-date: Wed, 27 Dec 2023 17:43:48 GMT
x-cache-remote: TCP_MISS from a23-209-124-24.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-12-27T17:43:48.06012803Z 150
x-request-ip: fdbd:dc51:4000:363:a::228
cache-control: max-age=29924970
x-tt-trace-host: 018d083e64acd23585f3b9b19be7390f2b25fca5b553ed61da57a592cf40ec48576783d9b7fa0316b571d2c5ef1d77e1ebc5af14a7bb76300626645cb3a74d9f8c51219588d84a6a507ab0388a5b1a0d5c25a860b815a7484f0cbfb571e6621bf8c47bd85a11b7f904f185c90f6795e663f7194416a202bc55f83261ee14f410b76aa4ec53085a0d34ad0d1b48ba7fc696
x-response-cinfo: fdbd:dc51:4000:363:a::228
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *

GET
H2 200 d91a2fa3889b4adbb873c18471088dad_1702647185
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame FCCC 331 KB
332 KB 151ms
151ms Image
image/jpeg 2.18.121.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/d91a2fa3889b4adbb873c18471088dad_1702647185?x-expires=1705482000&x-signature=QR4oezAlvnxCkAO2jKZVK6h%2F%2FEY%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.121.202 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-121-202.deploy.static.akamaitechnologies.com
Software: TLB / ImageX
Resource Hash: ef8256ebd363ae9c97363df9c6bf91e2d52f6a898b19cb0a824d1ae2dbec7f94

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 9eca8658.a978dd55.9d08a56
date: Mon, 15 Jan 2024 09:14:42 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-check-cacheable: YES
x-tt-trace-id: 00-240115091441A0DF06CED053A57A7316-78CF62C9409B6A59-00
nw-session-id: 2024011415463229A763356A5E19BC0AD9zlkcr21tt
x-powered-by: ImageX
x-cache: TCP_MISS from a2-18-120-202.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 129,2.17.160.223, 133,2.18.120.202
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1498632
server-timing: cdn-cache; desc=MISS, edge; dur=113, origin; dur=20, inner; dur=3
x-length: 339036
content-length: 339036
last-modified: Sun, 14 Jan 2024 15:46:33 GMT
server: TLB
x-tt-logid: 2024011415463229A763356A5E19BC0AD9
x-response-date: Sun, 14 Jan 2024 15:46:33 GMT
x-cache-remote: TCP_MISS from a2-17-160-223.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2024-01-14T15:46:33.28364027Z 113
x-request-ip: fdbd:dc61:c:149::34
x-origin-response-time: 27,23.55.62.54
x-tt-trace-host: 0159893ee4a12b1cb10c7d855a7ad5d8a62da9cee82369721f1cbc5b2a0e9c45f4ec2114e7a88a982c5ec35bf15cbcee36255e0926b7bde552cccd1a4e5a106e7d16af76bc45e8ef1b82e8e8103f6fa3a00712ef0fa3ceb264a01076a355ff6bfc75ae04b2c81c993cb9ad7529840d3400
x-response-cinfo: fdbd:dc61:c:149::34
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
cache-control: max-age=31473097

GET
H2 200 0af2d64c797c40b297d579021962d966_1702299064
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame FCCC 211 KB
212 KB 164ms
163ms Image
image/jpeg 2.18.121.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/0af2d64c797c40b297d579021962d966_1702299064?x-expires=1705482000&x-signature=DGMMly0ztGIOhzXFaCyAhuI9PLA%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.121.202 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-121-202.deploy.static.akamaitechnologies.com
Software: TLB / ImageX
Resource Hash: 27543bc198b1d9cf4d4c57ed9b33d22dd336d6222bbd4276f198f0d90eb5807f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 3baa65c2.3db8dcb9.9d08a57
date: Mon, 15 Jan 2024 09:14:42 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-check-cacheable: YES
x-tt-trace-id: 00-240115091441BDEE9971144410655CE0-187B7BA48112C571-00
nw-session-id: 2024011502441336F8DF36116EDF40EB0Evxkfx21tt
x-powered-by: ImageX
x-cache: TCP_MISS from a2-18-120-202.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 140,88.221.144.29, 143,2.18.120.202
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1498632
server-timing: cdn-cache; desc=MISS, edge; dur=117, origin; dur=26, inner; dur=3
x-length: 216201
content-length: 216201
last-modified: Mon, 15 Jan 2024 02:44:14 GMT
server: TLB
x-tt-logid: 2024011502441336F8DF36116EDF40EB0E
x-response-date: Mon, 15 Jan 2024 02:44:14 GMT
x-cache-remote: TCP_MISS from a88-221-144-29.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2024-01-15T02:44:14.626481642Z 143
x-request-ip: fdbd:dc61:c:151::152
x-origin-response-time: 35,184.27.176.14
x-tt-trace-host: 0159893ee4a12b1cb10c7d855a7ad5d8a6d0bb914525a9983974eb35c2d7985b6c0daace249debae233d78d6e3a150ef313a139f1a453afe0249fcef523bd7d0370f3cb166498ee34d8e577bdcfec5f423096155b6f86cce6a1cce99d21e621218040a395b7a35ee70715bd4523c9608f3
x-response-cinfo: fdbd:dc61:c:151::152
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
cache-control: max-age=31512621

GET
H2 200 ocCHAvM7eXXeEIdEhKQMNL8oAUDfg48uCSbRqj
p77-sign-va-lite.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame FCCC 40 KB
41 KB 115ms
38ms Image
image/jpeg 138.199.37.213
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p77-sign-va-lite.tiktokcdn.com/obj/tos-maliva-p-0068/ocCHAvM7eXXeEIdEhKQMNL8oAUDfg48uCSbRqj?x-expires=1705482000&x-signature=JsZ4ZfuMXt61VtHi%2F4X2zzMbGKA%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.213 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 559277417.fra.cdn77.com
Software: CDN77-Turbo / ImageX
Resource Hash: aa3f803b6bc294d9d94bb022b546d95348bd22272c5b3dee7dc1fb08927c1d9c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-pop: frankfurtDE
x-tt-trace-tag: id=00;cdn-cache=miss
x-tt-trace-id: 00-2401140028509796CD6B7AB2322B82B5-4855E6EF30780185-00
age: 1620
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
server-timing: inner; dur=2
x-77-nzt: EggBiscl0wFBDAGKxyUxAde/zAEA
x-77-age: 117951
x-tt-logid: 20240114000150C96BEFE6F2EC9D190DAC
x-response-date: Sun, 14 Jan 2024 00:01:51 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2024-01-14T00:01:51.248781451Z 83
cache-control: max-age=31536000
x-request-ip: fdbd:dc61:c:151::154
x-tt-trace-host: 016629d52dc4a0bc49b100907377e9e39f277349aac9c9cd9deb9299e77322f4426c9a6ac77a7cf441208058dcdf379fddd38251a9260f38fa6ca04f56d81854f7586648a3a95085fb75b512cf236c28a00f1b681c6ce7f333ba1ed742ad6babb3
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
date: Mon, 15 Jan 2024 09:14:42 GMT
via: n222-041-071
nw-session-id: 20240114000150C96BEFE6F2EC9D190DACrphgm21tt
x-powered-by: ImageX
x-77-cache: HIT
x-length: 40529
x-accel-date: 1705192131
content-length: 40529
x-cache-lb: MISS
x-accel-expires: @1736728131
last-modified: Sun, 14 Jan 2024 00:01:51 GMT
server: CDN77-Turbo
x-77-nzt-ray: 69e5552186ebcd4c82f7a4652131fd32
x-response-cinfo: fdbd:dc61:c:151::154
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 722929ad74d64ec3888f84eea14cb1e9_1702263486
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame FCCC 386 KB
387 KB 137ms
137ms Image
image/jpeg 2.18.121.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/722929ad74d64ec3888f84eea14cb1e9_1702263486?x-expires=1705482000&x-signature=VOQrtrh5CC7TnnWskti1INDi3e8%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.121.202 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-121-202.deploy.static.akamaitechnologies.com
Software: TLB / ImageX
Resource Hash: fc90f7695ae76c37b7a10f81466d81112d495fe65b6bb5f22f38bfe23275e914

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 16747cb0.22f1c11d.7e40f055.9d08a58
date: Mon, 15 Jan 2024 09:14:42 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
x-tt-trace-id: 00-240115082506E44CA98F6E432E7091F9-62A6F7704B9FBC29-00
nw-session-id: 20240115082506E44CA98F6E432E7091F9lmcfb21tt
x-powered-by: ImageX
x-cache: TCP_MISS from a2-18-120-202.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 9,23.193.177.19, 117,104.110.190.70, 121,2.18.120.202
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1498632
server-timing: cdn-cache; desc=HIT, edge; dur=121, origin; dur=0, inner; dur=125
x-length: 394963
content-length: 394963
last-modified: Mon, 15 Jan 2024 08:25:07 GMT
server: TLB
x-tt-logid: 20240115082506E44CA98F6E432E7091F9
x-response-date: Mon, 15 Jan 2024 08:25:07 GMT
x-cache-remote: TCP_MISS from a104-110-190-70.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2024-01-15T08:25:07.246572873Z 121
x-request-ip: fdbd:dc61:5:201::159
cache-control: max-age=31533087
x-tt-trace-host: 01fb9b78a9029ae12e9c588ed91969dab4e3dc6db8ae5d7da8f0e4a09469cfa7de3148abdeed6b33589221e6118925a6d79f5204f5ce1df4368877d92c908f5a0689c8202f3bcd46cfcfa36dd31595c2c37c433893564167d8117074491a2135179b5efc32972b391fdf92dca716b0ccf97659886be4ab9cd4301b2a966f032f05
x-response-cinfo: fdbd:dc61:5:201::159
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *

GET
H2 200 ccb240f2ec8947e6bc8e98545fade44a_1701495553
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame FCCC 411 KB
412 KB 159ms
158ms Image
image/jpeg 2.18.121.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ccb240f2ec8947e6bc8e98545fade44a_1701495553?x-expires=1705482000&x-signature=90U8LfFViQh4%2FQPFK%2Bl6AfyA9FY%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.121.202 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-121-202.deploy.static.akamaitechnologies.com
Software: TLB / ImageX
Resource Hash: 5985c6ffbe2e559580382863d0d754228d1d1fddc77425501f02d781c4387346

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 329b4bb1.1942f9ef.9d08a59
date: Mon, 15 Jan 2024 09:14:42 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-check-cacheable: YES
x-tt-trace-id: 00-2401150914414CC74129F0FE7C780D3C-4F4F09D06EEA70A9-00
nw-session-id: 2024011502441427CB9EF249AC7133B8D75p5db21tt
x-powered-by: ImageX
x-cache: TCP_MISS from a2-18-120-202.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 135,104.97.86.19, 139,2.18.120.202
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1498632
server-timing: cdn-cache; desc=MISS, edge; dur=111, origin; dur=28, inner; dur=4
x-length: 420721
content-length: 420721
last-modified: Mon, 15 Jan 2024 02:44:15 GMT
server: TLB
x-tt-logid: 2024011502441427CB9EF249AC7133B8D7
x-response-date: Mon, 15 Jan 2024 02:44:15 GMT
x-cache-remote: TCP_MISS from a104-97-86-19.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2024-01-15T02:44:15.884070386Z 103
x-request-ip: fdbd:dc61:10:225::35
x-origin-response-time: 34,23.55.62.71
x-tt-trace-host: 0159893ee4a12b1cb10c7d855a7ad5d8a6e00c056b4a20139202ec6b2d4cdd25dbb2b48d393d4725e1c8c3875dbee5dcdeb22ac340847bb191f84f6963d6f2a7af56c7d71d7b19418f44ccfef68bc60151be3bc17238939b4c723436161cddd20599c25bf869585604c2912789e6ccce61
x-response-cinfo: fdbd:dc61:10:225::35
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
cache-control: max-age=31512507

GET
H2 200 fullProfile-7e8cead262d90a2c7a720b579e6f15cf.png
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/ Frame FCCC 3 KB
4 KB 22ms
22ms Image
image/png 23.32.238.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/fullProfile-7e8cead262d90a2c7a720b579e6f15cf.png
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a97d688e7c8d57e612cc4f2aa9b178f8d4bd3da083af25fd634be351222e1906

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 2548d143
date: Mon, 15 Jan 2024 09:14:42 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: fozq0mLZCix6cgtXnm8Vzw==
x-cache: TCP_MEM_HIT from a23-32-238-167.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53314474) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 2991
last-modified: Wed, 03 Jan 2024 17:43:50 GMT
opc-request-id: iad-1:ZPtPcFh_rpe2zcPs3pDEYgbjAs_18ZNA8SpRO8QscAGfiQmnbdfQlHchbVQs1aJ2
x-api-id: native
etag: cfab7db1-20b4-4ead-9d90-a0fb2debde13
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: image/png
version-id: 312d841d-1b4f-436e-aa2c-f7b24f5dc6c6
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 09:14:42 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 61ms
15ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/13.0/_inc/build/twitter-timeline.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B7E) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:42 GMT
Content-Encoding: gzip
Age: 1148
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (amb/6B7E)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 27ms
12ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=148198192&post=917&tz=7&srv=www.j-hero.com&j=1%3A13.0&host=www.j-hero.com&ref=&fcp=2706&rand=0.14885845962168265
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 15 Jan 2024 09:14:42 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H3 200 wp-emoji-release.min.js Show response
www.j-hero.com/wp-includes/js/ 18 KB
5 KB 513ms
513ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.j-hero.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Wed, 29 Mar 2023 21:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHBUqzIc0kDzm3%2Fyw7YqZpZFPLV8Eugh9rVKC%2BIz0u%2BtNDlBnpdnhiwFhqW59vs3qYq69GdIalXnvzKQdlEkNhth78ckFcwpgim89nREsjgUKq8FUbSHOLperMRbWDxjuw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 845d0290290006c2-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.ALXhQhU1_MU.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w/ 135 KB
48 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.ALXhQhU1_MU.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de43c959bac4dc95ff19d7a48dccd5de3a5e40ec26162b21ade159c182365b3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:37:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 387425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48265
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 19:05:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jan 2025 21:37:37 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.ALXhQhU1_MU.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w/ 119 KB
41 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.ALXhQhU1_MU.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

134ac91bb2a40002d2521ca3f99e837c2d483d2217872fa24d1810c95a51f27a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:37:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 387425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41594
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 19:05:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jan 2025 21:37:37 GMT

GET
H3 200 subscribe_embed Show response
www.youtube.com/ Frame C242 3 KB
1 KB 50ms
50ms Document
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCNPBMjTj8WF0K28WGlwG8Mg&layout=full&theme=dark&count=default&origin=https%3A%2F%2Fwww.j-hero.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.nl.ALXhQhU1_MU.O%2Fd%3D1%2Frs%3DAHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b5f581484f223d0306f2dc2ac483caf931b3537787df2e9a8cc0592d64a45cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.j-hero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin; report-to="youtube_main"
date: Mon, 15 Jan 2024 09:14:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
www.facebook.com/login/ Frame 5F33
Redirect Chain

https://www.facebook.com/v2.9/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25e2c7ad31ed9%26domain%3Dwww.j-hero.com%26is_...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fver...

0
0

211ms
211ms

Document
text/html

2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df25e2c7ad31ed9%2526domain%253Dwww.j-hero.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.j-hero.com%25252Ff2639a1088d657%2526relation%253Dparent.parent%26container_width%3D298%26height%3D500%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FJHERODOTCOM%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26width%3D300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=501e734e0a604aeddf61830dc77c28a9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.j-hero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 15 Jan 2024 09:14:42 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: QG5chj6GKkzLULFAOg1ybaqYsg4kv/ZNh8IsvmE7s6si2OBzVK2BsPpkCNp0IriTNFcCj/F5b2HXj8L5UzScKg==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:42 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df25e2c7ad31ed9%2526domain%253Dwww.j-hero.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.j-hero.com%25252Ff2639a1088d657%2526relation%253Dparent.parent%26container_width%3D298%26height%3D500%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FJHERODOTCOM%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26width%3D300
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=()
pragma: no-cache
reporting-endpoints
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: 9SqUhno36Q8NmiwDEZ3DGMq5haVdevB4FSZopN3hq/gQVTIaTlXpBuSL9thYmJXApZRqXiv7tkwCnBSXk7Pr/g==
x-xss-protection: 0

GET
H2 200 q62q5GD7WFbynFRNLA0XWkuOMh9czbislTBtstSxI3U0EH0-887_ENErunnecTuSSSi3sufgyAg4EEDDNiyT2_cOXCvDBBTDcwo6-CXOMRmSkStckJqC_fSVg58cFLi3Z8O15X4MNHIGsg
cdn.discordapp.com/widget-avatars/BED1lR6qCTcKvA_Ci2oyKXDWcx6ydEDX0_asTqgjpZQ/ Frame 0173 37 KB
37 KB 181ms
144ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/BED1lR6qCTcKvA_Ci2oyKXDWcx6ydEDX0_asTqgjpZQ/q62q5GD7WFbynFRNLA0XWkuOMh9czbislTBtstSxI3U0EH0-887_ENErunnecTuSSSi3sufgyAg4EEDDNiyT2_cOXCvDBBTDcwo6-CXOMRmSkStckJqC_fSVg58cFLi3Z8O15X4MNHIGsg
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7901832bdbf86ab967f1f757ec809c1658b13e40abc6db786dfe133fa76cb055

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 37552
last-modified: Tue, 07 Nov 2023 17:46:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kM%2Fl0kMtXCJO5liaTwJbYZNr%2FvkJJPQWWAxBX0KpJWJVrx2csbFEkGpDLN5gVdLVweVbKwP4VZdRrNZBS76i%2Bseuutd9jEfDtY9jye1NibTLzx9%2Btjjcw9onUBeyb2ZI1RQ8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 845d0290ab9ab755-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 14 Jan 2025 09:14:42 GMT

GET
H2 200 -k7N_TpzPaCDW4_joohU_GDfOBlMVHXk3Xw8KcqmeJebnRrPy-bn3KLTQgbW4Ui2AkiJQli5rAG_QwSmALCfzlzKnU6IsNsvNLhHKCZpjbA2odaUIAH46Y1Z4dQQ-oAEVVH_PFoX8_Fh3A
cdn.discordapp.com/widget-avatars/fLFabdBCeYghWjU2ZbxbpSHNgAPEk3RVxoEjeAhojfU/ Frame 0173 11 KB
12 KB 164ms
127ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/fLFabdBCeYghWjU2ZbxbpSHNgAPEk3RVxoEjeAhojfU/-k7N_TpzPaCDW4_joohU_GDfOBlMVHXk3Xw8KcqmeJebnRrPy-bn3KLTQgbW4Ui2AkiJQli5rAG_QwSmALCfzlzKnU6IsNsvNLhHKCZpjbA2odaUIAH46Y1Z4dQQ-oAEVVH_PFoX8_Fh3A
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c44a5670a47fe3a6a3800fc9d37a9ca5cb4337706d65c7b73b4e23ef359b6e91

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 11756
last-modified: Tue, 16 Aug 2022 11:36:57 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XioRJhPgwBpjH6trqtJCUaE6rEU2WLDfWyUz8KiwPipoPIfH%2FIgsNxeFrvxpNxMwee8kFex7c%2Bqqepei%2FukJqMFIlHpSX2tjzc203leAi%2FlSwYpcfkwKDj6wul%2BPkJ0bk7aa0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 845d0290ab98b755-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 14 Jan 2025 09:14:42 GMT

GET
H2 200 ObH0vZkN_LgDwuRINLd_WwBKpUNQeV6_fDxnQ9dRgueZHPvsqghGP3TQOcd9T0blf4JLuacUx2zXo_iDMjAQ68PGAx83yEy9KLz_uoeDbisomgNBOS1bTHMVt6IVyYEEoYNVpCTvaNLBjQ
cdn.discordapp.com/widget-avatars/skNV-ISu5R0dDyiSRi2O3DsLrRXk2A_fkIdrM6S4scA/ Frame 0173 25 KB
26 KB 165ms
129ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/skNV-ISu5R0dDyiSRi2O3DsLrRXk2A_fkIdrM6S4scA/ObH0vZkN_LgDwuRINLd_WwBKpUNQeV6_fDxnQ9dRgueZHPvsqghGP3TQOcd9T0blf4JLuacUx2zXo_iDMjAQ68PGAx83yEy9KLz_uoeDbisomgNBOS1bTHMVt6IVyYEEoYNVpCTvaNLBjQ
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ec9c1a3a15249998644d0f1a686e8e91b48dd4f95c6eb3eea65da4eb8cc0e22

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 25861
last-modified: Thu, 08 Jun 2023 11:34:34 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hv37kXGVg5p95G9IYGcdkaFljbUP5qmhoYzhmpceJxSUYjV6DJ1J%2BrLbwXuQXakbqaIx90IM4KTVM39nx8D2PxQlH5eooWspEKcxDFdZi2wEmcIEK9oru3ucdQwgV2niUs88qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 845d0290ab99b755-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 14 Jan 2025 09:14:42 GMT

GET
H2 200 Z2kFowJ_wCfOPrW1oj2vHv59ZaivLaGiuR_pEnUxy_yYMBWWtC9M_Eu4w8pLftGYmIjMQErnm8vRirvULewIyMXj9kq1JYM0lgXMSGOGWVCdWRBbXqJRvLZg_TCjV-IJb7FGtpiMzkwFAA
cdn.discordapp.com/widget-avatars/73Iv8vJNHpcV_Llt1FuVRXH-B07s1QyHt5NahGk8W7k/ Frame 0173 7 KB
7 KB 164ms
128ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/73Iv8vJNHpcV_Llt1FuVRXH-B07s1QyHt5NahGk8W7k/Z2kFowJ_wCfOPrW1oj2vHv59ZaivLaGiuR_pEnUxy_yYMBWWtC9M_Eu4w8pLftGYmIjMQErnm8vRirvULewIyMXj9kq1JYM0lgXMSGOGWVCdWRBbXqJRvLZg_TCjV-IJb7FGtpiMzkwFAA
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4674982014015d670ef97af746184c54075709dd2ec9c3d98e5a77aaa458156a

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6705
last-modified: Wed, 01 Mar 2023 14:27:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mFBhroeTDQIZ0pjjn1YbtQhKwKtHnP%2Bf1%2F5S5I5pDba0tWoYQxiRNP5wSIN7YGwdv4Oy6ygNFHZiF7NhXdSJC5Hb0YSu6ZRsABzmwHVx53MbudhiPtXmlC3SrB7zyhLgN4xZHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 845d0290ab9cb755-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 14 Jan 2025 09:14:42 GMT

GET
H2 200 kDEPvyApSNG8nWqzF4b6gD6Ph12N__tLjSlZq1dVgECaUNMPFvwXme7yjcgxpPucB9_C3Zu8rD4h7Kkwc0LimbaeZ7MsUQgfXTuWKI0-aHNNDNjdrrgfTdjUlawG7g2pf0nnLz03BTQqcw
cdn.discordapp.com/widget-avatars/oxRCPQH7h48pHJiHYaW5KgKtOuk0xRVRiaNL9aTyZSw/ Frame 0173 13 KB
14 KB 161ms
125ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/oxRCPQH7h48pHJiHYaW5KgKtOuk0xRVRiaNL9aTyZSw/kDEPvyApSNG8nWqzF4b6gD6Ph12N__tLjSlZq1dVgECaUNMPFvwXme7yjcgxpPucB9_C3Zu8rD4h7Kkwc0LimbaeZ7MsUQgfXTuWKI0-aHNNDNjdrrgfTdjUlawG7g2pf0nnLz03BTQqcw
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da70372b2f4dcd9a1a4058bf3c46989c9ba4edf359d9c982cd2cb2b8e4858188

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 13442
last-modified: Thu, 04 Feb 2021 22:08:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ExzbiQp%2FVGwe5s2daEz1tztvPJGmJniUeLoGgyuOJmHzsC%2BQ73kN%2FhqmCZWO6yH0DlIJvCvJ1cVja5MArM9t0U6vmL4AxOc8o%2BodoN%2Bj8GfVeqU%2Byq6PnPCQ%2BkTjLLgNGPHudg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 845d0290ab9bb755-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 14 Jan 2025 09:14:42 GMT

GET
H2 200 3Q9GkWAgzSQSlymfqGtyMa8rOWnfpbYaEUWdmrESAahmlABe2g5OtCGjlW97wz4rBCVmePeoDl9tqqt1GehlgSdV1eoOntflGPwnYBjroEyWIoWv9HLJc0jlo5YwiXgLM-rVwv6cIK3dlw
cdn.discordapp.com/widget-avatars/_fQBEMVRWl5JDoEKZQ6eoJaEdA5gtWro8I-hPuwEZPE/ Frame 0173 43 KB
44 KB 168ms
132ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/_fQBEMVRWl5JDoEKZQ6eoJaEdA5gtWro8I-hPuwEZPE/3Q9GkWAgzSQSlymfqGtyMa8rOWnfpbYaEUWdmrESAahmlABe2g5OtCGjlW97wz4rBCVmePeoDl9tqqt1GehlgSdV1eoOntflGPwnYBjroEyWIoWv9HLJc0jlo5YwiXgLM-rVwv6cIK3dlw
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fb32d6fba55de8e11cfe5aa7f2ed7c7307660a3561579e04ac86f5cf6ba251c

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 44346
last-modified: Thu, 19 Oct 2023 08:51:33 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tr3qMQevfWvUQa39rsLpnsJsdWWiuMsnLe86OCqJrKdjMdm8yKYbcfG%2FkrDtepqsjYvxLX%2FNjJEMvYS3ljLqi%2Fomke3A5c7Fc3x2i4UOhLNmhBBib3uRXG%2FXeZC1H2%2FoHPg8Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 845d0290ab97b755-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 14 Jan 2025 09:14:42 GMT

GET
H2 200 UeYILnG-A8X8GIabHYdGDP90TJvlOxJ4uyFjdpBeJ0dJe3UrdC-jY-v6e1yeSgqCcEKeTHM_u7_UYqfSDujioNUaeC5Eh4-ID-2fB0qbzM3Tt7oyRmAp-Z9xtZWwo9ADDVyA3tN2ZILHiQ
cdn.discordapp.com/widget-avatars/4GIFL5kADr7AJMPT0LLAcBEcgBwSIWk_CQM7P0o2WOo/ Frame 0173 24 KB
25 KB 128ms
127ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/4GIFL5kADr7AJMPT0LLAcBEcgBwSIWk_CQM7P0o2WOo/UeYILnG-A8X8GIabHYdGDP90TJvlOxJ4uyFjdpBeJ0dJe3UrdC-jY-v6e1yeSgqCcEKeTHM_u7_UYqfSDujioNUaeC5Eh4-ID-2fB0qbzM3Tt7oyRmAp-Z9xtZWwo9ADDVyA3tN2ZILHiQ
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dec829b0a97bc50403005d2324420c1b88d5f8c8a276646119aad84f6cd3004

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 24686
last-modified: Sun, 07 Jan 2024 05:56:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdKUnUl5FYYtzsYJZ2O7F04h7ExtHqXSi%2BpIMqG8EnM3AlPDzJ2QK%2FJU9dagFKFF6sHspUDXNfkRMErmq2ns8yfjgTuWRMVpYsMmkaEp928zzbfWuK81V4KrH%2FLf6VrkTcIQZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 845d02917c20b755-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 14 Jan 2025 09:14:42 GMT

GET
H2 200 CkGkTrV04IZLnbEQ3ahqtS17bCqNcL9EmhHBdYy6jzpUlSsDWzUFzVcrWLlr4uO_36VXKxDNVrZhkP-oIAmw0z1hz-55I9IxNcBNwLxUwIhjWY34XhfZ4f3XJx0IhedQOW8h1ZsBcC4CsA
cdn.discordapp.com/widget-avatars/26O8OGk9fO4kBhEafDrN9Evps9AEE-dUHwshVjcjuUM/ Frame 0173 10 KB
11 KB 37ms
36ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/26O8OGk9fO4kBhEafDrN9Evps9AEE-dUHwshVjcjuUM/CkGkTrV04IZLnbEQ3ahqtS17bCqNcL9EmhHBdYy6jzpUlSsDWzUFzVcrWLlr4uO_36VXKxDNVrZhkP-oIAmw0z1hz-55I9IxNcBNwLxUwIhjWY34XhfZ4f3XJx0IhedQOW8h1ZsBcC4CsA
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42c61fdf651cbab3b66e4c33f61fc2b4faf14c1465b40965b66179184e8de10e

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255390
alt-svc: h3=":443"; ma=86400
content-length: 10397
last-modified: Mon, 21 Feb 2022 00:44:53 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERBelIG9zXJ64jBqSaNE82bzep0k0XgU6ZJZLTw1tYUJ%2B3cKc%2FS7bHNJ0jnXtggvtZgheFdZoRCZYD1ysv1n0qq%2FiSHaC9xWw1AIE0qJGsOZ1Rp%2BNbrPTGeUOkVjoE2ghnxTGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 845d02917c23b755-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 14 Jan 2025 09:14:42 GMT

GET
H2 200 RvJ5SNqkKGseMVDJxQahdHEteT7x4unDfbxe9dLl34v4F7i6Pdv_SpzbbAUZMZr4t0sSnFIomM0losArdqxRAprIlStRlhF9YA_myBS9_87e8f1JnQ-eA0je4xfAbMdkUKnI2xgtp2KyCw
cdn.discordapp.com/widget-avatars/ycNHCnKMrpyM0HACEMn6kf4jMudeDVyUoXhuzmCV3c4/ Frame 0173 23 KB
23 KB 130ms
129ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/ycNHCnKMrpyM0HACEMn6kf4jMudeDVyUoXhuzmCV3c4/RvJ5SNqkKGseMVDJxQahdHEteT7x4unDfbxe9dLl34v4F7i6Pdv_SpzbbAUZMZr4t0sSnFIomM0losArdqxRAprIlStRlhF9YA_myBS9_87e8f1JnQ-eA0je4xfAbMdkUKnI2xgtp2KyCw
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cccf612ffc64a3afd3a2dc91d3a0f3d87a174807c3bf1b3e0d085af34fa6983d

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 23055
last-modified: Fri, 21 Apr 2023 15:16:54 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k32wNkqQvviqIf1RU%2FF9LqsQWL52ICGESXPmrnS%2BQ7sohi5QIheeExB432DoOHHOfh05QyMiSPJJbxstU8xRRwqg7mQIcIO55XJXf09oILfHG0%2BRJXaMIGLsuDrkp8jaPDf0ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 845d02917c26b755-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 14 Jan 2025 09:14:42 GMT

GET
H2 200 KFSfkRiK2AEH3aiQwBjgTdZ9VHoSPeWxpcmZcvQFg3ZOh_z9PKjjPpoFhRu7AAgtz2YnshhEJeg04oSNkR1HUEPiK19syzr4AA_WRb5xHo2Yb_cSJLMuw0oSHrxcfLx6PvC6bAKV1gmBQg
cdn.discordapp.com/widget-avatars/rxZ390FHqMEZFJylgmD2m3LR0g3lO-evwPYAbKcPoc0/ Frame 0173 35 KB
36 KB 138ms
137ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/rxZ390FHqMEZFJylgmD2m3LR0g3lO-evwPYAbKcPoc0/KFSfkRiK2AEH3aiQwBjgTdZ9VHoSPeWxpcmZcvQFg3ZOh_z9PKjjPpoFhRu7AAgtz2YnshhEJeg04oSNkR1HUEPiK19syzr4AA_WRb5xHo2Yb_cSJLMuw0oSHrxcfLx6PvC6bAKV1gmBQg
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11f9adb81ef1663fd9b65210aa91b3ab47a344d35c9e3e3b4b048f6b1e43c781

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 35717
last-modified: Tue, 19 Dec 2023 16:24:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pe300XIjOslsKnjncIQmCelpgODqBP507l73xPkPVjjEQL%2BQFECXJWy%2BD1QiAE5ZFk7W%2FUSsxbcej7sKhgdhERePLc%2F48opd%2BJOx2TPLo%2B4qsdobtkY%2BbjijA06C61Xn6ZVDNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 845d02917c27b755-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 14 Jan 2025 09:14:42 GMT

GET
H2 200 mvgBAIPkW1HxayYiJkNxqRzeAXbqH9xuwi74cNJQjOiAdYmS7UadGuWwuSexPX1UnOx-buZX-hI_nl7WegjtkVB-D8JU__fH_LOLrHKqHxvBjshPMbkWFFIff8BxbasxlUdizJE0thZb-Q
cdn.discordapp.com/widget-avatars/ONHRx8HctltBV70yPw5m_D591nwq12P2q3EdGNBqgiU/ Frame 0173 25 KB
25 KB 137ms
136ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/ONHRx8HctltBV70yPw5m_D591nwq12P2q3EdGNBqgiU/mvgBAIPkW1HxayYiJkNxqRzeAXbqH9xuwi74cNJQjOiAdYmS7UadGuWwuSexPX1UnOx-buZX-hI_nl7WegjtkVB-D8JU__fH_LOLrHKqHxvBjshPMbkWFFIff8BxbasxlUdizJE0thZb-Q
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f8c11622a31100bac89ccf1a84f9d0a41c7507b3f81b6283bd6d52feb356277

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 25312
last-modified: Fri, 06 Oct 2023 15:03:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGNOip81JMKczx5TgUSgXiZjCwebCiLg81S6G5F0Uh%2BBqQgYLeerzXrtv9jOa0jAu941NDXOTPHbgxdZkKLDSkjja5WMH0vzgsUaDmrLS33S8Hqq%2BrtWGRZ7owo3x9NnD%2BHIYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 845d02917c28b755-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 14 Jan 2025 09:14:42 GMT

GET
H2 200 fsA2D5si0dXzQ5w1rklsw7iEU9dYGzPx2muK-xk-n_73fuQm8xySJVuWonzyCj7eLv5AaEUa9UR2-ri_JbumxgmYsyBCoFuuguTE2FZGOZjhZCBSCkPpmI0zzdX-yq2yp0dJCf7wuc3F5Q
cdn.discordapp.com/widget-avatars/x1QRf6pVPslAdE49gP6pKY3dPkvcX44p2rkGZb-MGX4/ Frame 0173 29 KB
30 KB 132ms
132ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/x1QRf6pVPslAdE49gP6pKY3dPkvcX44p2rkGZb-MGX4/fsA2D5si0dXzQ5w1rklsw7iEU9dYGzPx2muK-xk-n_73fuQm8xySJVuWonzyCj7eLv5AaEUa9UR2-ri_JbumxgmYsyBCoFuuguTE2FZGOZjhZCBSCkPpmI0zzdX-yq2yp0dJCf7wuc3F5Q
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 922ddaae6c0ebbc34c45e0d8c02aeecdeefe9bf8e5b20e041f7286371905cfc7

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 30087
last-modified: Tue, 14 Nov 2023 15:54:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wf9NaJhqTb3WlS4sh2wDLsC0Aupsyr8welk0a2bd8PL2sNYlMbhVzEQnhSU4tK%2Bmyn8wVb7l5akT1Zg%2B%2Fuyg8koVBGixo4dD1afqfFFbjxb2qXW5pFWSoWUaKbcK%2FI47ru1Cyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 845d02917c29b755-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 14 Jan 2025 09:14:42 GMT

GET
H2 200 lUDv0ZhQf8_5nfxHtA6hQ5kWue0xYJDPVfHaWINMkCMU7Q-nAkQAFeeQ50qYGpPWTOZxoT9ascQZWNvC6wLZs_uvXd7bQDGxcUsMuFAXISpf309Arffuq0gxNgZApx-44_6Oy5Wrou_HEg
cdn.discordapp.com/widget-avatars/w1YyVV4tyZ834uEpWtteynTyAeCZtyY0sVoLzmZYB0w/ Frame 0173 2 KB
3 KB 58ms
57ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/w1YyVV4tyZ834uEpWtteynTyAeCZtyY0sVoLzmZYB0w/lUDv0ZhQf8_5nfxHtA6hQ5kWue0xYJDPVfHaWINMkCMU7Q-nAkQAFeeQ50qYGpPWTOZxoT9ascQZWNvC6wLZs_uvXd7bQDGxcUsMuFAXISpf309Arffuq0gxNgZApx-44_6Oy5Wrou_HEg
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42685cb80fb2c3c1658a55ca7a32a0272aac5d4813f2a8f953a96956e7a3d9e5

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1733135
alt-svc: h3=":443"; ma=86400
content-length: 1959
last-modified: Fri, 05 Oct 2018 18:44:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BsK0c6A6QX1oNUFC8SXq4Fd2gRgnwwI619D2SiyeTiZsvhy4ga%2F4BkWuFMkvmEkKUWBmyY%2BUcSPdtLEAiV1Xg6Op06gVO2%2BfFcsJF5osALZewhUuWmw7s9wNagTk0GkAkOtrng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 845d02917c2bb755-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 14 Jan 2025 09:14:42 GMT

GET
H2 200 jm8FB-3HwuHONij8ZshYar9wMTXeQ7MDX_E194v8hjORhMxcOrTmvFOrkcVeynbEbe5ks5DzSwBx8r12NKDAi6EbNwkuzlvMEuGaPau0uA2k00lz-I6XhCDmBsZfKz66PCv2nK5JC9T6OA
cdn.discordapp.com/widget-avatars/o6s587UNY-dvOW0rp_YLDVZyi2jJy9tU8trZMBYRoq8/ Frame 0173 41 KB
41 KB 142ms
141ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/o6s587UNY-dvOW0rp_YLDVZyi2jJy9tU8trZMBYRoq8/jm8FB-3HwuHONij8ZshYar9wMTXeQ7MDX_E194v8hjORhMxcOrTmvFOrkcVeynbEbe5ks5DzSwBx8r12NKDAi6EbNwkuzlvMEuGaPau0uA2k00lz-I6XhCDmBsZfKz66PCv2nK5JC9T6OA
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 120e0a6c2e0bfb8da82d37af63f16714b7de18b7e937498bff0b840a5775efa1

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 41806
last-modified: Sat, 30 Sep 2023 14:32:36 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZ1PfK%2BExt4Jj%2FZBuJsuYBX724GwGAR3B7n6RqgvSA9HwffVbYhC1zN1LKM8rIXhgPTiEPCExWdI%2BI2TceQnlr9RqYpMAUkJctiVuStUhGfhptIaORiMlNOKLE2r66eQxEpEQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 845d02917c2cb755-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 14 Jan 2025 09:14:42 GMT

GET
H2 200 gWu8QP_6YYd4_HdyAVB6vslYPWGEyWQFSQBA-e9kwo-wyFEz3cxQE4-eQkrI-nzsFrCx-Jta6blZz4EhlMohGSLdLM7SEMGEFql0lfjXZKKdaTahcHXc9IEa7vK6_x5GdSwjxd_DblhvBA
cdn.discordapp.com/widget-avatars/nV3gXkzInViT9lzO_QTQhcch6_-RHs2W5GzANu3OzqY/ Frame 0173 21 KB
21 KB 131ms
131ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/nV3gXkzInViT9lzO_QTQhcch6_-RHs2W5GzANu3OzqY/gWu8QP_6YYd4_HdyAVB6vslYPWGEyWQFSQBA-e9kwo-wyFEz3cxQE4-eQkrI-nzsFrCx-Jta6blZz4EhlMohGSLdLM7SEMGEFql0lfjXZKKdaTahcHXc9IEa7vK6_x5GdSwjxd_DblhvBA
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b568e5aaca6785004d4fc5aca50de28bc83cd11c68982954c6f7873a6c4a95e0

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 21060
last-modified: Sun, 07 Feb 2021 16:25:02 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FVJcOvil7dJIK%2B5Sxe2NTgangzddmaUNj%2FtKeNb7GEJ3C5sDZSKR0aPTZJCfGvfziMBOf53NxtZFB3Ym4gyu8jca6zCV8xW1IJvc2KkItcO%2FFIDi%2Fer2mvjc0iwAX0AD%2FiV0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 845d02917c2db755-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 14 Jan 2025 09:14:42 GMT

GET
H2 200 vvC4fnQFh3NQrsySvyL8liyH0I466TIN4oQy950c8RzMVN8rnz33pigNZFE5DfbH5Dp7nn0FUAeQ7RknLbhLAnHNxSdvGt9XvNGmlzUuWZS2RkOuFT3g7hY10Q7jghyQATIg_hjKdCFCZQ
cdn.discordapp.com/widget-avatars/UIiJf_2lN_6d9LQzUaCBMCz_JzZ4itHppKlgmcEXWDU/ Frame 0173 34 KB
34 KB 135ms
134ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/UIiJf_2lN_6d9LQzUaCBMCz_JzZ4itHppKlgmcEXWDU/vvC4fnQFh3NQrsySvyL8liyH0I466TIN4oQy950c8RzMVN8rnz33pigNZFE5DfbH5Dp7nn0FUAeQ7RknLbhLAnHNxSdvGt9XvNGmlzUuWZS2RkOuFT3g7hY10Q7jghyQATIg_hjKdCFCZQ
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8166e4935ccfdeb2943cc8585351c54131f82d1e9ef0433ac42e9cc194e1ccca

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 34669
last-modified: Mon, 23 Jan 2023 00:24:17 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0tj4j8SoPT3vWv5DSUrOx5tt4D5gZ6sZjqSQny74QYHWPsNWpZq8JjQ%2B1Zj94LzezTf1riE4CV2SArwYxnEPbVKPKvwBcIpR8SBGrQQaH5v6gfDKLxcr9FWrf9u%2FteFWj5sRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 845d02917c2eb755-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 14 Jan 2025 09:14:42 GMT

GET
H2 200 8KVgV7VFMfsyGOGfkrIrypDrasgroWtdKsZnVPk92oUIZ6FaWCres5EdtkZLFoWePCJdkD1uEeyHkry6IPNxCiMOzmAjH9rOIpPZ_33wlGd7aE6QYdVh302Du8I-rQNssZgX7bM24JUr
cdn.discordapp.com/widget-avatars/YbBtBFLCCwLR6wd0lpDdb6Wawa9GOG97h6LKNz7M-ZI/ Frame 0173 31 KB
31 KB 166ms
165ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/YbBtBFLCCwLR6wd0lpDdb6Wawa9GOG97h6LKNz7M-ZI/8KVgV7VFMfsyGOGfkrIrypDrasgroWtdKsZnVPk92oUIZ6FaWCres5EdtkZLFoWePCJdkD1uEeyHkry6IPNxCiMOzmAjH9rOIpPZ_33wlGd7aE6QYdVh302Du8I-rQNssZgX7bM24JUr
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e5a7ac5e4046ab95319db3d5190cecfdf97b36afd10b7f5ff054b70fb76188b

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 31548
last-modified: Tue, 25 Jul 2023 17:27:37 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8KX0VGo6wEAFIw%2FsUvyFQZUdvsOEeTXOESA6aEvRXprGq63kdxOaARJ9deJ5kyct3ywKU7MAYuQkzi5KMPlzgBQ8qXDWyjZQJILwzrK2Qj8k%2Fl7iEy0YRVCITD4FF5h5j7pEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 845d02917c2fb755-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 14 Jan 2025 09:14:42 GMT

GET
H2 200 Al1cSjPR2c6qcOadlmiPCV97FUsGnIfIojCyNQj0eePDV-VwbKejr5ufV3PxWdvERDOqA8RJ89D4d_B2wyx-WXtsJm5mWtWKz5lHB3EVilOA-1yHLLb0DH9gkZ00GrCu6Z_LyCdE1omJUA
cdn.discordapp.com/widget-avatars/QLN8-2EpY6bIPhJhvkc5mOZu51xm0V6LQaviDKB3wrA/ Frame 0173 26 KB
27 KB 39ms
38ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/QLN8-2EpY6bIPhJhvkc5mOZu51xm0V6LQaviDKB3wrA/Al1cSjPR2c6qcOadlmiPCV97FUsGnIfIojCyNQj0eePDV-VwbKejr5ufV3PxWdvERDOqA8RJ89D4d_B2wyx-WXtsJm5mWtWKz5lHB3EVilOA-1yHLLb0DH9gkZ00GrCu6Z_LyCdE1omJUA
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8846f096eac51b82d5c321314f506f25f299ea349814604e45c5e21bdb046f4e

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6670
alt-svc: h3=":443"; ma=86400
content-length: 27090
last-modified: Tue, 09 Jan 2024 13:15:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tp%2B4yqntvLw06sAfy9m%2FxB1m4N63gu9ETEZy4YIk878t2W3wrNSfJXciBCB7XSRAxSAB6RFASKgBYq4tUmWhIrqaf1ua%2FMitBoE6PgkoCZlC0y%2FhFEfhPGlejZHKC2Cn2ZBRiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 845d02917c30b755-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 14 Jan 2025 09:14:42 GMT

GET
H2 200 7tjPLKAleu3tTT2UXbejhtGt5Di2WZYX27eriud-JIijprrmKlUO87QoIKSIjcEZALo42w-0wlOlpL4VMYpfhBZxRRwu_wWV3lIEldZGVFgiKnmTUxagnXIBC3pLre3CtE8LxbYKQOWi4A
cdn.discordapp.com/widget-avatars/0TQ022j21dzQxeO3pE6Lxy8Og2GdY-p0W6-wtAf_b6o/ Frame 0173 34 KB
35 KB 140ms
139ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/0TQ022j21dzQxeO3pE6Lxy8Og2GdY-p0W6-wtAf_b6o/7tjPLKAleu3tTT2UXbejhtGt5Di2WZYX27eriud-JIijprrmKlUO87QoIKSIjcEZALo42w-0wlOlpL4VMYpfhBZxRRwu_wWV3lIEldZGVFgiKnmTUxagnXIBC3pLre3CtE8LxbYKQOWi4A
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5583284eb51d3f64f12549aecd945a507767a346545f18185bd0fe185d05e47e

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 35203
last-modified: Mon, 08 Nov 2021 11:43:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaRZ6y1RynSe4dKRArljsofnoUsBMUKYrlgeFlYhTzETrQf0gBQi69B3odUAk4Rg4hS7X2yzT7MvDHM3hJUbAX3a%2BBRjzUSzeza4Ul0hsAr6Bpy0j0liuiOm3Mv4j4wNtFi83A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 845d02917c31b755-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 14 Jan 2025 09:14:42 GMT

GET
H2 200 _YceJAzREMC6ev46_mKLpwVz2FM7J_QrpeLYRHwwFbQG7mpKqr6o_7QEVKxZIUhy8T5AizA2M60okVSxqmI4UHrx-NpLphnSjCaXz5ibVcXg1QZxGobvcvwIE56Km9wsdnxRZG3FuhQOYQ
cdn.discordapp.com/widget-avatars/OQy33REGxYFuclJquaJlGktXIjiSu_LVRE1qYNzdJu0/ Frame 0173 34 KB
35 KB 169ms
168ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/OQy33REGxYFuclJquaJlGktXIjiSu_LVRE1qYNzdJu0/_YceJAzREMC6ev46_mKLpwVz2FM7J_QrpeLYRHwwFbQG7mpKqr6o_7QEVKxZIUhy8T5AizA2M60okVSxqmI4UHrx-NpLphnSjCaXz5ibVcXg1QZxGobvcvwIE56Km9wsdnxRZG3FuhQOYQ
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc0175b93f999309cd46e83e04376c083c5088c56f7349f97d15f46539ed369d

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 35195
last-modified: Sun, 12 Nov 2017 17:53:15 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XX%2Fwu6JA4U5Dxe3tbmBTQs031P5Fc29DrtbwgwaTksGxw2nW1IyU11iaQNFMSiGzkEvpdz3U1RviDIEjTcfNG3OANR6GOfgT8FgfqroRkzre0DtlVy5%2Fc5YoEl34KEdxOannYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 845d02917c33b755-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 14 Jan 2025 09:14:42 GMT

GET
H2 200 Vr4gJrwJxT8Fn8E9knDYZ3YafSrv89nKJYddC_8OUexK4_1-syCbTNLj-dNNgr1N_GmDjVc1iWmUirYuRaLj8HaSQqVQYtnhRveVX8GjN5j0FKuZLUZuJJhOtoKWhbn1gaiWmCcqdHAe4Q
cdn.discordapp.com/widget-avatars/A8ghZ2bR5FDeZGmlkR7BTA5LPGxnzrC-fGOz_LgJTvM/ Frame 0173 30 KB
31 KB 164ms
164ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/A8ghZ2bR5FDeZGmlkR7BTA5LPGxnzrC-fGOz_LgJTvM/Vr4gJrwJxT8Fn8E9knDYZ3YafSrv89nKJYddC_8OUexK4_1-syCbTNLj-dNNgr1N_GmDjVc1iWmUirYuRaLj8HaSQqVQYtnhRveVX8GjN5j0FKuZLUZuJJhOtoKWhbn1gaiWmCcqdHAe4Q
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3d8844038cdeee3708a5737c008aa2df6b3b01d23abfa337535b8368bba6f41

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 30343
last-modified: Thu, 07 Dec 2023 11:37:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rM942mLX1x5VnCvXgrjzl%2F4TaWIfrHTRYCKlmWPNeXhSDABCIYkT6gHeTNcHGje%2Fk6p%2BkVDmhs6YZiIUMKcVQZvbR1shgTA%2B%2BD%2BlYRbeDxl8MlNkKvi0jW3p4UDjwLt5PSlatA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 845d02917c34b755-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 14 Jan 2025 09:14:42 GMT

GET
H2 200 ZeZLUgfjyLvW8zZdN_vHnb_PFaLhpUkD4vMknEi4tzGINAXmUcOZO7G3l4QHm42BWdPpl4oCtBdDs969owNZcGziGx8eQznXAZWeEIlc3oL7YUkbquZrYFp0ddbUboEmspJ12KWnH_CWDA
cdn.discordapp.com/widget-avatars/UyyWzhFylen03PBXfCAXTxk2ewhpeWEEAB7SQmXnEdI/ Frame 0173 34 KB
35 KB 152ms
151ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/UyyWzhFylen03PBXfCAXTxk2ewhpeWEEAB7SQmXnEdI/ZeZLUgfjyLvW8zZdN_vHnb_PFaLhpUkD4vMknEi4tzGINAXmUcOZO7G3l4QHm42BWdPpl4oCtBdDs969owNZcGziGx8eQznXAZWeEIlc3oL7YUkbquZrYFp0ddbUboEmspJ12KWnH_CWDA
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdac2745964474b4fa61f6a4fd05dd41f378473fb1387332c589107baabe2d41

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 35283
last-modified: Sun, 31 Dec 2023 15:49:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWN2j00s8ojypeVYPdx%2BnUID5vm49kXKA7p95rgj4qfJvG4Jhkc8vlLIncyBmLpKJSlvPszD6mq0dwo%2BIxcOLXs90r5QO7bx%2FHUE14QuN1XbYpDwOMo%2B%2Fd2ceb8UXZUVtjTyNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 845d02917c36b755-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 14 Jan 2025 09:14:42 GMT

GET
H2 200 yJgFQqhc7WMxr7oGmYqPadtM2mB-A-E7_k5w1Uvtc0EUb_CCW538B3pR18vw-zwF67Gp_NrbHfyeyh3RMt_JD4advv00wTPPn6ounOEIjtls0srUNSaHCYPnFp0scW9v2klAUQ6WQgjZVQ
cdn.discordapp.com/widget-avatars/2bvGImY__1YKRhksDfoucmrdS7Bp56U-tO7aGdPIA_0/ Frame 0173 31 KB
32 KB 160ms
159ms Image
image/png 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/widget-avatars/2bvGImY__1YKRhksDfoucmrdS7Bp56U-tO7aGdPIA_0/yJgFQqhc7WMxr7oGmYqPadtM2mB-A-E7_k5w1Uvtc0EUb_CCW538B3pR18vw-zwF67Gp_NrbHfyeyh3RMt_JD4advv00wTPPn6ounOEIjtls0srUNSaHCYPnFp0scW9v2klAUQ6WQgjZVQ
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a73196bf6fa5a7622db1c693ef0bf3693fb2d4bd78839626ec8456c11ba71a34

Request headers

Referer: https://discord.com/
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 31908
last-modified: Tue, 07 Jun 2022 05:50:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KbjcBSdJqCYjhpbuiHgT3mL7awlUQwQup%2Fmslw4P0vRYxB3eOOKwiUYafTNkoO%2FMKSIew6kXDamxZDPr7q8Rm66wqHK57mS%2FsF%2BSkCjOj8epEJSjBCNinEjlk%2FpvpbTFaw3LEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 845d02917c37b755-AMS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 14 Jan 2025 09:14:42 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 6467
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDcvfw4Ce3kWfZ_YSePB_gQ&google_cver=1

43 B
341 B

36ms
36ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDcvfw4Ce3kWfZ_YSePB_gQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjogrzGATAB&v=APEucNXtyt5eRTLv6uIbsg6DQXXbZHlHq1TtcSMM13P_iL1Z9oD951RALrolLUbGA4dKsG-C8O5NOXAyC-qT6BXFrZvusFWk_Pzzz0PCYOLMZSs6bxL600ta1qQqvjuBjLZXBflbzg2k9bnlBYrThlafYjaaXy-kp0-I9uYpz9Bvyn_i69OO5Ao
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vquv%2F7wdap5c9MBh%2FWQz6pIPtR6%2F9BuZC%2F%2FoqNMW6QZqspzGh8uO9AEILMNbP3asA%2Fr4K3HWT2NfWkS2uX9gxym7Kt94fw91SaExtHp3aie56UPzhuzdLRaNy%2BgFArQBeoAHqn95duuLug%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 845d02913e75b8ba-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDcvfw4Ce3kWfZ_YSePB_gQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6467
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaT3ghdq48G-VONJk0tLoAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDcvfw4Ce3kWfZ_YSePB_gQ&google_cver=1

43 B
767 B

42ms
41ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDcvfw4Ce3kWfZ_YSePB_gQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjogrzGATAB&v=APEucNXtyt5eRTLv6uIbsg6DQXXbZHlHq1TtcSMM13P_iL1Z9oD951RALrolLUbGA4dKsG-C8O5NOXAyC-qT6BXFrZvusFWk_Pzzz0PCYOLMZSs6bxL600ta1qQqvjuBjLZXBflbzg2k9bnlBYrThlafYjaaXy-kp0-I9uYpz9Bvyn_i69OO5Ao
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBaXVkbTig6Ro5Aj07JHjdLpOvPRrT1WlU7KtGkNXRez5aBNzKO%2B0dVSRgi5fKEtdINoI3loS4sJtpWNg16wgKox%2BfYRXuGONvhySxJTfAEYIXUYnpTAQhhdYNbVFMvfnEpFqsmzsdrtJA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 845d0291f93b66ee-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDcvfw4Ce3kWfZ_YSePB_gQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 6467
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIvNf02afrBilL0fvcNtDsY&google_cver=1

43 B
1007 B

13ms
12ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIvNf02afrBilL0fvcNtDsY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjogrzGATAB&v=APEucNXtyt5eRTLv6uIbsg6DQXXbZHlHq1TtcSMM13P_iL1Z9oD951RALrolLUbGA4dKsG-C8O5NOXAyC-qT6BXFrZvusFWk_Pzzz0PCYOLMZSs6bxL600ta1qQqvjuBjLZXBflbzg2k9bnlBYrThlafYjaaXy-kp0-I9uYpz9Bvyn_i69OO5Ao

Protocol

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:42 GMT
an-x-request-uuid: 0ae2530b-6f2e-416e-b7bc-dbb13f8f8b0d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 212.7.210.178; 212.7.210.178; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIvNf02afrBilL0fvcNtDsY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6467
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc1OTE5NzM1MTUxNzI1NzM%3D

170 B
243 B

29ms
29ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc1OTE5NzM1MTUxNzI1NzM%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:42 GMT
an-x-request-uuid: eac2a0eb-0959-4357-a1b9-3463ce0c0133
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc1OTE5NzM1MTUxNzI1NzM%3D
x-proxy-origin: 212.7.210.178; 212.7.210.178; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 6A55 565 B
876 B 73ms
27ms Document
text/html 2a00:1450:400c:c06::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.j-hero.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.nl.ALXhQhU1_MU.O%2Fd%3D1%2Frs%3DAHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.ALXhQhU1_MU.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cba90abc310b9c015f8ed3b1e1b9cdc66f96e4e505ae0e4ad955c0b4c690a58

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-knfOqhP5gn_nMLkvtIRFzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.j-hero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-knfOqhP5gn_nMLkvtIRFzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Mon, 15 Jan 2024 09:14:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame C242 38 KB
5 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCNPBMjTj8WF0K28WGlwG8Mg&layout=full&theme=dark&count=default&origin=https%3A%2F%2Fwww.j-hero.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.nl.ALXhQhU1_MU.O%2Fd%3D1%2Frs%3DAHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCNPBMjTj8WF0K28WGlwG8Mg&layout=full&theme=dark&count=default&origin=https%3A%2F%2Fwww.j-hero.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.nl.ALXhQhU1_MU.O%2Fd%3D1%2Frs%3DAHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:32:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 146548
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5155
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Jan 2025 16:32:14 GMT

GET
H2 200 PaKTMjMfMo340nXrcGCAQGt3cHOmfbtSFmxWgWytbTjwcH-noD2kYgZFH4hkfq9obWnRlc1eiA=s48-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame C242 2 KB
2 KB 333ms
287ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/PaKTMjMfMo340nXrcGCAQGt3cHOmfbtSFmxWgWytbTjwcH-noD2kYgZFH4hkfq9obWnRlc1eiA=s48-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

78b3519a6545e58792b0654f9decf50ce4bed53495dc5702778dd3f8e885bb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1850
x-xss-protection: 0
expires: Tue, 16 Jan 2024 09:14:42 GMT

GET
H3 200 www-subscribe-embed_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame C242 252 KB
72 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCNPBMjTj8WF0K28WGlwG8Mg&layout=full&theme=dark&count=default&origin=https%3A%2F%2Fwww.j-hero.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.nl.ALXhQhU1_MU.O%2Fd%3D1%2Frs%3DAHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:02:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 587561
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73785
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Jan 2025 14:02:01 GMT

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html Show response
platform.twitter.com/widgets/ Frame 2B4E 319 KB
104 KB 14ms
14ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.j-hero.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B96) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://www.j-hero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2994766
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Mon, 15 Jan 2024 09:14:42 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B96)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6523 0
20 B 53ms
52ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8115772839839&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6523 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8115772839839&version=m202309260101&ct=77&x=1&cor=3332036674039453000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6523 20 KB
13 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dki7FCpK4FbHuLDLbEWBmy1DbLk-mM8C4rNs_sj1VOWYpNTAsRA9daAxu1ygjdfQjDiJXLpmkVLpGklm6OcYgicIrcTriDcN4cvYORhQGX23eDd-JGLelTz4UNJ2iUgf5J-nWG7yJ5d74a3FmW4-haNTFrlXJfg2BQF5qUK7O4c8okW4s&cry=1&dbm_d=AKAmf-A-OxjeqvO79viRKd2sHFWdzw3yZcfLzOzch_-Ig8xzeNj-6j8ZzFy4Qk3VZzvivJr_bjIqMwKX6_x9KqdTh2C8blcVQYjHfahqpkKk1yKcexFwYlQ9SkAvOSMymnAPj198BPcCaHrITOq7RQ8dR-cHK3gHEmtmAAW13DjjNs-ziNcY-JW0f6k2T_UNeV310W5iUARTUot6lHCSDxZ8STGUoly4UPXYX6xcekANi-IpKs95YcrzEViABWpJ4SsDsoiDrpaEyrhTXK3V1sj1OigktfwcBdYjngnxDcZoMMXVkJWpOJnb4mCJf_Ez3eLUdivEmareQwUy50kPB5_jl7DecCPSuh9B1k5CJHluImdOeeVVv6HX1KRqh3JzOZEsM0D9hPkfq6AkchyqoP0XWk5R70BBuu4xGtzCSL6J5pHNbHpAhsZ2ooqaOFjGm9rad2U6CidGGM-5Jsg8uTGcJY_BGPjmYNLUoqXgdbn1y-F5HRCTGQKPLn_kq-L58YHud38DjTIhRII0xFG3thp_CLOeXFTf4a1WLG-f0fA-isLHuL8pykgvz3YtdHPU-VwKEAsd8J5wKhQ2kl5vfpLiIZqhbK6iOpiIgo3Kl92TXM1x-EbrRp1g1TvfJOC68zKMAXTe5CWACBTNieAxH2IxNoYTfqKER1sMoVIp0u7uOf1LWdu_zUTg7nVXPtaIFMCqI0AWPfP0beK8r6Rwh_4Pl_noO_3A5FyA0lin8sITe06Vogrsm2GNdtIr9JqyhJbUpSTGISGOXkeaFpmiMmEme3jUZK4aUbr4RQDyRz4THYrXMN-NYwUVNZu1qQjZm3D0K634Jz6zMVwk2TA6P6NECUEFduv7YXg2mPwxw7MTWTLU23vMai0oOQ2n6S6nbou7mWHeoo9yjTUjalEKPvR3NR5fIZdCKOIIc683v-99N8pfrqfWhKiCISnA5rE42webem-cxIbeTz8bm9IHBi8i4YiAu_ZTkJ2FsKic2yVVF4OJymc5xQFkGWL66VqL85GOQyeCaPIqVqG_zlTFDEhOUhDU_c9l0jXt9rDvMSNmhaLs_KStOHyGKAx4hSe3b0Po2Y5Pws5IIWgrSbgmUaYrS6ZMWhzXAKCi57yHYBzcJzwNDS9Wa5_xJS35Xqg-IVRIzQmQ5cNQ2LbPvtN31TX_KRs0TjNeDV_rItGs5GwOme03aJaIy1SigOlPoy_4s_22T8Imj31Z1h2Ec757DIBBi3a-2s5ccly4n6NFrdhU9TXmq8X-VuQFtZay6OPcZs2hxNIVz-F8fUjuQnHdElDOzwYmAxn7Gbr2eLHOLEuuNv83PsttYX0wEGSUNtX3Xz1AYheUanQ67MJLQjtJ2fgdhNQ6v--A_ym_aSy3Ebi2XL2s83MR8Wr6VtmTFuQuY4d4KxPj5usZHpkUz04SWrH47nux-8168OTwk2sCou3c9wIv_W9GFUEjUvYTPVP27hOY5TtVEnHstWLOjAJQkboPsxMo5RDyF9Tx2V7UpMFSduH66XmLTaGWNA5csnv74-jgj4Wbt0Futt1c3v4epO03oxQUZ4qsJGIZ7AGeVtNkl0nrA70pQ_3Qxx6q9JsFnzNGBhH6CmSTMtzWGLp9Caq62bT0BLU5MSvxQs3SCq16rTpfp6baPZcT9-mcVLicMjrPCJAUxMSDA_aMXJSZA2zu0qoHsj-wgWzCxGj9Z-ZBIQp5Xz646NxSunYK8ecEfqhMWpM2LSGUW9VsFEINHgQmoa0OIPUQS80V_Kgdtkbb7HKwpaMQ1JmWSHmGhj00pOURRhbYJM--22C27d7ZlBuJMSBgAkKacDTUr8XXKUHac7YZNSEc8O3a1PaeRjUuTJMc1HTkIYUHrqJRNRY2_yWFFqNp1QiJteETx_NSzFrBYKQUo9ozAuwbOi5h6LMvGZQ2csuvsWrO5WUW4O1YKHvVZfHV2JvaJysk5prTGdFZz8TlpYsL0QC9U6a-1awlnUViJtG7WOW70ZhqlHuNEEiL4s3-bkv5z4R4uxPnxUuMLBrFxV9nraZ0SurkNs6qthkykqOrFPjDgUolrUrKUtK3747O99bJL5T1AzGQ37lDOZMC22ROstHOVJORZ8Vf_s4KUDf_-Ty1XP-Kb-PkPInowdO0FJnNxOT_INfnqcVkIk7pafUcmwo-_cz-nAwi74yaXGa5eMd_ECPFxdKwLofXTxP2r64KtKEBN14IIBAqkYJfVLeiAQTnVgsXXL8r_2LROdH2egpo-o1St-63nd41Gc9Sat6vXG9Gx4wM8zDXi8nYhXtmXqwWx7Jbx0kFUb1sUXvnKoTqzv1V8Vg0E4PBaaUoZGTJTAthGqCe6rOFDhOXWTqnD-mDLq6PrQHnX81v37jbE-1UcEgij3neL7KJqrF36ps-19Dx5_NXqFCrKIuAM0Zd5YnIDf3L8405ZpLLHDM0MJh3_rIZI1hhPrXbmuZyYSZfzME1zs1dAYFhRSw4MEsQ9nw1s3v8jbwkpJ8aZSB49t0lmiJh925jQ30tFGvykuM4bljcxgWox5bj2tcPgI4tuQIyPZtSJmAzzJjdwhEEepAf9pEhAdzzXipJ4exRDVma4iiO6tXFKK7DzqgE3ya9kPaXjhxaRDb_mkaqfMRLkumMdn7-kocBTfQLY27P27plzckui34OKWt-XtJTX9O_zcJ9CvNokVr7JzgMvB_b-BjatfCziVHqeW5CNScd2FpglYdW8Yso_2xVSOgWRoeFCCTiPkMWN3MvEke7N8ziO9ZIzbriuS5adbmJIJHTXfooRaHydCq7544pa7DT23xMSornrrmjDPLyFx7Im25JT27hGCsBNoxg1ouHnxcHvzQfjt3ClbOUBwdvNaIFprRG58Zje5sG30_IQE5uCdTFZ4WSWVbU9Dx8fY6U7vN5iVv17SfewT7zqZe08iEn9dO2-ZO9UDhxecDjr27f017dqd7kL76mmyobVidPB61eGy04Ad3WAfQ2nK_4--aynKHfn5pldQyp7IneISxIPtYgDgWj12S3LPI1qQNyj8wcGdYwEwbrXAGAiqHGAyLLBYVFctBqNvsxkcY2EAVL94x0wu8Bc4DBAW1QwWvZvdc9ciF_GuSKh7TleD7gtQQ5PSwtR9vF7ABHBsSx_Jdj87PU4CT9f0SNN6TCM3RdtDnSV_R-3dqaFFGoqIHNZ7_T4GLAEb6Zj9teouVYHAqxjrt5oTlh-p9s1muakmSPCVkBFSBEU2o6y3bnQHVU3QrwlO8wQA5MXTQqnxVIZOeYMmwUboO8z86Sw5VK87deRc5FtWjsn_aNvMYPzcIQDgmLOF5knEnSdnnJrXwGndQsSLBp1B_dzSXRmyR4iF5dk361rLCA25kz7EKEvY3wU1Xg_3FNB0X_43Njxo-0YWam5S45IIz_mmgkLeKyNvb9GM3R81J3BatqmyQfnGFFZc6tyt6pEIA3TUAbvxqPnczHloCuatB8Rs9kKWc4S-IKkg8fMyc3ISIoMUZ9KHYjwpc6j_y5u3itn5m1NJ6f73QPW_ecVRElpqUGRIeW5bll9LmyRiv7H4oZuHh5rXhNr1XSczG9KimCmv87zKDhlv4UKGUbH6m4RxPCcn33uLiIJXmeIfsE12bhIxa7g1D6qlEtqSo3tUmGv__kR9y5ZF5f0rvoQgmhAk4tA6R_4RPiAlKdOY-lM9HtCOCTw15TlqxiEcY_blpBaSfJ20nfWke3fzas1sLEBcVL3qjsdIZF0YJq2NMoJvtj8oHoyrvrD0ChmxxcW8xE7JERO7NFqmFSb8Z9dgKuM6M-r4xB3pUZPmlaK6pkX5jrz9ZD-hMCxdQGZd-Cvh4Jiz1g2P0XuSw7CdrPW1mL86Oj5ZhxE1t3nJsZQHuSwQiraLl9QytFe1S3x2JFTiwBuzOdgPxzj8sY28jOVXGAtNSWEMJgxc5hAiMQC4HVJtAFbhYzFajcSQkpZTKT_wfLlShtVY6pUNNpvOx8anbGdE7hE3SjymPakjcOIskNi1DVBqOElt4dPU-SJt5B_k_-_QLF-jb5QzsD-8w5qvaFQ6jrLMje9JU3ehcpV69eHmRtE-PvueDEl27bB4BJimN__CwYzt53gar7H9htGvY13yOd-NR3dwRFn13KTsJSOH5YfmNWvwzm5mGrmxyOx3P1cX7yUb4dR6b2kXi98jbA0EpGEX1vjUH8PEz0x6qTUxpjjelYvL4hTI_d1Vzmgjyw_94LApq6wVPXBlVvAILnveaLPN_2UJXDn5IHOP-OD67hlUN7M1z1cBtlAEloQzVwgYMjutIMQq0YOLHeebB3&cid=CAQSTwAvHhf_r1iL3g6hap5lub-_0E6dTGFn7JVk7ndeZA4Gjw6BANlPBh40yyY7ulN5CrX5HHR9SFiUxcA2dwpmWFjUkcw5h4n-UXl0iHh4slsYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.j-hero.com%2F&ds=l&xdt=1&iif=1&cor=3332036674039453000&adk=1964084971&idt=80&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c97100b48405d4c87585e3872be079434d03dd1bdda05563a257d22a85957055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=600&slotname=8054381891&adk=2469100880&adf=542241476&pi=t.ma~as.8054381891&w=300&lmt=1705310082&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310081969&bpp=19&bdt=889&idt=191&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=728x90%2C0x0&nras=1&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1002&ady=1979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=834481197&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13627
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 2B4E 869 B
658 B 256ms
131ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=8095b1120d61630a7cce339cdb9ec1e3d4af95b7

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.j-hero.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-response-time: 103
date: Mon, 15 Jan 2024 09:14:41 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Mon, 15 Jan 2024 09:14:42 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 7db5dec1ab4b77db
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7469935968
x-connection-hash: 3a478189b0f0db0501f9fbcdfaeff6c60c4ac7d71d62ea6123b45eabb2f10f07
content-length: 337

GET
H3 200 subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame C242 156 B
179 B 19ms
19ms Image
image/png 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 08:18:42 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 20:15:00 GMT
server: sffe
age: 176160
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 156
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Jan 2025 08:18:42 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.ALXhQhU1_MU.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w/ Frame C242 134 KB
45 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.ALXhQhU1_MU.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7b1ce83c9dd97cc02e41747ca249670957b6af2bc274a5423cf2877996ed547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:28:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 225988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45668
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 19:05:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 18:28:14 GMT

GET
H2 200 browser.sg.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/slardar/fe/sdk-web/ Frame FCCC 48 KB
17 KB 21ms
21ms Script
application/javascript 23.32.238.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/slardar/fe/sdk-web/browser.sg.js?bid=tiktok_web_embed&globalName=browserClient
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok-infra/csp/sdk-pre/slardar.web.pre.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bedbc35c46946b75378bc6f313a7e879ed7bcfeafac2d0f65346094613bf85a1

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 2548d140
date: Mon, 15 Jan 2024 09:14:42 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: 4jWozZrU5yi2KCBEbLg/zg==
x-cache: TCP_MEM_HIT from a23-32-238-167.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53314474) (-)
x-parent-response-time: 921,23.53.40.141
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 16836
last-modified: Thu, 02 Nov 2023 08:03:32 GMT
opc-request-id: iad-1:YFWfZXyTEs_2yu97Wk6VFTOJ-4uLJ7P5bX-eVEGiLwDRUx86zJiTgez1OAOYxKbL
x-api-id: native
etag: 56ec97b9-a26b-4d0a-aa11-7ad77c6181f6
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: d029ad46-4fa9-40b6-a97f-ea180df6f9ae
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
x-origin-response-time: 658,96.7.219.132
timing-allow-origin: *
expires: Wed, 14 Feb 2024 09:14:42 GMT

POST
H2 204 cspreport
accounts.google.com/o/ Frame 6A55 0
231 B 26ms
25ms Other
text/html 2a00:1450:400c:c06::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AUURETXLoZxxdX3KRaIZEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.j-hero.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.nl.ALXhQhU1_MU.O%2Fd%3D1%2Frs%3DAHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w%2Fm%3D__features__
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-AUURETXLoZxxdX3KRaIZEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 478691279-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 6A55 12 KB
6 KB 94ms
19ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/478691279-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.j-hero.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.nl.ALXhQhU1_MU.O%2Fd%3D1%2Frs%3DAHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 232029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5186
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 11:14:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 16:47:33 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 6A55 18 KB
7 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2c59efc225f8f4c764df3d92f9aaa6ac25e22b787aa96b24c2e188f02418b08

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 15 Jan 2024 09:14:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7124
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "c28c5b6ce8f069b9"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jan 2024 09:14:42 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 6523 41 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dki7FCpK4FbHuLDLbEWBmy1DbLk-mM8C4rNs_sj1VOWYpNTAsRA9daAxu1ygjdfQjDiJXLpmkVLpGklm6OcYgicIrcTriDcN4cvYORhQGX23eDd-JGLelTz4UNJ2iUgf5J-nWG7yJ5d74a3FmW4-haNTFrlXJfg2BQF5qUK7O4c8okW4s&cry=1&dbm_d=AKAmf-A-OxjeqvO79viRKd2sHFWdzw3yZcfLzOzch_-Ig8xzeNj-6j8ZzFy4Qk3VZzvivJr_bjIqMwKX6_x9KqdTh2C8blcVQYjHfahqpkKk1yKcexFwYlQ9SkAvOSMymnAPj198BPcCaHrITOq7RQ8dR-cHK3gHEmtmAAW13DjjNs-ziNcY-JW0f6k2T_UNeV310W5iUARTUot6lHCSDxZ8STGUoly4UPXYX6xcekANi-IpKs95YcrzEViABWpJ4SsDsoiDrpaEyrhTXK3V1sj1OigktfwcBdYjngnxDcZoMMXVkJWpOJnb4mCJf_Ez3eLUdivEmareQwUy50kPB5_jl7DecCPSuh9B1k5CJHluImdOeeVVv6HX1KRqh3JzOZEsM0D9hPkfq6AkchyqoP0XWk5R70BBuu4xGtzCSL6J5pHNbHpAhsZ2ooqaOFjGm9rad2U6CidGGM-5Jsg8uTGcJY_BGPjmYNLUoqXgdbn1y-F5HRCTGQKPLn_kq-L58YHud38DjTIhRII0xFG3thp_CLOeXFTf4a1WLG-f0fA-isLHuL8pykgvz3YtdHPU-VwKEAsd8J5wKhQ2kl5vfpLiIZqhbK6iOpiIgo3Kl92TXM1x-EbrRp1g1TvfJOC68zKMAXTe5CWACBTNieAxH2IxNoYTfqKER1sMoVIp0u7uOf1LWdu_zUTg7nVXPtaIFMCqI0AWPfP0beK8r6Rwh_4Pl_noO_3A5FyA0lin8sITe06Vogrsm2GNdtIr9JqyhJbUpSTGISGOXkeaFpmiMmEme3jUZK4aUbr4RQDyRz4THYrXMN-NYwUVNZu1qQjZm3D0K634Jz6zMVwk2TA6P6NECUEFduv7YXg2mPwxw7MTWTLU23vMai0oOQ2n6S6nbou7mWHeoo9yjTUjalEKPvR3NR5fIZdCKOIIc683v-99N8pfrqfWhKiCISnA5rE42webem-cxIbeTz8bm9IHBi8i4YiAu_ZTkJ2FsKic2yVVF4OJymc5xQFkGWL66VqL85GOQyeCaPIqVqG_zlTFDEhOUhDU_c9l0jXt9rDvMSNmhaLs_KStOHyGKAx4hSe3b0Po2Y5Pws5IIWgrSbgmUaYrS6ZMWhzXAKCi57yHYBzcJzwNDS9Wa5_xJS35Xqg-IVRIzQmQ5cNQ2LbPvtN31TX_KRs0TjNeDV_rItGs5GwOme03aJaIy1SigOlPoy_4s_22T8Imj31Z1h2Ec757DIBBi3a-2s5ccly4n6NFrdhU9TXmq8X-VuQFtZay6OPcZs2hxNIVz-F8fUjuQnHdElDOzwYmAxn7Gbr2eLHOLEuuNv83PsttYX0wEGSUNtX3Xz1AYheUanQ67MJLQjtJ2fgdhNQ6v--A_ym_aSy3Ebi2XL2s83MR8Wr6VtmTFuQuY4d4KxPj5usZHpkUz04SWrH47nux-8168OTwk2sCou3c9wIv_W9GFUEjUvYTPVP27hOY5TtVEnHstWLOjAJQkboPsxMo5RDyF9Tx2V7UpMFSduH66XmLTaGWNA5csnv74-jgj4Wbt0Futt1c3v4epO03oxQUZ4qsJGIZ7AGeVtNkl0nrA70pQ_3Qxx6q9JsFnzNGBhH6CmSTMtzWGLp9Caq62bT0BLU5MSvxQs3SCq16rTpfp6baPZcT9-mcVLicMjrPCJAUxMSDA_aMXJSZA2zu0qoHsj-wgWzCxGj9Z-ZBIQp5Xz646NxSunYK8ecEfqhMWpM2LSGUW9VsFEINHgQmoa0OIPUQS80V_Kgdtkbb7HKwpaMQ1JmWSHmGhj00pOURRhbYJM--22C27d7ZlBuJMSBgAkKacDTUr8XXKUHac7YZNSEc8O3a1PaeRjUuTJMc1HTkIYUHrqJRNRY2_yWFFqNp1QiJteETx_NSzFrBYKQUo9ozAuwbOi5h6LMvGZQ2csuvsWrO5WUW4O1YKHvVZfHV2JvaJysk5prTGdFZz8TlpYsL0QC9U6a-1awlnUViJtG7WOW70ZhqlHuNEEiL4s3-bkv5z4R4uxPnxUuMLBrFxV9nraZ0SurkNs6qthkykqOrFPjDgUolrUrKUtK3747O99bJL5T1AzGQ37lDOZMC22ROstHOVJORZ8Vf_s4KUDf_-Ty1XP-Kb-PkPInowdO0FJnNxOT_INfnqcVkIk7pafUcmwo-_cz-nAwi74yaXGa5eMd_ECPFxdKwLofXTxP2r64KtKEBN14IIBAqkYJfVLeiAQTnVgsXXL8r_2LROdH2egpo-o1St-63nd41Gc9Sat6vXG9Gx4wM8zDXi8nYhXtmXqwWx7Jbx0kFUb1sUXvnKoTqzv1V8Vg0E4PBaaUoZGTJTAthGqCe6rOFDhOXWTqnD-mDLq6PrQHnX81v37jbE-1UcEgij3neL7KJqrF36ps-19Dx5_NXqFCrKIuAM0Zd5YnIDf3L8405ZpLLHDM0MJh3_rIZI1hhPrXbmuZyYSZfzME1zs1dAYFhRSw4MEsQ9nw1s3v8jbwkpJ8aZSB49t0lmiJh925jQ30tFGvykuM4bljcxgWox5bj2tcPgI4tuQIyPZtSJmAzzJjdwhEEepAf9pEhAdzzXipJ4exRDVma4iiO6tXFKK7DzqgE3ya9kPaXjhxaRDb_mkaqfMRLkumMdn7-kocBTfQLY27P27plzckui34OKWt-XtJTX9O_zcJ9CvNokVr7JzgMvB_b-BjatfCziVHqeW5CNScd2FpglYdW8Yso_2xVSOgWRoeFCCTiPkMWN3MvEke7N8ziO9ZIzbriuS5adbmJIJHTXfooRaHydCq7544pa7DT23xMSornrrmjDPLyFx7Im25JT27hGCsBNoxg1ouHnxcHvzQfjt3ClbOUBwdvNaIFprRG58Zje5sG30_IQE5uCdTFZ4WSWVbU9Dx8fY6U7vN5iVv17SfewT7zqZe08iEn9dO2-ZO9UDhxecDjr27f017dqd7kL76mmyobVidPB61eGy04Ad3WAfQ2nK_4--aynKHfn5pldQyp7IneISxIPtYgDgWj12S3LPI1qQNyj8wcGdYwEwbrXAGAiqHGAyLLBYVFctBqNvsxkcY2EAVL94x0wu8Bc4DBAW1QwWvZvdc9ciF_GuSKh7TleD7gtQQ5PSwtR9vF7ABHBsSx_Jdj87PU4CT9f0SNN6TCM3RdtDnSV_R-3dqaFFGoqIHNZ7_T4GLAEb6Zj9teouVYHAqxjrt5oTlh-p9s1muakmSPCVkBFSBEU2o6y3bnQHVU3QrwlO8wQA5MXTQqnxVIZOeYMmwUboO8z86Sw5VK87deRc5FtWjsn_aNvMYPzcIQDgmLOF5knEnSdnnJrXwGndQsSLBp1B_dzSXRmyR4iF5dk361rLCA25kz7EKEvY3wU1Xg_3FNB0X_43Njxo-0YWam5S45IIz_mmgkLeKyNvb9GM3R81J3BatqmyQfnGFFZc6tyt6pEIA3TUAbvxqPnczHloCuatB8Rs9kKWc4S-IKkg8fMyc3ISIoMUZ9KHYjwpc6j_y5u3itn5m1NJ6f73QPW_ecVRElpqUGRIeW5bll9LmyRiv7H4oZuHh5rXhNr1XSczG9KimCmv87zKDhlv4UKGUbH6m4RxPCcn33uLiIJXmeIfsE12bhIxa7g1D6qlEtqSo3tUmGv__kR9y5ZF5f0rvoQgmhAk4tA6R_4RPiAlKdOY-lM9HtCOCTw15TlqxiEcY_blpBaSfJ20nfWke3fzas1sLEBcVL3qjsdIZF0YJq2NMoJvtj8oHoyrvrD0ChmxxcW8xE7JERO7NFqmFSb8Z9dgKuM6M-r4xB3pUZPmlaK6pkX5jrz9ZD-hMCxdQGZd-Cvh4Jiz1g2P0XuSw7CdrPW1mL86Oj5ZhxE1t3nJsZQHuSwQiraLl9QytFe1S3x2JFTiwBuzOdgPxzj8sY28jOVXGAtNSWEMJgxc5hAiMQC4HVJtAFbhYzFajcSQkpZTKT_wfLlShtVY6pUNNpvOx8anbGdE7hE3SjymPakjcOIskNi1DVBqOElt4dPU-SJt5B_k_-_QLF-jb5QzsD-8w5qvaFQ6jrLMje9JU3ehcpV69eHmRtE-PvueDEl27bB4BJimN__CwYzt53gar7H9htGvY13yOd-NR3dwRFn13KTsJSOH5YfmNWvwzm5mGrmxyOx3P1cX7yUb4dR6b2kXi98jbA0EpGEX1vjUH8PEz0x6qTUxpjjelYvL4hTI_d1Vzmgjyw_94LApq6wVPXBlVvAILnveaLPN_2UJXDn5IHOP-OD67hlUN7M1z1cBtlAEloQzVwgYMjutIMQq0YOLHeebB3&cid=CAQSTwAvHhf_r1iL3g6hap5lub-_0E6dTGFn7JVk7ndeZA4Gjw6BANlPBh40yyY7ulN5CrX5HHR9SFiUxcA2dwpmWFjUkcw5h4n-UXl0iHh4slsYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.j-hero.com%2F&ds=l&xdt=1&iif=1&cor=3332036674039453000&adk=1964084971&idt=80&cac=0&dtd=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 20:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 220014
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 20:07:48 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTMxMDA4MjcwNjE1NgogIHNlcnZlcl9pcDogMTM1Mzk2NjQ4CiAgcHJvY2Vzc19pZDogMzk3NzAzNDI5NAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 6523 0
867 B 110ms
57ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTMxMDA4MjcwNjE1NgogIHNlcnZlcl9pcDogMTM1Mzk2NjQ4CiAgcHJvY2Vzc19pZDogMzk3NzAzNDI5NAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxODA0OTA0MjYwMTUzNzEwMTE2MwpkZWJ1Z19rZXk6IDEzMTc4NTYyNjk3ODA0MzQzODI3CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMS0xNSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMjYzMDM1CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2MzgzMDIxMDEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMTk0OTYKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMi5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:42 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xbe322894ef0aac580000000000000000","13":"0x61bb685271d1a2450000000000000000","14":"0x5d02c377b42c35a0000000000000000","15":"0xa9b5b1c50263145e0000000000000000"},"debug_key":"13178562697804343827","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"18049042601537101163"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/6be7b6347b6754e2970161e3768afcc0/65a54c1b/video/tos/alisg/tos-alisg-pve-0037c001/oooGeOzaIesgIlLAL3JAvWLeTDOjCpIRiQDsoW/ Frame FCCC 4 MB
0 74ms
20ms Media
video/mp4 146.75.122.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/6be7b6347b6754e2970161e3768afcc0/65a54c1b/video/tos/alisg/tos-alisg-pve-0037c001/oooGeOzaIesgIlLAL3JAvWLeTDOjCpIRiQDsoW/?a=1988&ch=0&cr=3&dr=0&lr=tiktok&cd=0%7C0%7C1%7C&cv=1&br=2070&bt=1035&bti=NDU3ZjAwOg%3D%3D&cs=0&ds=3&ft=Lrkago3.D12NvvcWduIxR7hNYlJH-UjNSkopiX&mime_type=video_mp4&qs=0&rc=aTczOTY3ZWc1OGg3ZmY6aEBpajVpaG05cnc4cDMzODczNEBiX181NC0tXjUxYWBfMV8wYSNjX2VmMmQ0ZGVgLS1kMTFzcw%3D%3D&l=2024011509144144139CDEBEB46300D7D2&btag=e00088000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 15 Jan 2024 09:14:42 GMT
via: n236-016-140, 1.1 varnish, 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
Age: 170867
X-Cache: HIT, MISS, HIT
X-Bdcdn-Cache-Status: TCP_HIT
Content-Range: bytes 0-7560949/7560950
Connection: keep-alive
server-timing: cdn-cache;desc=hit, edge;dur=1, origin;dur=0
Content-Length: 7560950
X-Served-By: cache-qpg1229-QPG, cache-mrs10573-MRS, cache-fra-etou8220065-FRA
X-Storagegw-Request-Id: 02170513921545600000000000000000000ffff0afb48c4612752
Last-Modified: Sat, 13 Jan 2024 09:39:42 GMT
X-Timer: S1705310083.891555,VS0,VE1
Etag: "5c664b810607f066201ecf8e064f5b1f"
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Sat, 13 Jan 2024 09:46:55 GMT
Cache-Control: max-age=2592000
x-request-ip: 10.240.251.13
x-response-cinfo: 10.236.16.140
Accept-Ranges: bytes
x-response-cache: edge_hit
X-Cache-Hits: 0, 0, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/98b72d38de9fa8073ec3b8e993c91373/65a54c17/video/tos/useast2a/tos-useast2a-ve-0068c001/oQxNIFALxgWXZGAAofRZbfROQ0e1GeVEkYzWGk/ Frame FCCC 528 KB
0 72ms
20ms Media
video/mp4 146.75.122.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/98b72d38de9fa8073ec3b8e993c91373/65a54c17/video/tos/useast2a/tos-useast2a-ve-0068c001/oQxNIFALxgWXZGAAofRZbfROQ0e1GeVEkYzWGk/?a=1988&ch=0&cr=3&dr=0&lr=tiktok&cd=0%7C0%7C1%7C&cv=1&br=1016&bt=508&bti=NDU3ZjAwOg%3D%3D&cs=0&ds=3&ft=Lrkago3.D12NvvcWduIxR7hNYlJH-UjNSkopiX&mime_type=video_mp4&qs=0&rc=OGZkNGY7aTo2NGUzNzY7Z0BpanBrM285cnhtcDMzNzczM0AwLzI1M2IwXzQxLS0uYl5eYSNybGFxMmRra2BgLS1kMTZzcw%3D%3D&l=2024011509144144139CDEBEB46300D7D2&btag=e00088000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 15 Jan 2024 09:14:42 GMT
via: n39-155-080, 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
x-tt-trace-id: 00-240112133732F82021ABD02B98838F88-166A2C1729266297-00
Age: 252273
X-Cache: HIT, HIT
X-Bdcdn-Cache-Status: TCP_HIT
Content-Range: bytes 0-3499528/3499529
Connection: keep-alive
server-timing: inner; dur=2, cdn-cache;desc=hit, edge;dur=1, origin;dur=0
Content-Length: 3499529
X-Served-By: cache-iad-kcgs7200162-IAD, cache-fra-etou8220042-FRA
X-Storagegw-Request-Id: 20240112111008CCD086B2E7000A768E1D
Last-Modified: Sat, 06 Jan 2024 11:43:04 GMT
X-TT-LOGID: 20240112133732F82021ABD02B98838F88
X-Timer: S1705310083.892240,VS0,VE1
Etag: "48d32471131841f8b192dff39819b9c4"
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Fri, 12 Jan 2024 11:10:09 GMT
Cache-Control: max-age=2592000
x-request-ip: fdbd:dc61:8:451::148
x-response-cinfo: fdbd:dc61:8:451::148
x-tt-trace-host: 014d22667bea039cb04033ffb8dae420d8eac279eab4435e8d7fd5d69da622d38897d354d760c9e53f4fe4718aad11766ccccd4fc67c8051f2e0c81e65a4c5c8dea2c259cbfdb46acdd7f68ea80d619bf8837b4e543d5ae0d0ee265449454e11699afbefb876c6cae5f09b7fa67b446495
Accept-Ranges: bytes
x-response-cache: edge_hit
X-Cache-Hits: 4, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/97966662726d939139d8f9d2797ad435/65a54c25/video/tos/useast2a/tos-useast2a-ve-0068c001/o8LiSmSkxCBQmALjlCKI8vegKEI3gMeMQnaGIe/ Frame FCCC 160 KB
0 71ms
20ms Media
video/mp4 146.75.122.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/97966662726d939139d8f9d2797ad435/65a54c25/video/tos/useast2a/tos-useast2a-ve-0068c001/o8LiSmSkxCBQmALjlCKI8vegKEI3gMeMQnaGIe/?a=1988&ch=0&cr=3&dr=0&lr=tiktok&cd=0%7C0%7C1%7C&cv=1&br=1270&bt=635&bti=NDU3ZjAwOg%3D%3D&cs=0&ds=3&ft=Lrkago3.D12NvvcWduIxR7hNYlJH-UjNSkopiX&mime_type=video_mp4&qs=0&rc=ODM1Ozw6NTw6OWU7PDxpZEBpajNxbXM5cnhtcDMzNzczM0AtMy41NTU0NmExM2AyL2BgYSNjMm1gMmQ0NjFgLS1kMTZzcw%3D%3D&l=2024011509144144139CDEBEB46300D7D2&btag=e00090000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=0-

Response headers

Expires: Sun, 07 Jul 2024 20:00:42 GMT
Date: Mon, 15 Jan 2024 09:14:42 GMT
Via: 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
x-tt-trace-id: 00-240109200041EE56689B1E8C1DFFD5DB-3CC77510716357BD-00
Age: 479640
X-Cache: MISS, HIT
Content-Range: bytes 0-5523237/5523238
Connection: keep-alive
server-timing: inner; dur=145, cdn-cache;desc=hit, edge;dur=1, origin;dur=0
Content-Length: 5523238
X-Served-By: cache-iad-kcgs7200079-IAD, cache-fra-etou8220089-FRA
X-Storagegw-Request-Id: 20240109200041EE56689B1E8C1DFFD5DB
Last-Modified: Mon, 25 Dec 2023 07:55:43 GMT
X-TT-LOGID: 20240109200041EE56689B1E8C1DFFD5DB
X-Timer: S1705310083.891538,VS0,VE1
Etag: "51926ceaf94e6f57fac6742f7bf62b05"
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Tue, 09 Jan 2024 20:00:42 GMT
Cache-Control: max-age=15552000
x-tt-trace-host: 013b2f4d0f48a6cb946b3fe3ac89c4e69db23d4ab3cfa6dcac6be9d7fd91a635148d00d9704209b87deb7768a1d52176bc5a24040ee718f187f5d115ea4732942c4e8c12b8fb85bb4151f15c547c5430fef263e3555a024acf0d172e093b41b2f9cd066cf3d09eaaa056c3e50818fd93d17e6624664b9d87f36d6ce98e7a407eaa
Accept-Ranges: bytes
x-response-cache: edge_hit
BD-Request-Id: d238814c73af39172b3ee30b861f272a
X-Cache-Hits: 0, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/0e5e8ddad0e48d8c0033f04e366c47ea/65a54c19/video/tos/alisg/tos-alisg-pve-0037c001/ok6eIqGp6BA5vsDhH1iyAIyQSCRwNAjwE4PmGi/ Frame FCCC 232 KB
0 303ms
255ms Media
video/mp4 146.75.122.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/0e5e8ddad0e48d8c0033f04e366c47ea/65a54c19/video/tos/alisg/tos-alisg-pve-0037c001/ok6eIqGp6BA5vsDhH1iyAIyQSCRwNAjwE4PmGi/?a=1988&ch=0&cr=3&dr=0&lr=tiktok&cd=0%7C0%7C1%7C&cv=1&br=920&bt=460&bti=NDU3ZjAwOg%3D%3D&cs=0&ds=3&ft=Lrkago3.D12NvvcWduIxR7hNYlJH-UjNSkopiX&mime_type=video_mp4&qs=0&rc=aGdoNTk0OjQ0ZDQ5ODczaUBpM2c0dWw5cnRlcDMzODczNEA1My5eXzNjXmMxLjUyX14wYSMwLzRoMmQ0cTBgLS1kMTFzcw%3D%3D&l=2024011509144144139CDEBEB46300D7D2&btag=e00088000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 15 Jan 2024 09:14:43 GMT
via: n234-081-130, 1.1 varnish, 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
Age: 339087
X-Cache: HIT, MISS, MISS
X-Bdcdn-Cache-Status: TCP_HIT
Content-Range: bytes 0-3265041/3265042
Connection: keep-alive
server-timing: cdn-cache;desc=hit, edge;dur=170, origin;dur=0
Content-Length: 3265042
X-Served-By: cache-qpg1224-QPG, cache-mrs10547-MRS, cache-fra-etou8220055-FRA
X-Storagegw-Request-Id: 02170497099629600000000000000000000ffff0af6371dd54f2a
Last-Modified: Sat, 23 Dec 2023 11:08:08 GMT
X-Timer: S1705310083.954670,VS0,VE170
Etag: "396c7ab515c1a178a75490503b05673b"
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Thu, 11 Jan 2024 11:03:16 GMT
Cache-Control: max-age=2592000
x-request-ip: 10.240.251.151
x-response-cinfo: 10.234.81.130
x-response-cache: parent_hit
Accept-Ranges: bytes
X-Cache-Hits: 1, 0, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/f1b4d72cdcc932a64337f97e5644940b/65a54c0b/video/tos/alisg/tos-alisg-pve-0037c001/oYvFhlZzTpAwEYUQ2Uq4R5JBFiaAYBjiEIiK2/ Frame FCCC 111 KB
0 70ms
28ms Media
video/mp4 146.75.122.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/f1b4d72cdcc932a64337f97e5644940b/65a54c0b/video/tos/alisg/tos-alisg-pve-0037c001/oYvFhlZzTpAwEYUQ2Uq4R5JBFiaAYBjiEIiK2/?a=1988&ch=0&cr=3&dr=0&lr=tiktok&cd=0%7C0%7C1%7C&cv=1&br=4080&bt=2040&bti=NDU3ZjAwOg%3D%3D&cs=0&ds=3&ft=Lrkago3.D12NvvcWduIxR7hNYlJH-UjNSkopiX&mime_type=video_mp4&qs=0&rc=OWZpNmUzZmU2aDs3Z2VkZkBpM210N2o5cjxscDMzODczNEBfYS0vLy8yNjUxYzFiYF5gYSNlMGJwMmRrXy9gLS1kMS1zcw%3D%3D&l=2024011509144144139CDEBEB46300D7D2&btag=e00088000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 15 Jan 2024 09:14:43 GMT
via: n236-011-201, 1.1 varnish, 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
Age: 2085162
X-Cache: HIT, HIT, HIT
X-Bdcdn-Cache-Status: TCP_MISS
Content-Range: bytes 0-10922209/10922210
Connection: keep-alive
server-timing: cdn-cache;desc=hit, edge;dur=1, origin;dur=0
Content-Length: 10922210
X-Served-By: cache-qpg1276-QPG, cache-mrs10572-MRS, cache-fra-etou8220039-FRA
X-Storagegw-Request-Id: 02170322492185000000000000000000000ffff0aec3350ac21c5
Last-Modified: Fri, 22 Dec 2023 06:01:22 GMT
X-Timer: S1705310083.022457,VS0,VE1
Etag: "376da4b413bafc49cff042851e00e7a3"
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Fri, 22 Dec 2023 06:02:01 GMT
Cache-Control: max-age=2592000
x-request-ip: 10.240.249.178
x-response-cinfo: 10.236.11.201
Accept-Ranges: bytes
x-response-cache: edge_hit
X-Cache-Hits: 0, 2, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/34a62bca871e6f4a710eaf47a01446ab/65a54bf6/video/tos/useast2a/tos-useast2a-ve-0068c004/oM6oFXeGkQtTGeVRlqfozeBK4EzASIrZLgChIA/ Frame FCCC 207 KB
0 73ms
33ms Media
video/mp4 146.75.122.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/34a62bca871e6f4a710eaf47a01446ab/65a54bf6/video/tos/useast2a/tos-useast2a-ve-0068c004/oM6oFXeGkQtTGeVRlqfozeBK4EzASIrZLgChIA/?a=1988&ch=0&cr=3&dr=0&lr=tiktok&cd=0%7C0%7C1%7C&cv=1&br=946&bt=473&bti=NDU3ZjAwOg%3D%3D&cs=0&ds=3&ft=Lrkago3.D12NvvcWduIxR7hNYlJH-UjNSkopiX&mime_type=video_mp4&qs=0&rc=Ojo2NjU2Njc3PDRmNDNlOEBpMzNxcHU5cnY4bzMzNzczM0BhMC9eYmFhNjYxXjE2XzUvYSNucmRgMmQ0XnJgLS1kMTZzcw%3D%3D&l=2024011509144144139CDEBEB46300D7D2&btag=e00088000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 15 Jan 2024 09:14:43 GMT
via: n39-153-046, 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
x-tt-trace-id: 00-240108073313887BFB5C56951A3F46C6-441EC59A26D40143-00
Age: 610889
X-Cache: HIT, HIT
X-Bdcdn-Cache-Status: TCP_MISS
Content-Range: bytes 0-1260394/1260395
Connection: keep-alive
server-timing: inner; dur=74, cdn-cache;desc=hit, edge;dur=1, origin;dur=0
Content-Length: 1260395
X-Served-By: cache-iad-kiad7000036-IAD, cache-fra-etou8220088-FRA
X-Storagegw-Request-Id: 20240108073313887BFB5C56951A3F46C6
Last-Modified: Fri, 15 Dec 2023 13:33:19 GMT
X-TT-LOGID: 20240108073313887BFB5C56951A3F46C6
X-Timer: S1705310083.025702,VS0,VE1
Etag: "3624996027cf4f01d7fd2bab9dd4e370"
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Mon, 08 Jan 2024 07:33:14 GMT
Cache-Control: max-age=2592000
x-request-ip: fdbd:dc61:c:53::44
x-response-cinfo: fdbd:dc61:c:53::44
x-tt-trace-host: 0118aa6fd2b9058f496432391be32dbbb9e65115a77d246d112b77ff52cfcbdc602636808d98c1b53c2d0cf51ae6ab9393bf6f357004b8e1c971db9b1cd25a09fb849052c6fb9f47f58ffeaaaebe789c2d93bf68d6a7c658d89b422f840002475bf478f7c0a7a6472496285a288281645a
Accept-Ranges: bytes
x-response-cache: edge_hit
X-Cache-Hits: 4, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/1aaf6262d8a31c7adbe7dee23dcd87b8/65a54c1d/video/tos/useast2a/tos-useast2a-ve-0068c004/oIIA3ybCjA4OZoIZ82EABiigJBBnUuQhkfIjck/ Frame FCCC 165 KB
0 411ms
239ms Media
video/mp4 146.75.122.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/1aaf6262d8a31c7adbe7dee23dcd87b8/65a54c1d/video/tos/useast2a/tos-useast2a-ve-0068c004/oIIA3ybCjA4OZoIZ82EABiigJBBnUuQhkfIjck/?a=1988&ch=0&cr=3&dr=0&lr=tiktok&cd=0%7C0%7C1%7C&cv=1&br=3876&bt=1938&bti=NDU3ZjAwOg%3D%3D&cs=0&ds=3&ft=Lrkago3.D12NvvcWduIxR7hNYlJH-UjNSkopiX&mime_type=video_mp4&qs=0&rc=OTo2OWlpaGQ5Zzc0aTM8OkBpM25zOXY5cmtqbzMzNzczM0AvMDRgLjRhNjQxYy9iNTA0YSMxamJmMmRzNm9gLS1kMTZzcw%3D%3D&l=2024011509144144139CDEBEB46300D7D2&btag=e00088000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=0-

Response headers

Expires: Sat, 13 Jul 2024 09:14:43 GMT
Date: Mon, 15 Jan 2024 09:14:43 GMT
Via: 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=miss;type=static
x-tt-trace-id: 00-240115091442462413EA022FBC743A8E-0D6D27B58FC95AB4-00
Age: 0
X-Cache: MISS, MISS
Content-Range: bytes 0-14680091/14680092
Connection: keep-alive
server-timing: inner; dur=98, cdn-cache;desc=miss, edge;dur=93, origin;dur=101
Content-Length: 14680092
X-Served-By: cache-iad-kjyo7100084-IAD, cache-fra-etou8220097-FRA
X-Storagegw-Request-Id: 20240115091442462413EA022FBC743A8E
Last-Modified: Mon, 11 Dec 2023 12:51:21 GMT
X-TT-LOGID: 20240115091442462413EA022FBC743A8E
X-Timer: S1705310083.311347,VS0,VE194
Etag: "803e90b1644dcd840535c4522ab21144"
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Mon, 15 Jan 2024 09:14:43 GMT
Cache-Control: max-age=15552000
x-tt-trace-host: 01c554b38239ff32bc286f6ab99ac6c3aa0f1fe6aa8c550e9c43efa32f5a2e1bced9ca50b6ec7a084acd544c710e2bbfa202c75eac41def0c87c8c9134e629d4b9c32a3b40ba0a9a7f3f9a00299655e93f7825fccbca79d60cc89ed732cac938845414c4961fc73c75502684d5b4fa7bda0756a7fa063d93310994fdd38f729e9c
Accept-Ranges: bytes
x-response-cache: miss
BD-Request-Id: 5489e2d4414b26a8163030e0442290ed
X-Cache-Hits: 0, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/264ec8b8054a3ea20ad72b3ff54fcbba/65a54c22/video/tos/useast2a/tos-useast2a-ve-0068c003/oYFBXBAQl3iELE5lEqQGCPQRZ2IPlUv0b7iSo/ Frame FCCC 253 KB
0 246ms
69ms Media
video/mp4 146.75.122.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/264ec8b8054a3ea20ad72b3ff54fcbba/65a54c22/video/tos/useast2a/tos-useast2a-ve-0068c003/oYFBXBAQl3iELE5lEqQGCPQRZ2IPlUv0b7iSo/?a=1988&ch=0&cr=3&dr=0&lr=tiktok&cd=0%7C0%7C0%7C&br=1068&bt=534&bti=NDU3ZjAwOg%3D%3D&cs=0&ds=2&ft=Lrkago3.D12NvvcWduIxR7hNYlJH-UjNSkopiX&mime_type=video_mp4&qs=0&rc=Omc6ZDVoM2g1ZmdmZWQ4N0Bpamt4PHM5cjVobzMzNzczM0BiYWA1YGE1XmExL2EvNDUuYSNmXmJoMmQ0cm9gLS1kMTZzcw%3D%3D&l=2024011509144144139CDEBEB46300D7D2&btag=e00090000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=0-

Response headers

Expires: Thu, 11 Jul 2024 23:38:58 GMT
Date: Mon, 15 Jan 2024 09:14:43 GMT
Via: 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
x-tt-trace-id: 00-24011323385720FD811EF4204D29249E-0737624146510177-00
Age: 120945
X-Cache: MISS, HIT
Content-Range: bytes 0-4441428/4441429
Connection: keep-alive
server-timing: inner; dur=102, cdn-cache;desc=hit, edge;dur=1, origin;dur=0
Content-Length: 4441429
X-Served-By: cache-iad-kiad7000029-IAD, cache-fra-etou8220055-FRA
X-Storagegw-Request-Id: 2024011323385720FD811EF4204D29249E
Last-Modified: Mon, 11 Dec 2023 11:15:22 GMT
X-TT-LOGID: 2024011323385720FD811EF4204D29249E
X-Timer: S1705310083.330013,VS0,VE1
Etag: "a687817a24c8035ea1780083a6176b0b"
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Sat, 13 Jan 2024 23:38:58 GMT
Cache-Control: max-age=15552000
x-tt-trace-host: 019425d8eedf5d82b7db03d0f579ce3f5211871cf4f37f9b9849023a38288e647769efe93a0b78d6a479d34c58039fec1800bb1dd57f4e70f315ba527ed32a7016ce588952461b650a1799af9191bac39b33384df196861ad0ed5cf5faab63c64f19d1b9b0744dfc2e47ebcd5eab4da85a
Accept-Ranges: bytes
x-response-cache: edge_hit
BD-Request-Id: f39f65c35b1556e3f5b3794bd31913dc
X-Cache-Hits: 0, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/45cbac801b55c5350bd09ff633178b43/65a54c16/video/tos/useast2a/tos-useast2a-ve-0068c003/okPIT7gboLkeACS64KurjugGLIQJeCWGIsespq/ Frame FCCC 238 KB
0 212ms
34ms Media
video/mp4 146.75.122.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/45cbac801b55c5350bd09ff633178b43/65a54c16/video/tos/useast2a/tos-useast2a-ve-0068c003/okPIT7gboLkeACS64KurjugGLIQJeCWGIsespq/?a=1988&ch=0&cr=3&dr=0&lr=tiktok&cd=0%7C0%7C1%7C&cv=1&br=1068&bt=534&bti=NDU3ZjAwOg%3D%3D&cs=0&ds=3&ft=Lrkago3.D12NvvcWduIxR7hNYlJH-UjNSkopiX&mime_type=video_mp4&qs=0&rc=Zzs0PDk2OTw1OTY4OGRpaEBpajhyNHU5cnc6bzMzNzczM0A0YjU2MzFjNS8xLS8uYDRfYSNrZjRpMmRjZm9gLS1kMTZzcw%3D%3D&l=2024011509144144139CDEBEB46300D7D2&btag=e00088000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 15 Jan 2024 09:14:43 GMT
via: n39-155-142, 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
x-tt-trace-id: 00-2401130714477E3F77888B30E5C4AA93-534E3213208C24F2-00
Age: 179995
X-Cache: HIT, HIT
X-Bdcdn-Cache-Status: TCP_MISS
Content-Range: bytes 0-3624531/3624532
Connection: keep-alive
server-timing: inner; dur=126, cdn-cache;desc=hit, edge;dur=1, origin;dur=0
Content-Length: 3624532
X-Served-By: cache-iad-kcgs7200050-IAD, cache-fra-etou8220054-FRA
X-Storagegw-Request-Id: 202401130714477E3F77888B30E5C4AA93
Last-Modified: Mon, 11 Dec 2023 02:58:18 GMT
X-TT-LOGID: 202401130714477E3F77888B30E5C4AA93
X-Timer: S1705310083.372906,VS0,VE1
Etag: "6f22bf3f15a1367536376ca85956da9b"
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Sat, 13 Jan 2024 07:14:48 GMT
Cache-Control: max-age=2592000
x-request-ip: fdbd:dc61:a:415::167
x-response-cinfo: fdbd:dc61:a:415::167
x-tt-trace-host: 014e81afb20b348dfe0fbb0a200eb3b8e297ee913f3b1bfd3e829d3791e0cbbbe66cbf604276dcc161837369d2a2a8b583e82229392ebe535685ca90d312ee52db4789bb611393903afa7120fc5fa9ae49376bab21efdbe0ec0eacb40efc8447e055113924e42b29181a8ae1fc2824dbae
Accept-Ranges: bytes
x-response-cache: edge_hit
X-Cache-Hits: 3, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/6914e87b8d9715829f9e52a059e34e08/65a54c1e/video/tos/useast2a/tos-useast2a-ve-0068c003/o8vwRIBUGxQEcMrB5UQEwiSrllqvmZREGCWAi/ Frame FCCC 494 KB
0 187ms
21ms Media
video/mp4 146.75.122.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/6914e87b8d9715829f9e52a059e34e08/65a54c1e/video/tos/useast2a/tos-useast2a-ve-0068c003/o8vwRIBUGxQEcMrB5UQEwiSrllqvmZREGCWAi/?a=1988&ch=0&cr=3&dr=0&lr=tiktok&cd=0%7C0%7C1%7C&cv=1&br=1214&bt=607&bti=NDU3ZjAwOg%3D%3D&cs=0&ds=3&ft=Lrkago3.D12NvvcWduIxR7hNYlJH-UjNSkopiX&mime_type=video_mp4&qs=0&rc=PDlkNGllOzxoODVlaWZmaEBpM2lwbms5cjlmbzMzNzczM0AvYS0yMTA1XzYxYGBjMC0tYSMwYWBpMmRrMWlgLS1kMTZzcw%3D%3D&l=2024011509144144139CDEBEB46300D7D2&btag=e00090000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 15 Jan 2024 09:14:43 GMT
via: n39-156-068, 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
x-tt-trace-id: 00-240106235449D58297F236B9D1D5F185-0EDB57B344814166-00
Age: 724794
X-Cache: HIT, HIT
X-Bdcdn-Cache-Status: TCP_MISS
Content-Range: bytes 0-4668214/4668215
Connection: keep-alive
server-timing: inner; dur=108, cdn-cache;desc=hit, edge;dur=2, origin;dur=0
Content-Length: 4668215
X-Served-By: cache-iad-kjyo7100063-IAD, cache-fra-etou8220119-FRA
X-Storagegw-Request-Id: 20240106235449D58297F236B9D1D5F185
Last-Modified: Sat, 02 Dec 2023 05:39:21 GMT
X-TT-LOGID: 20240106235449D58297F236B9D1D5F185
X-Timer: S1705310083.395405,VS0,VE2
Etag: "4958ecec6b6fbd1ec76aef89c12d6778"
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Sat, 06 Jan 2024 23:54:50 GMT
Cache-Control: max-age=2592000
x-request-ip: fdbd:dc61:a:314::94
x-response-cinfo: fdbd:dc61:a:314::94
x-tt-trace-host: 01502b1000913dcc8a59ef858538d9959daaa19ae489d4e0e7eada0dca38cafdfa19fa51d3677d95f1c7c44d40ffecbddcd18bd17bdd3b4120adb1081f7eb80a43a0c174e4f186517e1b3a410d4915de05ff1f2f3340f2eb6bcac964d72d5418511bc3577ba40f216181addfe8ebdd4fc2
Accept-Ranges: bytes
x-response-cache: edge_hit
X-Cache-Hits: 7, 0

GET
H2 200 core.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.696/ Frame FCCC 80 KB
24 KB 19ms
19ms Script
application/javascript 23.32.238.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.696/core.js?globalName=__PNS_RUNTIME__
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.696/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a93f78df4ad9497b5572e41249c7b7d4b09363e578310fef1bf17d3f18ff14ce

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 2548d1b5
date: Mon, 15 Jan 2024 09:14:42 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: F1qDgFJjg5WrYufn6hNAJA==
x-cache: TCP_MEM_HIT from a23-32-238-167.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53314474) (-)
x-parent-response-time: 1127,184.25.50.103
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=1
storage-tier: Standard
content-length: 24117
last-modified: Tue, 09 Jan 2024 12:17:25 GMT
opc-request-id: iad-1:jHXhqJAaTpXkkmvc7w58EXNQZZx2BhLPJfhpHk0AUo8hLblhh-lOdZYoSBsxvjWd
x-api-id: native
etag: 6661d46e-0de9-41c5-9de5-ba485f6d0c1a
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: d34b153a-1347-4e39-9d21-8cf17fa8f0a4
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 14 Feb 2024 09:14:42 GMT

GET
H/1.1 200
OK b1ecwdixnimz Show response
hal9000.redintelligence.net/zone/ Frame 6523 11 KB
4 KB 77ms
23ms Script
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/b1ecwdixnimz?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCH7hPgvekZbKRDP2diM0PqN6v6AjM-YagadO0x__3D_AuEAEgiq3IVWCRBMgBCakCnF5Mi3Zfsj6oAwHIA5sEqgT4AU_QlDpLVj7dd4kr-nwaDwwOSVXnTyJnq_IoeSTbc0_25UdxjpZ3mGGfNwstg0-00DSn9i6iB3saiyaO4LoRocBTsIyyXAathsVedvymehsvemqlTy1xgxNYtVhr68nh8U17F9ks9WkRrL5W1yqebFjCBKaQtGhuizbGpp6DR984nWOg-Cmlq439SoIi4yIhvfSapmyMF0m7HsLSWjD7M_0Dvk56qSQecgLhepchxoLZb_8Yd1PWzpdASyKF5Hp4VpURz3UR4f_0FbVfTFBmgUJstxNHkxa-CgBbd4_cqhT4FcRLryxp_JsyIXgpF6ORRRoVMolWQ3alwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WNXCuI2H34MDgAoBmAsByAsBgAwBqg0CTkywE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_r1iL3g6hap5lub-_0E6dTGFn7JVk7ndeZA4Gjw6BANlPBh40yyY7ulN5CrX5HHR9SFiUxcA2dwpmWFjUkcw5h4n-UXl0iHh4slsYAQ%26sig%3DAOD64_17RHKX-PjEAeQ10Wq2CChjltQpNg%26client%3Dca-pub-9448684550121500%26dbm_c%3DAKAmf-DYSPtUkiCra6WZgMw9eXdhDS85A9qc3Lj45yTF0DfQAo0HsfwGiPMffmZovKFiI7ldok4BO4-DCsSI3xAKAZSbI5GpPR2I9_ivSZSs5ONVGquk7N2FWzXtsE4YDDbDj59nTV0FDXh8u-kRcM7rM26DZ_bm6zghNBhcDWB8KWWy1kgmZTo%26cry%3D1%26dbm_d%3DAKAmf-C03ouY3P3okpZ-1BjoBhZSj7Nnkt6ChOzH7eHhvdD-RVJuenMMTB62EIhbWZzpV5c5Ger1Qd1McQMWe2Z6Jy5kXErb4ACCo5fIFiHeg7Lgif92NLrdCYNYO1kNorjm0-2qMPDLur1bh2bYPQ6MomkH6SuzInpPhYvlJLtuigrdC0ixpNv_g9rn7Qzpzpc3zcyA1CsimUeCktU7CORKk_ibucASO0P-jLsvaOGfYOh8JBERlBUaZMt2DLjXKBvGWtatz-VIyLMclbHcpflSbye3bLrrvfUgc-KglAfdahfrsQ9AfEeE0ghT-Rrju-Ipdt1rwiY_hBj9S6Tv8Ior9jS-8EDI-clT9o_msCDLYDHABF-UF5ZAz8f2nYY1hpaelCZntPAX69Ad3hwrnRgEiL6zCMwm4-JOApnfC0buD8BrYp5yxupISpPU8hDQf-x0DAw6Algw5j3WBpyX9LMpWpK1ZsDmp3KP5LtvEJsBvTHH_vs4n1IUKsZM-LyPfgHs4kROKbXtemmNLPidUeOrYQgzSDZuvpnmztLSY0hFE_IQjEE-V1qkCUY1ss6sUAlPJpOXHmoI%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=600&slotname=8054381891&adk=2469100880&adf=542241476&pi=t.ma~as.8054381891&w=300&lmt=1705310082&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310081969&bpp=19&bdt=889&idt=191&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=728x90%2C0x0&nras=1&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1002&ady=1979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=834481197&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=193
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: bf16183f8806dbe3a30453399b18c28def5d4acf9826fab5149812fb6a324aa9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:42 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4152
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

OPTIONS
H2 200 webid
mcs-ie.tiktokw.eu/v1/user/ Frame 0
0 168ms
74ms Preflight 2.16.238.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-ie.tiktokw.eu/v1/user/webid
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-11.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin: https://www.tiktok.com
access-control-max-age: 1800
cache-control: max-age=0, no-cache, no-store
content-length: 0
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:43 GMT
expires: Mon, 15 Jan 2024 09:14:43 GMT
pragma: no-cache
server: TLB
server-timing: inner; dur=2 cdn-cache; desc=MISS, edge; dur=1, origin; dur=22
x-akamai-request-id: 4bba133c
x-cache: TCP_MISS from a2-16-239-11.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-origin-response-time: 22,2.16.239.11
x-tt-logid: 2024011509144234677D6E2B911F24A5FE
x-tt-trace-host: 0159893ee4a12b1cb10c7d855a7ad5d8a67748ded51af3c73bcfc81b4ed2b208642123ebd8458dc42b3d9650b35ce38591018afda8d13b49ec9d27438910248d63239a22bcad922556e2b7ad526e29f0e64b6872aeba4e68e415a64d827f67a7ae
x-tt-trace-id: 00-24011509144234677D6E2B911F24A5FE-27613AB1BC721BA4-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H2 200 webid Show response
mcs-ie.tiktokw.eu/v1/user/ Frame FCCC 58 B
827 B 109ms
109ms XHR
application/json 2.16.238.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-ie.tiktokw.eu/v1/user/webid
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/webmssdk/1.0.0.95/webmssdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-11.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: dd7a017dbcdafb17fa65cedf64792e1f11b91fa1dc3f079d8c918101797d04ff

Request headers

Referer: https://www.tiktok.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-akamai-request-id: 4bba1429
date: Mon, 15 Jan 2024 09:14:43 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24011509144282213B754BBA684F9813-7737CE35C3091663-00
x-cache: TCP_MISS from a2-16-239-11.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
cross-origin-resource-policy: cross-origin
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=2, origin; dur=24
content-length: 58
pragma: no-cache
server: TLB
x-tt-logid: 2024011509144282213B754BBA684F9813
access-control-max-age: 1800
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tiktok.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 25,2.16.239.11
x-tt-trace-host: 0159893ee4a12b1cb10c7d855a7ad5d8a67748ded51af3c73bcfc81b4ed2b208642123ebd8458dc42b3d9650b35ce385915a55158bef233db8878557faf7448aa3e94de848780c6e962ea903beefc79616068b0c404b8a594bcaa5ed64422f8cc1
expires: Mon, 15 Jan 2024 09:14:43 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6834 38 KB
13 KB 33ms
33ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 205432
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 00:10:50 GMT
expires: Sun, 12 Jan 2025 00:10:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 browser-settings
mon-i18n.tiktokv.com/monitor_web/settings/ Frame 0
0 548ms
131ms Preflight
application/json 71.18.5.241
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-i18n.tiktokv.com/monitor_web/settings/browser-settings?bid=tiktok_web_embed&store=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

71.18.5.241 , United States, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-origin: https://www.tiktok.com
access-control-max-age: 600
access-control-request-method: POST,GET,OPTIONS
bd-request-id: 0f9d15924f3ace330eb6da0ec7c5f0f0
cache-control: public, max-age=600
content-encoding: br
content-type: application/json; charset=utf-8
date: Mon, 15 Jan 2024 09:14:43 GMT
server: Tengine
server-timing: cdn-cache;desc=MISS, inner; dur=3, origin;dur=106, edge;dur=1
strict-transport-security: max-age=31536000;includeSubDomains
upstream-caught: 1705310083428035
vary: Origin, Accept-Encoding
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain: mon-i18n.tiktokv.com
x-outhost: mon-i18n.tiktokv.com
x-tt-logid: 20240115091442088487006B8599310801
x-tt-trace-host: 01681fd6639bb5deb7e81c3bb4d6f87ee3166b9af480b06ff530df1d3fd501247ec8216f255177712db87f41eca120919c801ad4842fe209c6c24f2117de1a7800610e9a12e19f235ed85ea9614a43ec4d
x-tt-trace-id: 00-240115091442088487006B8599310801-5EBA998653D83BE7-00
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_tiktok-platform-lb-i18n.byteoversea.net

GET
H2 200 browser-settings Show response
mon-i18n.tiktokv.com/monitor_web/settings/ Frame FCCC 1 KB
1 KB 283ms
198ms XHR
application/json 71.18.5.241
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-i18n.tiktokv.com/monitor_web/settings/browser-settings?bid=tiktok_web_embed&store=1

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/webmssdk/1.0.0.95/webmssdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

71.18.5.241 , United States, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

f0be4ffe665fae3c4d967e3c26cf94ef58c9b44e659e2b62a87750b4654fe157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Referer: https://www.tiktok.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
access-control-request-method: POST,GET,OPTIONS
content-encoding: br
strict-transport-security: max-age=31536000;includeSubDomains
upstream-caught: 1705310083651846
x-tt-trace-tag: id=31;cdn-cache=miss
x-tt-trace-id: 00-240115091442E4AC02546521493696FD-5B7145C849EFF431-00
x-upstreamname: origin_tiktok-platform-lb-i18n.byteoversea.net
server-timing: cdn-cache;desc=MISS, inner; dur=9, origin;dur=111, edge;dur=1
server: Tengine
x-tt-logid: 20240115091442E4AC02546521493696FD
x-outhost: mon-i18n.tiktokv.com
x-outdomain: mon-i18n.tiktokv.com
access-control-max-age: 600
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tiktok.com
cache-control: public, max-age=600
access-control-allow-credentials: true
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host: 01681fd6639bb5deb7e81c3bb4d6f87ee3166b9af480b06ff530df1d3fd501247e2ae28074a0a0d250a5af8fb193271428a962ab63742cac8b22d8b7447a0f3dc817026c3cff79d33b7d9a490f0d9ae2cb
access-control-allow-headers: Content-Type
bd-request-id: 41861b543c1961eabaf0f10732086c45

GET
H/1.1

200
OK

request.php Show response
hal900030.redintelligence.net/ Frame 6523
Redirect Chain

https://hal900030.redintelligence.net/request.php?zone=b1ecwdixnimz&nw=20&renderingType=javascript&namespace=8a472eca8f&subid=&uid=b002fba07a3d8ace&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900030.redintelligence.net/request.php?zone=b1ecwdixnimz&nw=20&renderingType=javascript&namespace=8a472eca8f&subid=&uid=b002fba07a3d8ace&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

302ms
107ms

Script
application/x-javascript

136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/request.php?zone=b1ecwdixnimz&nw=20&renderingType=javascript&namespace=8a472eca8f&subid=&uid=b002fba07a3d8ace&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCH7hPgvekZbKRDP2diM0PqN6v6AjM-YagadO0x__3D_AuEAEgiq3IVWCRBMgBCakCnF5Mi3Zfsj6oAwHIA5sEqgT4AU_QlDpLVj7dd4kr-nwaDwwOSVXnTyJnq_IoeSTbc0_25UdxjpZ3mGGfNwstg0-00DSn9i6iB3saiyaO4LoRocBTsIyyXAathsVedvymehsvemqlTy1xgxNYtVhr68nh8U17F9ks9WkRrL5W1yqebFjCBKaQtGhuizbGpp6DR984nWOg-Cmlq439SoIi4yIhvfSapmyMF0m7HsLSWjD7M_0Dvk56qSQecgLhepchxoLZb_8Yd1PWzpdASyKF5Hp4VpURz3UR4f_0FbVfTFBmgUJstxNHkxa-CgBbd4_cqhT4FcRLryxp_JsyIXgpF6ORRRoVMolWQ3alwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WNXCuI2H34MDgAoBmAsByAsBgAwBqg0CTkywE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_r1iL3g6hap5lub-_0E6dTGFn7JVk7ndeZA4Gjw6BANlPBh40yyY7ulN5CrX5HHR9SFiUxcA2dwpmWFjUkcw5h4n-UXl0iHh4slsYAQ%26sig%3DAOD64_17RHKX-PjEAeQ10Wq2CChjltQpNg%26client%3Dca-pub-9448684550121500%26dbm_c%3DAKAmf-DYSPtUkiCra6WZgMw9eXdhDS85A9qc3Lj45yTF0DfQAo0HsfwGiPMffmZovKFiI7ldok4BO4-DCsSI3xAKAZSbI5GpPR2I9_ivSZSs5ONVGquk7N2FWzXtsE4YDDbDj59nTV0FDXh8u-kRcM7rM26DZ_bm6zghNBhcDWB8KWWy1kgmZTo%26cry%3D1%26dbm_d%3DAKAmf-C03ouY3P3okpZ-1BjoBhZSj7Nnkt6ChOzH7eHhvdD-RVJuenMMTB62EIhbWZzpV5c5Ger1Qd1McQMWe2Z6Jy5kXErb4ACCo5fIFiHeg7Lgif92NLrdCYNYO1kNorjm0-2qMPDLur1bh2bYPQ6MomkH6SuzInpPhYvlJLtuigrdC0ixpNv_g9rn7Qzpzpc3zcyA1CsimUeCktU7CORKk_ibucASO0P-jLsvaOGfYOh8JBERlBUaZMt2DLjXKBvGWtatz-VIyLMclbHcpflSbye3bLrrvfUgc-KglAfdahfrsQ9AfEeE0ghT-Rrju-Ipdt1rwiY_hBj9S6Tv8Ior9jS-8EDI-clT9o_msCDLYDHABF-UF5ZAz8f2nYY1hpaelCZntPAX69Ad3hwrnRgEiL6zCMwm4-JOApnfC0buD8BrYp5yxupISpPU8hDQf-x0DAw6Algw5j3WBpyX9LMpWpK1ZsDmp3KP5LtvEJsBvTHH_vs4n1IUKsZM-LyPfgHs4kROKbXtemmNLPidUeOrYQgzSDZuvpnmztLSY0hFE_IQjEE-V1qkCUY1ss6sUAlPJpOXHmoI%26adurl%3D&documentReferer=https%3A%2F%2Fwww.j-hero.com%2F&ancestorOrigins=https%3A%2F%2Fwww.j-hero.com&random=2017140464218&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=600&slotname=8054381891&adk=2469100880&adf=542241476&pi=t.ma~as.8054381891&w=300&lmt=1705310082&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310081969&bpp=19&bdt=889&idt=191&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=728x90%2C0x0&nras=1&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1002&ady=1979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=834481197&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=193
Protocol: HTTP/1.1
Server: 136.243.149.243 Ludwigshafen am Rhein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: d6e181c17a48b71bc532a1260e427a201c105d8475f802e75bce3781f9398abf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Jan 2024 09:14:43 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 33378500045426904444460012570030
Connection: close
Content-Length: 891
Expires: Mon, 15 Jan 2024 09:14:43 +0100

Redirect headers

Pragma: no-cache
Date: Mon, 15 Jan 2024 09:14:43 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=b1ecwdixnimz&nw=20&renderingType=javascript&namespace=8a472eca8f&subid=&uid=b002fba07a3d8ace&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCH7hPgvekZbKRDP2diM0PqN6v6AjM-YagadO0x__3D_AuEAEgiq3IVWCRBMgBCakCnF5Mi3Zfsj6oAwHIA5sEqgT4AU_QlDpLVj7dd4kr-nwaDwwOSVXnTyJnq_IoeSTbc0_25UdxjpZ3mGGfNwstg0-00DSn9i6iB3saiyaO4LoRocBTsIyyXAathsVedvymehsvemqlTy1xgxNYtVhr68nh8U17F9ks9WkRrL5W1yqebFjCBKaQtGhuizbGpp6DR984nWOg-Cmlq439SoIi4yIhvfSapmyMF0m7HsLSWjD7M_0Dvk56qSQecgLhepchxoLZb_8Yd1PWzpdASyKF5Hp4VpURz3UR4f_0FbVfTFBmgUJstxNHkxa-CgBbd4_cqhT4FcRLryxp_JsyIXgpF6ORRRoVMolWQ3alwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WNXCuI2H34MDgAoBmAsByAsBgAwBqg0CTkywE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_r1iL3g6hap5lub-_0E6dTGFn7JVk7ndeZA4Gjw6BANlPBh40yyY7ulN5CrX5HHR9SFiUxcA2dwpmWFjUkcw5h4n-UXl0iHh4slsYAQ%26sig%3DAOD64_17RHKX-PjEAeQ10Wq2CChjltQpNg%26client%3Dca-pub-9448684550121500%26dbm_c%3DAKAmf-DYSPtUkiCra6WZgMw9eXdhDS85A9qc3Lj45yTF0DfQAo0HsfwGiPMffmZovKFiI7ldok4BO4-DCsSI3xAKAZSbI5GpPR2I9_ivSZSs5ONVGquk7N2FWzXtsE4YDDbDj59nTV0FDXh8u-kRcM7rM26DZ_bm6zghNBhcDWB8KWWy1kgmZTo%26cry%3D1%26dbm_d%3DAKAmf-C03ouY3P3okpZ-1BjoBhZSj7Nnkt6ChOzH7eHhvdD-RVJuenMMTB62EIhbWZzpV5c5Ger1Qd1McQMWe2Z6Jy5kXErb4ACCo5fIFiHeg7Lgif92NLrdCYNYO1kNorjm0-2qMPDLur1bh2bYPQ6MomkH6SuzInpPhYvlJLtuigrdC0ixpNv_g9rn7Qzpzpc3zcyA1CsimUeCktU7CORKk_ibucASO0P-jLsvaOGfYOh8JBERlBUaZMt2DLjXKBvGWtatz-VIyLMclbHcpflSbye3bLrrvfUgc-KglAfdahfrsQ9AfEeE0ghT-Rrju-Ipdt1rwiY_hBj9S6Tv8Ior9jS-8EDI-clT9o_msCDLYDHABF-UF5ZAz8f2nYY1hpaelCZntPAX69Ad3hwrnRgEiL6zCMwm4-JOApnfC0buD8BrYp5yxupISpPU8hDQf-x0DAw6Algw5j3WBpyX9LMpWpK1ZsDmp3KP5LtvEJsBvTHH_vs4n1IUKsZM-LyPfgHs4kROKbXtemmNLPidUeOrYQgzSDZuvpnmztLSY0hFE_IQjEE-V1qkCUY1ss6sUAlPJpOXHmoI%26adurl%3D&documentReferer=https%3A%2F%2Fwww.j-hero.com%2F&ancestorOrigins=https%3A%2F%2Fwww.j-hero.com&random=2017140464218&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Mon, 15 Jan 2024 09:14:43 +0100

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.ALXhQhU1_MU.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w/ Frame 6A55 65 KB
23 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.ALXhQhU1_MU.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55f971875358b14d062cae2ccc8cf74be548ea05a1f902ddd2f3cb32ace808d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 13:37:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23575
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 19:05:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 13:37:34 GMT

GET
H2 200 devtools.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.696/ Frame FCCC 4 KB
2 KB 23ms
23ms Script
application/javascript 23.32.238.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.696/devtools.js?globalName=__PNS_RUNTIME__&__PNS_SW_CACHE__=1&__PNS_SW_CACHE_KEY__=to-json-schema
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.696/core.js?globalName=__PNS_RUNTIME__
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1d21c7c4a5231e2baf41c4c0f580cd87bb0536d8feb0e20be417870875c99963

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 2548d2c3
date: Mon, 15 Jan 2024 09:14:42 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: SBOqY3b5/4rueltCkuSr0w==
x-cache: TCP_MEM_HIT from a23-32-238-167.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53314474) (-)
x-parent-response-time: 677,23.48.22.34
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 1619
last-modified: Tue, 09 Jan 2024 12:17:22 GMT
opc-request-id: iad-1:VEScjQ1L_vi8jT4JGmSbeaXkuebsPmUbofQO-fIAGYmcEePMMJn6EYlWWPaTo6l0
x-api-id: native
etag: 408c3986-1a3d-42e2-aa88-be3824a99c76
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: c1a5f35f-9797-4d06-93e3-24cc59cb848e
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 14 Feb 2024 09:14:42 GMT

GET
H3 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.ALXhQhU1_MU.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w/ 27 KB
9 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.ALXhQhU1_MU.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w/cb=gapi.loaded_2?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d2343d7f04e50d2434f97b92ce2c85ab606a4027991302ca0c949cc96f25de2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:37:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 387426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9223
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 19:05:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jan 2025 21:37:37 GMT

GET
H3 200 app_reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 78 KB
26 KB 104ms
104ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/app_reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6eb33e62d6eb9c5aa4f83bfdaa83107008ebe0e141bd1e325d480263acb963d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26798
x-xss-protection: 0
server: cafe
etag: 4604742995774797532
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Jan 2024 09:14:43 GMT

GET
H/1.1 200
OK timeline.e108540dddc96e4b707f5cf259a582d7.js Show response
platform.twitter.com/js/ 8 KB
4 KB 22ms
21ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.e108540dddc96e4b707f5cf259a582d7.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B7E) /
Resource Hash: e6e9523c85d37bb7c9677eb459366fb81a650df0ecfef5ab6e661dd18bbdaacb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:43 GMT
Content-Encoding: gzip
Age: 2994780
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2965
Last-Modified: Mon, 11 Dec 2023 17:19:47 GMT
Server: ECS (amb/6B7E)
Etag: "e1b37e9fee06488be9c4cff0558f4e37+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 14AF 35 KB
14 KB 327ms
326ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=2567986831&pi=t.aa~a.3602219927~rp.1&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0&prev_slotnames=8054381891&nras=2&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1290&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07e43ef44311fbf41812030100b4f1a1dbe230aa16fe4523413a23e407979c55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.j-hero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 14258
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E1C9 123 KB
43 KB 409ms
409ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=280&adk=3889316871&adf=264656653&pi=t.aa~a.3577929496~rp.4&w=678&fwrn=1&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=678x280&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2010&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250&prev_slotnames=8054381891&nras=3&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=1951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=19

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6842643014e102f22bd79ad19e74fcf1b79468706512a4e78e1eab7d6c8e884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.j-hero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 43815
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E730 34 KB
13 KB 364ms
362ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=4004496541&pi=t.aa~a.3602248092~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280&prev_slotnames=8054381891&nras=4&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=26

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96a8324c423c890ff9754a76b1ab4c9e08f85b586aff09132e703847df3523bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.j-hero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 13718
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0C1C 436 B
233 B 441ms
441ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=280&adk=3889316871&adf=600027505&pi=t.aa~a.3108947081~rp.4&w=678&fwrn=1&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=678x280&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=2&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280%2C326x250&prev_slotnames=8054381891&nras=5&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=30

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d440a124fcffc3e7e1587a280221fb52d989969e041420c759ca4395a854abba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.j-hero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 81C1 35 KB
14 KB 370ms
370ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=2004900475&pi=t.aa~a.2363856613~rp.3&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2010&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280%2C326x250%2C678x280&prev_slotnames=8054381891&nras=6&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=4097&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=32

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fd0242a43338471c8efcd2a81e73160b8c59e92f4f8f1c0874bb306b1750423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.j-hero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 14220
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 6834 39 KB
15 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 08:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Jan 2025 08:09:44 GMT

GET
H3

200

/
www.facebook.com/login/ Frame A16A
Redirect Chain

https://www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a9eb64ef69948%26domain%3Dwww.j-h...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbit...

0
0

216ms
216ms

Document
text/html

2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1a9eb64ef69948%2526domain%253Dwww.j-hero.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.j-hero.com%25252Ff2639a1088d657%2526relation%253Dparent.parent%26container_width%3D298%26height%3D500%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FJHERODOTCOM%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26width%3D300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=501e734e0a604aeddf61830dc77c28a9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.j-hero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 15 Jan 2024 09:14:43 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: UyV9y1hYA7aM3+qK6OAPwHET8bJHaubgWes2WVUXaofsCdtoFLTgKAYPWbyBW8WgMNEw62BgvJL0yFUee4DA9Q==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:43 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1a9eb64ef69948%2526domain%253Dwww.j-hero.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.j-hero.com%25252Ff2639a1088d657%2526relation%253Dparent.parent%26container_width%3D298%26height%3D500%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FJHERODOTCOM%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26width%3D300
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=()
pragma: no-cache
priority: u=0,i
reporting-endpoints
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: vO0XzawY/VxAAjwskF0Ybjxh1aI2JKV9dtNVYUw8LZUyRmm+bzv2UQ6C1VH1fFGauiJvlgy3idkc1Aq7ocuKQA==
x-xss-protection: 0

GET
H3 200 subscribe_embed Show response
www.youtube.com/ Frame 0883 762 B
366 B 117ms
116ms Document
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCNPBMjTj8WF0K28WGlwG8Mg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.nl.ALXhQhU1_MU.O%2Fd%3D1%2Frs%3DAHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.ALXhQhU1_MU.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35bae93fd18226b379787ef3c75762af288cbef4a9f15131d0831a551d7f2fba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.j-hero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin; report-to="youtube_main"
date: Mon, 15 Jan 2024 09:14:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
153 B 81ms
81ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:48:06 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 581197
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 07 Jan 2025 15:48:06 GMT

GET
H2 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
332 B 80ms
80ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:34:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
age: 574837
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 07 Jan 2025 17:34:06 GMT

GET
H2 200 3297.svg
s.w.org/images/core/emoji/14.0.0/svg/ 2 KB
1 KB 234ms
61ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/3297.svg

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

363228131b18acd3255a7bbc8fec09e99c09acbf006b76ff7e93b7b2e4822c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 15 Jan 2024 09:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f525.svg
s.w.org/images/core/emoji/14.0.0/svg/ 822 B
781 B 234ms
61ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f525.svg

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

4fa646a4dbc10513ddeb70561789483638faf456e15186f4eb7291c5c455cbb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 15 Jan 2024 09:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
417 B 78ms
78ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 23:00:53 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 209630
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 318
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 11 Jan 2025 23:00:53 GMT

GET
H2 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
206 B 79ms
79ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:01:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
age: 151967
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 12 Jan 2025 15:01:56 GMT

GET
H2 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
207 B 80ms
79ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 11:37:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
age: 164238
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 12 Jan 2025 11:37:25 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame DE3F 9 KB
4 KB 76ms
75ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.j-hero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 2892
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 08:26:31 GMT
etag: 9219409622527106327
expires: Mon, 29 Jan 2024 08:26:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 JHEROCOM Show response
syndication.twitter.com/srv/timeline-profile/screen-name/ Frame DA89 5 KB
2 KB 208ms
208ms Document
text/html 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/srv/timeline-profile/screen-name/JHEROCOM?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=500px&origin=https%3A%2F%2Fj-hero.com%2F&partner=jetpack&sessionId=8095b1120d61630a7cce339cdb9ec1e3d4af95b7&showHeader=true&showReplies=false&siteScreenName=jherocom&theme=light&transparent=false&widgetsVersion=2615f7e52b7e0%3A1702314776716

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

b9a7d8a200923afff7e873c8a767e7854b5b936ff1f14981d424454832a44296

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Xss-Protection	0

Request headers

Referer: https://www.j-hero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: must-revalidate, max-age=60
content-encoding: gzip
content-length: 1848
content-type: text/html; charset=utf-8
date: Mon, 15 Jan 2024 09:14:43 GMT
etag: "14c4-Zee+swT/UwAX0VwuWkJjwAKVqew"
perf: 7469935968
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 3a478189b0f0db0501f9fbcdfaeff6c60c4ac7d71d62ea6123b45eabb2f10f07
x-response-time: 140
x-transaction-id: 9a27346521c7e2c6
x-xss-protection: 0

OPTIONS
H2 200 /
libraweb.tiktokw.eu/service/2/abtest_config/ Frame 0
0 249ms
36ms Preflight
application/json 2.16.100.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://libraweb.tiktokw.eu/service/2/abtest_config/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.100.152 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-100-152.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Content-Length, Authorization, Accept,X-Requested-With
access-control-allow-methods: PUT,POST,GET,DELETE,OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: max-age=0, no-cache, no-store
content-length: 60
content-type: application/json; charset=utf-8
date: Mon, 15 Jan 2024 09:14:43 GMT
expires: Mon, 15 Jan 2024 09:14:43 GMT
pragma: no-cache
server: TLB
server-timing: cdn-cache; desc=MISS, edge; dur=17, origin; dur=3 inner; dur=2
x-akamai-request-id: 88f52c82.39b2bcb9
x-cache: TCP_MISS from a2-16-100-148.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
x-cache-remote: TCP_MISS from a23-216-155-62.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
x-origin-response-time: 3,23.216.155.62
x-parent-response-time: 20,2.16.100.148
x-tt-logid: 202401150914424F7F0A67FF8D4F594530
x-tt-trace-host: 0159893ee4a12b1cb10c7d855a7ad5d8a6f434542f058fa54889db3998dffa2265888f6567cfbabe9ecd001d0810e7b5fe7441baa6ddc50e7b0e14fa7f50fe623ec7fa526cd4fb354dc93ae5e4e4751cecf8d46ad40b5e3349b1d8718acffa54c79fc6d044c49ace02931f2128a1262fde
x-tt-trace-id: 00-2401150914424F7F0A67FF8D4F594530-600407C682D5D29D-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H2 200 / Show response
libraweb.tiktokw.eu/service/2/abtest_config/ Frame FCCC 651 B
1 KB 50ms
48ms XHR
application/json 2.16.100.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://libraweb.tiktokw.eu/service/2/abtest_config/
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/webmssdk/1.0.0.95/webmssdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.100.152 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-100-152.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: f073976e40047e8fe5aa8c9499780d4570f4ff249d16a75848d1a61631e18c4b

Request headers

Referer: https://www.tiktok.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-akamai-request-id: 362f7dd2.39b2bcf0
date: Mon, 15 Jan 2024 09:14:43 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2401150914426928D4AF0D118174B28D-7FFA3EA0C3CF5550-00
x-cache: TCP_MISS from a2-16-100-148.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
x-parent-response-time: 22,2.16.100.148
server-timing: cdn-cache; desc=MISS, edge; dur=17, origin; dur=5, inner; dur=3
content-length: 363
pragma: no-cache
server: TLB
x-tt-logid: 202401150914426928D4AF0D118174B28D
x-cache-remote: TCP_MISS from a23-216-155-78.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
access-control-max-age: 3600
access-control-allow-methods: PUT,POST,GET,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.216.155.78
x-tt-trace-host: 0159893ee4a12b1cb10c7d855a7ad5d8a6f434542f058fa54889db3998dffa2265dda85905b6ff2010fc7c96ba9873e4711826e3fba51b62852f34ed190378042bfe13d197e643c874260e0df2518c6b6a31f35cf6f16434be315a203993f41323e1518974b9353d9d46c7f61cceacc9e4
vary: Accept-Encoding
access-control-allow-headers: Content-Type,Content-Length, Authorization, Accept,X-Requested-With
expires: Mon, 15 Jan 2024 09:14:43 GMT

POST
H2 200 list Show response
mcs-ie.tiktokw.eu/v1/ Frame FCCC 7 B
774 B 46ms
46ms XHR
application/json 2.16.238.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-ie.tiktokw.eu/v1/list
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/webmssdk/1.0.0.95/webmssdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-11.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

X-MCS-AppKey: 566f58151b0ed37e
Referer: https://www.tiktok.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-akamai-request-id: 4bba1824
date: Mon, 15 Jan 2024 09:14:43 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24011509144234677D6E2B911F24A60B-27613AB1BC721BD8-00
x-cache: TCP_MISS from a2-16-239-11.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
cross-origin-resource-policy: cross-origin
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=0, origin; dur=22
content-length: 7
pragma: no-cache
server: TLB
x-tt-logid: 2024011509144234677D6E2B911F24A60B
access-control-max-age: 1800
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tiktok.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 22,2.16.239.11
x-tt-trace-host: 0159893ee4a12b1cb10c7d855a7ad5d8a67748ded51af3c73bcfc81b4ed2b208642123ebd8458dc42b3d9650b35ce38591018afda8d13b49ec9d27438910248d634da941180303c280c1801d713f9be0f5d822c2cadb18abec034756118bf1d159
expires: Mon, 15 Jan 2024 09:14:43 GMT

OPTIONS
H2 200 list
mcs-ie.tiktokw.eu/v1/ Frame 0
0 115ms
115ms Preflight 2.16.238.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-ie.tiktokw.eu/v1/list
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-11.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-mcs-appkey
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-mcs-appkey
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin: https://www.tiktok.com
access-control-max-age: 1800
cache-control: max-age=0, no-cache, no-store
content-length: 0
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:43 GMT
expires: Mon, 15 Jan 2024 09:14:43 GMT
pragma: no-cache
server: TLB
server-timing: inner; dur=1 cdn-cache; desc=MISS, edge; dur=0, origin; dur=22
x-akamai-request-id: 4bba1658
x-cache: TCP_MISS from a2-16-239-11.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-origin-response-time: 22,2.16.239.11
x-tt-logid: 202401150914422878F4476082312F2476
x-tt-trace-host: 0159893ee4a12b1cb10c7d855a7ad5d8a67748ded51af3c73bcfc81b4ed2b2086482f172daa9c6fd27e8d548ae02adc8f5d55b2e23cd86a84b1e542f145b80d3f8a171b0b4ab70d73915d81c820a59cd1e8fbb2796214b5c90a287c87fa1e19d6c
x-tt-trace-id: 00-2401150914422878F4476082312F2476-3D775283545C08D2-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H2 200 css2
fonts.googleapis.com/ Frame DE3F 4 KB
767 B 99ms
99ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jan 2024 09:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 07:25:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jan 2024 09:14:43 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DE3F 205 B
296 B 213ms
38ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 13:30:37 GMT
x-content-type-options: nosniff
age: 243846
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 11 Jan 2025 13:30:37 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DE3F 604 B
919 B 212ms
37ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 14:30:21 GMT
x-content-type-options: nosniff
age: 240262
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 11 Jan 2025 14:30:21 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame DE3F 16 KB
7 KB 95ms
95ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 22:18:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 22:18:42 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame DE3F 22 KB
9 KB 97ms
96ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 23:16:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35883
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 23:16:40 GMT

OPTIONS
H2 200 list
mcs-ie.tiktokw.eu/v1/ Frame 0
0 111ms
110ms Preflight 2.16.238.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-ie.tiktokw.eu/v1/list
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-11.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin: https://www.tiktok.com
access-control-max-age: 1800
cache-control: max-age=0, no-cache, no-store
content-length: 0
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:43 GMT
expires: Mon, 15 Jan 2024 09:14:43 GMT
pragma: no-cache
server: TLB
server-timing: inner; dur=2 cdn-cache; desc=MISS, edge; dur=0, origin; dur=24
x-akamai-request-id: 4bba1675
x-cache: TCP_MISS from a2-16-239-11.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-origin-response-time: 24,2.16.239.11
x-tt-logid: 2024011509144234677D6E2B911F24A603
x-tt-trace-host: 0159893ee4a12b1cb10c7d855a7ad5d8a67748ded51af3c73bcfc81b4ed2b208642123ebd8458dc42b3d9650b35ce38591018afda8d13b49ec9d27438910248d63eca1477b94d5617bfaa22413fa3d5fe678d9e601f37da8b693ad0c37fdc14961
x-tt-trace-id: 00-24011509144234677D6E2B911F24A603-27613AB1BC721BB8-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H2 200 list Show response
mcs-ie.tiktokw.eu/v1/ Frame FCCC 21 B
788 B 45ms
42ms XHR
application/json 2.16.238.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-ie.tiktokw.eu/v1/list
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/webmssdk/1.0.0.95/webmssdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-11.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: 948190a15ae7d94bc1d62d16316370c5365c520310b32a4e3719a93d9a05f78f

Request headers

Referer: https://www.tiktok.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-akamai-request-id: 4bba1850
date: Mon, 15 Jan 2024 09:14:43 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2401150914422878F4476082312F2485-3D775283545C090E-00
x-cache: TCP_MISS from a2-16-239-11.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
cross-origin-resource-policy: cross-origin
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=0, origin; dur=22
content-length: 21
pragma: no-cache
server: TLB
x-tt-logid: 202401150914422878F4476082312F2485
access-control-max-age: 1800
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tiktok.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 22,2.16.239.11
x-tt-trace-host: 0159893ee4a12b1cb10c7d855a7ad5d8a67748ded51af3c73bcfc81b4ed2b2086482f172daa9c6fd27e8d548ae02adc8f5d55b2e23cd86a84b1e542f145b80d3f8a171b0b4ab70d73915d81c820a59cd1e8fbb2796214b5c90a287c87fa1e19d6c
expires: Mon, 15 Jan 2024 09:14:43 GMT

GET
H3 200 www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 0883 9 KB
2 KB 88ms
88ms Stylesheet
text/css 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCNPBMjTj8WF0K28WGlwG8Mg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.nl.ALXhQhU1_MU.O%2Fd%3D1%2Frs%3DAHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCNPBMjTj8WF0K28WGlwG8Mg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.nl.ALXhQhU1_MU.O%2Fd%3D1%2Frs%3DAHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 09:27:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172038
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2447
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 01:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Jan 2025 09:27:25 GMT

GET
H3 200 www-subscribe-embed-card_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 0883 149 KB
150 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCNPBMjTj8WF0K28WGlwG8Mg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.nl.ALXhQhU1_MU.O%2Fd%3D1%2Frs%3DAHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 09:09:53 GMT
x-content-type-options: nosniff
age: 518690
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153068
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 08 Jan 2025 09:09:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6834 0
20 B 110ms
110ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B-Rh_gvekZeyMK6j6x_APtvSy6A4AAAAAOAHgBAI&bg=!oqGloe7NAAaumcC-jpk7ADQBe5WfOFRA5jSuazAWaSO1AWk5Q_ENPlfqs1saz66eZ4JmOEI-uyQMRv6gRLWUYYZrU5GRAgAAADdSAAAAAWgBBwoAQJsNOrP6SHD-nOFHtfRqTOshUTgqb3iYMbjiidDhgbc1ksW9iwBFPa0D9kkQ-Iva5UKR5IbfhjWI5yOtgglMwaKZAuQ8LmD4NTmwI2IMA9F9MRH8QQoFYlemvbYmqT1ZgC8P8a2cHgl65uOkyz8plPH5Nr-ZiV_gZ_8XiwQ-UvVkqxopV7RDOQPevSlYLK8a3UwsQp0k66qV_wS073mKy5llJJQLlmcqAdqbqRflppGM6JDhvE3JaZpvoLt3DJqjMGDUKeOzANgseKyhAwyODD1MvJu-b2WUJ6qE2C3LFu0nCWEYihYtrgnZhmP4oAvzvSzuxAovZzf8DvrbO5YPkh9MnYNMn5BspO_O6f1zvgLtEmlqLoIdOVvfkhw4UprOSrdl9msv41j6Nb0VYxPCTfjLhsRgd_jQ7BAn8DIMCJHO3r27HCGkFz4K5q556pUiwIUPs0XGyLb994d2NTMwiyEIHvaWrzZK5pgAZW4UFBp-y4BxWEUq9vft5lboeKVm3bc_o7NUyndStAA0jFQ-CNefDH-QawgGTVc_0H2fzCNO7aObIt-6zWgAaouUiMfNSpkpuF3TcNVgqPceqBKdFvD_LKgQiMS67MS0v2NjeJwoAiLYctTSwEmz48bWuJhHCtB6j_XOUZVgAvbDkTXjk_o7cRa4OAjVZAbkDNedrVY2iw6-tAROksu_Tn9NYLmcQ8HNGQq7eHnKxFRh8Zcc1oaVpdm6TiTGoD7TMnoeO9Z1umzRnj6Blzo7zPUh0Rkofl1H_eBx8gM0YlYlMKL6vTWHN3OGfJiFvsKAzj6Pz829hHT7-W0MlnKMXfQ7Acy_-t5PtG77LiwqwE3u4hsc0N3MQrkCO0WI7iCEcWmVYvY_WouLDFnRgjsx8VGB4CPgggUkois2t2_09ahOaOH5z4LjGQDhhGbFonRn8Yi9X0uaflojXRdzUuf5TaEPgkEjEIOXYhfEVfkyHo2e_Rj_pOpG3-W5HLouInD1FRoYmcuX11GEOlkVMF6mlN8fqOp6uNOvt8lpr4bOWKPUI6nmF6VxOn-FGu75mIf4SRM7kwLwd3FeBwr5PQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D917 14 KB
1 KB 42ms
41ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jan 2024 09:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 07:27:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jan 2024 09:14:43 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame D917 2 KB
822 B 49ms
46ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 21:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42380
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 21:28:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame D917 23 KB
9 KB 50ms
47ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 11:25:48 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 27DE 143 B
166 B 43ms
42ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 2705
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 08:29:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame D917 3 KB
1 KB 52ms
50ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 08:26:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2869
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 08:26:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame D917 20 KB
8 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50072
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 19:20:11 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D917 205 KB
65 KB 53ms
51ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jan 2024 09:14:43 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame D917 37 KB
16 KB 79ms
20ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 07:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 07:24:47 GMT

GET
H/1.1 200
OK runtime-a697c5a1ae32bd7e4d42.js Show response
platform.twitter.com/_next/static/chunks/ Frame DA89 4 KB
3 KB 22ms
12ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/JHEROCOM?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=500px&origin=https%3A%2F%2Fj-hero.com%2F&partner=jetpack&sessionId=8095b1120d61630a7cce339cdb9ec1e3d4af95b7&showHeader=true&showReplies=false&siteScreenName=jherocom&theme=light&transparent=false&widgetsVersion=2615f7e52b7e0%3A1702314776716
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B80) /
Resource Hash: d709d1a1a12f372cbd746fb29638bbbe4e88a256998da13c8c859a7fd6a29f6c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:43 GMT
Content-Encoding: gzip
Age: 2994792
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2232
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
Server: ECS (amb/6B80)
Etag: "4e8885e68df79c40c3a7aeda8d14bb81+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK modules.20f98d7498a59035a762.js Show response
platform.twitter.com/_next/static/chunks/ Frame DA89 286 KB
94 KB 41ms
15ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/JHEROCOM?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=500px&origin=https%3A%2F%2Fj-hero.com%2F&partner=jetpack&sessionId=8095b1120d61630a7cce339cdb9ec1e3d4af95b7&showHeader=true&showReplies=false&siteScreenName=jherocom&theme=light&transparent=false&widgetsVersion=2615f7e52b7e0%3A1702314776716
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBB) /
Resource Hash: 9013a9ca40a672ee35978b117e54d8b342cb591e8951f599a2b6dfef9d9fa723

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:43 GMT
Content-Encoding: gzip
Age: 2362291
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 95842
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
Server: ECS (amb/6BBB)
Etag: "1c54378254eefb52fea75b3c31dfe51d+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK main-fd9ef5eb169057cda26d.js Show response
platform.twitter.com/_next/static/chunks/ Frame DA89 90 B
684 B 57ms
13ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/main-fd9ef5eb169057cda26d.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/JHEROCOM?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=500px&origin=https%3A%2F%2Fj-hero.com%2F&partner=jetpack&sessionId=8095b1120d61630a7cce339cdb9ec1e3d4af95b7&showHeader=true&showReplies=false&siteScreenName=jherocom&theme=light&transparent=false&widgetsVersion=2615f7e52b7e0%3A1702314776716
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B8C) /
Resource Hash: eefd62bfe6d0ad2f3f2b7bddb8f2c46d7c8b6ed4897e3f9309968a58dc078753

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:43 GMT
Age: 2994792
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 90
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
Server: ECS (amb/6B8C)
Etag: "1d1fa0644a94523711b2bb99a8d652bc"
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes

GET
H/1.1 200
OK _app-88bf420a57d49e33be53.js Show response
platform.twitter.com/_next/static/chunks/pages/ Frame DA89 1 KB
1 KB 59ms
15ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/pages/_app-88bf420a57d49e33be53.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/JHEROCOM?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=500px&origin=https%3A%2F%2Fj-hero.com%2F&partner=jetpack&sessionId=8095b1120d61630a7cce339cdb9ec1e3d4af95b7&showHeader=true&showReplies=false&siteScreenName=jherocom&theme=light&transparent=false&widgetsVersion=2615f7e52b7e0%3A1702314776716
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B94) /
Resource Hash: 729cfa84928e7a87a4a4551df25c1406da86af8f0ebd2f579460546d11722326

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:43 GMT
Content-Encoding: gzip
Age: 2994792
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 668
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
Server: ECS (amb/6B94)
Etag: "2856f57c62c238a564ef576bbc50ca4a+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK %5BscreenName%5D-c33f0b02841cffc3e9b4.js Show response
platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/ Frame DA89 13 KB
2 KB 60ms
15ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c33f0b02841cffc3e9b4.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/JHEROCOM?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=500px&origin=https%3A%2F%2Fj-hero.com%2F&partner=jetpack&sessionId=8095b1120d61630a7cce339cdb9ec1e3d4af95b7&showHeader=true&showReplies=false&siteScreenName=jherocom&theme=light&transparent=false&widgetsVersion=2615f7e52b7e0%3A1702314776716
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA5) /
Resource Hash: bd18e405cbfb6fb5c27224b38e792c8b6542d9b7eae37aa5883808b69392dcef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:43 GMT
Content-Encoding: gzip
Age: 2994792
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 1290
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
Server: ECS (amb/6BA5)
Etag: "e78034c651c8a81b2acd83dc7e7ad407+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK _buildManifest.js Show response
platform.twitter.com/_next/static/pc7SXdI2p34p0Y95uXWdA/ Frame DA89 1 KB
1 KB 57ms
16ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/pc7SXdI2p34p0Y95uXWdA/_buildManifest.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/JHEROCOM?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=500px&origin=https%3A%2F%2Fj-hero.com%2F&partner=jetpack&sessionId=8095b1120d61630a7cce339cdb9ec1e3d4af95b7&showHeader=true&showReplies=false&siteScreenName=jherocom&theme=light&transparent=false&widgetsVersion=2615f7e52b7e0%3A1702314776716
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B75) /
Resource Hash: 7a4a63c52bdfab0ab459b1b77dad4a4ce4e1f7dfdfdba0b2013ba32f0690e15f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:43 GMT
Content-Encoding: gzip
Age: 2994792
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 451
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
Server: ECS (amb/6B75)
Etag: "bd9a3afe8a64146469f036be13628170+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK _ssgManifest.js Show response
platform.twitter.com/_next/static/pc7SXdI2p34p0Y95uXWdA/ Frame DA89 76 B
670 B 33ms
13ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/pc7SXdI2p34p0Y95uXWdA/_ssgManifest.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/JHEROCOM?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=500px&origin=https%3A%2F%2Fj-hero.com%2F&partner=jetpack&sessionId=8095b1120d61630a7cce339cdb9ec1e3d4af95b7&showHeader=true&showReplies=false&siteScreenName=jherocom&theme=light&transparent=false&widgetsVersion=2615f7e52b7e0%3A1702314776716
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B93) /
Resource Hash: 653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:43 GMT
Age: 2994792
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 76
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
Server: ECS (amb/6B93)
Etag: "abee47769bf307639ace4945f9cfd4ff"
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 27DE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

48ms
46ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:43 GMT
expires: Mon, 15 Jan 2024 09:14:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.ALXhQhU1_MU.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w/ Frame 0883 134 KB
45 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.ALXhQhU1_MU.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8X20POc-Nkxt-BnJHlQksXS8x49w/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7b1ce83c9dd97cc02e41747ca249670957b6af2bc274a5423cf2877996ed547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:28:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 225989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45668
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 19:05:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 18:28:14 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9BD6 624 B
245 B 59ms
59ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYieCJggIwAQ&v=APEucNVpukRdIH6BET6tomwrfnwpHm-ZQf8zze8IxFRyJfZ2y5gtPpulUYmWVrgKv_qEPDZ7mRaMDWyHJP0Jze0FGiDRU2MBjoOAhcc42XVAaFTq00HbWM4q5JEj6TgTNGyF0tTXmlT7CfQW2jHzJIqE2OfTwtb11j8zV2nYGgEgwGFLG2p4HIE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=2567986831&pi=t.aa~a.3602219927~rp.1&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0&prev_slotnames=8054381891&nras=2&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1290&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=2567986831&pi=t.aa~a.3602219927~rp.1&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0&prev_slotnames=8054381891&nras=2&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1290&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:43 GMT
expires: Mon, 15 Jan 2024 09:14:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FD4E 89 KB
31 KB 104ms
103ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 15 Jan 2024 09:14:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame FD4E 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 08:26:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2869
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 08:26:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame FD4E 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50072
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 19:20:11 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FD4E 0
0 28ms
27ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIEv0qhVMMGowZepGlmrp91B-YUpfDHoj6P3S6QMX0BdCUVfe-P4YSbCw01tzBHMU30o1iOnlIxfkYkpp9YBwajBBBHQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=2567986831&pi=t.aa~a.3602219927~rp.1&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0&prev_slotnames=8054381891&nras=2&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1290&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FD4E 205 KB
65 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jan 2024 09:14:43 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD4E 42 B
63 B 81ms
81ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dtw5oF5qpsiQRylyoIhhviE6JllGnYdLejdlkruDLygwBBEeHIFh79b8dsLmRYAfrupNJF8qXLPNPG4Mitb4JGmj95QT7cjy0_o7oM9_HuLd-5NQ8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CNu0j46H34MDFZlMHgIdC_kAEA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=733369069409.3687 Show response
8019191.fls.doubleclick.net/ Frame 9765
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=733369069409.3687?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CNu0j46H34MDFZlMHgIdC_kAEA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=733369069409.3687?

391 B
330 B

130ms
130ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CNu0j46H34MDFZlMHgIdC_kAEA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=733369069409.3687?

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

02f53f3cfcf35995ad443b8a13d6bd93daa4364d50de3fb0ae7f3a4df40eea79

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 221
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:43 GMT
expires: Mon, 15 Jan 2024 09:14:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CNu0j46H34MDFZlMHgIdC_kAEA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=733369069409.3687?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900030.redintelligence.net/ Frame E7F7 7 KB
3 KB 86ms
23ms Document
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/request_content.php?s=33378500045426904444460012570030&a=777ffa8b
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=b1ecwdixnimz&nw=20&renderingType=javascript&namespace=8a472eca8f&subid=&uid=b002fba07a3d8ace&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCH7hPgvekZbKRDP2diM0PqN6v6AjM-YagadO0x__3D_AuEAEgiq3IVWCRBMgBCakCnF5Mi3Zfsj6oAwHIA5sEqgT4AU_QlDpLVj7dd4kr-nwaDwwOSVXnTyJnq_IoeSTbc0_25UdxjpZ3mGGfNwstg0-00DSn9i6iB3saiyaO4LoRocBTsIyyXAathsVedvymehsvemqlTy1xgxNYtVhr68nh8U17F9ks9WkRrL5W1yqebFjCBKaQtGhuizbGpp6DR984nWOg-Cmlq439SoIi4yIhvfSapmyMF0m7HsLSWjD7M_0Dvk56qSQecgLhepchxoLZb_8Yd1PWzpdASyKF5Hp4VpURz3UR4f_0FbVfTFBmgUJstxNHkxa-CgBbd4_cqhT4FcRLryxp_JsyIXgpF6ORRRoVMolWQ3alwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WNXCuI2H34MDgAoBmAsByAsBgAwBqg0CTkywE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_r1iL3g6hap5lub-_0E6dTGFn7JVk7ndeZA4Gjw6BANlPBh40yyY7ulN5CrX5HHR9SFiUxcA2dwpmWFjUkcw5h4n-UXl0iHh4slsYAQ%26sig%3DAOD64_17RHKX-PjEAeQ10Wq2CChjltQpNg%26client%3Dca-pub-9448684550121500%26dbm_c%3DAKAmf-DYSPtUkiCra6WZgMw9eXdhDS85A9qc3Lj45yTF0DfQAo0HsfwGiPMffmZovKFiI7ldok4BO4-DCsSI3xAKAZSbI5GpPR2I9_ivSZSs5ONVGquk7N2FWzXtsE4YDDbDj59nTV0FDXh8u-kRcM7rM26DZ_bm6zghNBhcDWB8KWWy1kgmZTo%26cry%3D1%26dbm_d%3DAKAmf-C03ouY3P3okpZ-1BjoBhZSj7Nnkt6ChOzH7eHhvdD-RVJuenMMTB62EIhbWZzpV5c5Ger1Qd1McQMWe2Z6Jy5kXErb4ACCo5fIFiHeg7Lgif92NLrdCYNYO1kNorjm0-2qMPDLur1bh2bYPQ6MomkH6SuzInpPhYvlJLtuigrdC0ixpNv_g9rn7Qzpzpc3zcyA1CsimUeCktU7CORKk_ibucASO0P-jLsvaOGfYOh8JBERlBUaZMt2DLjXKBvGWtatz-VIyLMclbHcpflSbye3bLrrvfUgc-KglAfdahfrsQ9AfEeE0ghT-Rrju-Ipdt1rwiY_hBj9S6Tv8Ior9jS-8EDI-clT9o_msCDLYDHABF-UF5ZAz8f2nYY1hpaelCZntPAX69Ad3hwrnRgEiL6zCMwm4-JOApnfC0buD8BrYp5yxupISpPU8hDQf-x0DAw6Algw5j3WBpyX9LMpWpK1ZsDmp3KP5LtvEJsBvTHH_vs4n1IUKsZM-LyPfgHs4kROKbXtemmNLPidUeOrYQgzSDZuvpnmztLSY0hFE_IQjEE-V1qkCUY1ss6sUAlPJpOXHmoI%26adurl%3D&documentReferer=https%3A%2F%2Fwww.j-hero.com%2F&ancestorOrigins=https%3A%2F%2Fwww.j-hero.com&random=2017140464218&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Ludwigshafen am Rhein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 9fa72a41206d10617054ef8d06898a6b49f18aa80703f1c203ac880f64983fc2

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2296
Content-Type: text/html; charset=utf-8
Date: Mon, 15 Jan 2024 09:14:43 GMT
Expires: Mon, 15 Jan 2024 09:14:43 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 6523 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54a3c5018d25fe8bcec8b1c6a3ad360da607335e0c9929baca0d598d351f232c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 2.691622e4391d1973cb65.js Show response
platform.twitter.com/_next/static/chunks/ Frame DA89 23 KB
8 KB 49ms
49ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC8) /
Resource Hash: 2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:43 GMT
Content-Encoding: gzip
Age: 2994792
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 7674
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
Server: ECS (amb/6BC8)
Etag: "942b5b928a24465d1906b4716131d896+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 16.f331e94703acc65738d5.js Show response
platform.twitter.com/_next/static/chunks/ Frame DA89 38 KB
12 KB 48ms
48ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/16.f331e94703acc65738d5.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B78) /
Resource Hash: 3effab7013cf9a1b25fc76975f042ec2caef2a7726c8de4c3de934f3de4d4adc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:43 GMT
Content-Encoding: gzip
Age: 2994792
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 12161
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
Server: ECS (amb/6B78)
Etag: "5c87233703fee60cd3de98c5812d90de+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

POST
H2 200 list
mcs-ie.tiktokw.eu/v1/ Frame FCCC 0
0 103ms
43ms Ping
application/json 2.16.238.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-ie.tiktokw.eu/v1/list
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/tiktok-embed.module.541f3889c9f29bc98170.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-11.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tiktok.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 list
mcs-ie.tiktokw.eu/v1/ Frame FCCC 0
0 103ms
43ms Ping
application/json 2.16.238.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-ie.tiktokw.eu/v1/list
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/tiktok-embed.module.541f3889c9f29bc98170.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-11.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tiktok.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/fullProfile-7e8cead262d90a2c7a720b579e6f15cf.png
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@j_hero.com?lang=en-US&referrer=https%3A%2F%2Fwww.j-hero.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a97d688e7c8d57e612cc4f2aa9b178f8d4bd3da083af25fd634be351222e1906

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 2548d662
date: Mon, 15 Jan 2024 09:14:43 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: fozq0mLZCix6cgtXnm8Vzw==
x-cache: TCP_MEM_HIT from a23-32-238-167.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53314474) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=1
storage-tier: Standard
content-length: 2991
last-modified: Wed, 03 Jan 2024 17:43:50 GMT
opc-request-id: iad-1:ZPtPcFh_rpe2zcPs3pDEYgbjAs_18ZNA8SpRO8QscAGfiQmnbdfQlHchbVQs1aJ2
x-api-id: native
etag: cfab7db1-20b4-4ead-9d90-a0fb2debde13
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: image/png
version-id: 312d841d-1b4f-436e-aa2c-f7b24f5dc6c6
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 09:14:43 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E1C9 6 KB
706 B 30ms
28ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=280&adk=3889316871&adf=264656653&pi=t.aa~a.3577929496~rp.4&w=678&fwrn=1&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=678x280&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2010&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250&prev_slotnames=8054381891&nras=3&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=1951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jan 2024 09:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 07:37:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jan 2024 09:14:43 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame E1C9 2 KB
822 B 20ms
18ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 21:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42380
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 21:28:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame E1C9 23 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 11:25:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame E1C9 3 KB
1 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 08:26:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2869
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 08:26:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame E1C9 20 KB
8 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50072
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 19:20:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E1C9 0
0 28ms
27ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSPCXsEBqFbrxMR-D6JU84PzJW30M0CaOm7NRSsoQTnvwRGe3WcRdkFzTOyAlchAl-Rvf2-Sn7vJ3y_l_sdRvHRWFEWyQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=280&adk=3889316871&adf=264656653&pi=t.aa~a.3577929496~rp.4&w=678&fwrn=1&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=678x280&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2010&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250&prev_slotnames=8054381891&nras=3&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=1951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=19
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E1C9 205 KB
65 KB 71ms
69ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jan 2024 09:14:43 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame E1C9 37 KB
15 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 07:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 07:24:47 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F901 640 B
265 B 60ms
60ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYieCJggIwAQ&v=APEucNXmr_iTKediF5_twPQWLRTfWPRjUFV99NKi24ROCcKeaGswS5ert5yEqvfdT1jU86oqmsIFyYMFXeg3FKblfO3C2nBh_Y8ZrdMYp99nEjxIaVZoLJxgRndX2WRFMhuqzqp6cFNaewby-eC9Fv_qxMvdOXkXI5LM2-ag_v_r3yohFPUQaRk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=4004496541&pi=t.aa~a.3602248092~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280&prev_slotnames=8054381891&nras=4&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=4004496541&pi=t.aa~a.3602248092~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280&prev_slotnames=8054381891&nras=4&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=26
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:43 GMT
expires: Mon, 15 Jan 2024 09:14:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FBAF 89 KB
31 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=4004496541&pi=t.aa~a.3602248092~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280&prev_slotnames=8054381891&nras=4&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 15 Jan 2024 09:14:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame FBAF 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=4004496541&pi=t.aa~a.3602248092~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280&prev_slotnames=8054381891&nras=4&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 08:26:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2869
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 08:26:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame FBAF 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=4004496541&pi=t.aa~a.3602248092~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280&prev_slotnames=8054381891&nras=4&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50072
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 19:20:11 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FBAF 205 KB
65 KB 106ms
106ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=4004496541&pi=t.aa~a.3602248092~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280&prev_slotnames=8054381891&nras=4&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jan 2024 09:14:43 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FBAF 42 B
63 B 52ms
52ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Acb3J34B-cqh_emBb0l91a7XNFrEP-HCE2N_ZTBP2x4otzz0YAfGnS4J8Ns7Ixc7EbNA0dDrNtIypuXZZmvWgaUQDKIeDIf8KwrJ1t5IVTsZVgo5U

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=4004496541&pi=t.aa~a.3602248092~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280&prev_slotnames=8054381891&nras=4&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2037 466 B
238 B 63ms
62ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYieCJggIwAQ&v=APEucNWnmpgH8_YEafUNJPhSTgQNDlHMLobAD26epOa9fSWNLv8HnRk97GIvLw6ggAQHoJqUEQTeJSxAxmzlnF461XY5ZsHIC5_u45aE4ud3FxKyawMb7_-bPMn3hjsa9ZN0-tjB9h-C7kUKekSzIJ5VFWRUudd7Dg6BBF8fk5H2QCpO8p_FhpI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=2004900475&pi=t.aa~a.2363856613~rp.3&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2010&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280%2C326x250%2C678x280&prev_slotnames=8054381891&nras=6&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=4097&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=2004900475&pi=t.aa~a.2363856613~rp.3&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2010&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280%2C326x250%2C678x280&prev_slotnames=8054381891&nras=6&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=4097&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=32
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:43 GMT
expires: Mon, 15 Jan 2024 09:14:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8BF2 89 KB
31 KB 210ms
210ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=2004900475&pi=t.aa~a.2363856613~rp.3&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2010&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280%2C326x250%2C678x280&prev_slotnames=8054381891&nras=6&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=4097&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 15 Jan 2024 09:14:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 8BF2 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=2004900475&pi=t.aa~a.2363856613~rp.3&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2010&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280%2C326x250%2C678x280&prev_slotnames=8054381891&nras=6&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=4097&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 08:26:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2869
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 08:26:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 8BF2 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=2004900475&pi=t.aa~a.2363856613~rp.3&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2010&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280%2C326x250%2C678x280&prev_slotnames=8054381891&nras=6&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=4097&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50072
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 19:20:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8BF2 0
0 28ms
28ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQVqhO_1Jh2bgqpV1JANBXSfebodoxL6W3AABj8TK63zLKvE1Sca5u8rui8Htcf2RpnM2QpKVu2_I3ycB4kHsgiD0GhlA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=2004900475&pi=t.aa~a.2363856613~rp.3&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2010&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280%2C326x250%2C678x280&prev_slotnames=8054381891&nras=6&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=4097&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=32
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8BF2 205 KB
65 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=2004900475&pi=t.aa~a.2363856613~rp.3&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2010&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280%2C326x250%2C678x280&prev_slotnames=8054381891&nras=6&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=4097&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jan 2024 09:14:43 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8BF2 42 B
63 B 53ms
53ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ApU_bUMkMA7oe_-BH0vg-tRDCIAKOalMKdnQN1VkYpXRUa_NwMtpEmYiOUqyQWftDC1byrZYMYBaS1P_IgGLL0W2WfaHhXbD3-1QwJ40m5jraYAtY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=2004900475&pi=t.aa~a.2363856613~rp.3&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2010&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280%2C326x250%2C678x280&prev_slotnames=8054381891&nras=6&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=4097&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E148 1 KB
643 B 20ms
18ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 50072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 19:20:11 GMT
etag: 48472445140208031
expires: Mon, 15 Jan 2024 19:20:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/10565688395916899188/ Frame E1C9 6 KB
6 KB 59ms
59ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10565688395916899188/14763004658117789537?w=200&h=200&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b64313d40139589a6c42cf655401d32c197bcb58934798e4513bcbea6eb8e396

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6109
x-xss-protection: 0
last-modified: Sun, 26 Jun 2022 15:11:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 Jan 2025 09:14:43 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/17289553085342094481/ Frame E1C9 41 KB
41 KB 74ms
72ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17289553085342094481/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c53c02aa1aa5ae620776307e63a7a76ea60c53b58981899d86d85b3c154b72b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42054
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 02:27:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 Jan 2025 09:14:43 GMT

GET
DATA 200
OK truncated
/ Frame E1C9 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9BD6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDcvfw4Ce3kWfZ_YSePB_gQ&google_cver=1

43 B
735 B

77ms
77ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDcvfw4Ce3kWfZ_YSePB_gQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYieCJggIwAQ&v=APEucNVpukRdIH6BET6tomwrfnwpHm-ZQf8zze8IxFRyJfZ2y5gtPpulUYmWVrgKv_qEPDZ7mRaMDWyHJP0Jze0FGiDRU2MBjoOAhcc42XVAaFTq00HbWM4q5JEj6TgTNGyF0tTXmlT7CfQW2jHzJIqE2OfTwtb11j8zV2nYGgEgwGFLG2p4HIE
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DsRrTvlPF8fH8xQkHQ8y0AFfImvmSokPrWoaW6DpB2VBQt4C4sRekAWlPb3APd1DEjJ9Mgq42%2F6z8eEUxFpJmfV2MT4lTnS7fZvpGni3a6bDok%2BLQ%2BPvmFXs7urv4D2FWI%2F6Z%2BVLNjl3QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 845d0296d90c66ee-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDcvfw4Ce3kWfZ_YSePB_gQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9BD6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaT3ghdq48G-VONJk0tLoAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDcvfw4Ce3kWfZ_YSePB_gQ&google_cver=1

43 B
738 B

44ms
44ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDcvfw4Ce3kWfZ_YSePB_gQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYieCJggIwAQ&v=APEucNVpukRdIH6BET6tomwrfnwpHm-ZQf8zze8IxFRyJfZ2y5gtPpulUYmWVrgKv_qEPDZ7mRaMDWyHJP0Jze0FGiDRU2MBjoOAhcc42XVAaFTq00HbWM4q5JEj6TgTNGyF0tTXmlT7CfQW2jHzJIqE2OfTwtb11j8zV2nYGgEgwGFLG2p4HIE
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzO4jvuS2EDd3isE6HIgg%2FjSz%2BJ7yFW%2FvtkUc6MKKlkPWkw0DMrPn4K5lGmPMI3LhdS9C4OiNSW6RB%2B%2FOA5YcKO%2BJNKi9JAmIXXKHz9yWWMfTJxBRt1gsKJy4kAha7sfRO5AqWDEPw4WCw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 845d02979a4a66ee-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDcvfw4Ce3kWfZ_YSePB_gQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 9BD6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIvNf02afrBilL0fvcNtDsY&google_cver=1

43 B
1007 B

47ms
46ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIvNf02afrBilL0fvcNtDsY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYieCJggIwAQ&v=APEucNVpukRdIH6BET6tomwrfnwpHm-ZQf8zze8IxFRyJfZ2y5gtPpulUYmWVrgKv_qEPDZ7mRaMDWyHJP0Jze0FGiDRU2MBjoOAhcc42XVAaFTq00HbWM4q5JEj6TgTNGyF0tTXmlT7CfQW2jHzJIqE2OfTwtb11j8zV2nYGgEgwGFLG2p4HIE

Protocol

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
an-x-request-uuid: 5c3bae9a-0168-4638-a441-b58b0d887fb8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 212.7.210.178; 212.7.210.178; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIvNf02afrBilL0fvcNtDsY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9BD6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc1OTE5NzM1MTUxNzI1NzM%3D

170 B
188 B

100ms
99ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc1OTE5NzM1MTUxNzI1NzM%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
an-x-request-uuid: 7200a42e-c89b-4c7a-b5ee-dad07bcf4a9a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc1OTE5NzM1MTUxNzI1NzM%3D
x-proxy-origin: 212.7.210.178; 212.7.210.178; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 list
mcs-ie.tiktokw.eu/v1/ Frame 0
0 43ms
43ms Preflight 2.16.238.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-ie.tiktokw.eu/v1/list
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-11.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin: https://www.tiktok.com
access-control-max-age: 1800
cache-control: max-age=0, no-cache, no-store
content-length: 0
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:43 GMT
expires: Mon, 15 Jan 2024 09:14:43 GMT
pragma: no-cache
server: TLB
server-timing: inner; dur=1 cdn-cache; desc=MISS, edge; dur=0, origin; dur=23
x-akamai-request-id: 4bba1bf2
x-cache: TCP_MISS from a2-16-239-11.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-origin-response-time: 23,2.16.239.11
x-tt-logid: 2024011509144234677D6E2B911F24A61B
x-tt-trace-host: 0159893ee4a12b1cb10c7d855a7ad5d8a67748ded51af3c73bcfc81b4ed2b208642123ebd8458dc42b3d9650b35ce38591018afda8d13b49ec9d27438910248d63eca1477b94d5617bfaa22413fa3d5fe678d9e601f37da8b693ad0c37fdc14961
x-tt-trace-id: 00-24011509144234677D6E2B911F24A61B-27613AB1BC721C18-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H2 200 list Show response
mcs-ie.tiktokw.eu/v1/ Frame FCCC 21 B
790 B 112ms
111ms XHR
application/json 2.16.238.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-ie.tiktokw.eu/v1/list
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/webmssdk/1.0.0.95/webmssdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-11.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: 75f71b77b1f99075cfa78126ec000ad63229746e0fd551c7211e896f85fab1ca

Request headers

Referer: https://www.tiktok.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-akamai-request-id: 4bba1ca1
date: Mon, 15 Jan 2024 09:14:43 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24011509144234677D6E2B911F24A61D-27613AB1BC721C20-00
x-cache: TCP_MISS from a2-16-239-11.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
cross-origin-resource-policy: cross-origin
server-timing: inner; dur=1, cdn-cache; desc=MISS, edge; dur=1, origin; dur=22
content-length: 21
pragma: no-cache
server: TLB
x-tt-logid: 2024011509144234677D6E2B911F24A61D
access-control-max-age: 1800
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tiktok.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 23,2.16.239.11
x-tt-trace-host: 0159893ee4a12b1cb10c7d855a7ad5d8a67748ded51af3c73bcfc81b4ed2b208642123ebd8458dc42b3d9650b35ce38591018afda8d13b49ec9d27438910248d63d4c2f55a8cc95c3047e5294781866e54ce2cefc67a8046e927ab8cdf032e85fe
expires: Mon, 15 Jan 2024 09:14:43 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD4E 0
20 B 89ms
89ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6702573792268&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD4E 0
20 B 92ms
91ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6702573792268&version=m202309260101&ct=77&x=1&cor=1639896220741351200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FD4E 20 KB
14 KB 136ms
135ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwuI-qRvkEFOWwgJ5iPe58HkyTnJSfs7BoRQRVVIvHvuNKgmxUvfob6YoxWzm7hsgAFo0uCdW6RL4v4nMRB6JHnw1RBOIafOAUtOK3nzCAY6T_skRNrY8CyFckr8bGrgISESSL3IPixjqocOweZuanau4_59W6vlVwlBYf85iP7av2vLk&cry=1&dbm_d=AKAmf-CgTyNMgK3JBfGVY9usmnLGX8Qq9qpdpfqQRrAPO-oncEizI9YbEJP0oR_3-ealyONn4hFyf_MxDQNVmef87RmEUz798NRC6ftwVtzCx0SwefRh-UXk5t2zEyjrPCJAbFRuqwsdlJdsMgcCPAexUlACIDAwLMGJpJMmi53PJM_38yalXDfLA2XTGw49ynq0fYfDLErBQTRlWfBAXnwJ9fbhhxffzyeckk6QHUanIdq4m5-MZNdXXj7hH1NPCAzjxRPNkhPa9j9_qs4QdnL5_hCDt6QGQg0ynUacWlKRdSNdawpoMbjXZDtV0y4EWfYia4rDxnbBDxiqnfYUczf600LsEC2EdvoQr2ILiWmAvKOt4X3HQwfK7GRgP8gD43X55i_Dz6b8shTRibjiVbF5snZeoRKCbXvtX0gtKCQwbPxaTnbLKgcPKe6ZsIXf2TKkMaXZwvNl1raIplAnTXnmCt7f5vU7fHCsf2ai7Gz50yAY7Bz_xxosQFPUsy-YBDjqVuN4GeyhMR6ejj846yfUfpddrjYzrXX1QMIZ2D8Vq4OdRUMTRvjpRVyCGfCdlE5Q-762-Fho357cBXwGMFnz7iRdB29CAe2YEVMKYgqf_CrmkR8MHz71hVYYUH4yPkrF8nChHIXrUg3DCWuB1o37d0TpK_bklwQkLaq5KSJVZrLSpl8j4ntIuOC5QuMaLplVQbnJrAk85h2zHTreTapCUIGZrzYR7kXXNE-riN2_fVPDUC-otc6PIDO595tni_xg0DZu8SGQ8sKZypH6WD1Fw_FOyBf1J-DdMvQA6_wkSf1qmCpk7yn2Tw10-fo8G1YANmC2bidG9SpwgWDz2J2AFWQ1vjg9s6Vr47bPZxWZPdRyWzbM45d6ipp9dDZONHjd4uzpZc3nD0suVTs8GXQ83d7bg9HaFtNn2ZDxfvq4i13ssGbebl0HUV9V8F2gslxRSyTk7i0xPKUuW9NdsG9Ie78xv7ftMNFWOn_itVmyBwl3azj_4vwKMVQ-hDIgyJJwSFl0uT51AsO5fX8MGcdL3OhpkRkitwDhD-88SAHn_xxgoIfdbUx_4D04EYsEpMaNMYxEy-1U9qOFlqXZM2tfySOzzoGN2b6JZCatwJ_eYCOaaKLIyQd-YPKnZPSnM966_8R_ButE5jk7d8KHqbxsRz8DTX_E5_Y_Nsz3VBLT5WmwaVyVNq-pKY7eG9t1TDQfz3BWcWZGAGY03t_eoWF7WSo4U_8bNOzes1OIWmoFY2ymsoBfGk5Vs9ZvF3WJZGTAUeZOyQd7ElilZrvsgY_zp6ZQAovjyzyNvKooTrSpZ6m_T7cBlNLq7g9ShxpMDDD8PJ-Pj0B95z209Nx6dCmsnD5ubYiuSIqSwUymsUngZx8YrIdUbdEkmsXp4QYsQUFfUBEXdtkjxYnSrQmCEUYS_Omiw0d1GZhiT8HkIy0_NO_urzLQkVXlbwGRDwdokWwRLHQpAFrmzdJwaqeqoqcwZXj6AiM4sHIFoc4qfXCGrPcLKxEdjTOM8_TUObozbHKf6jLWr0eOUYaVUt4-pe45Jl0U6Hg1zFG_vMykUPzfECEmszNCfn10qWdskYx01HlznDfIx4vQEq8iY1nu466_k-2OzFMAOG9ZMTlj3X8V9O4dP2jPm5_5N__XOn-WFAZKO040NXMaOj5FkrbgJGyHwqv5s1ImBLmlvbQbe0XnXo0R9P53q4OG3FGJwWDjbe68PaLtwkbkgnPP6X28uerhbJOCEEwN-EbnW_n1ki751ywINoZl3utXNinoIdgErvTJGvA_vfPVJShG7UdgBYOkLrIm3pAr_vfkXKByaowg9n6KS2IRVSgYD8fzenFUf6jltQPotMeXdb0OAmpEXD-gcnERzbPCcKFZ7hsAyLOwCAI7SNnD_fG0P8oVAUME6QHKRl8pupzi6ZY6pagY7zZGHaqSLQ_EBqSLZ00dmdsmT6yj8Iwf7tRbzljCD2lFm2nccmKlIBvCM-0IeQcJ8O-9jeIOQVnLb8R3xDVLaw6mPGK-iDOeFljHLfG3MAmJ7BvCwqCJxw9VYfhrHw6ncIOdzZq3nd4doKV0J3dc5pnL_D_0xx1D_-eJQa3xEZNc3Mf54qg-v4fa15kxJ6l00mDiPiG5W9Jcsmt_XigWq1klI0docLXTVAssJwR2UzrXI1VxJq71Pi-Ey6FRD5nqhUuJvyJkTqu4Q4XTRCXor85Z1msKcSNeMAJ_nenDo-IpuHkHzRNkZy_W_Lh9riu0k9ivdX8shLINFDtH8dLNCC06m9a4jR2lWgeX_xrM9tr_cb3UD_YVG2jW8-N_eeJr4hfMAMs8Jd21e9mQbIHRmCCai3_p5stRQTipryQz_2iYRAG7QL5UmAPNANEA2Qg7dz7i6VEe_tNT7w2hZsAmQomzOI8rdZqWeL3YfZ8-K-gAKlIG-tvWUEbY4Iy9CV6eAIuO1Hs3QtsW52y45yaIEaQZ4qkRaBjx4Iao2I8PeXxajGsbwfNaXvfADZDUxzG_tXtavJmsj1XfLfext0JWw1PvVsMdsyGydlwcB36zlWqOmbcGv_mnAwtZreK2qSy2Ip0ZKbbI2U3QtiIRTtO-pDC33K8cTd9QQAqSuQud3dXuX_YVFhOBFzeF6tqDxASEJ7IKkYPVBcwoHAoSYTocfp7phJnS6OktxbJCeFWYfei-bfq1yTv8498pMmSeIJByCybcopM20Arvo3Jz_ZgRf9YB4jg4ef5ZOctDVYEml8-rmSvgv6b7fpl4wSr43wCx5CpJpvIdSuYP-WNQzTUGcrse7jcXEHXc-VV0VdhOwGQdNletdX2KO4HCdlksXeCbK5CiUMwdCECv85lVtuZq0rhTfAFwgc-39PUMyWvXjZKQlQJ08adKF3TjpBk7UhFJP0Qu4cpkgQahPGwA4e9JFlQ-k-vFOyYfsjzUwvvics021bUNsp_SJGWWaUe56IHcxRQ9lmJQKPqAOQQb1KAb45UCMNo950B8U9hC5dpx7si_js3ZkR4VLHOU9FVuhLBcFGe3Yda654X0xktqFrD4opqZe22OspK8uA50Yi1a-d2U8-wNS-CbTSg75Xq9XlVrbyKrRXGVDxvhg-DQ8TeQttAIwlFQuGZdkctrsik9t8WWCFxWATGQXwdnfxwU-bYj_J0N5NeL-7b73iXhOKWeNsypqYzwBTB54eJXn-OFehlCxysHo-WPWlR03ls_jGb7ghj-p1chAwk0D1m493-CAXXO5L2KWxb9ENcDbXf1WMgHWEZ3Kg15fz_i4aBoQJvdCMjIfz1ayfLubf01lywLXLNUl2zZ4Pn2hLm95iY_BxJya95zPCc9qXTR_tJUrK7fPb7FlFqG1COI5HtKpRml2CMMZp95QrlIsmOCbME5ZWcB8k6SkZAzH2MjTr3_8EuF1mKplPNpU-QCY7kl-XkBATbG-Jj3hcxaLZfgpYrVyMFKO5NOsm4rz5m4qhqwsDs977P74Qpv0BgmwHRllwMpHgDAfXkzWKr5gdEPRsLZEqg27l6NvKMpGGRfBZpW67ag7cb3MC_j6lMVk2YmiCSKbsynH6PqOq0ZHDMRJ1TGnKFNfQrzP_BBiaWjBq8W7hTJBw8N8Gk5hL8es87Q7_mm_YGnHgS3uM8ZsI54jVKZa54_elpV_XNNo_p0mLZZhPgzPShcH397myksqD6XSrCtHgv8sVNzqHd1bcbGry90O-PT8OfqPGJBVV-YKjsnQx9RZi1Uk8MIbYotXZ5QW2ymLqHjYjRZpzWeAkuFBod0dt4BwyyPX2CNpLWrmy_nSwdQ2qktp_uHOdSszTIPRT1QA-ryrMK6AGmOpnp_NavuGQIuLBLrU9XcE2I7BhyTHgHLtuasKPEBDJbkmOrCq3iFN6GS6H9nXDQA7yjXZxiGVfN2s-PpHExROrEi&cid=CAQSOwAvHhf_KNS6dUlzxREFbZLfZtoeNWZgzBXCwRO1zZg1hfwKflx3yOzCqQ3feIDSmeN__MuZvRzOG3sZGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.j-hero.com%2F&ds=l&xdt=1&iif=1&cor=1639896220741351200&adk=2988274606&idt=106&cac=0&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ffd86065331558a0f07e413e3fdf5b6ef81334321427ab741d76ec73072199e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=2567986831&pi=t.aa~a.3602219927~rp.1&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0&prev_slotnames=8054381891&nras=2&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1290&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13864
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame E7F7 89 KB
32 KB 157ms
19ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=33378500045426904444460012570030&a=777ffa8b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jan 2025 16:32:16 GMT

GET
H/1.1 200
OK S-300x600.gif
cdn.contentspread.net/24i/content/soberfb/EN/ Frame E7F7 95 KB
96 KB 191ms
32ms Image
image/gif 85.114.131.235
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/EN/S-300x600.gif
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=33378500045426904444460012570030&a=777ffa8b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.235 Loerrach, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21039.dus4.fastwebserver.de
Software: nginx /
Resource Hash: 15489bb6f46021bebd0fedd4fef40981361ec05da79884da97f998dfe3c4690a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:43 GMT
Last-Modified: Mon, 23 Jul 2018 15:20:13 GMT
Server: nginx
ETag: "5b55f22d-17dde"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 97758

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame CF9D 50 KB
19 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 02:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 197172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 02:28:31 GMT

GET
H/1.1 200
OK 0.9098e7e4385bbbc1cefe.js Show response
platform.twitter.com/_next/static/chunks/ Frame DA89 246 KB
77 KB 32ms
31ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/0.9098e7e4385bbbc1cefe.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB1) /
Resource Hash: 5a8495469faaa41a4ffd046646ab9ac451effad6b9609eb870c758ae138a4dd9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:43 GMT
Content-Encoding: gzip
Age: 2994792
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 77945
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
Server: ECS (amb/6BB1)
Etag: "7d7fd30a3c04f91bb6e42719e657c333+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 4.1579d566fe7ef23f99dd.js Show response
platform.twitter.com/_next/static/chunks/ Frame DA89 234 KB
63 KB 39ms
38ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/4.1579d566fe7ef23f99dd.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9E) /
Resource Hash: 9562e67b97f96f4f008179b61f9fcc006620c32307cec3ad9fe2e6d0b58378e3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:43 GMT
Content-Encoding: gzip
Age: 2994792
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 63766
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
Server: ECS (amb/6B9E)
Etag: "b19ad66a33044952a2778e4e1de5b11f+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 1.2a1457a8c568f1533384.js Show response
platform.twitter.com/_next/static/chunks/ Frame DA89 163 KB
49 KB 44ms
44ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/1.2a1457a8c568f1533384.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB9) /
Resource Hash: 6e4c7f45987f5b5e2e4a0addcd924e736312fd3b2c42f7bcd41feb242fcf721e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:43 GMT
Content-Encoding: gzip
Age: 2994792
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 49719
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
Server: ECS (amb/6BB9)
Etag: "207cde851cb385975ed7fa54f14a46d9+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 3.623849758c2a16a878a7.js Show response
platform.twitter.com/_next/static/chunks/ Frame DA89 654 KB
161 KB 39ms
39ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/3.623849758c2a16a878a7.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC3) /
Resource Hash: a66da3004ab7904cb4abc086d932fde6720e5db5ae6acc974e48fa3b16d69ab0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:43 GMT
Content-Encoding: gzip
Age: 2994791
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 164147
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
Server: ECS (amb/6BC3)
Etag: "618712ac658424673c59e506a6c7d1d8+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 6.902e7a204f7eea980629.js Show response
platform.twitter.com/_next/static/chunks/ Frame DA89 2 KB
2 KB 32ms
32ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/6.902e7a204f7eea980629.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B99) /
Resource Hash: 713a5085778002ac882de664c065bc7a55a26c6091d12c39a038bac7b70dcf45

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:43 GMT
Content-Encoding: gzip
Age: 2994792
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 1276
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
Server: ECS (amb/6B99)
Etag: "0e9ca787dfdcbf5ffeb7df678ec8f6df+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F901
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM0twdtOifGw1zAnz35hfmA&google_cver=1

43 B
105 B

44ms
19ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM0twdtOifGw1zAnz35hfmA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYieCJggIwAQ&v=APEucNXmr_iTKediF5_twPQWLRTfWPRjUFV99NKi24ROCcKeaGswS5ert5yEqvfdT1jU86oqmsIFyYMFXeg3FKblfO3C2nBh_Y8ZrdMYp99nEjxIaVZoLJxgRndX2WRFMhuqzqp6cFNaewby-eC9Fv_qxMvdOXkXI5LM2-ag_v_r3yohFPUQaRk
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM0twdtOifGw1zAnz35hfmA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame F901 43 B
295 B 147ms
19ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYieCJggIwAQ&v=APEucNXmr_iTKediF5_twPQWLRTfWPRjUFV99NKi24ROCcKeaGswS5ert5yEqvfdT1jU86oqmsIFyYMFXeg3FKblfO3C2nBh_Y8ZrdMYp99nEjxIaVZoLJxgRndX2WRFMhuqzqp6cFNaewby-eC9Fv_qxMvdOXkXI5LM2-ag_v_r3yohFPUQaRk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame F901
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEGcoNjzhqU7SDNFf_HnIdW8&google_cver=1

23 B
163 B

81ms
49ms

Image
image/gif

95.101.185.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEGcoNjzhqU7SDNFf_HnIdW8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYieCJggIwAQ&v=APEucNXmr_iTKediF5_twPQWLRTfWPRjUFV99NKi24ROCcKeaGswS5ert5yEqvfdT1jU86oqmsIFyYMFXeg3FKblfO3C2nBh_Y8ZrdMYp99nEjxIaVZoLJxgRndX2WRFMhuqzqp6cFNaewby-eC9Fv_qxMvdOXkXI5LM2-ag_v_r3yohFPUQaRk
Protocol: H2
Server: 95.101.185.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-124.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Mon, 15 Jan 2024 09:14:43 GMT
pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEGcoNjzhqU7SDNFf_HnIdW8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame F901 23 B
163 B 188ms
48ms Image
image/gif 95.101.185.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYieCJggIwAQ&v=APEucNXmr_iTKediF5_twPQWLRTfWPRjUFV99NKi24ROCcKeaGswS5ert5yEqvfdT1jU86oqmsIFyYMFXeg3FKblfO3C2nBh_Y8ZrdMYp99nEjxIaVZoLJxgRndX2WRFMhuqzqp6cFNaewby-eC9Fv_qxMvdOXkXI5LM2-ag_v_r3yohFPUQaRk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-124.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Mon, 15 Jan 2024 09:14:43 GMT
pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET

partner
sync.search.spotxchange.com/ Frame 2037
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBN-nh9tydwfXdlTKq4hf8s&google_cver=1

0
0

GET partner
sync.search.spotxchange.com/ Frame 2037 0
0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58269/ Frame 2037 0
125 B 152ms
21ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYieCJggIwAQ&v=APEucNWnmpgH8_YEafUNJPhSTgQNDlHMLobAD26epOa9fSWNLv8HnRk97GIvLw6ggAQHoJqUEQTeJSxAxmzlnF461XY5ZsHIC5_u45aE4ud3FxKyawMb7_-bPMn3hjsa9ZN0-tjB9h-C7kUKekSzIJ5VFWRUudd7Dg6BBF8fk5H2QCpO8p_FhpI

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FBAF 0
20 B 107ms
107ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1398298509179&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FBAF 0
20 B 106ms
106ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1398298509179&version=m202309260101&ct=77&x=1&cor=18071223186229234000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FBAF 20 KB
14 KB 106ms
105ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRuKxMX5rzhKC8ge-mPE-M06b8TSWSVcsGPvt8GUWaPftJWq-9UbWjzTCOfKLH4wpbkSWw0UDhDV1UsZ9Z26kdiud0iJcC530FYpDBJ2Q5NEsyFcAh4mN9P_swQZzqinwmyke0Q3dT8QgyqyP1waYZnQrSXRW1t2CBMxYr98FaSAbxsTM&cry=1&dbm_d=AKAmf-AZgw58zcZz4rqG4rBKEGFKKZV76XK1LheweYQSdZL_vnXBf9RUW3RCEc1N6wYalntDwPURWLYt9JM1j2RoJrhbN6FdSkrX0uWZshS1uqEI7d6GpfIQmX42EjWJxAv1dopOJRh8RzMBUnt0Eg0PaIgWapJYp43jnD8wepl6UWA32ktbYFO5oDBNPEycIodoaOaVQnp8v_y7vt9LpvuvXC7j8BXApoBdfyBo0jy_N5CH8VIvukRk7h_bPlztGelXfSn0gs0vdYmdsP6v_FedXVj1ZcUKpaCNNlqOkwPIXnj81fMMp9a1LCsr_VYbOUHd6V1nSMclm0ZoBIEWgkzVVE6NzJr8UC0ODwv8mMbEbGdfkMvDkjdJyVB-FjKFA_m7QvPjnUsBZdeVERwKwCc_0f1upse8Hg89HsohZR7w9krjoFYgoircTFAxIW4jU3ocRIg_yn2YRzFx1YwkfHPZqkqKavdtvn-mHMmOTyQtlxV-lH4vGDZ17KEq-a_97iqV4SN0WD-UEbK3FtkPX6F7MraT4QROWsWDMXT3gaMBS7lBNZr6uIZTUe2NPJtWGZxgcu0FRMOGJbybm0E5irA1VrU8BVJ8wLRMBNgQ8ZIxLvJHr9NLvVmkwFlCiIH52wDcSAcd-Ya9k3ebBxgqggQtlM3RUr1f8XtuaaXn2bX8kuHWW7INM3_owr_6w_rg5fLhYq5PQeL_sQ-Bt1JnYfZR4mmjzRbWwY08UCWk1fXulgm0ef4MOhlqFzlINlxNkKyj8SRM84FxK-AuidJbx3kOQ-4znRMKTkkANd3oWdtSjKcB2d9W9gI0phxx-V6roZ2BLtDrUrYkXfFHy6Ry_5VkUfepqxkeH-08Afkn92Vs7hQU0ozafoQM89dr3A64cmysmEKE2WULmqRHb6Lzxvxw-VZkBIarol3tZ8UNMTxMvMifctyRcdw9rFPHnjXnvwo-efXKWieCyBWNTvFhx_H1Ho2oqBaTBTSZ6xHJOVt2rO7p96CM65nhCMIewCOxURfu3rgvT8YcoURCy3qvO_rPJOsOMw2Mc-dUcdotkUQBKDFj4DAPHWiYM1jO2pEwsaKkusaCluRK2FmPMg8J7bx-NlrGsuiRDkGwae6wX65cVd8WFYzmgFGt1nJJZn6jc2ucFzit6zDu7DXOQzdBO5mLaU3n_D-dbKL07rR-wfpV5YRTe_IJqdUd1cMjCRclzybrDDb0ogTWt5hXaBG53Zt278drdCR-_BGKSXiduO80tCmLcTNKiBbLHnWAzBGMTtAiGBHpLZL7d1qfu_n4_1tTJHXZbxRlHkBdbs2a0NkFVmw3RrWWT59enIr8LJJCvktfXkaLkVCzrHSHsNuZpw4BVaWr48CgVoE7KDBHLdDiImuBBO5m5_TkQMrblSap5B6yATvhFi6zAjT_F4CMJ63QhQ5UCOr3pbMlws6ayN7i-DcTt_U4QkCzjrCN8P6R2nHq2yOzxBEux2Nt2OFkfFJaGFFNiE9zA3zGCx1ovCrH5qQs3r6_7KmDQwvEj2TGKPr1c7TW6ABM1kcT3Chdy7xj67UwODhypTGLDxYZTS2DBB67W2jF1OI5kW2WezI8lJWtNyBCignVaSs5I0U9L07nLz8Dor92869f4SH6J4c4onUXUj1HqCYvnKyYlCRqrNezddSTCHWyR7fUbhf1L87za16_4-xjkxJ4LncRIGyxN382o36NtGKsOS8A1ZD0PFzirBrWhI4sBHZ0xfu2XGemg7SJk6C8-iaNxJNqV5lyPnhF9yFxhA4LM-wKSftgWYMnAoOMXLRGtcFqtJyCGPsPS-Phf8-o87uPFojTEylNf6aexkyqbnrla7g9rPEsu2qLhrc1xMDaGwbtgtCiSYWwUXPlo2ViSoOP_zG8VA5T97MHyBSClZyW17lgIddHz4mkK09cgjPIEWUgAk9fLFvKUQ9uzZY9yBO51RyL1StRossIbVimF6L0Sq7kkjOlSXxxzR0XeGKUARuX_aLWhY7mZ0cF5oXtoE511o2QxMsPXOHrymfKieuihf8qrXM6HgQYiaTKt63tsUP1YryPV6zInSS5hww3dCgBhCqn0SYOm7EOVIlLdz8US4f_fBHLGxWHzqc3CydfhMdEE7NXRCa7M8_YGLisgvxy1EEHrbrJcJF2YgIBmfYWIFMkdkHEyM6GKHExx-lv0H5JNRU_n0WciZGpursl814ZdZw3eamtglAjQiMLvMIM_6WdFAxxBpD6Aa2as42xgeLmJuVFprDuyboRpPIYlpE9B8pbQhh7KzcEskgdurqub2AVChQnXZx1OqRqgNFUXpz4Ke6MFmOxOUC_-7y-ywgP5czd0MhYmmZNXZLHb4XNU1qElmOBLI6vcX9Z2f5xKGQoHd7aWfnOto0qCaPKNqn9pjEnTz62d9UD2EIiIMJ_q7R9BKm1Q44Gf005MKro2vajHXreeLciEHN0d2TrnusPenYc6eMbgFTS1LZldxRNtGN63PwXahR2CDKrF6vmzLwJz_-z7GBg1t1PRwmyPHR5v3WcOVEQmThGQtPbDuq35Lfq1pSC1iuveh7fQL8G8G3xoSt6hexoYSHL1g92-2GW9VTE4qMQ0nGoTs6g5j2UiGboKHeiTjli9RZ0A8GFtPTtHHPTJtU6Z0J9Gd2rg86vPEuNHHDb1q4taFqPmfkID-CI3gNdSKgsP2ZpVnCAsZVCa2WntgvbdjNHgxBq69XRljMbUws7m71YpycOsJNPvHRMZIEeos_04xSaaqgLhAfcvjP-IbgfxLJpJFhKRnB3dN6r0QJi2xq9X8TRpXq4mdLmfYcMu6uT6r6i6V_6Z1nC8AP9h7HhE5q39TmA125gHv8p8bQRQolMC8YRxPl-OZxfzKK0PTVQy5eWPF4gKHJeDBFK82kBXdqey6BWs-7LBjAY25RW0MezrJ_HABywWQF4gvulsaNyXH5EqZhP1DTf3IjDEnxDBx-IsjmmABAIGD70dUvFJi1nX5qPmVlmr-Lvh2zLY5fiRRLO9Fum1YdP1AoWP2PIlqsLHO6Cz8TawLvP5l8zQqLSQErHsqz00N1kgkzrZPbpHYdhP1aNGEaviBg8cauAUUriIwggbeCczElHZvQLeRkdO5cT539hCiTtVhwvjRScxD30DD9celNLKOTRhghV9XtsXsHChKUm-_3Tu41WEXgL8R2YyDxSzinVCi-eJgbCc2BqfOktzispwV4rEbK4JRUghJ3XDVKrG3isrrm0AjS0mmgLReCkyX_0hWZnjJHAkKy5SBCISLsH9tOhmL7_v9W1yR5EY2QJvmGE-mFRyYDqA3Hl-DTw4T9eNRgy_eCtcDy63jRk5o9G-Fza7wF6hiRQgCD1ioD-Doq_BgMSib8Q-jyzIEr0l2C3FCYqWZWyMpAqdZPR4QuAgjmWsB1-jfOJr-SbiggC3Wdr9HRz43oGt_q5JRXzYjVn1bfXrvQrPmVJuhElnjjloNkNOLc8kdcHe53O-NRLfr4XTDmMHfuweqDGO2Yd8LF35iSJlQJLgrBcHywxI4Lg6aG-ftRE2gqD4SqCdVd1Mp2zn8bez-9mdr57P1PLsvTI9-Nm23yexXtqqDxOQz93Y7oc2RICVm8eQxx_I49GhGfob3V1YjWW4dnNOU5nqvSm5pMxadvUWOrx9e9lTm6Ggyf4-UVUCIwokLlg1Z7RkD-VwRdra3N2FgepQlcxkrxqEY0AklgGUIIgaYI-c0cjaPYMIp4rQvnxjSbXo1jUsFis2Cjc1llvi48CqsQIY7AEHOihX98NMVHTlvoqArZUa4VAfyKGbHyY8fe91Ya0fSWPaya8H6M-xjEm-AyB8HuiYRMC0qGfLvImwMlNSDSqdzLzZu6qZiw7RF5r_Rblyco2Wr5j1Bm2jhz_p9F2hwBGJJ81pX1hIKYHWacC9Ce5aUCj0YUdrDGOUU1hpA&cid=CAQSOwAvHhf_eaRA0j7GLtgskz8kqFrMJlaJDMF0aKwvrfbP1wEoyeH_rS52UI7Netq34U2GMuOJ-aS3hmi1GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.j-hero.com%2F&ds=l&xdt=1&iif=1&cor=18071223186229234000&adk=2515327513&idt=77&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f4bbc53b2273575a51e074e8784a6454ff234cf5f124f52b6903099bd91bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=4004496541&pi=t.aa~a.3602248092~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280&prev_slotnames=8054381891&nras=4&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13939
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E1C9 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62b8f799f2392c47c972c08a1edf728b4b2fc70c24e363ffb6820f820441a20b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame E148 35 B
464 B 137ms
22ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEO-dUQuFK6PUFVAE41id4ew&google_cver=1&google_push=AXcoOmRUCC7cAIJUy53Dt8tCwGl_OrpBOurFN19y0EkMOnNVDUFamlr_jpNfW3Lr5WXwJ7cDvuqeioEpbvVpQbnVrF79ZMjoxAVj1w

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E148
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESECzC8TyxA20uE4D1hczuCao&google_cver=1&google_push=AXcoOmTGGI6JU04MaH71owtRPW-uZka3AapsoTmdDHuGDLokTOZQradzAtkr8H916S5xyye_2sGlOF5m6ZPtKUqJodeeKN_0FAleDw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F3B3D11A291146E4A6EFEF40AB9759B7&google_push=AXcoOmTGGI6JU04MaH71owtRPW-uZka3AapsoTmdDHuGDLokTOZQradzAtkr8H916S5xyye_2sGlOF5m6ZPtKUq...

170 B
188 B

31ms
30ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F3B3D11A291146E4A6EFEF40AB9759B7&google_push=AXcoOmTGGI6JU04MaH71owtRPW-uZka3AapsoTmdDHuGDLokTOZQradzAtkr8H916S5xyye_2sGlOF5m6ZPtKUqJodeeKN_0FAleDw

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 15 Jan 2024 09:14:43 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F3B3D11A291146E4A6EFEF40AB9759B7&google_push=AXcoOmTGGI6JU04MaH71owtRPW-uZka3AapsoTmdDHuGDLokTOZQradzAtkr8H916S5xyye_2sGlOF5m6ZPtKUqJodeeKN_0FAleDw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 14 Jan 2024 09:14:43 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame E148 70 B
149 B 166ms
30ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIB-Sx2b89XZfHywIylitqg&google_cver=1&google_push=AXcoOmQpPvS6YVhzLPjEe-pNyy6t4mHXZdurXuIJcy6ZrlbXdywZrUEMJePbhzrG93vgxDjPBMF9FJ1UaWHfYPBhjT5Lrqap8ustfRg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=280&adk=3889316871&adf=264656653&pi=t.aa~a.3577929496~rp.4&w=678&fwrn=1&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=678x280&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2010&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250&prev_slotnames=8054381891&nras=3&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=1951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame E148 43 B
146 B 177ms
20ms Image
image/gif 18.184.81.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBAtIbqJOH_oVqqNFz1eE98&google_cver=1&google_push=AXcoOmRDF-yOO5s960HLXhkGjBLBNEpn7kG7Y9duypuwG7ztSeVd78cnajCSycyYpCD_tk2qdD7kWdtR3BUyJU2k3CHbQ5AAFCWiSsU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=280&adk=3889316871&adf=264656653&pi=t.aa~a.3577929496~rp.4&w=678&fwrn=1&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=678x280&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2010&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250&prev_slotnames=8054381891&nras=3&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=1951&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.81.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-81-93.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame E148 43 B
363 B 129ms
14ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTJlMhTcQQ_J09Jq8bkZjKb9AuuMv3G6-TIONJZNfsgtqW1V5bZwv2xgL97qR3srW-9ATLRwTmW6NY-ciS8NBSH56gKWNmUEj8&google_gid=CAESEFU2OHn7GapcDzCb8RoQ_x4&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:42 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 323938
expires: Mon, 15 Jan 2024 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E148
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELgdb4_MdIEY08s5uuJcWIs&google_cver=1&google_push=AXcoOmSSE1CGDlD05rqNE5uVu8I7enZFwR1cJ1CWx76Ni5vTPDSPXTWvl68oBFdB3bVzD-l0nABV0JjG...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELgdb4_MdIEY08s5uuJcWIs&google_cver=1&google_push=AXcoOmSSE1CGDlD05rqNE5uVu8I7enZFwR1cJ1CWx76Ni5vTPDSPXTWvl68oBFdB3bVzD-l0nAB...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQ5NjA5MTM2NDc3MTcxMjM5MQ&google_push=AXcoOmSSE1CGDlD05rqNE5uVu8I7enZFwR1cJ1CWx76Ni5vTPDSPXTWvl68oBFdB3bVzD-l0nABV0J...

170 B
188 B

33ms
33ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQ5NjA5MTM2NDc3MTcxMjM5MQ&google_push=AXcoOmSSE1CGDlD05rqNE5uVu8I7enZFwR1cJ1CWx76Ni5vTPDSPXTWvl68oBFdB3bVzD-l0nABV0JjGgXk4pa40tL9xCqPSPcxKimE

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQ5NjA5MTM2NDc3MTcxMjM5MQ&google_push=AXcoOmSSE1CGDlD05rqNE5uVu8I7enZFwR1cJ1CWx76Ni5vTPDSPXTWvl68oBFdB3bVzD-l0nABV0JjGgXk4pa40tL9xCqPSPcxKimE
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E148
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMzUxyYALJmvRXHx7psAD_w&google_cver=1&google_push=AXcoOmSeHQvy3GeOXOA09Y79SE07rxQt15OHUrHvrhXIWwdlM6m8zV7Z5Uss4JnwbUeQ2LSXC8iHdYDewt-v...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSeHQvy3GeOXOA09Y79SE07rxQt15OHUrHvrhXIWwdlM6m8zV7Z5Uss4JnwbUeQ2LSXC8iHdYDewt-vyl79oZflkamAQdT6_Ls

170 B
188 B

29ms
29ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSeHQvy3GeOXOA09Y79SE07rxQt15OHUrHvrhXIWwdlM6m8zV7Z5Uss4JnwbUeQ2LSXC8iHdYDewt-vyl79oZflkamAQdT6_Ls

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSeHQvy3GeOXOA09Y79SE07rxQt15OHUrHvrhXIWwdlM6m8zV7Z5Uss4JnwbUeQ2LSXC8iHdYDewt-vyl79oZflkamAQdT6_Ls
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E148 0
12 B 99ms
99ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JE4PIVcTmHNWY6ISL_uIV5IkPTJuD6R815sOQe4D0s7j9u-i0ZWWd1NtvJfLeFCspd2s24

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E1C9 15 KB
16 KB 69ms
69ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 09:10:29 GMT
x-content-type-options: nosniff
age: 259454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 09:10:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E1C9 15 KB
15 KB 71ms
71ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:08:38 GMT
x-content-type-options: nosniff
age: 551165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 00:08:38 GMT

GET
DATA 200
OK truncated
/ Frame FCCC 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 dc_pre=CNu0j46H34MDFZlMHgIdC_kAEA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=733369069409.3687
adservice.google.com/ddm/fls/z/ Frame 9765 42 B
401 B 120ms
63ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNu0j46H34MDFZlMHgIdC_kAEA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=733369069409.3687

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CNu0j46H34MDFZlMHgIdC_kAEA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=733369069409.3687?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK resource Show response
mssdk-va.byteoversea.com/web/ Frame FCCC 223 B
2 KB 210ms
126ms XHR
application/json 23.36.163.226
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mssdk-va.byteoversea.com/web/resource?eq=KuR41pMCBG9uKzmXHWTFFtFuxUcRN88AhBuPKE1k7xPsJs1IFEUpQ9VTcsotrafwnDkGZd4IMaCRaMouND==
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/webmssdk/1.0.0.95/webmssdk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.226 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-226.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: 7e215946bc900a609be673b93af021cdddac93c351284ab9f27172716da3514c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

X-Akamai-Request-ID: dafaa369.34380a0e
Date: Mon, 15 Jan 2024 09:14:43 GMT
Content-Encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2401150914426EC7D8F37F12C5070209-2C422032628CC73C-00
X-Cache: TCP_MISS from a23-36-161-198.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
X-Parent-Response-Time: 106,23.36.161.198
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=22, inner; dur=19
Content-Length: 228
X-Ms-Token: dorJQj25fM8A9Z0ibiBRN_H3JhGfW91MXM3fadvxtM6OcC7dK3vKrdtF_d4kQsHO_c2pVMR7vkQtwpss9sMIIbgFAYCcKha2OYQhFOfzcag=
Pragma: no-cache
Server: TLB
X-Tt-Logid: 202401150914426EC7D8F37F12C5070209
X-Cache-Remote: TCP_MISS from a23-48-200-200.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Expose-Headers: x-ms-token,x-ms-resp
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 22,23.48.200.200
x-tt-trace-host: 0159893ee4a12b1cb10c7d855a7ad5d8a60ba7b6e0143aec243834e4c9613d4a3c4d1dfb53aa7faa0cd02bd03f0d66c1c923c26fa851dd7d5ed779027e941209753c957d95c99b1b74b5af267207d079a98e34ff05d49f7f3ae084925cc53f154766b907bdc5ad4ec1e5fc32ae7f7d60aa
Access-Control-Allow-Headers: x-mssdk-info,x-ms-req
Expires: Mon, 15 Jan 2024 09:14:43 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E1C9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CYg3Qg_ekZY3wCLuhiM0P-bqTkALVs-LdcbP6yYiSC2QQASCKrchVYJEEoAHHvunFA8gBCakCnF5Mi3Zfsj6oAwHIA8sEqgTaAU_Qp8lrO2EzKcLwzOh6BxMcF8ZCnMGCwlmohc_Z8oi-MYb...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211585912952816274259%22,%22debug_reporting%22:true,%22destination%22:%22https://brunen.nl%22,%22event_report_window%22:%22...

0
0

109ms
57ms

Fetch
text/css

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211585912952816274259%22,%22debug_reporting%22:true,%22destination%22:%22https://brunen.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22951738183%22],%2222%22:[%22true%22],%224%22:[%2201-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22667501286245966353%22}&andc=true

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11585912952816274259","debug_reporting":true,"destination":"https://brunen.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["951738183"],"22":["true"],"4":["01-15"],"6":["true"]},"priority":"500","source_event_id":"667501286245966353"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 15 Jan 2024 09:14:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11585912952816274259","debug_reporting":true,"destination":"https://brunen.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["951738183"],"22":["true"],"4":["01-15"],"6":["true"]},"priority":"500","source_event_id":"667501286245966353"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame FD4E 41 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwuI-qRvkEFOWwgJ5iPe58HkyTnJSfs7BoRQRVVIvHvuNKgmxUvfob6YoxWzm7hsgAFo0uCdW6RL4v4nMRB6JHnw1RBOIafOAUtOK3nzCAY6T_skRNrY8CyFckr8bGrgISESSL3IPixjqocOweZuanau4_59W6vlVwlBYf85iP7av2vLk&cry=1&dbm_d=AKAmf-CgTyNMgK3JBfGVY9usmnLGX8Qq9qpdpfqQRrAPO-oncEizI9YbEJP0oR_3-ealyONn4hFyf_MxDQNVmef87RmEUz798NRC6ftwVtzCx0SwefRh-UXk5t2zEyjrPCJAbFRuqwsdlJdsMgcCPAexUlACIDAwLMGJpJMmi53PJM_38yalXDfLA2XTGw49ynq0fYfDLErBQTRlWfBAXnwJ9fbhhxffzyeckk6QHUanIdq4m5-MZNdXXj7hH1NPCAzjxRPNkhPa9j9_qs4QdnL5_hCDt6QGQg0ynUacWlKRdSNdawpoMbjXZDtV0y4EWfYia4rDxnbBDxiqnfYUczf600LsEC2EdvoQr2ILiWmAvKOt4X3HQwfK7GRgP8gD43X55i_Dz6b8shTRibjiVbF5snZeoRKCbXvtX0gtKCQwbPxaTnbLKgcPKe6ZsIXf2TKkMaXZwvNl1raIplAnTXnmCt7f5vU7fHCsf2ai7Gz50yAY7Bz_xxosQFPUsy-YBDjqVuN4GeyhMR6ejj846yfUfpddrjYzrXX1QMIZ2D8Vq4OdRUMTRvjpRVyCGfCdlE5Q-762-Fho357cBXwGMFnz7iRdB29CAe2YEVMKYgqf_CrmkR8MHz71hVYYUH4yPkrF8nChHIXrUg3DCWuB1o37d0TpK_bklwQkLaq5KSJVZrLSpl8j4ntIuOC5QuMaLplVQbnJrAk85h2zHTreTapCUIGZrzYR7kXXNE-riN2_fVPDUC-otc6PIDO595tni_xg0DZu8SGQ8sKZypH6WD1Fw_FOyBf1J-DdMvQA6_wkSf1qmCpk7yn2Tw10-fo8G1YANmC2bidG9SpwgWDz2J2AFWQ1vjg9s6Vr47bPZxWZPdRyWzbM45d6ipp9dDZONHjd4uzpZc3nD0suVTs8GXQ83d7bg9HaFtNn2ZDxfvq4i13ssGbebl0HUV9V8F2gslxRSyTk7i0xPKUuW9NdsG9Ie78xv7ftMNFWOn_itVmyBwl3azj_4vwKMVQ-hDIgyJJwSFl0uT51AsO5fX8MGcdL3OhpkRkitwDhD-88SAHn_xxgoIfdbUx_4D04EYsEpMaNMYxEy-1U9qOFlqXZM2tfySOzzoGN2b6JZCatwJ_eYCOaaKLIyQd-YPKnZPSnM966_8R_ButE5jk7d8KHqbxsRz8DTX_E5_Y_Nsz3VBLT5WmwaVyVNq-pKY7eG9t1TDQfz3BWcWZGAGY03t_eoWF7WSo4U_8bNOzes1OIWmoFY2ymsoBfGk5Vs9ZvF3WJZGTAUeZOyQd7ElilZrvsgY_zp6ZQAovjyzyNvKooTrSpZ6m_T7cBlNLq7g9ShxpMDDD8PJ-Pj0B95z209Nx6dCmsnD5ubYiuSIqSwUymsUngZx8YrIdUbdEkmsXp4QYsQUFfUBEXdtkjxYnSrQmCEUYS_Omiw0d1GZhiT8HkIy0_NO_urzLQkVXlbwGRDwdokWwRLHQpAFrmzdJwaqeqoqcwZXj6AiM4sHIFoc4qfXCGrPcLKxEdjTOM8_TUObozbHKf6jLWr0eOUYaVUt4-pe45Jl0U6Hg1zFG_vMykUPzfECEmszNCfn10qWdskYx01HlznDfIx4vQEq8iY1nu466_k-2OzFMAOG9ZMTlj3X8V9O4dP2jPm5_5N__XOn-WFAZKO040NXMaOj5FkrbgJGyHwqv5s1ImBLmlvbQbe0XnXo0R9P53q4OG3FGJwWDjbe68PaLtwkbkgnPP6X28uerhbJOCEEwN-EbnW_n1ki751ywINoZl3utXNinoIdgErvTJGvA_vfPVJShG7UdgBYOkLrIm3pAr_vfkXKByaowg9n6KS2IRVSgYD8fzenFUf6jltQPotMeXdb0OAmpEXD-gcnERzbPCcKFZ7hsAyLOwCAI7SNnD_fG0P8oVAUME6QHKRl8pupzi6ZY6pagY7zZGHaqSLQ_EBqSLZ00dmdsmT6yj8Iwf7tRbzljCD2lFm2nccmKlIBvCM-0IeQcJ8O-9jeIOQVnLb8R3xDVLaw6mPGK-iDOeFljHLfG3MAmJ7BvCwqCJxw9VYfhrHw6ncIOdzZq3nd4doKV0J3dc5pnL_D_0xx1D_-eJQa3xEZNc3Mf54qg-v4fa15kxJ6l00mDiPiG5W9Jcsmt_XigWq1klI0docLXTVAssJwR2UzrXI1VxJq71Pi-Ey6FRD5nqhUuJvyJkTqu4Q4XTRCXor85Z1msKcSNeMAJ_nenDo-IpuHkHzRNkZy_W_Lh9riu0k9ivdX8shLINFDtH8dLNCC06m9a4jR2lWgeX_xrM9tr_cb3UD_YVG2jW8-N_eeJr4hfMAMs8Jd21e9mQbIHRmCCai3_p5stRQTipryQz_2iYRAG7QL5UmAPNANEA2Qg7dz7i6VEe_tNT7w2hZsAmQomzOI8rdZqWeL3YfZ8-K-gAKlIG-tvWUEbY4Iy9CV6eAIuO1Hs3QtsW52y45yaIEaQZ4qkRaBjx4Iao2I8PeXxajGsbwfNaXvfADZDUxzG_tXtavJmsj1XfLfext0JWw1PvVsMdsyGydlwcB36zlWqOmbcGv_mnAwtZreK2qSy2Ip0ZKbbI2U3QtiIRTtO-pDC33K8cTd9QQAqSuQud3dXuX_YVFhOBFzeF6tqDxASEJ7IKkYPVBcwoHAoSYTocfp7phJnS6OktxbJCeFWYfei-bfq1yTv8498pMmSeIJByCybcopM20Arvo3Jz_ZgRf9YB4jg4ef5ZOctDVYEml8-rmSvgv6b7fpl4wSr43wCx5CpJpvIdSuYP-WNQzTUGcrse7jcXEHXc-VV0VdhOwGQdNletdX2KO4HCdlksXeCbK5CiUMwdCECv85lVtuZq0rhTfAFwgc-39PUMyWvXjZKQlQJ08adKF3TjpBk7UhFJP0Qu4cpkgQahPGwA4e9JFlQ-k-vFOyYfsjzUwvvics021bUNsp_SJGWWaUe56IHcxRQ9lmJQKPqAOQQb1KAb45UCMNo950B8U9hC5dpx7si_js3ZkR4VLHOU9FVuhLBcFGe3Yda654X0xktqFrD4opqZe22OspK8uA50Yi1a-d2U8-wNS-CbTSg75Xq9XlVrbyKrRXGVDxvhg-DQ8TeQttAIwlFQuGZdkctrsik9t8WWCFxWATGQXwdnfxwU-bYj_J0N5NeL-7b73iXhOKWeNsypqYzwBTB54eJXn-OFehlCxysHo-WPWlR03ls_jGb7ghj-p1chAwk0D1m493-CAXXO5L2KWxb9ENcDbXf1WMgHWEZ3Kg15fz_i4aBoQJvdCMjIfz1ayfLubf01lywLXLNUl2zZ4Pn2hLm95iY_BxJya95zPCc9qXTR_tJUrK7fPb7FlFqG1COI5HtKpRml2CMMZp95QrlIsmOCbME5ZWcB8k6SkZAzH2MjTr3_8EuF1mKplPNpU-QCY7kl-XkBATbG-Jj3hcxaLZfgpYrVyMFKO5NOsm4rz5m4qhqwsDs977P74Qpv0BgmwHRllwMpHgDAfXkzWKr5gdEPRsLZEqg27l6NvKMpGGRfBZpW67ag7cb3MC_j6lMVk2YmiCSKbsynH6PqOq0ZHDMRJ1TGnKFNfQrzP_BBiaWjBq8W7hTJBw8N8Gk5hL8es87Q7_mm_YGnHgS3uM8ZsI54jVKZa54_elpV_XNNo_p0mLZZhPgzPShcH397myksqD6XSrCtHgv8sVNzqHd1bcbGry90O-PT8OfqPGJBVV-YKjsnQx9RZi1Uk8MIbYotXZ5QW2ymLqHjYjRZpzWeAkuFBod0dt4BwyyPX2CNpLWrmy_nSwdQ2qktp_uHOdSszTIPRT1QA-ryrMK6AGmOpnp_NavuGQIuLBLrU9XcE2I7BhyTHgHLtuasKPEBDJbkmOrCq3iFN6GS6H9nXDQA7yjXZxiGVfN2s-PpHExROrEi&cid=CAQSOwAvHhf_KNS6dUlzxREFbZLfZtoeNWZgzBXCwRO1zZg1hfwKflx3yOzCqQ3feIDSmeN__MuZvRzOG3sZGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.j-hero.com%2F&ds=l&xdt=1&iif=1&cor=1639896220741351200&adk=2988274606&idt=106&cac=0&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 20:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 220015
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 20:07:48 GMT

GET
H3 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTMxMDA4MzY3NjA2NgogIHNlcnZlcl9pcDogMTI2MDU4NTk1CiAgcHJvY2Vzc19pZDogNDIyODY1NzA3Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUy...
ad.doubleclick.net/ddm/activity/ Frame FD4E 0
22 B 58ms
57ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTMxMDA4MzY3NjA2NgogIHNlcnZlcl9pcDogMTI2MDU4NTk1CiAgcHJvY2Vzc19pZDogNDIyODY1NzA3Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9hZG9iZS5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogMTA5MzM4OTY0OTI4MDY0MjY5MjUKZGVidWdfa2V5OiA2MzM5NjAxODgxODgxMjI5NTcyCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMS0xNSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDkyMTIyNTIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzODQyNzg0NTkKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDczOTk0ODk2NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxODUwNzM0Njc4OAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDU0MTIyNDk2OQogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZG9iZS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9mbGFzaHRhbGtpbmcuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x3892ecb214b8b0690000000000000000","13":"0xd488973b39a1aaa0000000000000000","14":"0x6b89db89ead353450000000000000000","15":"0x1a4beba7dd16ce740000000000000000"},"debug_key":"6339601881881229572","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"10933896492806426925"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/1/225038;7982913;201;js;DV360;DV360FY20CCBEHInMarketNLDSKBAN300x250/ Frame FD4E 2 KB
1 KB 76ms
28ms Script
text/javascript 23.197.10.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/imp/1/225038;7982913;201;js;DV360;DV360FY20CCBEHInMarketNLDSKBAN300x250/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwww.j-hero.com%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_partnerimpid=ABAjH0hgrDd0r7fGPzC-4KLH2tIS&bundle_id=&site_url=https://www.j-hero.com/&pub_id=1&sup_platform=1&cachebuster=316986.49327212805

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.197.10.234 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-10-234.deploy.static.akamaitechnologies.com

Software

prod-xre-app3.frk11 /

Resource Hash

8780dd70e86e81cae7b6e3de2b8d3cc4616d5e36643ca63597fcbc654c4bbab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Jan 2024 09:14:43 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app3.frk11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 897
Expires: Mon, 15 Jan 2024 09:14:43 GMT

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame FE6B 50 KB
19 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 02:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 197172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 02:28:31 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame FBAF 41 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRuKxMX5rzhKC8ge-mPE-M06b8TSWSVcsGPvt8GUWaPftJWq-9UbWjzTCOfKLH4wpbkSWw0UDhDV1UsZ9Z26kdiud0iJcC530FYpDBJ2Q5NEsyFcAh4mN9P_swQZzqinwmyke0Q3dT8QgyqyP1waYZnQrSXRW1t2CBMxYr98FaSAbxsTM&cry=1&dbm_d=AKAmf-AZgw58zcZz4rqG4rBKEGFKKZV76XK1LheweYQSdZL_vnXBf9RUW3RCEc1N6wYalntDwPURWLYt9JM1j2RoJrhbN6FdSkrX0uWZshS1uqEI7d6GpfIQmX42EjWJxAv1dopOJRh8RzMBUnt0Eg0PaIgWapJYp43jnD8wepl6UWA32ktbYFO5oDBNPEycIodoaOaVQnp8v_y7vt9LpvuvXC7j8BXApoBdfyBo0jy_N5CH8VIvukRk7h_bPlztGelXfSn0gs0vdYmdsP6v_FedXVj1ZcUKpaCNNlqOkwPIXnj81fMMp9a1LCsr_VYbOUHd6V1nSMclm0ZoBIEWgkzVVE6NzJr8UC0ODwv8mMbEbGdfkMvDkjdJyVB-FjKFA_m7QvPjnUsBZdeVERwKwCc_0f1upse8Hg89HsohZR7w9krjoFYgoircTFAxIW4jU3ocRIg_yn2YRzFx1YwkfHPZqkqKavdtvn-mHMmOTyQtlxV-lH4vGDZ17KEq-a_97iqV4SN0WD-UEbK3FtkPX6F7MraT4QROWsWDMXT3gaMBS7lBNZr6uIZTUe2NPJtWGZxgcu0FRMOGJbybm0E5irA1VrU8BVJ8wLRMBNgQ8ZIxLvJHr9NLvVmkwFlCiIH52wDcSAcd-Ya9k3ebBxgqggQtlM3RUr1f8XtuaaXn2bX8kuHWW7INM3_owr_6w_rg5fLhYq5PQeL_sQ-Bt1JnYfZR4mmjzRbWwY08UCWk1fXulgm0ef4MOhlqFzlINlxNkKyj8SRM84FxK-AuidJbx3kOQ-4znRMKTkkANd3oWdtSjKcB2d9W9gI0phxx-V6roZ2BLtDrUrYkXfFHy6Ry_5VkUfepqxkeH-08Afkn92Vs7hQU0ozafoQM89dr3A64cmysmEKE2WULmqRHb6Lzxvxw-VZkBIarol3tZ8UNMTxMvMifctyRcdw9rFPHnjXnvwo-efXKWieCyBWNTvFhx_H1Ho2oqBaTBTSZ6xHJOVt2rO7p96CM65nhCMIewCOxURfu3rgvT8YcoURCy3qvO_rPJOsOMw2Mc-dUcdotkUQBKDFj4DAPHWiYM1jO2pEwsaKkusaCluRK2FmPMg8J7bx-NlrGsuiRDkGwae6wX65cVd8WFYzmgFGt1nJJZn6jc2ucFzit6zDu7DXOQzdBO5mLaU3n_D-dbKL07rR-wfpV5YRTe_IJqdUd1cMjCRclzybrDDb0ogTWt5hXaBG53Zt278drdCR-_BGKSXiduO80tCmLcTNKiBbLHnWAzBGMTtAiGBHpLZL7d1qfu_n4_1tTJHXZbxRlHkBdbs2a0NkFVmw3RrWWT59enIr8LJJCvktfXkaLkVCzrHSHsNuZpw4BVaWr48CgVoE7KDBHLdDiImuBBO5m5_TkQMrblSap5B6yATvhFi6zAjT_F4CMJ63QhQ5UCOr3pbMlws6ayN7i-DcTt_U4QkCzjrCN8P6R2nHq2yOzxBEux2Nt2OFkfFJaGFFNiE9zA3zGCx1ovCrH5qQs3r6_7KmDQwvEj2TGKPr1c7TW6ABM1kcT3Chdy7xj67UwODhypTGLDxYZTS2DBB67W2jF1OI5kW2WezI8lJWtNyBCignVaSs5I0U9L07nLz8Dor92869f4SH6J4c4onUXUj1HqCYvnKyYlCRqrNezddSTCHWyR7fUbhf1L87za16_4-xjkxJ4LncRIGyxN382o36NtGKsOS8A1ZD0PFzirBrWhI4sBHZ0xfu2XGemg7SJk6C8-iaNxJNqV5lyPnhF9yFxhA4LM-wKSftgWYMnAoOMXLRGtcFqtJyCGPsPS-Phf8-o87uPFojTEylNf6aexkyqbnrla7g9rPEsu2qLhrc1xMDaGwbtgtCiSYWwUXPlo2ViSoOP_zG8VA5T97MHyBSClZyW17lgIddHz4mkK09cgjPIEWUgAk9fLFvKUQ9uzZY9yBO51RyL1StRossIbVimF6L0Sq7kkjOlSXxxzR0XeGKUARuX_aLWhY7mZ0cF5oXtoE511o2QxMsPXOHrymfKieuihf8qrXM6HgQYiaTKt63tsUP1YryPV6zInSS5hww3dCgBhCqn0SYOm7EOVIlLdz8US4f_fBHLGxWHzqc3CydfhMdEE7NXRCa7M8_YGLisgvxy1EEHrbrJcJF2YgIBmfYWIFMkdkHEyM6GKHExx-lv0H5JNRU_n0WciZGpursl814ZdZw3eamtglAjQiMLvMIM_6WdFAxxBpD6Aa2as42xgeLmJuVFprDuyboRpPIYlpE9B8pbQhh7KzcEskgdurqub2AVChQnXZx1OqRqgNFUXpz4Ke6MFmOxOUC_-7y-ywgP5czd0MhYmmZNXZLHb4XNU1qElmOBLI6vcX9Z2f5xKGQoHd7aWfnOto0qCaPKNqn9pjEnTz62d9UD2EIiIMJ_q7R9BKm1Q44Gf005MKro2vajHXreeLciEHN0d2TrnusPenYc6eMbgFTS1LZldxRNtGN63PwXahR2CDKrF6vmzLwJz_-z7GBg1t1PRwmyPHR5v3WcOVEQmThGQtPbDuq35Lfq1pSC1iuveh7fQL8G8G3xoSt6hexoYSHL1g92-2GW9VTE4qMQ0nGoTs6g5j2UiGboKHeiTjli9RZ0A8GFtPTtHHPTJtU6Z0J9Gd2rg86vPEuNHHDb1q4taFqPmfkID-CI3gNdSKgsP2ZpVnCAsZVCa2WntgvbdjNHgxBq69XRljMbUws7m71YpycOsJNPvHRMZIEeos_04xSaaqgLhAfcvjP-IbgfxLJpJFhKRnB3dN6r0QJi2xq9X8TRpXq4mdLmfYcMu6uT6r6i6V_6Z1nC8AP9h7HhE5q39TmA125gHv8p8bQRQolMC8YRxPl-OZxfzKK0PTVQy5eWPF4gKHJeDBFK82kBXdqey6BWs-7LBjAY25RW0MezrJ_HABywWQF4gvulsaNyXH5EqZhP1DTf3IjDEnxDBx-IsjmmABAIGD70dUvFJi1nX5qPmVlmr-Lvh2zLY5fiRRLO9Fum1YdP1AoWP2PIlqsLHO6Cz8TawLvP5l8zQqLSQErHsqz00N1kgkzrZPbpHYdhP1aNGEaviBg8cauAUUriIwggbeCczElHZvQLeRkdO5cT539hCiTtVhwvjRScxD30DD9celNLKOTRhghV9XtsXsHChKUm-_3Tu41WEXgL8R2YyDxSzinVCi-eJgbCc2BqfOktzispwV4rEbK4JRUghJ3XDVKrG3isrrm0AjS0mmgLReCkyX_0hWZnjJHAkKy5SBCISLsH9tOhmL7_v9W1yR5EY2QJvmGE-mFRyYDqA3Hl-DTw4T9eNRgy_eCtcDy63jRk5o9G-Fza7wF6hiRQgCD1ioD-Doq_BgMSib8Q-jyzIEr0l2C3FCYqWZWyMpAqdZPR4QuAgjmWsB1-jfOJr-SbiggC3Wdr9HRz43oGt_q5JRXzYjVn1bfXrvQrPmVJuhElnjjloNkNOLc8kdcHe53O-NRLfr4XTDmMHfuweqDGO2Yd8LF35iSJlQJLgrBcHywxI4Lg6aG-ftRE2gqD4SqCdVd1Mp2zn8bez-9mdr57P1PLsvTI9-Nm23yexXtqqDxOQz93Y7oc2RICVm8eQxx_I49GhGfob3V1YjWW4dnNOU5nqvSm5pMxadvUWOrx9e9lTm6Ggyf4-UVUCIwokLlg1Z7RkD-VwRdra3N2FgepQlcxkrxqEY0AklgGUIIgaYI-c0cjaPYMIp4rQvnxjSbXo1jUsFis2Cjc1llvi48CqsQIY7AEHOihX98NMVHTlvoqArZUa4VAfyKGbHyY8fe91Ya0fSWPaya8H6M-xjEm-AyB8HuiYRMC0qGfLvImwMlNSDSqdzLzZu6qZiw7RF5r_Rblyco2Wr5j1Bm2jhz_p9F2hwBGJJ81pX1hIKYHWacC9Ce5aUCj0YUdrDGOUU1hpA&cid=CAQSOwAvHhf_eaRA0j7GLtgskz8kqFrMJlaJDMF0aKwvrfbP1wEoyeH_rS52UI7Netq34U2GMuOJ-aS3hmi1GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.j-hero.com%2F&ds=l&xdt=1&iif=1&cor=18071223186229234000&adk=2515327513&idt=77&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 20:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 220015
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 20:07:48 GMT

GET
H3 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTMxMDA4MzcwNjMzMAogIHNlcnZlcl9pcDogMTM5Nzg5MDkyCiAgcHJvY2Vzc19pZDogMjc4NTgzMjQ2Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUy...
ad.doubleclick.net/ddm/activity/ Frame FBAF 0
22 B 59ms
57ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTMxMDA4MzcwNjMzMAogIHNlcnZlcl9pcDogMTM5Nzg5MDkyCiAgcHJvY2Vzc19pZDogMjc4NTgzMjQ2Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9hZG9iZS5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogMTEyMjE0ODMyMTIwMjUyNjQ4NDQKZGVidWdfa2V5OiAxMTI5NjM1NDg3MzQ3MDI0NzA5NQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDEtMTUiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA5MjEyMjUyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzg0Mjc4NDU5CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA3Mzk5NDg5NjYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTg1MDczNDY3ODgKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA1NDEyMjQ5NjkKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWRvYmUuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZmxhc2h0YWxraW5nLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=4004496541&pi=t.aa~a.3602248092~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280&prev_slotnames=8054381891&nras=4&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x3892ecb214b8b0690000000000000000","13":"0xd488973b39a1aaa0000000000000000","14":"0x6b89db89ead353450000000000000000","15":"0x1a4beba7dd16ce740000000000000000"},"debug_key":"11296354873470247095","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"11221483212025264844"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/1/225038;7982913;201;js;DV360;DV360FY20CCBEHInMarketNLDSKBAN300x250/ Frame FBAF 2 KB
1 KB 71ms
27ms Script
text/javascript 23.197.10.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/imp/1/225038;7982913;201;js;DV360;DV360FY20CCBEHInMarketNLDSKBAN300x250/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwww.j-hero.com%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_partnerimpid=ABAjH0jJH9BAKvqCUFwUBlbgDvBp&bundle_id=&site_url=https://www.j-hero.com/&pub_id=1&sup_platform=1&cachebuster=235176.0571027104

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=4004496541&pi=t.aa~a.3602248092~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280&prev_slotnames=8054381891&nras=4&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=26

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.197.10.234 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-10-234.deploy.static.akamaitechnologies.com

Software

prod-xre-app11.frk11 /

Resource Hash

76f0625f80d5b3ae0a4a46be6ecb29f9ee9e1739f21e8ca0b43c6bbca1c28eab

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Jan 2024 09:14:43 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app11.frk11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 897
Expires: Mon, 15 Jan 2024 09:14:43 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8BF2 0
20 B 57ms
56ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9053730706920&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8BF2 0
20 B 54ms
53ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9053730706920&version=m202309260101&ct=77&x=1&cor=13003113613522577000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8BF2 20 KB
13 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9SAxp27kTmo8MPgyETufvxMToJOxxyFCq-8Ue35Vcs0yGIypo3R7GvUCpARyy0jXI9954538C2la76iIofJzfw4Aq45a-SErbu0nown-JKTU5wojdOSwJMg5EB9zfMa_8EkBg1mHvhqIZvobkyi6FoeZIjgailZt0MHBh_fb9yRsH4Xg&cry=1&dbm_d=AKAmf-DsXdqk3AZC9JUE2YvhaLUEpM2YmyOW4Lx6mY5I-iWeLgUOuVP10AAZVv3FLd0YOD81DpTMABOpRhqanoIw4G-YcS-zxQvf_DGCWDZeDUw_z7Z0OcvpbSL2QZoMTZRrV06tbZpL85IjRy3-X6MITF2DVwSj588S4leMYBQPHB9se7SMf6DX6qV9XoaGZjvHqlCTHkYZTvmBPyh6_RglatIt-DyeA5e9LkdBw-7REl08uTxFCuHA0UAagprrlnWOUdzmWD8Thp26gz4vuMl-iOIcMkWTg0D8zryEs5bofcBLS_Mmt37RVZ-7d5Iwby8aLLMI106GuX5JHU6NXv5MHIiAJhrTqobu30VGZlBtA_ImztixrDH7XpQqBkqqZTqsXZ32Dhdhh3sR1f-qyWWJxlI3mPApGwd3cJwviu1P9NajgGfiNlUyfK_6jZeY0Kexz3KzGKRUfEs9fSpRPjNGEe8wAY5OjWo5CmYpJzk6G0MlPpIltpQ0utymwiNw1GH6tIBDw0ZJ-ho3vFok2FWB093KCVFLbSSiqCLqSV5Ld1b69WQOjyug17ZOiUGTEBEsxcf4_f8NHlZOI-nL29oBtbjHNd6zmkEMnnnXmKzgD2CyOvwxxaK4AJHUhxi_RqNnozRdOBXM-vJPOsHmjQAOaTZ4TCQ7STKjpdq_6jhw4_Yde__7UDHaGKTPnjghzwXIk1RTiSTUoAzpebDVoxs4WhVHxELTmTxyHDH4EEkDh_bYheJKPiNPCg49Cs2bgnlSoKwrDOe7AxWByUzO8TjkgyehjLDD_d3Nvk0NT0MLN3q9Iybu3qyf9AxFU-M988-p2iMp3t9C3VenqVhQ6dUID3NLf5SSa38OlILakxR5eANWRAYzLG1DPOEopKF0X76Wy9kojfUPiCl3S9FJi1tednXYlf3B-oklvisPrRDtFqOM8Z83KckrCu9YAvUUAK6wezVx1Ubluj_wlBYw_dYgNG-HTtCiZQxiqBVy7xkJTTY8Sf2ECAmKkH24NEsVAhXrOIovJhVUO16GyD0ISfMf3TPdVlNnjcRKY2V5OPq6E_KJWNvHOfgGya_fBRnSiixfLDeMXw9MRiyzWGBrJzAnr3MREGykSaG9bscCMrBpP_bFivdefo89QGCg2zVqjVrFfl1bCC_EWwUzJuEW6AgWPr0zGYkRX7P86bnoXFhfLSIAAYUuTGYryNAyMRt6IKKBj3z6A6IKc8tOAwJfupi6sLSPdnYRQBe1CB1G-8VDPD_5wt-LfNsJclr01p1uqw7YOJTYKLVG9NUszz_cH1wWnSgM1DFSBIwRrwGraSGvJG9E7sd2q16C2Ot9EJP5gfPttqPszl7BQU75tkBAdVR98qWVTGE_aiSaIGGcM8T8wP5uf6ShqoX5ofu4jJYYx7vOj-4sSLXucr2-1x1Wlv_bm-jYL3m4PthoRjkv_dvIse47daOgiIZrQgWiyzF5rrn9cUiuikMR8JtBUbWRdguvGQqqaWBFg0H18nwiRTSZ6BAzUdKF-0caBV0yeuRTC8vE7D5tXhtncgaVmU0lHF3jMylVK8W8JKVP59wSQN05NwXkcjP9Q3XrUB95dOTO6-Ha6JXSHpot5RzuglcbilyhBD8BGPWa0knIPU0eS_25gpSGGAsJwHUZQ9FmzU71X5TIfzn9SgEuQ0V8w5ewvmx4XwtHMwjrr_RAOXDPuhraJOoExvm0kdzrtcBt-LUhQUZXc83RW8ISSK5s5Yd_6lXJT4B25INgOE8FzZFAx847WfCGm9Y4cNCU4gZ_cCXwk5Ucq8E0C702iZFmduDs1MDnt0p5Ei4i2HOLkZ1caHjS9MESXljUXRpSrznRXtyXS1ySwymFRwtyALn8ZE-_aKUioMSHY7dlbpHpbHT5KWfb2oNumBRSEg8mqV-R0itsuu6BZhdKRV13rNH61xB58-Je8ExD7d2avavmB1V6dY8aT6S2uThh3JdjrTPjeKpmvWDb13PtQB6CmSuhSt_ymAUNnQVQ_ymxfqD2QvqKFB7buHcI7kbvNUSsM1HfsWdkYJy779j7UzKzp_WZZF7rkAVcq59biGxdiCvbZW8CJq59RkHwBsuQ_vdfpaTxOeteYdIu220b1rEwBvOBg09jtHWggV-VZAI-GPB_x1ceHLz5UOHgFe9aD6NMtCcL63JXSL6sa_XhmqtFnmVzK6ITAtul3tP5WgoV3kyEsoBu3nK876iOnNMq0KzbjTTxDvInlz9cefy6IOGOseMOkiyfPQ12xT0iJO9sWT5k52PpSQqaJViNwdfAP7jSjVP4nJ22_BRYMO-njg9JkomploMeZpOJEkjJRJtj3Lz-H4tlGyhzhFrPG5dGDOWUJFS0cw2YPx6i-JzJitDbHclM6RrGoLXTuAljr9Q4A2IZ0MT60UQ4r4xIr7KNb_kMmLUCLxEbuHzm0p959A3CbBOhu7Y_1MCYSqzSff6XkId8yaDVXzjzMi-AIgOuHyL-Cj6dZkIpKJPS5MUDuYgLKuGxzeBCH0LT9CXV9ojUbnHzkWjZYp5Om3rhl9kmsxtPhNsSe2oELcoztZBlIVnlCEAZIorlGM697VEzEWc4xR88khCx7Q9t_EWOkRF00DQ4d8gmK74Ktf7yWRJd3aPdYDOz7SD2rtboE8A76H8lv4QLGQQH7CdgeLBj-S4UHvP2qzZmZyMwfzXkv-KgXJPaU_aQsEN2q54IQ0r3p6fu6EVLCggkNK5aK2O5h3_jfADLscbmk7Y3bt3Eojc9F3B-InluzhUjozZBjh6hSlePzTeDYmn0XlsHPJXFMsYvO8V_0VRGiRxXMzybeHk47IQKBSRS3XsFLwF-l9JCrjzEJ1ZK9Gqg7F7aElkuUmmoPh6EaAekQy3-7WUt6oWopwpfsvvEza-IktCk0O8wAWJ5M0OhOAYFpnaYxXtrKxCk4Vymi59bpSdT2evgwzOAY1sReSkX4cvnom4L89aw61jf12vXpDJxamHSGCtZ089Xkzn-pW0XeWbBMdRHWTtqDSXi1ZmFuUM6-TsoqyeJJnrtKkeeudiPNS7RSTds5o7c18EMv9XUqsMNPrOKpZ4JQkMZaPls5IfyMwRBbLflw0VtHr43Cs1FBnwAoQZAjMAB5k3jEoean9MB166E890N8eysfs5qQfv6XZar0LzYZ_UlLvbZTqI5-F-y_aKV6Ac_fN1if_5D8sDIS_H7peqiJ_pVE89fPriFtc6MTtIvbMNc-px352z_73_aV6RMRqOGrbcdG-jtlucCDt0TOs-tmjQXjGlkx-AAm1sjkFbq_2_bwixt4w7wiWQmY_n_ZWjJVKM7zR9U64j2zQYskKojB7KYARq9iQ5lshDpukq2yRTPOH7UAJNfbVZ8IHU3tVot1_OxpL4V8mu3lfkh853U5YxJV1U4d6_OlbH6O0tMlKUHZwElwdWi_UjUJmlZ4DuRDgXF3QqWm-V-9FY3KQaVtOQvV1tvueGmDdoYp2Ix39UlQdsQjvlNirArJ2qOfOmuecrJ_hj1AFcYC-KNcypwGmBY3sVHCP8xkJsPY1Uibk0jyFOcxlaU-GIE2BLtOFA0M_KoIGWxdM8uUr38ZxsKpAFjw2iV9EaM4eiIie6A_6dJ26Ao4Iy4U_nQDppgwP0m6eAsPe59BPGgkYGTtvKleWI56b1HtSGJp291_P_4PUSK6WNjFlHiYRxB6heLnv8_sL17qt4OvfBa6F9PJaNj9SYohrKMLTlZEloYCJI8dqkq1S5nJNxiTvCnOAC52mSxz-xi6B0u4iRGvlPl3TQ3i2sQYxIf2z9Ou6GCki0PKwPgoTDo0c1ZxPkRK4HF9dXP09G3F827Qn7vriaby4r-uHhnv90rz0eDERmJRe_fduDTOamzPeV7ddvhuJL-EhYxyR5VGEXpTV2P4ElQFr2sCnpaLa0k0qLWPvWPS__fmT_JNA&cid=CAQSOwAvHhf_XXhea4S6iDmqtHoNYJ7GgwC-I0rsAiWvEW_cjlxky2uJLMyTdNqEHJWGNdDCsSKkGHdJXox2GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.j-hero.com%2F&ds=l&xdt=1&iif=1&cor=13003113613522577000&adk=1935140219&idt=216&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88e5866ecf18f2e1bd7cbd7238a4e0ff503db5667a1212d40115a615376d1dcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=2004900475&pi=t.aa~a.2363856613~rp.3&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2010&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280%2C326x250%2C678x280&prev_slotnames=8054381891&nras=6&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=4097&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=32
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13528
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ondemand.Dropdown.0890ced0fe3b29a4c947.js Show response
platform.twitter.com/_next/static/chunks/ Frame DA89 7 KB
3 KB 14ms
13ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/ondemand.Dropdown.0890ced0fe3b29a4c947.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB9) /
Resource Hash: 1c0486acafe63a074adbd08ecc9cad99ee106f3701e2b93c2a75533774f7faba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:43 GMT
Content-Encoding: gzip
Age: 2994791
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2822
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
Server: ECS (amb/6BB9)
Etag: "ee85bb78f0eb1080fd5fc8c4d4cddbb8+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 jot
syndication.twitter.com/i/ Frame DA89 43 B
127 B 132ms
132ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1705310083904%2C%22event_namespace%22%3A%7B%22action%22%3A%22no-results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fj-hero.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22jetpack%22%2C%22widget_site_screen_name%22%3A%22jherocom%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22d2b21d1%3A1693532938118%22%2C%22widget_data_source%22%3A%22screen-name%3AJHEROCOM%22%7D&session_id=8095b1120d61630a7cce339cdb9ec1e3d4af95b7

Requested by

Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/JHEROCOM?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=500px&origin=https%3A%2F%2Fj-hero.com%2F&partner=jetpack&sessionId=8095b1120d61630a7cce339cdb9ec1e3d4af95b7&showHeader=true&showReplies=false&siteScreenName=jherocom&theme=light&transparent=false&widgetsVersion=2615f7e52b7e0%3A1702314776716

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://syndication.twitter.com/srv/timeline-profile/screen-name/JHEROCOM?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=500px&origin=https%3A%2F%2Fj-hero.com%2F&partner=jetpack&sessionId=8095b1120d61630a7cce339cdb9ec1e3d4af95b7&showHeader=true&showReplies=false&siteScreenName=jherocom&theme=light&transparent=false&widgetsVersion=2615f7e52b7e0%3A1702314776716
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-response-time: 110
date: Mon, 15 Jan 2024 09:14:43 GMT
strict-transport-security: max-age=631138519
last-modified: Mon, 15 Jan 2024 09:14:43 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: fcd8aef69d724a52
cache-control: must-revalidate, max-age=600
perf: 7469935968
x-connection-hash: 3a478189b0f0db0501f9fbcdfaeff6c60c4ac7d71d62ea6123b45eabb2f10f07
content-length: 43

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 115ms
58ms Preflight
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 15 Jan 2024 09:14:43 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8BF2 41 KB
14 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9SAxp27kTmo8MPgyETufvxMToJOxxyFCq-8Ue35Vcs0yGIypo3R7GvUCpARyy0jXI9954538C2la76iIofJzfw4Aq45a-SErbu0nown-JKTU5wojdOSwJMg5EB9zfMa_8EkBg1mHvhqIZvobkyi6FoeZIjgailZt0MHBh_fb9yRsH4Xg&cry=1&dbm_d=AKAmf-DsXdqk3AZC9JUE2YvhaLUEpM2YmyOW4Lx6mY5I-iWeLgUOuVP10AAZVv3FLd0YOD81DpTMABOpRhqanoIw4G-YcS-zxQvf_DGCWDZeDUw_z7Z0OcvpbSL2QZoMTZRrV06tbZpL85IjRy3-X6MITF2DVwSj588S4leMYBQPHB9se7SMf6DX6qV9XoaGZjvHqlCTHkYZTvmBPyh6_RglatIt-DyeA5e9LkdBw-7REl08uTxFCuHA0UAagprrlnWOUdzmWD8Thp26gz4vuMl-iOIcMkWTg0D8zryEs5bofcBLS_Mmt37RVZ-7d5Iwby8aLLMI106GuX5JHU6NXv5MHIiAJhrTqobu30VGZlBtA_ImztixrDH7XpQqBkqqZTqsXZ32Dhdhh3sR1f-qyWWJxlI3mPApGwd3cJwviu1P9NajgGfiNlUyfK_6jZeY0Kexz3KzGKRUfEs9fSpRPjNGEe8wAY5OjWo5CmYpJzk6G0MlPpIltpQ0utymwiNw1GH6tIBDw0ZJ-ho3vFok2FWB093KCVFLbSSiqCLqSV5Ld1b69WQOjyug17ZOiUGTEBEsxcf4_f8NHlZOI-nL29oBtbjHNd6zmkEMnnnXmKzgD2CyOvwxxaK4AJHUhxi_RqNnozRdOBXM-vJPOsHmjQAOaTZ4TCQ7STKjpdq_6jhw4_Yde__7UDHaGKTPnjghzwXIk1RTiSTUoAzpebDVoxs4WhVHxELTmTxyHDH4EEkDh_bYheJKPiNPCg49Cs2bgnlSoKwrDOe7AxWByUzO8TjkgyehjLDD_d3Nvk0NT0MLN3q9Iybu3qyf9AxFU-M988-p2iMp3t9C3VenqVhQ6dUID3NLf5SSa38OlILakxR5eANWRAYzLG1DPOEopKF0X76Wy9kojfUPiCl3S9FJi1tednXYlf3B-oklvisPrRDtFqOM8Z83KckrCu9YAvUUAK6wezVx1Ubluj_wlBYw_dYgNG-HTtCiZQxiqBVy7xkJTTY8Sf2ECAmKkH24NEsVAhXrOIovJhVUO16GyD0ISfMf3TPdVlNnjcRKY2V5OPq6E_KJWNvHOfgGya_fBRnSiixfLDeMXw9MRiyzWGBrJzAnr3MREGykSaG9bscCMrBpP_bFivdefo89QGCg2zVqjVrFfl1bCC_EWwUzJuEW6AgWPr0zGYkRX7P86bnoXFhfLSIAAYUuTGYryNAyMRt6IKKBj3z6A6IKc8tOAwJfupi6sLSPdnYRQBe1CB1G-8VDPD_5wt-LfNsJclr01p1uqw7YOJTYKLVG9NUszz_cH1wWnSgM1DFSBIwRrwGraSGvJG9E7sd2q16C2Ot9EJP5gfPttqPszl7BQU75tkBAdVR98qWVTGE_aiSaIGGcM8T8wP5uf6ShqoX5ofu4jJYYx7vOj-4sSLXucr2-1x1Wlv_bm-jYL3m4PthoRjkv_dvIse47daOgiIZrQgWiyzF5rrn9cUiuikMR8JtBUbWRdguvGQqqaWBFg0H18nwiRTSZ6BAzUdKF-0caBV0yeuRTC8vE7D5tXhtncgaVmU0lHF3jMylVK8W8JKVP59wSQN05NwXkcjP9Q3XrUB95dOTO6-Ha6JXSHpot5RzuglcbilyhBD8BGPWa0knIPU0eS_25gpSGGAsJwHUZQ9FmzU71X5TIfzn9SgEuQ0V8w5ewvmx4XwtHMwjrr_RAOXDPuhraJOoExvm0kdzrtcBt-LUhQUZXc83RW8ISSK5s5Yd_6lXJT4B25INgOE8FzZFAx847WfCGm9Y4cNCU4gZ_cCXwk5Ucq8E0C702iZFmduDs1MDnt0p5Ei4i2HOLkZ1caHjS9MESXljUXRpSrznRXtyXS1ySwymFRwtyALn8ZE-_aKUioMSHY7dlbpHpbHT5KWfb2oNumBRSEg8mqV-R0itsuu6BZhdKRV13rNH61xB58-Je8ExD7d2avavmB1V6dY8aT6S2uThh3JdjrTPjeKpmvWDb13PtQB6CmSuhSt_ymAUNnQVQ_ymxfqD2QvqKFB7buHcI7kbvNUSsM1HfsWdkYJy779j7UzKzp_WZZF7rkAVcq59biGxdiCvbZW8CJq59RkHwBsuQ_vdfpaTxOeteYdIu220b1rEwBvOBg09jtHWggV-VZAI-GPB_x1ceHLz5UOHgFe9aD6NMtCcL63JXSL6sa_XhmqtFnmVzK6ITAtul3tP5WgoV3kyEsoBu3nK876iOnNMq0KzbjTTxDvInlz9cefy6IOGOseMOkiyfPQ12xT0iJO9sWT5k52PpSQqaJViNwdfAP7jSjVP4nJ22_BRYMO-njg9JkomploMeZpOJEkjJRJtj3Lz-H4tlGyhzhFrPG5dGDOWUJFS0cw2YPx6i-JzJitDbHclM6RrGoLXTuAljr9Q4A2IZ0MT60UQ4r4xIr7KNb_kMmLUCLxEbuHzm0p959A3CbBOhu7Y_1MCYSqzSff6XkId8yaDVXzjzMi-AIgOuHyL-Cj6dZkIpKJPS5MUDuYgLKuGxzeBCH0LT9CXV9ojUbnHzkWjZYp5Om3rhl9kmsxtPhNsSe2oELcoztZBlIVnlCEAZIorlGM697VEzEWc4xR88khCx7Q9t_EWOkRF00DQ4d8gmK74Ktf7yWRJd3aPdYDOz7SD2rtboE8A76H8lv4QLGQQH7CdgeLBj-S4UHvP2qzZmZyMwfzXkv-KgXJPaU_aQsEN2q54IQ0r3p6fu6EVLCggkNK5aK2O5h3_jfADLscbmk7Y3bt3Eojc9F3B-InluzhUjozZBjh6hSlePzTeDYmn0XlsHPJXFMsYvO8V_0VRGiRxXMzybeHk47IQKBSRS3XsFLwF-l9JCrjzEJ1ZK9Gqg7F7aElkuUmmoPh6EaAekQy3-7WUt6oWopwpfsvvEza-IktCk0O8wAWJ5M0OhOAYFpnaYxXtrKxCk4Vymi59bpSdT2evgwzOAY1sReSkX4cvnom4L89aw61jf12vXpDJxamHSGCtZ089Xkzn-pW0XeWbBMdRHWTtqDSXi1ZmFuUM6-TsoqyeJJnrtKkeeudiPNS7RSTds5o7c18EMv9XUqsMNPrOKpZ4JQkMZaPls5IfyMwRBbLflw0VtHr43Cs1FBnwAoQZAjMAB5k3jEoean9MB166E890N8eysfs5qQfv6XZar0LzYZ_UlLvbZTqI5-F-y_aKV6Ac_fN1if_5D8sDIS_H7peqiJ_pVE89fPriFtc6MTtIvbMNc-px352z_73_aV6RMRqOGrbcdG-jtlucCDt0TOs-tmjQXjGlkx-AAm1sjkFbq_2_bwixt4w7wiWQmY_n_ZWjJVKM7zR9U64j2zQYskKojB7KYARq9iQ5lshDpukq2yRTPOH7UAJNfbVZ8IHU3tVot1_OxpL4V8mu3lfkh853U5YxJV1U4d6_OlbH6O0tMlKUHZwElwdWi_UjUJmlZ4DuRDgXF3QqWm-V-9FY3KQaVtOQvV1tvueGmDdoYp2Ix39UlQdsQjvlNirArJ2qOfOmuecrJ_hj1AFcYC-KNcypwGmBY3sVHCP8xkJsPY1Uibk0jyFOcxlaU-GIE2BLtOFA0M_KoIGWxdM8uUr38ZxsKpAFjw2iV9EaM4eiIie6A_6dJ26Ao4Iy4U_nQDppgwP0m6eAsPe59BPGgkYGTtvKleWI56b1HtSGJp291_P_4PUSK6WNjFlHiYRxB6heLnv8_sL17qt4OvfBa6F9PJaNj9SYohrKMLTlZEloYCJI8dqkq1S5nJNxiTvCnOAC52mSxz-xi6B0u4iRGvlPl3TQ3i2sQYxIf2z9Ou6GCki0PKwPgoTDo0c1ZxPkRK4HF9dXP09G3F827Qn7vriaby4r-uHhnv90rz0eDERmJRe_fduDTOamzPeV7ddvhuJL-EhYxyR5VGEXpTV2P4ElQFr2sCnpaLa0k0qLWPvWPS__fmT_JNA&cid=CAQSOwAvHhf_XXhea4S6iDmqtHoNYJ7GgwC-I0rsAiWvEW_cjlxky2uJLMyTdNqEHJWGNdDCsSKkGHdJXox2GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.j-hero.com%2F&ds=l&xdt=1&iif=1&cor=13003113613522577000&adk=1935140219&idt=216&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 20:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 220015
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 20:07:48 GMT

GET
H3 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTMxMDA4MzgyNDYyMgogIHNlcnZlcl9pcDogMTI2MDY5NzIxCiAgcHJvY2Vzc19pZDogMTY5NTI3OTU0NQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUy...
ad.doubleclick.net/ddm/activity/ Frame 8BF2 0
22 B 57ms
57ms Image
image/png 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTMxMDA4MzgyNDYyMgogIHNlcnZlcl9pcDogMTI2MDY5NzIxCiAgcHJvY2Vzc19pZDogMTY5NTI3OTU0NQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9hZG9iZS5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogOTcyOTM1ODIzNzQ0NjM3MDg3MgpkZWJ1Z19rZXk6IDU4Nzk5NTc4NjI4ODc2NTY3NjcKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAxLTE1IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogOTIxMjI1MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM4NDI3ODQ1OQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNzM5OTQ4OTY2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE4NTA3MzQ2Nzg4CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNTQxMjI0OTY5CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2Fkb2JlLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2ZsYXNodGFsa2luZy5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4xLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=2004900475&pi=t.aa~a.2363856613~rp.3&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2010&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280%2C326x250%2C678x280&prev_slotnames=8054381891&nras=6&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=4097&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:43 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x3892ecb214b8b0690000000000000000","13":"0xd488973b39a1aaa0000000000000000","14":"0x6b89db89ead353450000000000000000","15":"0x1a4beba7dd16ce740000000000000000"},"debug_key":"5879957862887656767","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"9729358237446370872"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/1/225038;7982913;201;js;DV360;DV360FY20CCBEHInMarketNLDSKBAN300x250/ Frame 8BF2 2 KB
1 KB 22ms
22ms Script
text/javascript 23.197.10.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/imp/1/225038;7982913;201;js;DV360;DV360FY20CCBEHInMarketNLDSKBAN300x250/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwww.j-hero.com%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_partnerimpid=ABAjH0gMEDPsIkQDzjTrMb8AXA47&bundle_id=&site_url=https://www.j-hero.com/&pub_id=1&sup_platform=1&cachebuster=448708.4540408841

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=2004900475&pi=t.aa~a.2363856613~rp.3&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2010&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280%2C326x250%2C678x280&prev_slotnames=8054381891&nras=6&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=4097&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=32

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.197.10.234 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-10-234.deploy.static.akamaitechnologies.com

Software

prod-xre-app6.frk11 /

Resource Hash

cbb295c31cc22395174ac1691d4a5a7e63a890323a941af98c7ffebe85fd9878

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Jan 2024 09:14:43 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app6.frk11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 897
Expires: Mon, 15 Jan 2024 09:14:43 GMT

GET
H/1.1 200
OK ftUtils.js Show response
ajs-assets.ftstatic.com/ Frame FBAF 86 KB
27 KB 92ms
23ms Script
application/javascript 95.101.111.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ajs-assets.ftstatic.com/ftUtils.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/225038;7982913;201;js;DV360;DV360FY20CCBEHInMarketNLDSKBAN300x250/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwww.j-hero.com%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_partnerimpid=ABAjH0jJH9BAKvqCUFwUBlbgDvBp&bundle_id=&site_url=https://www.j-hero.com/&pub_id=1&sup_platform=1&cachebuster=235176.0571027104
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.174 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-174.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c8398e3a12c77db0695fb66a0b180d4492ccfe268435a59abdb9a056bbbf92a8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:43 GMT
Content-Encoding: gzip
Akamai-Cache-Status: Miss from child
x-amz-request-id: 5KSD911X9EWS2H7X
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 26311
x-amz-id-2: g8iVpy/YbntZwgyDc4jX40BFKWOqnjqR/bnFXitPqM/pAmC7cchOocp4K0ZGon7KG1EcIUZlHggxjcosGBh7ew==
Last-Modified: Thu, 11 Jan 2024 16:43:14 GMT
Server: AmazonS3
ETag: W/"3643773625f898f1236b1c08c2d13631"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary: Accept-Encoding, Accept-Encoding
Cache-Control: max-age=86400
X-Varnish: 804587312 795037187
Accept-Ranges: bytes
Expires: Tue, 16 Jan 2024 09:14:43 GMT

GET
H/1.1 200
OK ftUtils.js Show response
ajs-assets.ftstatic.com/ Frame FD4E 86 KB
27 KB 84ms
27ms Script
application/javascript 95.101.111.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ajs-assets.ftstatic.com/ftUtils.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/225038;7982913;201;js;DV360;DV360FY20CCBEHInMarketNLDSKBAN300x250/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwww.j-hero.com%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_partnerimpid=ABAjH0hgrDd0r7fGPzC-4KLH2tIS&bundle_id=&site_url=https://www.j-hero.com/&pub_id=1&sup_platform=1&cachebuster=316986.49327212805
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.174 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-174.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c8398e3a12c77db0695fb66a0b180d4492ccfe268435a59abdb9a056bbbf92a8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:43 GMT
Content-Encoding: gzip
Akamai-Cache-Status: Miss from child
x-amz-request-id: 5KSD911X9EWS2H7X
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 26311
x-amz-id-2: g8iVpy/YbntZwgyDc4jX40BFKWOqnjqR/bnFXitPqM/pAmC7cchOocp4K0ZGon7KG1EcIUZlHggxjcosGBh7ew==
Last-Modified: Thu, 11 Jan 2024 16:43:14 GMT
Server: AmazonS3
ETag: W/"3643773625f898f1236b1c08c2d13631"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary: Accept-Encoding, Accept-Encoding
Cache-Control: max-age=86400
X-Varnish: 804587311 795037187
Accept-Ranges: bytes
Expires: Tue, 16 Jan 2024 09:14:43 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9650 38 KB
13 KB 19ms
18ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 205433
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 00:10:50 GMT
expires: Sun, 12 Jan 2025 00:10:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3262 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 205433
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 00:10:50 GMT
expires: Sun, 12 Jan 2025 00:10:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK viewability Show response
hal900030.redintelligence.net/ Frame E7F7 0
150 B 72ms
26ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/viewability?s=33378500045426904444460012570030&a=b318d333&vb=m
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=33378500045426904444460012570030&a=777ffa8b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Ludwigshafen am Rhein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900030.redintelligence.net/request_content.php?s=33378500045426904444460012570030&a=777ffa8b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:44 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame E7F7 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK ftUtils.js Show response
ajs-assets.ftstatic.com/ Frame 8BF2 86 KB
27 KB 64ms
25ms Script
application/javascript 95.101.111.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ajs-assets.ftstatic.com/ftUtils.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/225038;7982913;201;js;DV360;DV360FY20CCBEHInMarketNLDSKBAN300x250/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwww.j-hero.com%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_partnerimpid=ABAjH0gMEDPsIkQDzjTrMb8AXA47&bundle_id=&site_url=https://www.j-hero.com/&pub_id=1&sup_platform=1&cachebuster=448708.4540408841
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.174 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-174.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c8398e3a12c77db0695fb66a0b180d4492ccfe268435a59abdb9a056bbbf92a8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:44 GMT
Content-Encoding: gzip
Akamai-Cache-Status: Miss from child
x-amz-request-id: 5KSD911X9EWS2H7X
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 26311
x-amz-id-2: g8iVpy/YbntZwgyDc4jX40BFKWOqnjqR/bnFXitPqM/pAmC7cchOocp4K0ZGon7KG1EcIUZlHggxjcosGBh7ew==
Last-Modified: Thu, 11 Jan 2024 16:43:14 GMT
Server: AmazonS3
ETag: W/"3643773625f898f1236b1c08c2d13631"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary: Accept-Encoding, Accept-Encoding
Cache-Control: max-age=86400
X-Varnish: 804587313 795037187
Accept-Ranges: bytes
Expires: Tue, 16 Jan 2024 09:14:44 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame D4B7 38 KB
13 KB 19ms
19ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 205433
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 00:10:50 GMT
expires: Sun, 12 Jan 2025 00:10:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9650 50 KB
19 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 02:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 197172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 02:28:31 GMT

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3262 50 KB
19 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 02:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 197172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 02:28:31 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame D4B7 39 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 08:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Jan 2025 08:09:44 GMT

GET
H2 200 webmssdk_ex.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/ttweb_webmssdk_ex/1.0.0.119/ Frame FCCC 539 KB
163 KB 20ms
20ms Script
application/javascript 23.32.238.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/ttweb_webmssdk_ex/1.0.0.119/webmssdk_ex.js
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/webmssdk/1.0.0.95/webmssdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d4b6686371b616551a8660e8ccb104224e2466ef91853ee69c0e1a212ff32423

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 2548d99c
date: Mon, 15 Jan 2024 09:14:43 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: AtZ23EYeXhMWaDPO8YQvgA==
x-cache: TCP_MEM_HIT from a23-32-238-167.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53314474) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 166203
last-modified: Wed, 13 Dec 2023 21:24:48 GMT
opc-request-id: iad-1:Q3xFEUmFqtJ3DCGlCGRMfj15ijyZReFBadAgOXfPpLuNjsJNwSVM72KlSZSySg3s
x-api-id: native
etag: aa1cd6c5-885d-45e6-b737-6af8c2d5924c
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: fc632328-64ee-4b70-be02-55f327daccdc
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 14 Feb 2024 09:14:43 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7EDD 1 KB
643 B 42ms
41ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 50073
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 19:20:11 GMT
etag: 48472445140208031
expires: Mon, 15 Jan 2024 19:20:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FD4E 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5869f0c593906d75adb43be255e3ff630ee7ab3530e6df6d2179f764548f93a9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0864 1 KB
643 B 27ms
23ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=4004496541&pi=t.aa~a.3602248092~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280&prev_slotnames=8054381891&nras=4&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 50073
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 19:20:11 GMT
etag: 48472445140208031
expires: Mon, 15 Jan 2024 19:20:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FBAF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2fc9836e307baedc942bfd04ab9c695b20e8e7f60b74287def9d35afdb0ead57

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E693 1 KB
643 B 30ms
30ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=2004900475&pi=t.aa~a.2363856613~rp.3&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2010&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280%2C326x250%2C678x280&prev_slotnames=8054381891&nras=6&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=4097&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 50073
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 19:20:11 GMT
etag: 48472445140208031
expires: Mon, 15 Jan 2024 19:20:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8BF2 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 258d0f7e74adf5b87d1973806350e48c14038ce5fe58723add1c0e28664d504d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4274296.json Show response
agen-assets.ftstatic.com/display/7982913/ Frame 8BF2 5 KB
2 KB 320ms
233ms XHR
application/json 108.138.36.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agen-assets.ftstatic.com/display/7982913/4274296.json
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-55.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 539c4305345ae029c4d091fa168bab0beb4c10ea58c7d55551eda4cf9adf1fec

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:45 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/5.2), 1.1 91220e34cbdd95f669dbfd83e711fee6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 19 Dec 2023 16:27:17 GMT
server: AmazonS3
etag: W/"e9354966a734aab3a1eb4615bc317414"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=30
x-varnish: 777848364
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: q7hiEob9jdUIjxhCuaruQHVcPWmPyvbt53ZOVMvw65_xFEp2swtO8w==

OPTIONS
H2 200 browser-settings
mon-va.byteoversea.com/monitor_web/settings/ Frame 0
0 373ms
110ms Preflight
application/json 147.160.191.131
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=webmssdk&store=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

147.160.191.131 , United States, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-origin: https://www.tiktok.com
access-control-max-age: 600
access-control-request-method: POST,GET,OPTIONS
bd-request-id: 478784402feceecc01dbdc2a9010b868
cache-control: public, max-age=600
content-encoding: br
content-type: application/json; charset=utf-8
date: Mon, 15 Jan 2024 09:14:44 GMT
server: Tengine
server-timing: cdn-cache;desc=MISS, inner; dur=5, origin;dur=92, edge;dur=1
strict-transport-security: max-age=31536000;includeSubDomains
upstream-caught: 1705310084452133
vary: Origin, Accept-Encoding
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain: mon-va.byteoversea.com
x-outhost: mon-va.byteoversea.com
x-tt-logid: 20240115091443B71E21D81F56DB0AFCBD
x-tt-trace-host: 01c554b38239ff32bc286f6ab99ac6c3aadcbc32ace4f53cf18fe6653b9c6801e6e0ac727d6aaa8f4116f0f657af1b91593210fc3c739accf8db11dd5b7c26c59fece5067f93e92de3980ea181fe424c9520d55bea0b0c61e360d839afec13062c
x-tt-trace-id: 00-240115091443B71E21D81F56DB0AFCBD-31EB4C92360365CF-00
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net

GET
H2 200 browser-settings Show response
mon-va.byteoversea.com/monitor_web/settings/ Frame FCCC 1 KB
1 KB 158ms
120ms XHR
application/json 147.160.191.131
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=webmssdk&store=1

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/webmssdk/1.0.0.95/webmssdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

147.160.191.131 , United States, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

10fa3054a5f965bbbe031e3953c56219c65fda919c8c069e992e2ea00b194271

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Referer: https://www.tiktok.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 15 Jan 2024 09:14:44 GMT
access-control-request-method: POST,GET,OPTIONS
content-encoding: br
strict-transport-security: max-age=31536000;includeSubDomains
upstream-caught: 1705310084608253
x-tt-trace-tag: id=31;cdn-cache=miss
x-tt-trace-id: 00-24011509144344464E840001AD07429E-67EEEB39134E726A-00
x-upstreamname: origin_maliva-normal-lb.byteoversea.net
server-timing: cdn-cache;desc=MISS, inner; dur=10, origin;dur=100, edge;dur=-1
server: Tengine
x-tt-logid: 2024011509144344464E840001AD07429E
x-outhost: mon-va.byteoversea.com
x-outdomain: mon-va.byteoversea.com
access-control-max-age: 600
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tiktok.com
cache-control: public, max-age=600
access-control-allow-credentials: true
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host: 01c554b38239ff32bc286f6ab99ac6c3aa70fc9f5ee998999f99691b28300959dcf0f884ae57d5dc21914ad135f2d1817b036cca366a2f866d3372d22d3fb172006133faa67c07f0e6a08459626d1538a6207e733d6a556334897edce73efce33b
access-control-allow-headers: Content-Type
bd-request-id: 24f1a8ee63b214e401a160fddd1f48ea

GET
H2 200 4274296.json Show response
agen-assets.ftstatic.com/display/7982913/ Frame FBAF 5 KB
2 KB 287ms
232ms XHR
application/json 108.138.36.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agen-assets.ftstatic.com/display/7982913/4274296.json
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-55.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 539c4305345ae029c4d091fa168bab0beb4c10ea58c7d55551eda4cf9adf1fec

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:45 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/5.2), 1.1 91220e34cbdd95f669dbfd83e711fee6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
last-modified: Tue, 19 Dec 2023 16:27:17 GMT
server: AmazonS3
etag: W/"e9354966a734aab3a1eb4615bc317414"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=30
x-varnish: 777848364
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: ClFJjeKfN7hvlWDm0eOL8d1ycD52y-V0FG-c7Ot9pWuDK2zHVgrZFA==

GET
H2 200 4274296.json Show response
agen-assets.ftstatic.com/display/7982913/ Frame FD4E 5 KB
2 KB 288ms
234ms XHR
application/json 108.138.36.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agen-assets.ftstatic.com/display/7982913/4274296.json
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-55.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 539c4305345ae029c4d091fa168bab0beb4c10ea58c7d55551eda4cf9adf1fec

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:45 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/5.2), 1.1 91220e34cbdd95f669dbfd83e711fee6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 19 Dec 2023 16:27:17 GMT
server: AmazonS3
etag: W/"e9354966a734aab3a1eb4615bc317414"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=30
x-varnish: 777848364
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: d6CHNYQl9x442zb0HpsQaeq0S51xfT3wnjXqTYTEJskVjry5xA4rMg==

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 7EDD 0
104 B 129ms
68ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEO-7hgxFHOFftU0dnBfYKAE&google_cver=1&google_push=AXcoOmRukZ_59NUPKwli62qhq9fLykEpXc1ez3DE7lx6OOfV6jPxFgtD2bAlZCQhhbtpdPcFuVXGj_5D-j1-vylV8nnHPBbpSGRIHw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=2567986831&pi=t.aa~a.3602219927~rp.1&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0&prev_slotnames=8054381891&nras=2&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1290&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 7EDD
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEH2Ltg8LaK8q35jdLINUdJA&google_cver=1&google_push=AXcoOmRz0OG3lEivPhHGtxt4hkP93dqIlY-mCQ7XHblBYSlhgP-9CaMXygQcDNVlwpdFOPk_BITCjWy_O9_lgEt5EcK1LgPR8ZDLE...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH2Ltg8LaK8q35jdLINUdJA&google_cver=1&google_push=AXcoOmRz0OG3lEivPhHGtxt4hkP93dqIlY-mCQ7XHblBYSlhgP-9CaMXygQcDNVlwpdFOPk_BITCjWy_O9_lgEt5EcK1LgPR8ZD...

43 B
420 B

174ms
165ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH2Ltg8LaK8q35jdLINUdJA&google_cver=1&google_push=AXcoOmRz0OG3lEivPhHGtxt4hkP93dqIlY-mCQ7XHblBYSlhgP-9CaMXygQcDNVlwpdFOPk_BITCjWy_O9_lgEt5EcK1LgPR8ZDLEL0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRz0OG3lEivPhHGtxt4hkP93dqIlY-mCQ7XHblBYSlhgP-9CaMXygQcDNVlwpdFOPk_BITCjWy_O9_lgEt5EcK1LgPR8ZDLEL0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 845d029b5bae670b-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 324
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH2Ltg8LaK8q35jdLINUdJA&google_cver=1&google_push=AXcoOmRz0OG3lEivPhHGtxt4hkP93dqIlY-mCQ7XHblBYSlhgP-9CaMXygQcDNVlwpdFOPk_BITCjWy_O9_lgEt5EcK1LgPR8ZDLEL0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRz0OG3lEivPhHGtxt4hkP93dqIlY-mCQ7XHblBYSlhgP-9CaMXygQcDNVlwpdFOPk_BITCjWy_O9_lgEt5EcK1LgPR8ZDLEL0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 845d029a3999670b-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7EDD
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECUy-6DBY1Nb1d2gcTmHpCs&google_cver=1&google_push=AXcoOmQuWA3EcuL2ZMcaE-ovAt9Z2hUCng07823vF9DIhwSsflCFSvGSftpc5enMB-lqPHirdf04Arb_jfGqRHQLpG4mMNX...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQuWA3EcuL2ZMcaE-ovAt9Z2hUCng07823vF9DIhwSsflCFSvGSftpc5enMB-lqPHirdf04Arb_jfGqRHQLpG4mMNXD6mkmOE8&google_hm=eS1KcWNvdm5kRTJwRnM...

170 B
188 B

30ms
30ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQuWA3EcuL2ZMcaE-ovAt9Z2hUCng07823vF9DIhwSsflCFSvGSftpc5enMB-lqPHirdf04Arb_jfGqRHQLpG4mMNXD6mkmOE8&google_hm=eS1KcWNvdm5kRTJwRnMwTEJDNGtfQWo5OFlnTzNvbGVTS35B

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 15 Jan 2024 09:14:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQuWA3EcuL2ZMcaE-ovAt9Z2hUCng07823vF9DIhwSsflCFSvGSftpc5enMB-lqPHirdf04Arb_jfGqRHQLpG4mMNXD6mkmOE8&google_hm=eS1KcWNvdm5kRTJwRnMwTEJDNGtfQWo5OFlnTzNvbGVTS35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7EDD
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELgdb4_MdIEY08s5uuJcWIs&google_cver=1&google_push=AXcoOmTqapn4V1sALql9aGRYJryChuvgcnF-HuTVeZgQJyyatAzms0E_brG0Qk0_JfixS68p6YJuFs7U...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQ5NjA5MTM2NDc3MTcxMjM5MQ&google_push=AXcoOmTqapn4V1sALql9aGRYJryChuvgcnF-HuTVeZgQJyyatAzms0E_brG0Qk0_JfixS68p6YJuFs...

170 B
188 B

30ms
30ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQ5NjA5MTM2NDc3MTcxMjM5MQ&google_push=AXcoOmTqapn4V1sALql9aGRYJryChuvgcnF-HuTVeZgQJyyatAzms0E_brG0Qk0_JfixS68p6YJuFs7UVVgBrU_meX_SmENLtS-NlQ

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQ5NjA5MTM2NDc3MTcxMjM5MQ&google_push=AXcoOmTqapn4V1sALql9aGRYJryChuvgcnF-HuTVeZgQJyyatAzms0E_brG0Qk0_JfixS68p6YJuFs7UVVgBrU_meX_SmENLtS-NlQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7EDD
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEK86pE3zf5DeMz1pUZh6GYY&google_cver=1&google_push=AXcoOmRa_A3Hkv55Yx24kj-e3fw5cUef-pFqPord83ODdLMT3_o142XDjMHsZlgN38xMrtVqvmNhZ5NEi4kepgDWt-OZ4pm...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEK86pE3zf5DeMz1pUZh6GYY&google_cver=1&google_push=AXcoOmRa_A3Hkv55Yx24kj-e3fw5cUef-pFqPord83ODdLMT3_o142XDjMHsZlgN38xMrtVqvmNhZ5NEi4kepgDWt-OZ4...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRa_A3Hkv55Yx24kj-e3fw5cUef-pFqPord83ODdLMT3_o142XDjMHsZlgN38xMrtVqvmNhZ5NEi4kepgDWt-OZ4pm8HXRmWRw

170 B
188 B

30ms
29ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRa_A3Hkv55Yx24kj-e3fw5cUef-pFqPord83ODdLMT3_o142XDjMHsZlgN38xMrtVqvmNhZ5NEi4kepgDWt-OZ4pm8HXRmWRw

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRa_A3Hkv55Yx24kj-e3fw5cUef-pFqPord83ODdLMT3_o142XDjMHsZlgN38xMrtVqvmNhZ5NEi4kepgDWt-OZ4pm8HXRmWRw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7EDD
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMzUxyYALJmvRXHx7psAD_w&google_cver=1&google_push=AXcoOmRiB7WsJc-V6UtGMKpKHmG0Bo4Skm8V95aoAUkrIzGqBIP-m06RIwz6P8Em_M0tGLrzaP6FSRhIi38S...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRiB7WsJc-V6UtGMKpKHmG0Bo4Skm8V95aoAUkrIzGqBIP-m06RIwz6P8Em_M0tGLrzaP6FSRhIi38Snic-TqQOdRa91gzJZc0

170 B
188 B

34ms
34ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRiB7WsJc-V6UtGMKpKHmG0Bo4Skm8V95aoAUkrIzGqBIP-m06RIwz6P8Em_M0tGLrzaP6FSRhIi38Snic-TqQOdRa91gzJZc0

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRiB7WsJc-V6UtGMKpKHmG0Bo4Skm8V95aoAUkrIzGqBIP-m06RIwz6P8Em_M0tGLrzaP6FSRhIi38Snic-TqQOdRa91gzJZc0
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 7EDD
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECW4BGoLhjUX...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmR_u1FYO1-JWohSVlGbdoIakYN9Z0C10fj0quUHtj13Lw0fHUeSVJCUN1Bmc3txoflv0Y3EYQxt32ZrYKJdz1iOfNRjCoacYNlH
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

54ms
54ms

Image
image/gif

95.101.185.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Server: 95.101.185.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-124.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Mon, 15 Jan 2024 09:14:44 GMT
pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7EDD 0
12 B 27ms
27ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LqaFCf488FeVnZRtRG-kTxMqzSTIWjCeWPSJhytsPpyEXXAriElQ2EwUwHcEidWQ7xI2sCdQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 0864 0
103 B 119ms
69ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEO-7hgxFHOFftU0dnBfYKAE&google_cver=1&google_push=AXcoOmRD9OSDEERcVNiWwfElTfj9LOT0743eTh3AAjF4jhLozYPd7s-ZtMhumMQuKJXjeDdGjhTMILlKjMXgkyzh3teIOn9WG0NgSBE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=4004496541&pi=t.aa~a.3602248092~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280&prev_slotnames=8054381891&nras=4&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 0864 70 B
148 B 30ms
29ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIB-Sx2b89XZfHywIylitqg&google_cver=1&google_push=AXcoOmQS6yJJSYm2PxGTQzAD87p2MBHgEyx0p62mI4fmDQDQg76HbJiZhYwwBNBV3MHaJpxp3wUNsYqm2w-QHvy6XIg-iQ7qjY2_nT4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=4004496541&pi=t.aa~a.3602248092~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280&prev_slotnames=8054381891&nras=4&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:44 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0864
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJk7E0Bhjj9sKm7QMduAnUE&google_cver=1&google_push=AXcoOmSesxL6GY1jPNKtXpw-HpVe6I_Mh7a4tm7yzsUMTXmpoOzZ7q4Pxu3NsVmJpAWJHyAoog4mD9fVxKKOg5lq...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=prIV-KNCScIJ5F1knJvCnQ&google_push=AXcoOmSesxL6GY1jPNKtXpw-HpVe6I_Mh7a4tm7yzsUMTXmpoOzZ7q4Pxu3NsVmJpAWJHyAoog4mD9fVxKKOg5lqeu4Mz3K8y_C9gE8

170 B
188 B

35ms
35ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=prIV-KNCScIJ5F1knJvCnQ&google_push=AXcoOmSesxL6GY1jPNKtXpw-HpVe6I_Mh7a4tm7yzsUMTXmpoOzZ7q4Pxu3NsVmJpAWJHyAoog4mD9fVxKKOg5lqeu4Mz3K8y_C9gE8

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 15 Jan 2024 09:14:44 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=prIV-KNCScIJ5F1knJvCnQ&google_push=AXcoOmSesxL6GY1jPNKtXpw-HpVe6I_Mh7a4tm7yzsUMTXmpoOzZ7q4Pxu3NsVmJpAWJHyAoog4mD9fVxKKOg5lqeu4Mz3K8y_C9gE8
x-host: tde-deliveryengine-production-5db7bf8975-f92gx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0864
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECUy-6DBY1Nb1d2gcTmHpCs&google_cver=1&google_push=AXcoOmRqH1u-gYN64BNSmthJfZNO_Vx1_KsMDU2ISmeq57ELWJib9IlK_TbUvdWM6UczWE8aMzhQsc4SJG5UVRKUtW7sgc6...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRqH1u-gYN64BNSmthJfZNO_Vx1_KsMDU2ISmeq57ELWJib9IlK_TbUvdWM6UczWE8aMzhQsc4SJG5UVRKUtW7sgc68tOx5CYU&google_hm=eS1SbmRJS21WRTJwRkh...

170 B
188 B

29ms
29ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRqH1u-gYN64BNSmthJfZNO_Vx1_KsMDU2ISmeq57ELWJib9IlK_TbUvdWM6UczWE8aMzhQsc4SJG5UVRKUtW7sgc68tOx5CYU&google_hm=eS1SbmRJS21WRTJwRkhwcDRpQjdYQkZtejNjaWp6dDJ0Zn5B

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 15 Jan 2024 09:14:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRqH1u-gYN64BNSmthJfZNO_Vx1_KsMDU2ISmeq57ELWJib9IlK_TbUvdWM6UczWE8aMzhQsc4SJG5UVRKUtW7sgc68tOx5CYU&google_hm=eS1SbmRJS21WRTJwRkhwcDRpQjdYQkZtejNjaWp6dDJ0Zn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0864
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELgdb4_MdIEY08s5uuJcWIs&google_cver=1&google_push=AXcoOmQljTcZBGQcWhA8snzcC23QDN586qlTyksNKR-2VK9yAUGvf1Jyubevf9g47_nR52QxpI4uxGDX...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQ5NjA5MTM2NDc3MTcxMjM5MQ&google_push=AXcoOmQljTcZBGQcWhA8snzcC23QDN586qlTyksNKR-2VK9yAUGvf1Jyubevf9g47_nR52QxpI4uxG...

170 B
188 B

30ms
30ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQ5NjA5MTM2NDc3MTcxMjM5MQ&google_push=AXcoOmQljTcZBGQcWhA8snzcC23QDN586qlTyksNKR-2VK9yAUGvf1Jyubevf9g47_nR52QxpI4uxGDXyI4f34AYvjv0EX_NhPbQqgQ

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQ5NjA5MTM2NDc3MTcxMjM5MQ&google_push=AXcoOmQljTcZBGQcWhA8snzcC23QDN586qlTyksNKR-2VK9yAUGvf1Jyubevf9g47_nR52QxpI4uxGDXyI4f34AYvjv0EX_NhPbQqgQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0864
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEK86pE3zf5DeMz1pUZh6GYY&google_cver=1&google_push=AXcoOmSXb5YRnsjpIG9YMUBu-WV5HezM5UCjU_pn1vTrkSSO7y7BHKQKnaYGmsuphiRV5_w9X5IJKqa-8RenI8twtXNJ-xV...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEK86pE3zf5DeMz1pUZh6GYY&google_cver=1&google_push=AXcoOmSXb5YRnsjpIG9YMUBu-WV5HezM5UCjU_pn1vTrkSSO7y7BHKQKnaYGmsuphiRV5_w9X5IJKqa-8RenI8twtXNJ-...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSXb5YRnsjpIG9YMUBu-WV5HezM5UCjU_pn1vTrkSSO7y7BHKQKnaYGmsuphiRV5_w9X5IJKqa-8RenI8twtXNJ-xVJrqiTuNI

170 B
188 B

37ms
36ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSXb5YRnsjpIG9YMUBu-WV5HezM5UCjU_pn1vTrkSSO7y7BHKQKnaYGmsuphiRV5_w9X5IJKqa-8RenI8twtXNJ-xVJrqiTuNI

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSXb5YRnsjpIG9YMUBu-WV5HezM5UCjU_pn1vTrkSSO7y7BHKQKnaYGmsuphiRV5_w9X5IJKqa-8RenI8twtXNJ-xVJrqiTuNI
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0864
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELgdb4_MdIEY08s5uuJcWIs&google_cver=1&google_push=AXcoOmQCFVEkE7ekEnNFCFOJwqW5C1xaPBNnAmXJe_OLjaRvSBvWcrGERNxTtfXSYsJXcuiOgEzyP702...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQ5NjA5MTM2NDc3MTcxMjM5MQ&google_push=AXcoOmQCFVEkE7ekEnNFCFOJwqW5C1xaPBNnAmXJe_OLjaRvSBvWcrGERNxTtfXSYsJXcuiOgEzyP7...

170 B
188 B

29ms
29ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQ5NjA5MTM2NDc3MTcxMjM5MQ&google_push=AXcoOmQCFVEkE7ekEnNFCFOJwqW5C1xaPBNnAmXJe_OLjaRvSBvWcrGERNxTtfXSYsJXcuiOgEzyP702cf8DJE4wWRDQMJt3CEZFRe4

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQ5NjA5MTM2NDc3MTcxMjM5MQ&google_push=AXcoOmQCFVEkE7ekEnNFCFOJwqW5C1xaPBNnAmXJe_OLjaRvSBvWcrGERNxTtfXSYsJXcuiOgEzyP702cf8DJE4wWRDQMJt3CEZFRe4
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0864 0
12 B 29ms
28ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JMMMyJM_dzGJeqB6R2GrD6zALXQwts34dc2qx4JPvLb4fQuHsvZ1RP1rY_v1V19d01YDl_

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=4004496541&pi=t.aa~a.3602248092~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2011&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280&prev_slotnames=8054381891&nras=4&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E693
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEO-dUQuFK6PUFVAE41id4ew&google_cver=1&google_push=AXcoOmS1nd4VgGoXZe01aKih8AGQCWR6yF9kzZETDGsD5V3BTYPKNly_01...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmS1nd4VgGoXZe01aKih8AGQCWR6yF9kzZETDGsD5V3BTYPKNly_01AAthTOQSYYVtlV3jM7zEnppvLZgMaQbtktb1F7Uv1RTAs&google_hm=JDo1214Cy...

170 B
188 B

35ms
35ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmS1nd4VgGoXZe01aKih8AGQCWR6yF9kzZETDGsD5V3BTYPKNly_01AAthTOQSYYVtlV3jM7zEnppvLZgMaQbtktb1F7Uv1RTAs&google_hm=JDo1214CyJ-fSeB1cS3XDw

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmS1nd4VgGoXZe01aKih8AGQCWR6yF9kzZETDGsD5V3BTYPKNly_01AAthTOQSYYVtlV3jM7zEnppvLZgMaQbtktb1F7Uv1RTAs&google_hm=JDo1214CyJ-fSeB1cS3XDw
pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E693
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIXHDqU9F3NQ8xBwM09yH0s&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIXHDqU9F3NQ8xBwM09yH0s&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NnZyVWoxQ20xUnBqM201&google_gid=CAESEIXHDqU9F3NQ8xBwM09yH0s&google_cver=1&google_push=AXcoOmSYRrT1bN62NUbSSbJQUba11bVtkuT0PvLgBUHRPPI...

170 B
188 B

29ms
29ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NnZyVWoxQ20xUnBqM201&google_gid=CAESEIXHDqU9F3NQ8xBwM09yH0s&google_cver=1&google_push=AXcoOmSYRrT1bN62NUbSSbJQUba11bVtkuT0PvLgBUHRPPIr-SUlpd7YG2M1N7CtDItOB1xauywzr5EmwVRk8Yem0kC8H3xK6G6l9qU

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 Jan 2024 09:14:43 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NnZyVWoxQ20xUnBqM201&google_gid=CAESEIXHDqU9F3NQ8xBwM09yH0s&google_cver=1&google_push=AXcoOmSYRrT1bN62NUbSSbJQUba11bVtkuT0PvLgBUHRPPIr-SUlpd7YG2M1N7CtDItOB1xauywzr5EmwVRk8Yem0kC8H3xK6G6l9qU
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame E693
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEH2Ltg8LaK8q35jdLINUdJA&google_cver=1&google_push=AXcoOmQ5lD5AD8IiWnvGH5xsmDQx4HKimAJbdotdKKF2mdMDsA27VhjhJFMz4xucubqaocOGfJ5ItyR3eRkgsmbHLXxKBEZgS-oyR...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH2Ltg8LaK8q35jdLINUdJA&google_cver=1&google_push=AXcoOmQ5lD5AD8IiWnvGH5xsmDQx4HKimAJbdotdKKF2mdMDsA27VhjhJFMz4xucubqaocOGfJ5ItyR3eRkgsmbHLXxKBEZgS-o...

43 B
395 B

175ms
166ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH2Ltg8LaK8q35jdLINUdJA&google_cver=1&google_push=AXcoOmQ5lD5AD8IiWnvGH5xsmDQx4HKimAJbdotdKKF2mdMDsA27VhjhJFMz4xucubqaocOGfJ5ItyR3eRkgsmbHLXxKBEZgS-oyRQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ5lD5AD8IiWnvGH5xsmDQx4HKimAJbdotdKKF2mdMDsA27VhjhJFMz4xucubqaocOGfJ5ItyR3eRkgsmbHLXxKBEZgS-oyRQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 845d029b5bac670b-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 17
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH2Ltg8LaK8q35jdLINUdJA&google_cver=1&google_push=AXcoOmQ5lD5AD8IiWnvGH5xsmDQx4HKimAJbdotdKKF2mdMDsA27VhjhJFMz4xucubqaocOGfJ5ItyR3eRkgsmbHLXxKBEZgS-oyRQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ5lD5AD8IiWnvGH5xsmDQx4HKimAJbdotdKKF2mdMDsA27VhjhJFMz4xucubqaocOGfJ5ItyR3eRkgsmbHLXxKBEZgS-oyRQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 845d029a399c670b-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame E693 70 B
148 B 30ms
29ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIB-Sx2b89XZfHywIylitqg&google_cver=1&google_push=AXcoOmSoGYoSm7C9DGYZhbJPK_GtOETMVpA9R57iqwJ7jD-0jkCCcCuv-rGkpRGwSMq0wX69fdhQM1kAM20gNRBHe0BxsZ3RwlTSC6Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=2004900475&pi=t.aa~a.2363856613~rp.3&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2010&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280%2C326x250%2C678x280&prev_slotnames=8054381891&nras=6&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=4097&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=32
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:44 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E693
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEK86pE3zf5DeMz1pUZh6GYY&google_cver=1&google_push=AXcoOmQoQVmzxs3pwsozaxyVDMGN2wgYIuZ8gdiCuudzlFMcdw1Y8FBr9a4VlVMWsHfVl_0JE12DX5tfbQ9s57BflL5EIZe...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEK86pE3zf5DeMz1pUZh6GYY&google_cver=1&google_push=AXcoOmQoQVmzxs3pwsozaxyVDMGN2wgYIuZ8gdiCuudzlFMcdw1Y8FBr9a4VlVMWsHfVl_0JE12DX5tfbQ9s57BflL5EI...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQoQVmzxs3pwsozaxyVDMGN2wgYIuZ8gdiCuudzlFMcdw1Y8FBr9a4VlVMWsHfVl_0JE12DX5tfbQ9s57BflL5EIZe9BcaumhA

170 B
188 B

29ms
29ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQoQVmzxs3pwsozaxyVDMGN2wgYIuZ8gdiCuudzlFMcdw1Y8FBr9a4VlVMWsHfVl_0JE12DX5tfbQ9s57BflL5EIZe9BcaumhA

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQoQVmzxs3pwsozaxyVDMGN2wgYIuZ8gdiCuudzlFMcdw1Y8FBr9a4VlVMWsHfVl_0JE12DX5tfbQ9s57BflL5EIZe9BcaumhA
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame E693 43 B
362 B 14ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTgEDD_JJh5eGY9P5p4S_aF53vzH588d7XEXqiO-JZBCKJt70hLpNryRb5XI24OYv1qlboVZcWF096eq5ce7XA3T7tMDf-e7A&google_gid=CAESEFU2OHn7GapcDzCb8RoQ_x4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=2004900475&pi=t.aa~a.2363856613~rp.3&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2010&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280%2C326x250%2C678x280&prev_slotnames=8054381891&nras=6&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=4097&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 397677
expires: Mon, 15 Jan 2024 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E693
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMzUxyYALJmvRXHx7psAD_w&google_cver=1&google_push=AXcoOmQqyukumArjNhTu1I9lKSbyafLZFYalzgyj7iS7u2sLXIaALwSsv-9pWpb0Sn2lDR7nchzvDOegixO2...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQqyukumArjNhTu1I9lKSbyafLZFYalzgyj7iS7u2sLXIaALwSsv-9pWpb0Sn2lDR7nchzvDOegixO2INr4wAjdPKPvmQgOSQQ

170 B
188 B

31ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQqyukumArjNhTu1I9lKSbyafLZFYalzgyj7iS7u2sLXIaALwSsv-9pWpb0Sn2lDR7nchzvDOegixO2INr4wAjdPKPvmQgOSQQ

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQqyukumArjNhTu1I9lKSbyafLZFYalzgyj7iS7u2sLXIaALwSsv-9pWpb0Sn2lDR7nchzvDOegixO2INr4wAjdPKPvmQgOSQQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E693 0
12 B 26ms
26ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JFS2joTnmJepmfiMy5HfzFakVZfwHKICPuLGTxOLx8Uh2ffCD0T8kKPqxJoO83LL6zm5xn

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9448684550121500&output=html&h=250&adk=1545638947&adf=2004900475&pi=t.aa~a.2363856613~rp.3&w=326&fwrn=4&fwrnh=100&lmt=1705310083&rafmt=1&to=qs&pwprc=4001355890&format=326x250&url=https%3A%2F%2Fwww.j-hero.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705310083090&bpp=1&bdt=2010&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D43afdfef8f7ac676%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ&gpic=UID%3D00000d41ac2b936a%3AT%3D1705310082%3ART%3D1705310082%3AS%3DALNI_MbCrsoDBstOzd30P6dbGH6T70NalA&prev_fmts=728x90%2C0x0%2C326x250%2C678x280%2C326x250%2C678x280&prev_slotnames=8054381891&nras=6&correlator=1275441021063&frm=20&pv=1&ga_vid=1525255968.1705310082&ga_sid=1705310082&ga_hid=2067121018&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=4097&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44807233%2C95320238%2C31080260%2C31080333%2C44809530%2C95321900%2C21065724&oid=2&pvsid=487267064338730&tmod=1540611135&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9650 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BBzhLg_ekZeKhKeOAjuwPsd-w4A8AAAAAOAHgBAI&bg=!tLelt_jNAAZ1R9vHVUc7ADQBe5WfOAr_dkNPcLRq8zVVWCEUhTuQ66xv2s5UAKCXJzEHkFTdL64KU_oV3nj2Ca8MxVoPAgAAALtSAAAAAmgBBwoAMf7KWJIvO5GE0sZnX5ScqNbsvGBikwQPccsyBfs4rl6APtjiGcqDh11ZPdGqqVgjLhSZAv66PML7e6c4WEmb1TfYDsRu_9n8KeygiL5MEj3uWgSvk2FO0g7fVyB5ZafUMHVNLL91fX_-ixFWiuYWgfpFHafwTmqv6wEzvICvldyvEtls2YNS1g77dZ4qNyEZIaZ-v2mC513fAIQ2i_729FG8yt1hA97Lbo0PvuylBu7Xlc__UTQAEhQ1BJvhJHIAMyrz7VowJ1L0BNsWBKgOG0y4ri-7XUrxo5nsNmImJZkXCvAAJCVPMQQYCrEdrHydvjBK2qH5NTVYJ7mbvfs_5cNQkgiIYxKh-mEK45aMAFVxx2B0HtJ1EMk3Kujez4hiZCORJ4aeKFOicHorzDxmkM0-gdjdgLN9Z7R_8M8KNj6v0T2IseJQKBattyZhnyTgjYaly1iGghuq2tEjz-fuKXPjQYTWTKJhG5uXtBHxw-2RSlHqWi9PTg5HJ6h1hSmmZfnHTb-AjdJVr_T5Srevp9xGXI5UKpx2HJT9PI-hyHO9VmC4t6Z4FPxTLtTHpyG9tBFAvRBszN56ahRWOo08YPf0F95M5HpeKSNT9-9MOiuDmzYAe6YBax_bad5OFVhOgNSFK7ZRrRX4IUrs2zSsrI0nre7IAIq6j0t-jcEbG5FYdnT02X67HEU2GzOBKDooC9uaXsJfBbQJlqKBwhUgBKbq2OjI71JSo5-5K4iNKqzFwAsWK0Wbb0dJOzkGWKTEwNGbC5oQ8EQgjeVGP8VrnGGYvczK1e5i1xz_6Zu5A53dO7nnLs4LXWBsnqrbZpv3I1j0U_Q4-FVB7D7K4IPngBMxFf-Qo6pIZKq740Ly1BB9-HS0SHM2SgrtOFuXC3wnEFspiRARtk1kfcxvquQtctOL_eiOmq-wpcuWBFwokAlOeXNGpoSLXt1JljjhHdqz-E7CF3bBingEWjO6RWIW3oFoUjZt0Yhs0P1YEjdr9c9LdxbjGyVN_6QI-iTzs9yc2NtQgJ9RosnhOeyexkxqEW7sq8L0TEV6LOeEfsA99ox8e0MvlRCBi-UCrve1ztfX49No

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3262 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bg_2gg_ekZZqOK6SG1PIPjtyxsAoAAAAAOAHgBAI&bg=!vr2lvfLNAAZ1R9vHVUc7ADQBe5WfOJUSo63SJnzNlNaotOZgZ_zIP5JOLDYRlVINsO8vXaP_X-STNtsGnw2Uqfl8231NAgAAAKxSAAAAAmgBB5kDDmO2uFxw60FiQydcKQ0kFWLu7mf8l80aVYPsHrBamIkyiuyOmolo_qx6WrBgNJEj_chJ4v7jlhdycJsIeF8IrdzZ7bWdQ9JcE2bbi6RMABwpPejvVuu3jv3nQJ5vXDfeOy4wTnWXf4k4Ku7XfI6qhhAyE8os3pKzngPYNSsEbolExem7kmhT45u4d_NQ6g49vA7XUaJ8b6MqKciDBMJsA0_XjEhaztQFJ21OkTPMOzh-YB8MI4OgjG3yxVZzi4Ko1dGwUxVrRk_MLSjdrlKXo-rSu89f9F-XtIsUgkrMja-Q_YwCsVmbNB3zJr_XVTBTeTR4pWdp6y9LigdmxhDR-Ux_G8lfCRDdrMi8rsPeFHMqLEJoqqA72WffNbXVI5CK_DJ6WdthDvBvjGPUgfgTbL5AhPA6lCTc1Dc1Dsu0W7ws6Pyv9s8zlSq3--GlQJZqrIDb382fIMrFuUyxGj3Ju5fyrqbOe0OKpze2ffcu0-PiCrkYRfaS1LAm0a4XNkHiyc_WqQ9WlyFY7fr_2Ea_bC5wSr6TnSpWjETNgeyQRvGDbb4x9TSG2cYYUIa_QVkAa_5GRk2OMshk3uDDY46qqWWKZbt7rWc60zL3OT6Gqp2-H7Qd_YbHbiOGlXCKIyWxm0surmRwlkli0u63skIT9n-dYU-N-kwoO3NLdkdHr8I8wOecgEzm901xXgAC03SALa3Vr5TE2wzDGtjrLSgZI7ChBRKWpbE1qYZviECf5L6aL0zdA1w_o5y0RjxgIqNuDQr9NLQQniMTS3xTHyF-SHgbWX42cGscxDqozRlsXPamxRB82E6zXrefXkNnf22udZFQ5Hh2ehYcpIt-uSGC-ZikZA8G5_NkJ5OAfuFD9gDrlg_Nx1YQzuWAe4ViQCuqeAXJow4zybQaKu2QVd1Y0ruIxdu9IhLLWhYgu_g8Xv-uSEPxqQp_c52vrDCflOqSfLvUD5KDzifX-ltR8f3sKmbao-65wzK90R5uj2NGY1doRxGe6HEw3krxp-tOPn0FuEwsIhUHXwad-ve5xjmr

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D4B7 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BROTag_ekZa6qMtnXjuwPudOvqAYAAAAAOAHgBAI&bg=!qqmlqebNAAaumcC-jpk7ADQBe5WfOOY15_8e9sO9x6LtSxzNwN1sWJ2LErb1Gi8rOvv4vm80G2waSALYG-Q7jHaTSHL9AgAAAIxSAAAAAWgBB5kC_hfSvak1SeBnLVBanxsGUESjCEnKVl-4GNxBJNPuXcLX0ffPdx2NqgEwLf7kJXU05xImuBnbstY9FK5qBg6D-WFC96dldcjKW8YqU-bsO0p-rGGsbUgfxAiFqjiBnCJm4IL9n64QtekTzHIl-zn_cWljEoaeBXfmUiN5WbglvnYubRseV4UrnD8xHOL_8yljtXgYvRXzET_XhZKQSfQLPpUhJct3Y1Q68e2RQq5jAV4MENOE1BzOLfZKLNYgi6vZexMB4J80juLa33EVccyPCJxr66DayzYtI0VX4uJc4URHAJup2Tc-ywIxez0tye825hxhK96tLdivp1V0yjlEmkMFsVWFmNlEgVMW-6DIdGYFOXz8AEKmnjR6PtFKRZxjHe4hDuaxRhg3C-_Ex4UPJe_1W4b--KGjpGco8x4CaHwFPlmb3Hbvh2sYkHr7T9dlEMiHJBIbF04f0-Kgp9aML6b-HJ8uiql_4HxSjAKua5o31oXVXPoFWPLNNKH0khGsfZTHWdr-_ZOYDXOqUQgC2lMjE6-4lO-QOoQ009IhKJVF5TDSYF4waqerrNBj82v42JPpMfP-XcgTK2XVtZoboYbIlxnj93yahyWOJy1mm_QNuT9Q6WsbDs9tg89DVCalSjSDZJCvgfD3XkvyqAcdPm5AIvTkgMSP2YAeI5-PqdfDRLJjif09VMA1005bMUytRqA1kfebpE2JexPGb2-PB-fOLupVQgQJ70zZFjm8lm5MwYYr_250sAz3aTk1rHqgPYPAUzH-BNvVFXcVpklZWwA2BBE5ZYZrueaUDOZWLVVVDKVrvAyFmf4fKbGmOqwFPM6V4MqGD_9MhDg5ZocaXiKD-GaOOjmmrccvcYCsuhGv7ZntXCNG0DL81x9G8SYZTK0S3cBzkp7jOMhLAwJVZyL0oSqNf5s3yLpy_alA54UMhosl6sSyRYYq3juQOYkI7EKp27fYlcTaXMxBvM-UGaP3-tC-8ZSh6jMu2uuBqcWdLJW66wVRpEcazHbIm2Q

Requested by

Host: www.j-hero.com
URL: https://www.j-hero.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ Frame FBAF 600 KB
161 KB 108ms
21ms Script
application/javascript 2600:9000:2646:1000:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=FDD91455-3F67-74A5-71D6-3145FCA26F93&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&920071131
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:1000:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac6a18772b37bd25e8c8fcb93b22548a5f7d295ce5cb2adf57f466dda4c255bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 16:39:09 GMT
Content-Encoding: br
Via: 1.1 4d156fc02c81ad97b906c107779265e2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P5
Age: 59735
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Sun, 14 Jan 2024 16:39:09 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: 2GgzDLvRnGf-uuWSCEjdALiDAK8-X3uq1gpLxRL4CoweJQHkvnkGDQ==
Expires: Mon, 15 Jan 2024 16:39:09 GMT

GET
H/1.1 200
OK ftpagefold_v4.7.2.js Show response
cdn.flashtalking.com/pageFold/ Frame FBAF 17 KB
6 KB 130ms
26ms Script
application/javascript 95.100.80.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.80.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-80-78.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:44 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Nov 2022 15:59:45 GMT
Server: Flashtalking (AKA)
ETag: W/"41e1de2061b5162671c94aaf53e51cc1"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Varnish: 245816087 241254950
Cache-Control: max-age=71286
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5545
Expires: Tue, 16 Jan 2024 05:02:50 GMT

GET
H/1.1 200
OK FY23Q2_CC_Individual_CCIAllApps_nl_nl_UnwrpACQMint2_ST_300x250.jpg
cdn.flashtalking.com/155979/4274296/ Frame FBAF 19 KB
19 KB 122ms
22ms Image
image/jpeg 95.100.80.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/155979/4274296/FY23Q2_CC_Individual_CCIAllApps_nl_nl_UnwrpACQMint2_ST_300x250.jpg?482700837
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.80.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-80-78.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 4f2c88ebda2def185a39ff203e21a510d87cb9f226d1b582da4e949cb1b670f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:44 GMT
Last-Modified: Wed, 29 Mar 2023 21:37:06 GMT
Server: Flashtalking (AKA)
ETag: W/"a0837d98fb95bad3a45ee0878ea7263a"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 592774164
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=188
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19337
Expires: Mon, 15 Jan 2024 09:17:52 GMT

GET
H/1.1 200
OK iconc.png
cdn.flashtalking.com/oba/icon/ Frame FBAF 1 KB
2 KB 99ms
21ms Image
image/png 95.100.80.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.80.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-80-78.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:44 GMT
Last-Modified: Sat, 12 Apr 2014 19:14:32 GMT
Server: Flashtalking (AKA)
ETag: W/"db320ef6f3c45ab5c90887ef618de2bb"
Content-Type: image/png
X-Varnish: 511612315 382618673
Cache-Control: max-age=1573016
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1308
Expires: Fri, 02 Feb 2024 14:11:40 GMT

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ Frame 8BF2 600 KB
161 KB 107ms
22ms Script
application/javascript 2600:9000:2646:1000:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=9C58F654-9765-6494-964C-9D6995F99ABB&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&420074410
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:1000:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac6a18772b37bd25e8c8fcb93b22548a5f7d295ce5cb2adf57f466dda4c255bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 16:39:09 GMT
Content-Encoding: br
Via: 1.1 4d156fc02c81ad97b906c107779265e2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P5
Age: 59735
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Sun, 14 Jan 2024 16:39:09 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: xPviVXkT8ck-zn_b1wi3Ak3fKtm2ndtxvltogOEQ6pGpDGPGQKvEmw==
Expires: Mon, 15 Jan 2024 16:39:09 GMT

GET
H/1.1 200
OK iconc.png
cdn.flashtalking.com/oba/icon/ Frame 8BF2 1 KB
2 KB 100ms
25ms Image
image/png 95.100.80.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.80.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-80-78.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:44 GMT
Last-Modified: Sat, 12 Apr 2014 19:14:32 GMT
Server: Flashtalking (AKA)
ETag: W/"db320ef6f3c45ab5c90887ef618de2bb"
Content-Type: image/png
X-Varnish: 511612315 382618673
Cache-Control: max-age=1573016
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1308
Expires: Fri, 02 Feb 2024 14:11:40 GMT

GET
H/1.1 200
OK ftpagefold_v4.7.2.js Show response
cdn.flashtalking.com/pageFold/ Frame 8BF2 17 KB
6 KB 100ms
25ms Script
application/javascript 95.100.80.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.80.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-80-78.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:44 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Nov 2022 15:59:45 GMT
Server: Flashtalking (AKA)
ETag: W/"41e1de2061b5162671c94aaf53e51cc1"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Varnish: 245816087 241254950
Cache-Control: max-age=71286
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5545
Expires: Tue, 16 Jan 2024 05:02:50 GMT

GET
H/1.1 200
OK FY23Q2_CC_Individual_CCIAllApps_nl_nl_UnwrpACQMint2_ST_300x250.jpg
cdn.flashtalking.com/155979/4274296/ Frame 8BF2 19 KB
19 KB 98ms
22ms Image
image/jpeg 95.100.80.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/155979/4274296/FY23Q2_CC_Individual_CCIAllApps_nl_nl_UnwrpACQMint2_ST_300x250.jpg?425385969
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.80.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-80-78.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 4f2c88ebda2def185a39ff203e21a510d87cb9f226d1b582da4e949cb1b670f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:44 GMT
Last-Modified: Wed, 29 Mar 2023 21:37:06 GMT
Server: Flashtalking (AKA)
ETag: W/"a0837d98fb95bad3a45ee0878ea7263a"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 592774164
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=188
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19337
Expires: Mon, 15 Jan 2024 09:17:52 GMT

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ Frame FD4E 600 KB
161 KB 108ms
23ms Script
application/javascript 2600:9000:2646:1000:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=6BD0E72C-F59B-340D-0D64-9B91E6CBAA66&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&95817595
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:1000:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac6a18772b37bd25e8c8fcb93b22548a5f7d295ce5cb2adf57f466dda4c255bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 16:39:09 GMT
Content-Encoding: br
Via: 1.1 6ce3814cb60a4c907ac701e60e4c1e5a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P5
Age: 59735
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Sun, 14 Jan 2024 16:39:09 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: 2ReRzlqGSjSRj-zOskdnSS1pp7Xm3CrrFRzSq8HDm7rJ1O12CAM5Uw==
Expires: Mon, 15 Jan 2024 16:39:09 GMT

GET
H/1.1 200
OK iconc.png
cdn.flashtalking.com/oba/icon/ Frame FD4E 1 KB
2 KB 98ms
26ms Image
image/png 95.100.80.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.80.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-80-78.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:44 GMT
Last-Modified: Sat, 12 Apr 2014 19:14:32 GMT
Server: Flashtalking (AKA)
ETag: W/"db320ef6f3c45ab5c90887ef618de2bb"
Content-Type: image/png
X-Varnish: 511612315 382618673
Cache-Control: max-age=1573016
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1308
Expires: Fri, 02 Feb 2024 14:11:40 GMT

GET
H/1.1 200
OK ftpagefold_v4.7.2.js Show response
cdn.flashtalking.com/pageFold/ Frame FD4E 17 KB
6 KB 179ms
80ms Script
application/javascript 95.100.80.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.80.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-80-78.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:44 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Nov 2022 15:59:45 GMT
Server: Flashtalking (AKA)
ETag: W/"41e1de2061b5162671c94aaf53e51cc1"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Varnish: 245816087 241254950
Cache-Control: max-age=71286
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5545
Expires: Tue, 16 Jan 2024 05:02:50 GMT

GET
H/1.1 200
OK FY23Q2_CC_Individual_CCIAllApps_nl_nl_UnwrpACQMint2_ST_300x250.jpg
cdn.flashtalking.com/155979/4274296/ Frame FD4E 19 KB
19 KB 94ms
22ms Image
image/jpeg 95.100.80.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/155979/4274296/FY23Q2_CC_Individual_CCIAllApps_nl_nl_UnwrpACQMint2_ST_300x250.jpg?280909336
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.80.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-80-78.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 4f2c88ebda2def185a39ff203e21a510d87cb9f226d1b582da4e949cb1b670f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:44 GMT
Last-Modified: Wed, 29 Mar 2023 21:37:06 GMT
Server: Flashtalking (AKA)
ETag: W/"a0837d98fb95bad3a45ee0878ea7263a"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 592774164
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=188
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19337
Expires: Mon, 15 Jan 2024 09:17:52 GMT

GET
H2 200 /
ad-events.flashtalking.com/state/7982913;4274296;0;271;9C58F654-9765-6494-964C-9D6995F99ABB/ Frame 8BF2 0
67 B 110ms
18ms Image
text/plain 35.156.126.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/7982913;4274296;0;271;9C58F654-9765-6494-964C-9D6995F99ABB/?cachebuster=117838328
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.126.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-126-108.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:44 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 8BF2 1 B
377 B 83ms
20ms Image
text/plain 95.100.80.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7982913;4274296;0-304-0-0-655341365
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.80.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-80-78.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Jan 2024 09:14:44 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Mon, 15 Jan 2024 09:14:44 GMT

GET
H2 200 /
ad-events.flashtalking.com/state/7982913;4274296;0;271;FDD91455-3F67-74A5-71D6-3145FCA26F93/ Frame FBAF 0
66 B 83ms
19ms Image
text/plain 35.156.126.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/7982913;4274296;0;271;FDD91455-3F67-74A5-71D6-3145FCA26F93/?cachebuster=932567610
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.126.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-126-108.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:44 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame FBAF 1 B
377 B 73ms
18ms Image
text/plain 95.100.80.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7982913;4274296;0-304-0-0-279076607
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.80.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-80-78.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Jan 2024 09:14:44 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Mon, 15 Jan 2024 09:14:44 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame FBAF 60 B
618 B 530ms
142ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=GoVbgicEbKysQKvYkyTjldsavqghVKPM-FE7fPshldVrlKDwf0HLJFUnAPA==-E03BOc9ia1HmPw==&pm_ct=d764c38330f7052d2e76488b&pm_pl=1705310084617&pm_td=14&pid=1000941&en=1.1&callback=__pm_glbl_U6A2gq05lmiSqpipTAvlL6cw._gc1&tt=g&v=68d29ed
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=FDD91455-3F67-74A5-71D6-3145FCA26F93&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&920071131
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 25fc6dc7859527d4f4e05ae9f3cdb49c0f53aaada64d00d63cfc727a9b25ed13

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Jan 2024 09:14:45 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 60

GET
DATA 200
OK truncated
/ Frame BBA9 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 980082c4328266be3342a03dcb37c432.woff2
discord.com/assets/ Frame 0173 177 KB
178 KB 45ms
45ms Font
font/woff2 162.159.138.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/assets/980082c4328266be3342a03dcb37c432.woff2

Requested by

Host: discord.com
URL: https://discord.com/assets/index.c28a9f9cf58c0cfb74b1.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.138.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b03dae61d613604b3d41d61cc4bc2e05f19bd27c7ff2638242f9036f2b8794e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://discord.com/assets/index.c28a9f9cf58c0cfb74b1.css
Origin: https://discord.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 181532
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Mar 2023 18:28:00 GMT
server: cloudflare
etag: "980082c4328266be3342a03dcb37c432"
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://discord.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KyyGgQXacz1SEuEZG%2FpwOofOJ%2BpiJ1ZT4k7LBur15svcKBCVYMWINJubBvNLuH6GpYQBrOlDIcByWHNgaaCMgsHfhLpNeA2rpWQD9elHsSAyHgeahDHT9m7wOU5u"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 845d029dfe6b0e50-AMS

GET
DATA 200
OK truncated
/ Frame FBAF 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK b0fc57a2-9327-4310-a837-4cb5d75d9a6e
https://googleads.g.doubleclick.net/ Frame FBAF 720 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/b0fc57a2-9327-4310-a837-4cb5d75d9a6e
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 720
Content-Type: application/javascript

GET
BLOB 200
OK 30e26303-1881-4e35-bc4e-4256a8d3fe49
https://googleads.g.doubleclick.net/ Frame FBAF 725 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/30e26303-1881-4e35-bc4e-4256a8d3fe49
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 725
Content-Type: text/javascript

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 8BF2 60 B
618 B 445ms
135ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=GoVbgicEbKysQKvYkyTjldsavqghVKPM-FE7fPshldVrlKDwf0HLJFUnAPA==-E03BOc9ia1HmPw==&pm_ct=4580522df7949d3c1039f6fe&pm_pl=1705310084840&pm_td=11&pid=1000941&en=1.1&callback=__pm_glbl_pH40bfEddnRatZMeFPO9rFyZ._gc1&tt=g&v=68d29ed
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=9C58F654-9765-6494-964C-9D6995F99ABB&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&420074410
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: d3eca65aed0066b29374be412ca4a64abd6070d77cfa3a6cc30b710f5e6208bf

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Jan 2024 09:14:45 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 60

GET
DATA 200
OK truncated
/ Frame 8BF2 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 33AD 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Referer

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame FD4E 60 B
618 B 221ms
134ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=GoVbgicEbKysQKvYkyTjldsavqghVKPM-FE7fPshldVrlKDwf0HLJFUnAPA==-E03BOc9ia1HmPw==&pm_ct=2e74dd659f97e92fea75a21d&pm_pl=1705310085131&pm_td=11&pid=1000941&en=1.1&callback=__pm_glbl_yOwWIDbPrdI0n9sHgY7tAa1J._gc1&tt=g&v=68d29ed
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=6BD0E72C-F59B-340D-0D64-9B91E6CBAA66&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&95817595
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 78fa78ab739875887f362717df8b42a0c07cda9bdc32e24fffe6f1da17afa817

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Jan 2024 09:14:45 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 60

GET
DATA 200
OK truncated
/ Frame FD4E 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CCA3 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Referer

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200
OK report Show response
mssdk-va.byteoversea.com/web/ Frame FCCC 44 B
2 KB 178ms
177ms XHR
text/plain 23.36.163.226
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mssdk-va.byteoversea.com/web/report?msToken=&X-Bogus=DFSzswSOQDcoXd8QtiDrcz9WcBjQ
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/webmssdk/1.0.0.95/webmssdk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.226 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-226.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: b097fc471c067f5960fbf018f38f1e00396bb71612d79be26976b8f18cf8da26

Request headers

Referer: https://www.tiktok.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

X-Akamai-Request-ID: dafe257c.34380a9d
Date: Mon, 15 Jan 2024 09:14:45 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2401150914447DBD8878BFDFD30729AA-4CB4F68D590DB730-00
X-Cache: TCP_MISS from a23-36-161-198.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
X-Parent-Response-Time: 158,23.36.161.198
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=84, origin; dur=74, inner; dur=70
Content-Length: 44
X-Ms-Token: 9mFLDeFXyuimMcFmx6DawzZxhQy45Wqan21zJ7pvaN_RdC-WsM9LO61SyZ3WKSvhm2BUGsuDXesuHGO7GuViACsY8RHPaWOfaawwW6kRlwDI734IFSqC9NcsIvV4Dxs=
Pragma: no-cache
Server: TLB
X-Tt-Logid: 202401150914447DBD8878BFDFD30729AA
X-Cache-Remote: TCP_MISS from a23-48-200-200.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Expose-Headers: x-ms-token,x-ms-resp
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 74,23.48.200.200
x-tt-trace-host: 0159893ee4a12b1cb10c7d855a7ad5d8a60ba7b6e0143aec243834e4c9613d4a3c4d1dfb53aa7faa0cd02bd03f0d66c1c9b739d672d677d7a4d1a8a508a71852564018731644db2dd98b17876ca937956e90321e2334968c2a8cbddbe966af0024015914295a1ee873f94db6cfbbf83f17
Access-Control-Allow-Headers: x-mssdk-info,x-ms-req
Expires: Mon, 15 Jan 2024 09:14:45 GMT

GET
BLOB 200
OK 37ed4ae1-0f0f-4ed3-9b09-6690e533ee70
https://googleads.g.doubleclick.net/ Frame 8BF2 720 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/37ed4ae1-0f0f-4ed3-9b09-6690e533ee70
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 720
Content-Type: application/javascript

GET
BLOB 200
OK d5e8a6ef-2f0f-4170-a0e7-a4cd9dccebc5
https://googleads.g.doubleclick.net/ Frame 8BF2 725 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/d5e8a6ef-2f0f-4170-a0e7-a4cd9dccebc5
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 725
Content-Type: text/javascript

GET
H2 200 TikTokFont-Regular.woff2
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_fonts/ Frame FCCC 55 KB
56 KB 22ms
22ms Font
font/woff2 23.32.238.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_fonts/TikTokFont-Regular.woff2?_default_font=1&v=2
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 52a37b3a78eb5b59df3bdb129b9115c6fed9bec6ca62b55ae56d8c2701de5972

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 2548e508
date: Mon, 15 Jan 2024 09:14:45 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: /fJgDZBaD6oGDWkeAhLhpw==
x-cache: TCP_MEM_HIT from a23-32-238-167.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53314474) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 56492
last-modified: Mon, 05 Jun 2023 06:55:15 GMT
opc-request-id: iad-1:cWUDHfPhrPGBoQ2lPVVf6n9QR1pFVxsdy6MnSXfj8VSOBP6c4VR8zHcJCRIThH4n
x-api-id: native
etag: be82c408-3fcc-468e-9a2a-65cd57aa60bd
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: font/woff2
version-id: f2cda578-bdd5-4e12-9e4b-e1ecebfca4d0
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 09:14:45 GMT

GET
H2 200 TikTokDisplayFont-Bold.woff2
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_fonts/ Frame FCCC 57 KB
58 KB 25ms
25ms Font
font/woff2 23.32.238.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_fonts/TikTokDisplayFont-Bold.woff2?_default_font=1&v=2
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e4dd3bb15ae6492d5ddff59e08075a6023463b82cfe6c284470fec0d86fe52ae

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 2548e509
date: Mon, 15 Jan 2024 09:14:45 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: JqGJHyctwX9axpqM/eKZHQ==
x-cache: TCP_MEM_HIT from a23-32-238-167.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53314474) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 58828
last-modified: Mon, 05 Jun 2023 06:55:15 GMT
opc-request-id: iad-1:i_CFj2bFk4q8NinahYvAPhJmo5xxkMzerdxAi1gQh3AJUUmGhuI_xGWjlbui2bcn
x-api-id: native
etag: a52438f0-d502-4dbc-b9fe-e03acc2abd71
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: font/woff2
version-id: 9456332c-5007-4fe6-ae47-e02c2f03179e
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 09:14:45 GMT

GET
H2 200 TikTokFont-Semibold.woff2
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_fonts/ Frame FCCC 56 KB
56 KB 27ms
27ms Font
font/woff2 23.32.238.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_fonts/TikTokFont-Semibold.woff2?_default_font=1&v=2
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c0b1c3c6995c24eabd1a6fcc4f00523e022b546cf1fa4fce6c30d04763244d1b

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 2548e50a
date: Mon, 15 Jan 2024 09:14:45 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: z9iG4cqEmn+OJgB2PyNteA==
x-cache: TCP_MEM_HIT from a23-32-238-167.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53314474) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 56968
last-modified: Mon, 05 Jun 2023 06:55:15 GMT
opc-request-id: iad-1:kdGx2YQ-hggNw2ge83B4m5ujpxhrUwjlbftnljRTRd1QzSpCskhZxDjnr4du8GEC
x-api-id: native
etag: 4deba55c-556f-4efe-b2dd-6c99dad4e770
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: font/woff2
version-id: 531008de-de67-40bf-89ee-45819f439469
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 09:14:45 GMT

GET
H2 200 24ed2d3a4af74aaf8f624238d639be0e_1705138775
p16-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/ Frame FCCC 231 KB
232 KB 16ms
15ms Image
image/jpeg 2.18.121.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/24ed2d3a4af74aaf8f624238d639be0e_1705138775?x-expires=1705482000&x-signature=kkHtRmB8HdUNQ5ErpIfxJPGZwAs%3D
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.121.202 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-121-202.deploy.static.akamaitechnologies.com
Software: TLB / ImageX
Resource Hash: d1fc7ff024d262b4a77b3c840996c8736fa7bce2bfed3338d7a01e33e7f3cff0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 9d0abc5
date: Mon, 15 Jan 2024 09:14:45 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
x-tt-trace-id: 00-2401130943144C28DF5C331EB10DD125-52B458B040F73775-00
nw-session-id: 202401130943144C28DF5C331EB10DD125n8zhf13tt
x-powered-by: ImageX
x-cache: TCP_HIT from a2-18-120-202.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 1018,2.17.160.79
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085629
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=39
x-length: 236582
content-length: 236582
last-modified: Sat, 13 Jan 2024 09:43:16 GMT
server: TLB
x-tt-logid: 202401130943144C28DF5C331EB10DD125
x-response-date: Sat, 13 Jan 2024 09:43:16 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2024-01-13T09:43:16.016621067Z 37
x-request-ip: fdbd:dc53:3:777::17
x-origin-response-time: 44,23.46.16.247
x-tt-trace-host: 01075a448ac6d63b02d37d8213a903d8cdb96d181d4e5f0ff0b54564d6aa9e67c8309fdf47a84e1deb029de86037df2ce3d558a66f6f5c41e4948f990b146c96306751518aa1c8bf87db326b436d553136d1ad650d66d1d69cf229fb7dd61235aa996948bcbf94c3ca67dc3d86e572627d9a84b2252eb6db8f29a6853c7455f5f6
x-response-cinfo: fdbd:dc53:3:777::17
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *
cache-control: max-age=31364881

GET
H2 200 o4flu4ReE6DmYZAECPFv6IOMB6pDQQBrTtEJ0A
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame FCCC 149 KB
150 KB 27ms
25ms Image
image/jpeg 2.18.121.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/o4flu4ReE6DmYZAECPFv6IOMB6pDQQBrTtEJ0A?x-expires=1705482000&x-signature=v9N3gKhsVi4Z5iXevDJKWj8lU5M%3D
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.121.202 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-121-202.deploy.static.akamaitechnologies.com
Software: TLB / ImageX
Resource Hash: 75651e75d59ca341853730936c76682a23cd606627fc841da998620c1fa247a1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 9d0abc6
date: Mon, 15 Jan 2024 09:14:45 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
x-tt-trace-id: 00-240115091441085435E25B8E9A7B5C17-4E1F66723CA6F081-00
nw-session-id: 2024011500003357940208211C8A27FADAp5qsl21tt
x-powered-by: ImageX
x-cache: TCP_HIT from a2-18-120-202.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 123,23.209.124.10
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1498632
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=1
x-length: 152183
content-length: 152183
last-modified: Mon, 15 Jan 2024 00:00:34 GMT
server: TLB
x-tt-logid: 2024011500003357940208211C8A27FADA
x-response-date: Mon, 15 Jan 2024 00:00:34 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2024-01-15T00:00:34.752982268Z 85
x-request-ip: fdbd:dc61:b:333::52
x-origin-response-time: 27,23.55.62.29
x-tt-trace-host: 0159893ee4a12b1cb10c7d855a7ad5d8a64c2d855f5a1ab38961825729eddcab1cb12830d7927a3dc2ec3fed0a95ef9649eabd67a531670c5e0ae2ac390efde79a12f016b0ffc6134c0584dfbcc0a24753da1f14c41f869f691e8b679f9a078128ac9d2a244fe64cf8716cd4a64ada2b90
x-response-cinfo: fdbd:dc61:b:333::52
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
cache-control: max-age=31502690

GET
H2 200 95ae26c8ceae448caa857cdb79959256_1703490929
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame FCCC 315 KB
316 KB 29ms
28ms Image
image/jpeg 2.18.121.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/95ae26c8ceae448caa857cdb79959256_1703490929?x-expires=1705482000&x-signature=CQJuycUpjacD6bWx8dFTFG4J4O4%3D
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.121.202 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-121-202.deploy.static.akamaitechnologies.com
Software: TLB / ImageX
Resource Hash: e873e49bddadb10f21d5fc6713e2f59c21a4b1e0b3fc539caa82fcaca870ab1c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 9d0abc7
date: Mon, 15 Jan 2024 09:14:45 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
x-tt-trace-id: 00-240106235443E8DA3BA58501608E55FC-0DF737D854A61A8C-00
nw-session-id: 2024010613451261614E5E28E77B1B33CDxm2s721tt
x-powered-by: ImageX
x-cache: TCP_HIT from a2-18-120-202.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1498632
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
x-length: 322581
content-length: 322581
last-modified: Sat, 06 Jan 2024 13:45:13 GMT
server: TLB
x-tt-logid: 2024010613451261614E5E28E77B1B33CD
x-response-date: Sat, 06 Jan 2024 13:45:13 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2024-01-06T13:45:13.61301519Z 49
x-request-ip: fdbd:dc61:3:47::12
x-origin-response-time: 23,23.55.62.70
x-tt-trace-host: 01c958b4b1e5c1c24060df42ebef0875f15074ec0f27d712ba027d211b282af68fa8565a8fcec56bcd357c9b57bb23e8920de8a790517ef9c545516957b6ccb273666cb74915e3c03d98a83dcec15928c377e797b43c0cf099fcb1bf5f1ed32f8e40f73a37c3d091741d99287c3719ca9b
x-response-cinfo: fdbd:dc61:3:47::12
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
cache-control: max-age=30774640

GET
H2 200 82a9983264db4772add5f239b1f8ff45_1703329852
p77-sign-sg-lite.tiktokcdn.com/obj/tos-alisg-p-0037/ Frame FCCC 401 KB
402 KB 24ms
23ms Image
image/jpeg 138.199.37.209
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p77-sign-sg-lite.tiktokcdn.com/obj/tos-alisg-p-0037/82a9983264db4772add5f239b1f8ff45_1703329852?x-expires=1705482000&x-signature=VCgFyaiwDeERkuK3MeTUEM%2FB8C8%3D
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.209 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 218040468.fra.cdn77.com
Software: CDN77-Turbo / ImageX
Resource Hash: 3f620b8703c68bb3349639ceb405966343701f3b8c8c49ab43dfee5730f73af2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-pop: frankfurtDE
x-tt-trace-tag: id=00;cdn-cache=miss
x-tt-trace-id: 00-240114000150688AEDAC0D63196EA2FA-1FE34CE6557D74D9-00
age: 1016134
x-bdcdn-cache-status: TCP_HIT
server-timing: inner; dur=6
x-77-nzt: EggBiscl0AFBDAGKxyUxAdcW0wEA
x-77-age: 119574
x-tt-logid: 20240102054616DFB4380A7804967F6428
x-response-date: Tue, 02 Jan 2024 05:46:17 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2024-01-02T05:46:17.951854251Z 121
cache-control: max-age=31536000
x-request-ip: fdbd:dc51:ff:2:1:245:55:115
x-tt-trace-host: 01e7ca64f5668b4f18c9161a4fd070ded105ee541c0fb0a139508e35746cf58ac0eeac79b3a3f0b9740d693be822ba489e3aa72389b2e44712ef02fc90ade3d99e0ef277f1988e3daefd17d4a5d891811ba10f901e226f50cd01c70e4684a55a234a93298132d289db73db62ced889f7e4
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
date: Mon, 15 Jan 2024 09:14:45 GMT
via: n234-039-195
nw-session-id: 20240102054616DFB4380A7804967F6428r9lgf12tt
x-powered-by: ImageX
x-77-cache: HIT
x-length: 410164
x-accel-date: 1705190511
content-length: 410164
x-cache-lb: MISS
x-accel-expires: @1736726511
last-modified: Tue, 02 Jan 2024 05:46:17 GMT
server: CDN77-Turbo
x-77-nzt-ray: 9408ff0ca5bee35d85f7a46578ad551d
x-response-cinfo: fdbd:dc51:ff:2:1:245:55:115
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 6456daccc9db4b1d928f44b39f235c29_1703698997
p16-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/ Frame FCCC 245 KB
246 KB 40ms
39ms Image
image/jpeg 2.18.121.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/6456daccc9db4b1d928f44b39f235c29_1703698997?x-expires=1705482000&x-signature=zsHpZqn%2FI4YFQiljx6kZrNzk2Pk%3D
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.121.202 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-121-202.deploy.static.akamaitechnologies.com
Software: TLB / ImageX
Resource Hash: b7d84a9a6e7e0f7fc0677ab1d113605a021f2dba8418120287b46864f0d89b6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 9d0abc8
date: Mon, 15 Jan 2024 09:14:45 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
x-tt-trace-id: 00-2312271743464AAE098C512AFD29924E-0B0BA5506C564788-00
nw-session-id: 202312271743464AAE098C512AFD29924Ert7n212tt
x-powered-by: ImageX
x-cache: TCP_HIT from a2-18-120-202.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 1012,23.209.124.24
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085629
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=171
x-length: 250546
content-length: 250546
last-modified: Wed, 27 Dec 2023 17:43:48 GMT
server: TLB
x-tt-logid: 202312271743464AAE098C512AFD29924E
x-response-date: Wed, 27 Dec 2023 17:43:48 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-12-27T17:43:48.06012803Z 150
x-request-ip: fdbd:dc51:4000:363:a::228
cache-control: max-age=29924968
x-tt-trace-host: 018d083e64acd23585f3b9b19be7390f2b25fca5b553ed61da57a592cf40ec48576783d9b7fa0316b571d2c5ef1d77e1ebc5af14a7bb76300626645cb3a74d9f8c51219588d84a6a507ab0388a5b1a0d5c25a860b815a7484f0cbfb571e6621bf8c47bd85a11b7f904f185c90f6795e663f7194416a202bc55f83261ee14f410b76aa4ec53085a0d34ad0d1b48ba7fc696
x-response-cinfo: fdbd:dc51:4000:363:a::228
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *

GET
H2 200 d91a2fa3889b4adbb873c18471088dad_1702647185
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame FCCC 331 KB
332 KB 48ms
47ms Image
image/jpeg 2.18.121.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/d91a2fa3889b4adbb873c18471088dad_1702647185?x-expires=1705482000&x-signature=QR4oezAlvnxCkAO2jKZVK6h%2F%2FEY%3D
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.121.202 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-121-202.deploy.static.akamaitechnologies.com
Software: TLB / ImageX
Resource Hash: ef8256ebd363ae9c97363df9c6bf91e2d52f6a898b19cb0a824d1ae2dbec7f94

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 9d0abcc
date: Mon, 15 Jan 2024 09:14:45 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
x-tt-trace-id: 00-240115091441A0DF06CED053A57A7316-78CF62C9409B6A59-00
nw-session-id: 2024011415463229A763356A5E19BC0AD9zlkcr21tt
x-powered-by: ImageX
x-cache: TCP_HIT from a2-18-120-202.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 129,2.17.160.223
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1498632
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=3
x-length: 339036
content-length: 339036
last-modified: Sun, 14 Jan 2024 15:46:33 GMT
server: TLB
x-tt-logid: 2024011415463229A763356A5E19BC0AD9
x-response-date: Sun, 14 Jan 2024 15:46:33 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2024-01-14T15:46:33.28364027Z 113
x-request-ip: fdbd:dc61:c:149::34
x-origin-response-time: 27,23.55.62.54
x-tt-trace-host: 0159893ee4a12b1cb10c7d855a7ad5d8a62da9cee82369721f1cbc5b2a0e9c45f4ec2114e7a88a982c5ec35bf15cbcee36255e0926b7bde552cccd1a4e5a106e7d16af76bc45e8ef1b82e8e8103f6fa3a00712ef0fa3ceb264a01076a355ff6bfc75ae04b2c81c993cb9ad7529840d3400
x-response-cinfo: fdbd:dc61:c:149::34
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
cache-control: max-age=31473094

GET
H2 200 0af2d64c797c40b297d579021962d966_1702299064
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame FCCC 211 KB
212 KB 59ms
59ms Image
image/jpeg 2.18.121.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/0af2d64c797c40b297d579021962d966_1702299064?x-expires=1705482000&x-signature=DGMMly0ztGIOhzXFaCyAhuI9PLA%3D
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.121.202 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-121-202.deploy.static.akamaitechnologies.com
Software: TLB / ImageX
Resource Hash: 27543bc198b1d9cf4d4c57ed9b33d22dd336d6222bbd4276f198f0d90eb5807f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 9d0abce
date: Mon, 15 Jan 2024 09:14:45 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
x-tt-trace-id: 00-240115091441BDEE9971144410655CE0-187B7BA48112C571-00
nw-session-id: 2024011502441336F8DF36116EDF40EB0Evxkfx21tt
x-powered-by: ImageX
x-cache: TCP_HIT from a2-18-120-202.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 140,88.221.144.29
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1498632
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=3
x-length: 216201
content-length: 216201
last-modified: Mon, 15 Jan 2024 02:44:14 GMT
server: TLB
x-tt-logid: 2024011502441336F8DF36116EDF40EB0E
x-response-date: Mon, 15 Jan 2024 02:44:14 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2024-01-15T02:44:14.626481642Z 143
x-request-ip: fdbd:dc61:c:151::152
x-origin-response-time: 35,184.27.176.14
x-tt-trace-host: 0159893ee4a12b1cb10c7d855a7ad5d8a6d0bb914525a9983974eb35c2d7985b6c0daace249debae233d78d6e3a150ef313a139f1a453afe0249fcef523bd7d0370f3cb166498ee34d8e577bdcfec5f423096155b6f86cce6a1cce99d21e621218040a395b7a35ee70715bd4523c9608f3
x-response-cinfo: fdbd:dc61:c:151::152
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
cache-control: max-age=31512618

GET
H2 200 ocCHAvM7eXXeEIdEhKQMNL8oAUDfg48uCSbRqj
p77-sign-va-lite.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame FCCC 40 KB
41 KB 29ms
29ms Image
image/jpeg 138.199.37.213
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p77-sign-va-lite.tiktokcdn.com/obj/tos-maliva-p-0068/ocCHAvM7eXXeEIdEhKQMNL8oAUDfg48uCSbRqj?x-expires=1705482000&x-signature=JsZ4ZfuMXt61VtHi%2F4X2zzMbGKA%3D
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.213 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 559277417.fra.cdn77.com
Software: CDN77-Turbo / ImageX
Resource Hash: aa3f803b6bc294d9d94bb022b546d95348bd22272c5b3dee7dc1fb08927c1d9c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-pop: frankfurtDE
x-tt-trace-tag: id=00;cdn-cache=miss
x-tt-trace-id: 00-2401140028509796CD6B7AB2322B82B5-4855E6EF30780185-00
age: 1620
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
server-timing: inner; dur=2
x-77-nzt: EggBiscl0wFBDAGKxyUxAdfCzAEA
x-77-age: 117954
x-tt-logid: 20240114000150C96BEFE6F2EC9D190DAC
x-response-date: Sun, 14 Jan 2024 00:01:51 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2024-01-14T00:01:51.248781451Z 83
cache-control: max-age=31536000
x-request-ip: fdbd:dc61:c:151::154
x-tt-trace-host: 016629d52dc4a0bc49b100907377e9e39f277349aac9c9cd9deb9299e77322f4426c9a6ac77a7cf441208058dcdf379fddd38251a9260f38fa6ca04f56d81854f7586648a3a95085fb75b512cf236c28a00f1b681c6ce7f333ba1ed742ad6babb3
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
date: Mon, 15 Jan 2024 09:14:45 GMT
via: n222-041-071
nw-session-id: 20240114000150C96BEFE6F2EC9D190DACrphgm21tt
x-powered-by: ImageX
x-77-cache: HIT
x-length: 40529
x-accel-date: 1705192131
content-length: 40529
x-cache-lb: MISS
x-accel-expires: @1736728131
last-modified: Sun, 14 Jan 2024 00:01:51 GMT
server: CDN77-Turbo
x-77-nzt-ray: 69e5552186ebcd4c85f7a465a201541d
x-response-cinfo: fdbd:dc61:c:151::154
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 722929ad74d64ec3888f84eea14cb1e9_1702263486
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame FCCC 386 KB
387 KB 68ms
67ms Image
image/jpeg 2.18.121.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/722929ad74d64ec3888f84eea14cb1e9_1702263486?x-expires=1705482000&x-signature=VOQrtrh5CC7TnnWskti1INDi3e8%3D
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.121.202 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-121-202.deploy.static.akamaitechnologies.com
Software: TLB / ImageX
Resource Hash: fc90f7695ae76c37b7a10f81466d81112d495fe65b6bb5f22f38bfe23275e914

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 9d0abcf
date: Mon, 15 Jan 2024 09:14:45 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
x-tt-trace-id: 00-240115082506E44CA98F6E432E7091F9-62A6F7704B9FBC29-00
nw-session-id: 20240115082506E44CA98F6E432E7091F9lmcfb21tt
x-powered-by: ImageX
x-cache: TCP_HIT from a2-18-120-202.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 9,23.193.177.19, 117,104.110.190.70
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1498632
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=125
x-length: 394963
content-length: 394963
last-modified: Mon, 15 Jan 2024 08:25:07 GMT
server: TLB
x-tt-logid: 20240115082506E44CA98F6E432E7091F9
x-response-date: Mon, 15 Jan 2024 08:25:07 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2024-01-15T08:25:07.246572873Z 121
x-request-ip: fdbd:dc61:5:201::159
cache-control: max-age=31533084
x-tt-trace-host: 01fb9b78a9029ae12e9c588ed91969dab4e3dc6db8ae5d7da8f0e4a09469cfa7de3148abdeed6b33589221e6118925a6d79f5204f5ce1df4368877d92c908f5a0689c8202f3bcd46cfcfa36dd31595c2c37c433893564167d8117074491a2135179b5efc32972b391fdf92dca716b0ccf97659886be4ab9cd4301b2a966f032f05
x-response-cinfo: fdbd:dc61:5:201::159
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *

GET
H2 200 ccb240f2ec8947e6bc8e98545fade44a_1701495553
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame FCCC 411 KB
412 KB 74ms
74ms Image
image/jpeg 2.18.121.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ccb240f2ec8947e6bc8e98545fade44a_1701495553?x-expires=1705482000&x-signature=90U8LfFViQh4%2FQPFK%2Bl6AfyA9FY%3D
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.121.202 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-121-202.deploy.static.akamaitechnologies.com
Software: TLB / ImageX
Resource Hash: 5985c6ffbe2e559580382863d0d754228d1d1fddc77425501f02d781c4387346

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 9d0abd1
date: Mon, 15 Jan 2024 09:14:45 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
x-tt-trace-id: 00-2401150914414CC74129F0FE7C780D3C-4F4F09D06EEA70A9-00
nw-session-id: 2024011502441427CB9EF249AC7133B8D75p5db21tt
x-powered-by: ImageX
x-cache: TCP_HIT from a2-18-120-202.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 135,104.97.86.19
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1498632
server-timing: cdn-cache; desc=HIT, edge; dur=2, origin; dur=0, inner; dur=4
x-length: 420721
content-length: 420721
last-modified: Mon, 15 Jan 2024 02:44:15 GMT
server: TLB
x-tt-logid: 2024011502441427CB9EF249AC7133B8D7
x-response-date: Mon, 15 Jan 2024 02:44:15 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2024-01-15T02:44:15.884070386Z 103
x-request-ip: fdbd:dc61:10:225::35
x-origin-response-time: 34,23.55.62.71
x-tt-trace-host: 0159893ee4a12b1cb10c7d855a7ad5d8a6e00c056b4a20139202ec6b2d4cdd25dbb2b48d393d4725e1c8c3875dbee5dcdeb22ac340847bb191f84f6963d6f2a7af56c7d71d7b19418f44ccfef68bc60151be3bc17238939b4c723436161cddd20599c25bf869585604c2912789e6ccce61
x-response-cinfo: fdbd:dc61:10:225::35
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
cache-control: max-age=31512504

GET
BLOB 200
OK b3a11c94-1ae7-469e-954b-384fb3215490
https://googleads.g.doubleclick.net/ Frame FD4E 720 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/b3a11c94-1ae7-469e-954b-384fb3215490
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 720
Content-Type: application/javascript

GET
BLOB 200
OK 7b10e59b-2c1e-4d87-9e40-84b95def1dd3
https://googleads.g.doubleclick.net/ Frame FD4E 725 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/7b10e59b-2c1e-4d87-9e40-84b95def1dd3
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 725
Content-Type: text/javascript

OPTIONS
H2 204 /
mon-i18n.tiktokv.com/monitor_browser/collect/batch/ Frame 0
0 132ms
132ms Preflight 71.18.5.241
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/?biz_id=tiktok_web_embed

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

71.18.5.241 , United States, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
access-control-max-age: 600
bd-request-id: b9fc56821ce5790f2256dec1c81b8910
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:45 GMT
server: Tengine
server-timing: cdn-cache;desc=MISS, inner; dur=2, origin;dur=108, edge;dur=1
strict-transport-security: max-age=31536000;includeSubDomains
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain: mon-i18n.tiktokv.com
x-outhost: mon-i18n.tiktokv.com
x-tt-logid: 20240115091444A8BD93CDDA82061FB6EA
x-tt-trace-host: 01681fd6639bb5deb7e81c3bb4d6f87ee3166b9af480b06ff530df1d3fd501247e86aa31759420f9cb3661e9a9ca2cbc9b227f1078cd7a979113eaeccbda8e466864b19676d28ed4b72ef954bd022a3fd4
x-tt-trace-id: 00-240115091444A8BD93CDDA82061FB6EA-5A2311C39610A21E-00
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_tiktok-platform-lb-i18n.byteoversea.net

POST
H2 204 / Show response
mon-i18n.tiktokv.com/monitor_browser/collect/batch/ Frame FCCC 0
799 B 132ms
132ms XHR
text/plain 71.18.5.241
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/?biz_id=tiktok_web_embed

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/webmssdk/1.0.0.95/webmssdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

71.18.5.241 , United States, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Referer: https://www.tiktok.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 15 Jan 2024 09:14:45 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-tt-trace-tag: id=31;cdn-cache=miss
x-tt-trace-id: 00-240115091444088487006B8599310989-5EBA998653D84227-00
x-upstreamname: origin_tiktok-platform-lb-i18n.byteoversea.net
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache;desc=MISS, inner; dur=3, origin;dur=108, edge;dur=1
server: Tengine
x-tt-logid: 20240115091444088487006B8599310989
x-outhost: mon-i18n.tiktokv.com
x-outdomain: mon-i18n.tiktokv.com
access-control-max-age: 600
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host: 01681fd6639bb5deb7e81c3bb4d6f87ee3166b9af480b06ff530df1d3fd501247ec8216f255177712db87f41eca120919c801ad4842fe209c6c24f2117de1a78009343015985fd5d8980d8c0a4eb21b20b
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
bd-request-id: 66007b66e42593482230c37759f02651

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6523 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8115772839839&version=m202309260101&ct=77&x=1&cor=3332036674039453000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD4E 0
20 B 53ms
52ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6702573792268&version=m202309260101&ct=77&x=1&cor=1639896220741351200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FBAF 0
20 B 53ms
52ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1398298509179&version=m202309260101&ct=77&x=1&cor=18071223186229234000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8BF2 0
20 B 52ms
52ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9053730706920&version=m202309260101&ct=77&x=1&cor=13003113613522577000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 09:14:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
ad-events.flashtalking.com/state/7982913;4274296;0;271;6BD0E72C-F59B-340D-0D64-9B91E6CBAA66/ Frame FD4E 0
66 B 19ms
18ms Image
text/plain 35.156.126.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/7982913;4274296;0;271;6BD0E72C-F59B-340D-0D64-9B91E6CBAA66/?cachebuster=89407975
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.126.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-126-108.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:45 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame FD4E 1 B
377 B 60ms
60ms Image
text/plain 95.100.80.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7982913;4274296;0-304-0-0-68856093
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.80.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-80-78.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Jan 2024 09:14:45 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Mon, 15 Jan 2024 09:14:45 GMT

GET
H3 200 flexslider-icon.woff
www.j-hero.com/wp-content/themes/mh-magazine/fonts/ 1 KB
2 KB 468ms
467ms Font
font/woff 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.j-hero.com/wp-content/themes/mh-magazine/fonts/flexslider-icon.woff
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/wp-content/themes/mh-magazine/style.css?ver=3.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 333fe8266952f16c8b686f3edd78293da28e6eaef314dca86bc4eeaa23f290e8

Request headers

Referer: https://www.j-hero.com/wp-content/themes/mh-magazine/style.css?ver=3.8.6
Origin: https://www.j-hero.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
alt-svc: h3=":443"; ma=86400
content-length: 1268
x-nginx-cache: WordPress
last-modified: Tue, 26 Feb 2019 21:58:04 GMT
server: cloudflare
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: font/woff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4A26wNLozoFZgJcUusRZitml%2BGThPsFkRloI0XlJWMxjaZYr6S0JDcSEYxXyVM5n6DsHoKxsn7Wn1idfj76Gw0angT0y0sehho2zBDabxbXbWXN6oP4wQ5XxPSIGMEeHw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 845d02a30cf806c2-AMS

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 70ms
70ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c19c5264bcf2703ddbb4f5da702a480d4b318ec374e8078d01ba16e1f3c6d83a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12248
x-xss-protection: 0

GET
BLOB 200
OK 20930add-f349-46f2-bc5e-f13c8e0b46d4
https://googleads.g.doubleclick.net/ Frame FBAF 288 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/20930add-f349-46f2-bc5e-f13c8e0b46d4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 288
Content-Type: text/javascript

GET
BLOB 200
OK eb8eb09c-92a7-4272-940d-fcc9b6413276
https://googleads.g.doubleclick.net/ Frame 8BF2 288 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/eb8eb09c-92a7-4272-940d-fcc9b6413276
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 288
Content-Type: text/javascript

GET
H/1.1 200
OK consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame FBAF 6 KB
6 KB 84ms
21ms Image
image/png 95.100.80.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.80.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-80-78.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:45 GMT
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Server: Flashtalking (AKA)
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
Content-Type: image/png
X-Varnish: 69423302 69718121
Cache-Control: max-age=499
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5953
Expires: Mon, 15 Jan 2024 09:23:04 GMT

GET
H/1.1 200
OK consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame 8BF2 6 KB
6 KB 90ms
29ms Image
image/png 95.100.80.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.80.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-80-78.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:45 GMT
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Server: Flashtalking (AKA)
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
Content-Type: image/png
X-Varnish: 69423302 69718121
Cache-Control: max-age=499
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5953
Expires: Mon, 15 Jan 2024 09:23:04 GMT

GET
H2 200 common-monitors.1.12.1.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/slardar/fe/sdk-web/plugins/ Frame FCCC 20 KB
8 KB 38ms
38ms Script
application/javascript 23.32.238.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/slardar/fe/sdk-web/plugins/common-monitors.1.12.1.js
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/slardar/fe/sdk-web/browser.sg.js?bid=tiktok_web_embed&globalName=browserClient
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a65634ad828e4cc58a93b42d6b27e9f8c45782545e72640a85bd6d41574a86ca

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 2548e60b
date: Mon, 15 Jan 2024 09:14:45 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: v/nuCuWdOdnB5ucRx3luPg==
x-cache: TCP_MEM_HIT from a23-32-238-167.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53314474) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 7384
last-modified: Thu, 02 Nov 2023 08:03:33 GMT
opc-request-id: iad-1:kvm1n35zVVNfeg8h_5eDsc8JAJJV747Tri9AHGsrNmhGK114JNPFFY2jSGYR5IRX
x-api-id: native
etag: 4ebb3a8d-b15f-4e4a-acc7-cd54ea8e97d3
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: 4d78da31-2176-48c2-87e9-da2059ea3588
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 14 Feb 2024 09:14:45 GMT

GET
H/1.1 200
OK consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame FD4E 6 KB
6 KB 79ms
18ms Image
image/png 95.100.80.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Requested by: Host: www.j-hero.com
URL: https://www.j-hero.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.80.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-80-78.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 09:14:45 GMT
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Server: Flashtalking (AKA)
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
Content-Type: image/png
X-Varnish: 69423302 69718121
Cache-Control: max-age=499
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5953
Expires: Mon, 15 Jan 2024 09:23:04 GMT

GET
H2 200 common-monitors.1.5.0.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/slardar/fe/sdk-web/plugins/ Frame FCCC 19 KB
8 KB 30ms
29ms Script
application/javascript 23.32.238.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/slardar/fe/sdk-web/plugins/common-monitors.1.5.0.js
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/ttweb_webmssdk_ex/1.0.0.119/webmssdk_ex.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7520bda9576b519df3561d67722d95bea0bfb8f644b8b83b38b663138d62cd68

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id: 2548e627
date: Mon, 15 Jan 2024 09:14:45 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: lJMNanjiQY7KAJ1oFCsUBQ==
x-cache: TCP_MEM_HIT from a23-32-238-167.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53314474) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 7101
last-modified: Wed, 15 Feb 2023 03:17:11 GMT
opc-request-id: iad-1:a9Odx4trFHhAUHQHvPMsQRl-eFx9sgq0TArq-lOEkI_BwaZxcN8bWaD5NarH-_TF
x-api-id: native
etag: f69b14ef-715b-4897-9d2b-f2811c896f09
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: bf1061da-7f62-45be-8168-83d7b672961a
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 14 Feb 2024 09:14:45 GMT

GET
BLOB 200
OK 8c76568a-25ef-469d-8517-2ad0a7fceb80
https://googleads.g.doubleclick.net/ Frame FD4E 288 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/8c76568a-25ef-469d-8517-2ad0a7fceb80
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 288
Content-Type: text/javascript

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame FBAF 1 B
283 B 381ms
381ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=GoVbgicEbKysQKvYkyTjldsavqghVKPM-FE7fPshldVrlKDwf0HLJFUnAPA==-E03BOc9ia1HmPw==&pm_ct=d764c38330f7052d2e76488b&pm_pl=1705310084617&pm_td=1073&pid=1000941&en=1.1&callback=__pm_glbl_U6A2gq05lmiSqpipTAvlL6cw._gc2&tt=g&v=68d29ed
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=FDD91455-3F67-74A5-71D6-3145FCA26F93&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&920071131
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Mon, 15 Jan 2024 09:14:46 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 8BF2 1 B
283 B 255ms
254ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=GoVbgicEbKysQKvYkyTjldsavqghVKPM-FE7fPshldVrlKDwf0HLJFUnAPA==-E03BOc9ia1HmPw==&pm_ct=4580522df7949d3c1039f6fe&pm_pl=1705310084840&pm_td=855&pid=1000941&en=1.1&callback=__pm_glbl_pH40bfEddnRatZMeFPO9rFyZ._gc2&tt=g&v=68d29ed
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=9C58F654-9765-6494-964C-9D6995F99ABB&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&420074410
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Mon, 15 Jan 2024 09:14:45 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Jan 2024 09:14:45 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame FD4E 1 B
283 B 254ms
254ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=GoVbgicEbKysQKvYkyTjldsavqghVKPM-FE7fPshldVrlKDwf0HLJFUnAPA==-E03BOc9ia1HmPw==&pm_ct=2e74dd659f97e92fea75a21d&pm_pl=1705310085131&pm_td=571&pid=1000941&en=1.1&callback=__pm_glbl_yOwWIDbPrdI0n9sHgY7tAa1J._gc2&tt=g&v=68d29ed
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=6BD0E72C-F59B-340D-0D64-9B91E6CBAA66&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&95817595
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Mon, 15 Jan 2024 09:14:45 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame FD4E 1 B
377 B 63ms
63ms Image
text/plain 95.100.80.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7982913;4274296;0-305-0-0-891404307
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.80.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-80-78.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Jan 2024 09:14:45 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Mon, 15 Jan 2024 09:14:45 GMT

OPTIONS
H2 204 /
mon-i18n.tiktokv.com/monitor_browser/collect/batch/ Frame 0
0 140ms
140ms Preflight 71.18.5.241
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/?biz_id=tiktok_web_embed

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

71.18.5.241 , United States, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
access-control-max-age: 600
bd-request-id: 2723c64dcbf4266a0d21beea85169ef3
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:45 GMT
server: Tengine
server-timing: cdn-cache;desc=MISS, inner; dur=13, origin;dur=116, edge;dur=0
strict-transport-security: max-age=31536000;includeSubDomains
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain: mon-i18n.tiktokv.com
x-outhost: mon-i18n.tiktokv.com
x-tt-logid: 20240115091444F4E64820CDD64C2D7A1C
x-tt-trace-host: 01681fd6639bb5deb7e81c3bb4d6f87ee3166b9af480b06ff530df1d3fd501247efb3f4922a8cd7a5db654ebec1fa014457eda763b776406128ae22e66dd6bed465aa0d5eeee8f82463dcb7bd8df615bfea98e750035558db131c622a84f727294
x-tt-trace-id: 00-240115091444F4E64820CDD64C2D7A1C-0C3CF60D923737F6-00
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_tiktok-platform-lb-i18n.byteoversea.net

OPTIONS
H2 204 /
mon-i18n.tiktokv.com/monitor_browser/collect/batch/ Frame 0
0 143ms
143ms Preflight 71.18.5.241
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/?biz_id=tiktok_web_embed

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

71.18.5.241 , United States, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
access-control-max-age: 600
bd-request-id: ea763b9ca75c1ca7970f815a71c097f4
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:45 GMT
server: Tengine
server-timing: cdn-cache;desc=MISS, inner; dur=11, origin;dur=118, edge;dur=1
strict-transport-security: max-age=31536000;includeSubDomains
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain: mon-i18n.tiktokv.com
x-outhost: mon-i18n.tiktokv.com
x-tt-logid: 20240115091444A8BD93CDDA82061FB70C
x-tt-trace-host: 01681fd6639bb5deb7e81c3bb4d6f87ee3166b9af480b06ff530df1d3fd501247e86aa31759420f9cb3661e9a9ca2cbc9b719b75089c19ac93ccbd99137336c8e8580ae9ff934f836c5871487eb579bea8a04a2f5fd2a0d8188dbcf12e91df5bf3
x-tt-trace-id: 00-240115091444A8BD93CDDA82061FB70C-5A2311C39610A2AE-00
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_tiktok-platform-lb-i18n.byteoversea.net

POST
H2 204 / Show response
mon-i18n.tiktokv.com/monitor_browser/collect/batch/ Frame FCCC 0
801 B 165ms
164ms XHR
text/plain 71.18.5.241
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/?biz_id=tiktok_web_embed

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/webmssdk/1.0.0.95/webmssdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

71.18.5.241 , United States, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Referer: https://www.tiktok.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 15 Jan 2024 09:14:45 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-tt-trace-tag: id=31;cdn-cache=miss
x-tt-trace-id: 00-240115091444A8BD93CDDA82061FB72B-5A2311C39610A342-00
x-upstreamname: origin_tiktok-platform-lb-i18n.byteoversea.net
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache;desc=MISS, inner; dur=4, origin;dur=115, edge;dur=26
server: Tengine
x-tt-logid: 20240115091444A8BD93CDDA82061FB72B
x-outhost: mon-i18n.tiktokv.com
x-outdomain: mon-i18n.tiktokv.com
access-control-max-age: 600
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host: 01681fd6639bb5deb7e81c3bb4d6f87ee3166b9af480b06ff530df1d3fd501247e86aa31759420f9cb3661e9a9ca2cbc9b227f1078cd7a979113eaeccbda8e4668c26badc1023b6704962121bda639ce4a
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
bd-request-id: 8cd5e7aeb0d362349c70bda1b2a34a87

POST
H2 204 / Show response
mon-i18n.tiktokv.com/monitor_browser/collect/batch/ Frame FCCC 0
826 B 181ms
181ms XHR
text/plain 71.18.5.241
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/?biz_id=tiktok_web_embed

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/webmssdk/1.0.0.95/webmssdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

71.18.5.241 , United States, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Referer: https://www.tiktok.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 15 Jan 2024 09:14:45 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-tt-trace-tag: id=31;cdn-cache=miss
x-tt-trace-id: 00-2401150914441515F3D3A15CB63A9FF9-5713870A3B1F08F6-00
x-upstreamname: origin_tiktok-platform-lb-i18n.byteoversea.net
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache;desc=MISS, inner; dur=4, origin;dur=112, edge;dur=23
server: Tengine
x-tt-logid: 202401150914441515F3D3A15CB63A9FF9
x-outhost: mon-i18n.tiktokv.com
x-outdomain: mon-i18n.tiktokv.com
access-control-max-age: 600
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host: 01681fd6639bb5deb7e81c3bb4d6f87ee3166b9af480b06ff530df1d3fd501247e2ae28074a0a0d250a5af8fb1932714289eabe5522dd3f64150bfbd0d7ef6a9ead2337741e9ed7c93a733e670983f0c6a47bfa9c4972b7aba746bc20a51a20418
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
bd-request-id: 056437d05712131d89548d6a6bf95afa

GET
DATA 200
OK truncated
/ Frame FBAF 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame 8BF2 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame FD4E 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F267 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.j-hero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 2872
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 08:26:53 GMT
expires: Tue, 14 Jan 2025 08:26:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D857 829 B
557 B 30ms
30ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b933c7861a4827b1f97757ed577f74eabaaf5cbb3b433449b5d6480b753f1680

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kJFpF1IkO6c9AL6dUtg6ug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.j-hero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-kJFpF1IkO6c9AL6dUtg6ug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:45 GMT
expires: Mon, 15 Jan 2024 09:14:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame F267 39 KB
15 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 08:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Jan 2025 08:09:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D857 0
0 52ms
52ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=487267064338730&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F267 0
11 B 19ms
18ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xelJvQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:14:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 8BF2 1 B
283 B 126ms
126ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=GoVbgicEbKysQKvYkyTjldsavqghVKPM-FE7fPshldVrlKDwf0HLJFUnAPA==-E03BOc9ia1HmPw==&pm_ct=4580522df7949d3c1039f6fe&pm_pl=1705310084840&pm_td=1117&pid=1000941&en=1.1&callback=__pm_glbl_pH40bfEddnRatZMeFPO9rFyZ._gc3&tt=g&v=68d29ed
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=9C58F654-9765-6494-964C-9D6995F99ABB&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&420074410
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Mon, 15 Jan 2024 09:14:46 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame FD4E 1 B
283 B 127ms
127ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=GoVbgicEbKysQKvYkyTjldsavqghVKPM-FE7fPshldVrlKDwf0HLJFUnAPA==-E03BOc9ia1HmPw==&pm_ct=2e74dd659f97e92fea75a21d&pm_pl=1705310085131&pm_td=831&pid=1000941&en=1.1&callback=__pm_glbl_yOwWIDbPrdI0n9sHgY7tAa1J._gc3&tt=g&v=68d29ed
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=6BD0E72C-F59B-340D-0D64-9B91E6CBAA66&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&95817595
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Mon, 15 Jan 2024 09:14:46 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame FBAF 1 B
283 B 127ms
126ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=GoVbgicEbKysQKvYkyTjldsavqghVKPM-FE7fPshldVrlKDwf0HLJFUnAPA==-E03BOc9ia1HmPw==&pm_ct=d764c38330f7052d2e76488b&pm_pl=1705310084617&pm_td=1459&pid=1000941&en=1.1&callback=__pm_glbl_U6A2gq05lmiSqpipTAvlL6cw._gc3&tt=g&v=68d29ed
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=FDD91455-3F67-74A5-71D6-3145FCA26F93&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&920071131
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Mon, 15 Jan 2024 09:14:46 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
56ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=487267064338730&bg=!m5ilmNfNAAaumcC-jpk7ADQBe5WfON6phFTwrGAsruqimxX2vve67DH9FuwMiA7UtYSNIjGSRZD7Ine01io2Uwp8XWMYAgAAADpSAAAAAWgBB5kCvVDTlbsU2r9cHRv4kD-wA0Sw4Gkw3llDbotgWJQQmYmxmaMvUsnHFX9nm3_WhOBOCmk_bCUSXfOL1d9-0ugKckV1cgLiVr-nS2uXg1mfpQ9ikh0XxyZ6YiPYUsBD9ov7MiWhXanDl3iDb6Jtzx-rqOtcxfnnDjXpF4mXy0rt3tNulx2y1iWmDm5pm99L5o1-K7_VJJ8YF5nP97niHdWzFE4whZ9H4GKsEMORna-J7PrvjgDj9xlNDTPx42xEGC3qPFrO6wRc-Cs7eU-OIsUJAG56JSe2mtBsU65CDVCKFplK1rF3hPLlwLszsG0QV3lp3GELuOetnd6Enp5xLUGzJpQhJuUYRQjldXBMvbmPB3Dzpm8RnyeWeR31oy6cO2vAUBhf5O_C9VI8PMDvZzz9XpiACY91dlBVODJRCuB7OiApitns5Ef8gDoxPT3seAEZL48rSMc_aCILYiDaVyTN8X9YX8Lj3mE-KUcSEWeDKeks3saXpwFN_4cOvvu8cwE1vfsSxyX5VoFmSJRCERClRftvOHAbUtZQnLdzfFKA1UiPcdq63L_YcfyIWf5E_INd3zpdh_BPXI2TotXO_mm1QpC374OOH_V6IbC0JIQSENMp8AeM-qMeQj5Va0arUFVURAuaEspAeF5l60UJB_IF4F5taAkWfBGgeXA7qJkso3XKIElBCUSPofC-F1b8a9Ny-uloQ7md_4S1ejR5Tq3x7RFkeDhtpQQSKDaPe64wf1IFCrGyJD7Ok-U-q8mmIPAsV7i-s04C_2EcN-530ezT_0gEPEOk6_iLN9Md6UNIg5obn3N48C1FmBfHlr_ug-0lLve4O7BK4eZNDdybY26zlVLMAbVZ4_eTdnqZ5-lSKiTqme42CTsBljNLY6TwJRh4AlQKvRRmbo8bin7m0LSObIrWWq3hIPkeWHEdk7uQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.j-hero.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

POST
H2 204 / Show response
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame FCCC 0
819 B 110ms
110ms XHR
text/plain 147.160.191.131
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=webmssdk

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/webmssdk/1.0.0.95/webmssdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

147.160.191.131 , United States, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Referer: https://www.tiktok.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 15 Jan 2024 09:14:47 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-tt-trace-tag: id=31;cdn-cache=miss
x-tt-trace-id: 00-240115091446B71E21D81F56DB0B0080-31EB4C9236037523-00
x-upstreamname: origin_maliva-normal-lb.byteoversea.net
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache;desc=MISS, inner; dur=2, origin;dur=91, edge;dur=1
server: Tengine
x-tt-logid: 20240115091446B71E21D81F56DB0B0080
x-outhost: mon-va.byteoversea.com
x-outdomain: mon-va.byteoversea.com
access-control-max-age: 600
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host: 01c554b38239ff32bc286f6ab99ac6c3aadcbc32ace4f53cf18fe6653b9c6801e6e0ac727d6aaa8f4116f0f657af1b91593210fc3c739accf8db11dd5b7c26c59f2e267d45a400f470a70e8994d2e21cab988b5e28f84f0da254dd220b2cd9ec20
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
bd-request-id: bab3ff292bb1c3653c81cf19f3f298e1

OPTIONS
H2 204 /
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 0
0 113ms
112ms Preflight 147.160.191.131
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=webmssdk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

147.160.191.131 , United States, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
access-control-max-age: 600
bd-request-id: 75ebcafc51b816229ee79a25be56f5ba
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:46 GMT
server: Tengine
server-timing: cdn-cache;desc=MISS, inner; dur=4, origin;dur=91, edge;dur=1
strict-transport-security: max-age=31536000;includeSubDomains
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain: mon-va.byteoversea.com
x-outhost: mon-va.byteoversea.com
x-tt-logid: 202401150914454BAB84FCEE3C1607A53A
x-tt-trace-host: 01c554b38239ff32bc286f6ab99ac6c3aadcbc32ace4f53cf18fe6653b9c6801e6cfab0ae1de3eacfc7fb8572251e9efef366f699a3e40ef5755c9eeb499c012b411ced0b64e31ae02b84684d5a6cf48e218694e32ad7631346ccfdeba59be290f
x-tt-trace-id: 00-2401150914454BAB84FCEE3C1607A53A-5E6334B15785CA15-00
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net

OPTIONS
H2 204 /
mon-i18n.tiktokv.com/monitor_browser/collect/batch/ Frame 0
0 127ms
127ms Preflight 71.18.5.241
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/?biz_id=tiktok_web_embed

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

71.18.5.241 , United States, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
access-control-max-age: 600
bd-request-id: 1e7f4775023388b04ed41df7752f3f6f
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:46 GMT
server: Tengine
server-timing: cdn-cache;desc=MISS, inner; dur=2, origin;dur=103, edge;dur=0
strict-transport-security: max-age=31536000;includeSubDomains
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain: mon-i18n.tiktokv.com
x-outhost: mon-i18n.tiktokv.com
x-tt-logid: 202401150914455C980790D4478B23AB5C
x-tt-trace-host: 01681fd6639bb5deb7e81c3bb4d6f87ee3166b9af480b06ff530df1d3fd501247ecab877a4821412527026913032f54301561576680b071ac56ed9decbb832e07e6670a0a1a7067acc61ed1064de7bf55b8a78711bf9e4da184e4ad8a5a67ca1b2
x-tt-trace-id: 00-2401150914455C980790D4478B23AB5C-08D11CD1478EB3AA-00
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_tiktok-platform-lb-i18n.byteoversea.net

POST
H2 204 / Show response
mon-i18n.tiktokv.com/monitor_browser/collect/batch/ Frame FCCC 0
827 B 157ms
156ms XHR
text/plain 71.18.5.241
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/?biz_id=tiktok_web_embed

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/webmssdk/1.0.0.95/webmssdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

71.18.5.241 , United States, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Referer: https://www.tiktok.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 15 Jan 2024 09:14:47 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-tt-trace-tag: id=31;cdn-cache=miss
x-tt-trace-id: 00-2401150914465C980790D4478B23AB6F-08D11CD1478EB3FE-00
x-upstreamname: origin_tiktok-platform-lb-i18n.byteoversea.net
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache;desc=MISS, inner; dur=2, origin;dur=107, edge;dur=26
server: Tengine
x-tt-logid: 202401150914465C980790D4478B23AB6F
x-outhost: mon-i18n.tiktokv.com
x-outdomain: mon-i18n.tiktokv.com
access-control-max-age: 600
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host: 01681fd6639bb5deb7e81c3bb4d6f87ee3166b9af480b06ff530df1d3fd501247ecab877a4821412527026913032f54301778a1a2c7fd4c9adf50af577469fcba808088298ef50b63be8ba745730783e61e94894e3dc65386319569229e3a1308a
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
bd-request-id: 7be832461153e28697878e11407fc7b7

POST
H/1.1 200
OK report Show response
mssdk-va.byteoversea.com/web/ Frame FCCC 44 B
2 KB 169ms
169ms XHR
text/plain 23.36.163.226
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mssdk-va.byteoversea.com/web/report?msToken=9mFLDeFXyuimMcFmx6DawzZxhQy45Wqan21zJ7pvaN_RdC-WsM9LO61SyZ3WKSvhm2BUGsuDXesuHGO7GuViACsY8RHPaWOfaawwW6kRlwDI734IFSqC9NcsIvV4Dxs=&X-Bogus=DFSzswSO5gf9an8QtiDrGt9WcBjo
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/webmssdk/1.0.0.95/webmssdk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.226 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-226.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: b097fc471c067f5960fbf018f38f1e00396bb71612d79be26976b8f18cf8da26

Request headers

Referer: https://www.tiktok.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

X-Akamai-Request-ID: dafe43b0.34381389
Date: Mon, 15 Jan 2024 09:14:48 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240115091447CA2D108411FF15076F7D-3737554147968D58-00
X-Cache: TCP_MISS from a23-36-161-198.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
X-Parent-Response-Time: 150,23.36.161.198
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=84, origin; dur=66, inner; dur=62
Content-Length: 44
X-Ms-Token: YAYU-xk0GUqjyQNkYFSMYPLsLdjFhox1XXrgm-r0_-OdQKMszHeyQyupuKZPT6JuFf96jZfAvPMp409DAiGgdyY_qIudEJK5bOR605ISP6g6KF7POLDW
Pragma: no-cache
Server: TLB
X-Tt-Logid: 20240115091447CA2D108411FF15076F7D
X-Cache-Remote: TCP_MISS from a23-48-200-200.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Expose-Headers: x-ms-token,x-ms-resp
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 66,23.48.200.200
x-tt-trace-host: 0159893ee4a12b1cb10c7d855a7ad5d8a60ba7b6e0143aec243834e4c9613d4a3c4d1dfb53aa7faa0cd02bd03f0d66c1c9aee3345cf59a40c7826c161f95550745e03c68dc5e9c9c85dbd5cf4476446f453b388ce4f257083ed008754387d55747e6114c2035d00c676dfe3e9bfbb49e27
Access-Control-Allow-Headers: x-mssdk-info,x-ms-req
Expires: Mon, 15 Jan 2024 09:14:48 GMT

OPTIONS
H2 204 /
mon-i18n.tiktokv.com/monitor_browser/collect/batch/ Frame 0
0 131ms
130ms Preflight 71.18.5.241
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/?bid=tiktok_pns_web_runtime

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

71.18.5.241 , United States, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
access-control-max-age: 600
bd-request-id: 8fb767ccfc427d7f3c75e525a474eb6f
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 09:14:48 GMT
server: Tengine
server-timing: cdn-cache;desc=MISS, inner; dur=3, origin;dur=106, edge;dur=0
strict-transport-security: max-age=31536000;includeSubDomains
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain: mon-i18n.tiktokv.com
x-outhost: mon-i18n.tiktokv.com
x-tt-logid: 20240115091447EBEDA3137CAE462AE821
x-tt-trace-host: 01681fd6639bb5deb7e81c3bb4d6f87ee3166b9af480b06ff530df1d3fd501247e5de1f649888a3cb8304e910e68d25e6094b4e4f775ddd2c80ffc8d666c26ce1afe03b5c6d9e6ca59f9904e666c013d53
x-tt-trace-id: 00-240115091447EBEDA3137CAE462AE821-708DD91C9AD19C85-00
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_tiktok-platform-lb-i18n.byteoversea.net

POST
H2 204 /
mon-i18n.tiktokv.com/monitor_browser/collect/batch/ Frame FCCC 0
0 156ms
155ms Fetch 71.18.5.241
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/?bid=tiktok_pns_web_runtime

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/webmssdk/1.0.0.95/webmssdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

71.18.5.241 , United States, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Referer: https://www.tiktok.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 15 Jan 2024 09:14:48 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-tt-trace-tag: id=31;cdn-cache=miss
x-tt-trace-id: 00-240115091447088487006B8599310B1E-5EBA998653D848A3-00
x-upstreamname: origin_tiktok-platform-lb-i18n.byteoversea.net
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache;desc=MISS, inner; dur=2, origin;dur=107, edge;dur=24
server: Tengine
x-tt-logid: 20240115091447088487006B8599310B1E
x-outhost: mon-i18n.tiktokv.com
x-outdomain: mon-i18n.tiktokv.com
access-control-max-age: 600
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host: 01681fd6639bb5deb7e81c3bb4d6f87ee3166b9af480b06ff530df1d3fd501247ec8216f255177712db87f41eca120919cbc70f7e39f2a10846de0a20ae898f035c47614167df2a063e550a213f7f0ca1e305a690e5f93a86b85e1e2b52153e813
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
bd-request-id: 00ba5c4c644cf40ec9b15496440cb2cf

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame FBAF 1 B
377 B 19ms
19ms Image
text/plain 95.100.80.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7982913;4274296;0-310-0-0-65008083-0x0x50x0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.80.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-80-78.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Jan 2024 09:14:50 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Mon, 15 Jan 2024 09:14:50 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBN-nh9tydwfXdlTKq4hf8s&google_cver=1

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Verdicts & Comments Add Verdict or Comment

282 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 22:05:21	Name: NID Value: 511=vpiMwlQG5z2tqxj45Xp56Yr3LrKjPXWQaixxz1ehToaXagq_LZXwPtLjNPREnffv7v_7qO1DnCpxD_d9LqQ2ui7Yq9mSWQW7EZhWxtd4ZTc-zW3pl5pHc1TG8l98gVq1IZx-dBUdOoB_IdC8pakPA6PZV4MGps5AhO3oHHJ2AUc
www.j-hero.com/	1969-12-31 23:59:59	Name: quads_browser_width Value: 1600
.discord.com/	1969-12-31 23:59:59	Name: __cfruid Value: d4be82c1258a8879acf9ae566f138271f8298a9b-1705310082
.discord.com/	1969-12-31 23:59:59	Name: _cfuvid Value: fBgx6iNwFxQYcWecQzpPHxBjgr3FaKQntg9y5dEgEyQ-1705310082056-0-604800000
.j-hero.com/	1970-01-21 03:17:50	Name: _ga_ENR3T43FQJ Value: GS1.1.1705310082.1.0.1705310082.60.0.0
.j-hero.com/	1970-01-21 03:17:50	Name: _ga Value: GA1.2.1525255968.1705310082
.j-hero.com/	1970-01-20 17:43:16	Name: _gid Value: GA1.2.47671798.1705310082
.j-hero.com/	1970-01-20 17:41:50	Name: _gat_gtag_UA_134698961_1 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: cpD_4sBsoRY
.j-hero.com/	1970-01-21 03:03:26	Name: __gads Value: ID=43afdfef8f7ac676:T=1705310082:RT=1705310082:S=ALNI_Ma0tmupWReur_uVLKWqAJr2h9G1oQ
.j-hero.com/	1970-01-21 03:03:26	Name: __gpi Value: UID=00000d41ac2b936a:T=1705310082:RT=1705310082:S=ALNI_MbCrsoDBstOzd30P6dbGH6T70NalA
.discord.com/	1970-01-21 02:27:26	Name: cf_clearance Value: 6ebmSAvpAfocrOHxVl0MheH_icyPn9YwKLQd5asv7pQ-1705310082-0-2-bc054b7e.ac0f967b.33db8542-0.2.1705310082
.tiktok.com/	1970-01-21 02:20:14	Name: ttwid Value: 1%7C5dRQAXbRgB3PnnrkKapy-MXry5SzX4JsXSw4TW4y0Po%7C1705310082%7C6f66b4435bfa8110290abfd55408d9b6fcaa7f841f76c4e7cbde169bc9f8e343
.doubleclick.net/	1970-01-21 03:03:26	Name: IDE Value: AHWqTUmJ10fpLfCKRXth76FLOu_D1rZ9060lFyzGwg4eUgrGsfFh31DMC5yXhFVX
.adnxs.com/	1970-01-20 19:51:26	Name: uuid2 Value: 17591973515172573
.casalemedia.com/	1970-01-21 02:27:26	Name: CMID Value: ZaT3ghdq48G-VONJk0tLoAAA
.casalemedia.com/	1970-01-20 19:51:26	Name: CMPS Value: 2220
.casalemedia.com/	1970-01-20 19:51:26	Name: CMPRO Value: 2220
.doubleclick.net/	1970-01-20 22:01:02	Name: APC Value: AfxxVi4ieNsoaR3-ALHcEv6LQY-uFV_m1oHfoiWibRvn7GGa-1bGuQ
.doubleclick.net/	1970-01-20 18:25:02	Name: ar_debug Value: 1
.redintelligence.net/	1970-01-20 19:51:26	Name: 8lcfmzhxc8d6_uid Value: 1f08edcd497caf50
.doubleclick.net/	1970-01-20 17:41:53	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-21 03:17:50	Name: XANDR_PANID Value: UFx1joWuIpK-M5QGDwP0lm4pbCTD7XhkF0lKUY96dVGtD53iC8mN6FrIBOd7Uwpls9G9LkbJetYWZ708eMI0_E-BQ-WQPrvF0ZXBRrOot3w.
.adnxs.com/	1970-01-20 19:51:26	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HaNHyyy.!A#FA(<j<dINiYhTyXnfi8FW/_hp+McfPvBfA2uhezvO<kwwBo6+_JJwXE((j#iP(Md+>)fy+gWIjR
.simpli.fi/	1970-01-21 02:28:52	Name: suid Value: F3B3D11A291146E4A6EFEF40AB9759B7
.quantserve.com/	1970-01-20 19:51:26	Name: d Value: EEYBCQH0KoEA
.quantserve.com/	1970-01-21 03:12:04	Name: mc Value: 65a4f783-c62b2-3cfd2-99ad6
.adform.net/	1970-01-20 18:26:28	Name: C Value: 1
.adform.net/	1970-01-20 19:08:14	Name: uid Value: 3496091364771712391
.googleadservices.com/	1970-01-20 19:51:26	Name: ar_debug Value: 1
.travelaudience.com/	1970-01-21 03:13:30	Name: _tracker Value: %7B%22UUID%22%3A%22A6B215F8-A342-49C2-09E4-5D649C9BC29D%22%7D
.de17a.com/	1970-01-21 02:20:14	Name: guid Value: 1.1151164808453280425
.yahoo.com/	1970-01-21 02:27:47	Name: A3 Value: d=AQABBIT3pGUCEOKcT8UITEbKyjICxi7YIGUFEgEBAQFJpmWuZQAAAAAA_eMAAA&S=AQAAAt2p9PXo16wY5zF4xebDog0
.w55c.net/	1970-01-21 03:13:30	Name: wfivefivec Value: 6vrUj1Cm1Rpj3m5
.w55c.net/	1970-01-20 18:25:02	Name: matchgoogle Value: 5
.tribalfusion.com/	1970-01-20 19:51:26	Name: ANON_ID Value: aKntuJxNeTgBeZdwQyxT76hhjnGZaTbgtyF0P57iXTruWsFoWLW35BsMLEv3rue3oos5LgNmgbUQRGXNZcc200PPZa6h
.byteoversea.com/	1970-01-20 17:56:14	Name: msToken Value: YAYU-xk0GUqjyQNkYFSMYPLsLdjFhox1XXrgm-r0_-OdQKMszHeyQyupuKZPT6JuFf96jZfAvPMp409DAiGgdyY_qIudEJK5bOR605ISP6g6KF7POLDW

25 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBN-nh9tydwfXdlTKq4hf8s&google_cver=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
violation	error	URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.696/index.js(Line 3) Message: Permissions policy violation: accelerometer is not allowed in this document.
javascript	warning	URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.696/index.js(Line 3) Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=FDD91455-3F67-74A5-71D6-3145FCA26F93&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&920071131(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=FDD91455-3F67-74A5-71D6-3145FCA26F93&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&920071131(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=FDD91455-3F67-74A5-71D6-3145FCA26F93&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&920071131(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=FDD91455-3F67-74A5-71D6-3145FCA26F93&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&920071131(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=FDD91455-3F67-74A5-71D6-3145FCA26F93&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&920071131(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=FDD91455-3F67-74A5-71D6-3145FCA26F93&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&920071131(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=9C58F654-9765-6494-964C-9D6995F99ABB&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&420074410(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=9C58F654-9765-6494-964C-9D6995F99ABB&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&420074410(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=9C58F654-9765-6494-964C-9D6995F99ABB&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&420074410(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=9C58F654-9765-6494-964C-9D6995F99ABB&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&420074410(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=9C58F654-9765-6494-964C-9D6995F99ABB&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&420074410(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=9C58F654-9765-6494-964C-9D6995F99ABB&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&420074410(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=6BD0E72C-F59B-340D-0D64-9B91E6CBAA66&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&95817595(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=6BD0E72C-F59B-340D-0D64-9B91E6CBAA66&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&95817595(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=6BD0E72C-F59B-340D-0D64-9B91E6CBAA66&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&95817595(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=6BD0E72C-F59B-340D-0D64-9B91E6CBAA66&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&95817595(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=6BD0E72C-F59B-340D-0D64-9B91E6CBAA66&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&95817595(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7982913&l4=4274296&l5=1&l6=1&utid=6BD0E72C-F59B-340D-0D64-9B91E6CBAA66&creative_type=display&adid=ftdiv7982913&pub_app=&pub_domain=https://www.j-hero.com/&uid=&cb=601964.2043142522&pub_ts=1703003264&95817595(Line 1) Message: Failed to create WebGPU Context Provider

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
a.tribalfusion.com
accounts.google.com
ad-events.flashtalking.com
ad.doubleclick.net
ads.travelaudience.com
adservice.google.com
agen-assets.ftstatic.com
ajax.googleapis.com
ajs-assets.ftstatic.com
apis.google.com
c0.wp.com
c1.adform.net
cdn.ampproject.org
cdn.contentspread.net
cdn.discordapp.com
cdn.flashtalking.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
d5p.de17a.com
data.ad-score.com
dclk-match.dotomi.com
dis.criteo.com
discord.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900030.redintelligence.net
i0.wp.com
ib.adnxs.com
js.ad-score.com
lf16-tiktok-web.ttwstatic.com
libraweb.tiktokw.eu
match.adsrvr.org
mcs-ie.tiktokw.eu
mon-i18n.tiktokv.com
mon-va.byteoversea.com
mssdk-va.byteoversea.com
onetag-sys.com
p16-sign-sg.tiktokcdn.com
p16-sign-va.tiktokcdn.com
p77-sign-sg-lite.tiktokcdn.com
p77-sign-va-lite.tiktokcdn.com
pagead2.googlesyndication.com
pixel.wp.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
region1.analytics.google.com
s.tribalfusion.com
s.w.org
secure.flashtalking.com
servedby.flashtalking.com
sf16-website-login.neutral.ttwstatic.com
ssl.gstatic.com
stat.flashtalking.com
stats.g.doubleclick.net
stats.wp.com
sync.search.spotxchange.com
sync.teads.tv
syndication.twitter.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
v19-web-newkey.tiktokcdn.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.j-hero.com
www.tiktok.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
sync.search.spotxchange.com
104.18.36.155
104.244.42.72
108.138.36.55
130.211.115.4
136.243.149.243
138.199.37.209
138.199.37.213
142.250.184.194
142.250.74.198
146.75.122.113
147.160.191.131
159.69.70.9
162.159.129.233
162.159.138.232
172.217.18.2
178.250.1.9
18.184.81.93
184.86.251.139
185.89.210.141
188.114.97.3
192.0.76.3
192.0.77.2
192.0.77.37
192.0.77.48
2.16.100.152
2.16.238.11
2.18.121.202
2001:4860:4802:32::36
213.155.156.180
23.197.10.234
23.32.238.171
23.32.238.234
23.36.163.226
2600:9000:2646:1000:a:deb0:3380:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6812:19ad
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:800::200e
2a00:1450:4001:802::2001
2a00:1450:4001:808::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:827::2008
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:400c:c06::54
2a00:1450:400c:c0d::9c
2a02:fa8:8806:20::2040
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:d29:3602:567b:9400:1b2a:e999
3.33.220.150
3.75.62.37
35.156.126.108
35.190.0.66
35.204.158.49
35.244.159.8
37.157.2.229
51.89.9.254
52.58.114.78
71.18.5.241
85.114.131.235
95.100.80.78
95.101.111.174
95.101.185.124
012836af0a51bc628cc3eb10b36ac2b6a1dc5c6b118f95c6e5c0a66bb2c14966
029dedf319bc4536d9c663ae9c0b10c95d1e9f5dd1de0aa73172e9e89ae254cc
02f53f3cfcf35995ad443b8a13d6bd93daa4364d50de3fb0ae7f3a4df40eea79
030a48bdceecea284c28a35adf5b0f72dd3ef87274efa511da1fd1250434f240
03bdc578df22c63b243c4f3e898dd7d083c65b24205260541b0abc072cc38e5a
04492e4b2ab4485a529ff3b7c4000eebe6dc453f378477d0b5f0e24d0c09b711
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94
07e43ef44311fbf41812030100b4f1a1dbe230aa16fe4523413a23e407979c55
08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c18a7096d8615e2b30d7fbaccb64fe00b6cffccf671c3c4ca53244640722202
0e3fdee6391fb1526f7f7aac516904fee53d4581b51eff509f18c6e7bcd7815a
0ec9c1a3a15249998644d0f1a686e8e91b48dd4f95c6eb3eea65da4eb8cc0e22
10fa3054a5f965bbbe031e3953c56219c65fda919c8c069e992e2ea00b194271
11f9adb81ef1663fd9b65210aa91b3ab47a344d35c9e3e3b4b048f6b1e43c781
120e0a6c2e0bfb8da82d37af63f16714b7de18b7e937498bff0b840a5775efa1
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
12b0b0f3d1cd295e10687f03d815a36861ee17c926a7dcea2c58a5536b46f90d
1348be68ae96ce3d5e8dcb0aeb86a35e758fea510bdcb99a32bb3c49959a61be
134ac91bb2a40002d2521ca3f99e837c2d483d2217872fa24d1810c95a51f27a
136cf7e0d9d35b112b1519e512a12767a73e2fe2d73875eedc65a74844332332
13da02ce62b1a388a7c8d6f3bd286fe774ee2b91ac63d281523e80b2a8a063bc
13eafced6e4d89ca730683b212509d3efb57c6a8b75503cb02b66fe3352ce370
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
15489bb6f46021bebd0fedd4fef40981361ec05da79884da97f998dfe3c4690a
15efe884a76072948bc24e51bb71c97960947c15e13d5c0caed0c600a7b25d4f
16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19badffa5d1c4fb2bd91af06baad8e12aac3f3a3fe97a858aa3cf9ef4fe55b5d
19d59e7a9a61e8fd7988ebd75ffdc85be3a2d5b629ad4c1ce81be185c91c8776
1afeb9a2d9a01296c575126784a1d2ab736334ac419227c76be847640f9354b8
1b03dae61d613604b3d41d61cc4bc2e05f19bd27c7ff2638242f9036f2b8794e
1c0486acafe63a074adbd08ecc9cad99ee106f3701e2b93c2a75533774f7faba
1cdb22fd145f0de9b180551fd7537af3cd67bf81892575cdb048398a2f7469ed
1d21c7c4a5231e2baf41c4c0f580cd87bb0536d8feb0e20be417870875c99963
1fd0242a43338471c8efcd2a81e73160b8c59e92f4f8f1c0874bb306b1750423
1ffd86065331558a0f07e413e3fdf5b6ef81334321427ab741d76ec73072199e
202c1177a5a885ae2eef47c9cc8836dc157bb6f9c8665367156657b5c26f5ba0
222784481f1e7af61f83fa54e7d594f02fd6a61ac0e139cdf33c90a7b0fb5909
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
23b7d97e49b583ca2949e8ef9a5b2badd67db17614d6e0934848f66d39d1dd17
258d0f7e74adf5b87d1973806350e48c14038ce5fe58723add1c0e28664d504d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25fc6dc7859527d4f4e05ae9f3cdb49c0f53aaada64d00d63cfc727a9b25ed13
274928f2bf62780b9b7e9d27705d30ed9647c4243ae6a0abf1fa53fc1b6c1989
27543bc198b1d9cf4d4c57ed9b33d22dd336d6222bbd4276f198f0d90eb5807f
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2
2895e5ed5c744e60706d7b9ca2659c79555abd6a8a876b547b82bb89299fc6a3
2a9264617bb426759645b999a0f8f10f4df1bb52a848f084f7f8b19a64ec221b
2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2fc9836e307baedc942bfd04ab9c695b20e8e7f60b74287def9d35afdb0ead57
301905656407d5c7cc47f4c3f2bf4f83992e4e76c74de2262576555fce5a1ee9
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
30e803abeaebdfe344b4c2ab06dac344d5e9ca947cfd73c9dc5d97061b1e622b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
321412f90dbd945fd109249ded4b28c181d0c525689c6528adc2cde73f1723f0
32355f3e016ccddfe1d09b584c311b0bdee34fb0234673422e465e1c439b36a1
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329c63d1e60592a56dbb383ce4d1281d543cd7615ecaa0db98ffb5ef154ef2c8
333fe8266952f16c8b686f3edd78293da28e6eaef314dca86bc4eeaa23f290e8
334b09328822f102c9634c24ad9c79a174600e9f0287cd9679ec30ee7b6992f4
34fa76fe6fbe2df439a2f59f0b51c7fb760add093267cdde7fcb63c625c3a0e7
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
3563447ec7acfe08507fa9f659f667c6c09db23c523686596557db9aa96ecbbb
35bae93fd18226b379787ef3c75762af288cbef4a9f15131d0831a551d7f2fba
363228131b18acd3255a7bbc8fec09e99c09acbf006b76ff7e93b7b2e4822c84
364f5d459428d487841936e811d891cdc390d6c39c9ddae84155ff9a4b47b079
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
3895a52083e976f28951f001c0636902da776f20348b9033bd2ab27df1862610
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
392591bbc5502ea4dafe821ceda74651b94c6d6a2060f20d1f7763f7b2ae8d45
39d7b8b5392a78695a914e1ceca108c0ef344624883f93f1c872c84c8f9fc601
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d38705530099ee015a032832487d5de395e8f0b26f8f151a4c3333dee1036f8
3effab7013cf9a1b25fc76975f042ec2caef2a7726c8de4c3de934f3de4d4adc
3f23a5bc5ae61c539d06a8904fd1e8f163c225dd3bab0ae8bd55d4c4e1ef352c
3f620b8703c68bb3349639ceb405966343701f3b8c8c49ab43dfee5730f73af2
3f8c11622a31100bac89ccf1a84f9d0a41c7507b3f81b6283bd6d52feb356277
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
422adf67992face4719be5220057cd0e289f0a2cf5b95649f46824b4dc11e5f6
42685cb80fb2c3c1658a55ca7a32a0272aac5d4813f2a8f953a96956e7a3d9e5
427aad7688786d7ce77c767f69f8754f365d91b50335e650e10ab167cc54c376
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
42c61fdf651cbab3b66e4c33f61fc2b4faf14c1465b40965b66179184e8de10e
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
440ad8b1449985479bc37265e9912bbf2bf56fe9ffd14709358a8e9c2d5f8e5b
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4674982014015d670ef97af746184c54075709dd2ec9c3d98e5a77aaa458156a
4823a41de8e6d461ee1e1068116eeb58c1f46ebfc2dd81f3a00caa5f23237fed
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cba90abc310b9c015f8ed3b1e1b9cdc66f96e4e505ae0e4ad955c0b4c690a58
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dec829b0a97bc50403005d2324420c1b88d5f8c8a276646119aad84f6cd3004
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f01bde5f465a974970f4deb8af7c38064f58dd2838bbb5629f4af5a6c98c626
4f2a608843d8eea79b40b728b3e769ab1a8e9c0948e4beae2c6bbc3ff4762d2a
4f2c88ebda2def185a39ff203e21a510d87cb9f226d1b582da4e949cb1b670f8
4f442072c1ef763d3fedb0351e2bf7f3d10f470298939f776f333a91704151d7
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
4fa646a4dbc10513ddeb70561789483638faf456e15186f4eb7291c5c455cbb6
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52a37b3a78eb5b59df3bdb129b9115c6fed9bec6ca62b55ae56d8c2701de5972
52eb5cd34d6c335b53dba09cade6cee960f5461bf1d926ff56456887ded02a00
539c4305345ae029c4d091fa168bab0beb4c10ea58c7d55551eda4cf9adf1fec
53fb898f253fcce714825dbc8fe4f72976148d64c788583a3d592e3950f66036
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a3c5018d25fe8bcec8b1c6a3ad360da607335e0c9929baca0d598d351f232c
5583284eb51d3f64f12549aecd945a507767a346545f18185bd0fe185d05e47e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f971875358b14d062cae2ccc8cf74be548ea05a1f902ddd2f3cb32ace808d8
56cea3f2a787719669b410f3f06a8cebda7aa41cf6a74318aa0c4e30a9085336
57b39ce0f85a918c2b80b5ff26068f39e6bae8b5d8ab648aa7ac9c85f3722bc9
5869f0c593906d75adb43be255e3ff630ee7ab3530e6df6d2179f764548f93a9
5985c6ffbe2e559580382863d0d754228d1d1fddc77425501f02d781c4387346
5a10e8865fd881cc22a110c827bcaf70d541adb0908a6d54b650c47878937e6e
5a8495469faaa41a4ffd046646ab9ac451effad6b9609eb870c758ae138a4dd9
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d2343d7f04e50d2434f97b92ce2c85ab606a4027991302ca0c949cc96f25de2
5e5a7ac5e4046ab95319db3d5190cecfdf97b36afd10b7f5ff054b70fb76188b
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6053703697ae93ca885bf2fa5f4d8bb7749d33f66fbf3bd907f76631062d697d
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b8f799f2392c47c972c08a1edf728b4b2fc70c24e363ffb6820f820441a20b
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
66e324493b6a145a004d03c0548370be06c879ef95e8072ff8247d0964b26499
679d4e1c3deae5fe7f53f50bbd5c7295386301b73c6e86c6ad089d32fa304fa8
67dd481ef95f765eb130abbf6979b0cc00119705bf66bc945d07a2ccdd216a71
67ef0ad06789a0c4d738a7d2cfee597946270caba8f576a6e15fe04e57cb4f6f
68002d1756ab74bbd8c95d977ff8af585ab56706e59b0524a56a9788acf8e482
690d50a20cd5d3476bf540ca7d585f3b21f33b09bcb3417656cb65680e3e2d0c
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6e4c7f45987f5b5e2e4a0addcd924e736312fd3b2c42f7bcd41feb242fcf721e
6eb33e62d6eb9c5aa4f83bfdaa83107008ebe0e141bd1e325d480263acb963d9
6edd6bc557357686027ec87100f74028b783002bccb55e51e98c938a57c86dff
6fb32d6fba55de8e11cfe5aa7f2ed7c7307660a3561579e04ac86f5cf6ba251c
70818de63f12149a5f69b63b38ef22c8dacd86943a50ec86c2a2f5998a40fccf
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
70c44a9df364a5e5779a64d3b6bace4a0939ad6649859f59e30d4df5bbfbf7d6
7102703e5700aa0201a24b32c645b7aeaeab25d59bc09c47b38b3e03c6766ef9
713a5085778002ac882de664c065bc7a55a26c6091d12c39a038bac7b70dcf45
7255a0ff175fc2330ee58fb2e55efc5edbc54d2f4546220b7b639c1fe601b443
7290d8841f7cf5ed56801d04a06a85072f4e5e00134b3661d9c04e868ec696c3
729cfa84928e7a87a4a4551df25c1406da86af8f0ebd2f579460546d11722326
7520bda9576b519df3561d67722d95bea0bfb8f644b8b83b38b663138d62cd68
75651e75d59ca341853730936c76682a23cd606627fc841da998620c1fa247a1
75f71b77b1f99075cfa78126ec000ad63229746e0fd551c7211e896f85fab1ca
76f0625f80d5b3ae0a4a46be6ecb29f9ee9e1739f21e8ca0b43c6bbca1c28eab
77db9785098e09345f7de193f32ff66a6901ece220cd21f3e1d084363896ca81
782b3e0ef347e8dd5cc8c2171ae2141abe5e9f30557628af80dc6a20d2bd77d7
78b3519a6545e58792b0654f9decf50ce4bed53495dc5702778dd3f8e885bb59
78ca3a647dcc8a33fbcf0220e02e5e9cf7f82bea3b12ce94f2d84a827a7037a2
78fa78ab739875887f362717df8b42a0c07cda9bdc32e24fffe6f1da17afa817
7901832bdbf86ab967f1f757ec809c1658b13e40abc6db786dfe133fa76cb055
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a4a63c52bdfab0ab459b1b77dad4a4ce4e1f7dfdfdba0b2013ba32f0690e15f
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7e215946bc900a609be673b93af021cdddac93c351284ab9f27172716da3514c
7f7496a1a6d7efd31274d5b6b58e30257632f3d707ca2db0358857bda06b539a
8166e4935ccfdeb2943cc8585351c54131f82d1e9ef0433ac42e9cc194e1ccca
81f4bbc53b2273575a51e074e8784a6454ff234cf5f124f52b6903099bd91bbf
8780dd70e86e81cae7b6e3de2b8d3cc4616d5e36643ca63597fcbc654c4bbab0
8846f096eac51b82d5c321314f506f25f299ea349814604e45c5e21bdb046f4e
88e5866ecf18f2e1bd7cbd7238a4e0ff503db5667a1212d40115a615376d1dcb
8974ca819840398ee32f8ff2f5551b21968f17cc6eb040bae452bdbbd82d2459
899c78c4aa4d073a5ca140c39575eccd446e383820bbde6c7894d6511bbf183c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dacacec915f3ee1ce13f81b29a42029be9cc520cb1d2c516995d0bb05f6f5ba
8df7667db11a1cbae8ba0332258e0d3da3c26d2bab794bdcf8805df869482200
8e401b056dc1eb48d44a01407ceb54372bbc44797d3259069ce96a96dfd8c104
8e974b6ae4f0e09293655569f14af299bd59572ce397d0f9546df10eb89b671d
9013a9ca40a672ee35978b117e54d8b342cb591e8951f599a2b6dfef9d9fa723
922ddaae6c0ebbc34c45e0d8c02aeecdeefe9bf8e5b20e041f7286371905cfc7
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
935a3dedf56a63b7ae889aa5c8d090135428a8e2d5a40d756120d87c7daa38ea
93bde517dcabd16f3aa4ddf851b124d0e32519d313224c04d039c7920e3183c8
948190a15ae7d94bc1d62d16316370c5365c520310b32a4e3719a93d9a05f78f
9562e67b97f96f4f008179b61f9fcc006620c32307cec3ad9fe2e6d0b58378e3
96a8324c423c890ff9754a76b1ab4c9e08f85b586aff09132e703847df3523bd
970b0e57a42832a8cc80af7f61f493ae2d73a8bf6b122e39ade1311e6e089944
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9deefb74205ed15e2dc639867adae8e1f804ac00e735a6a7e948f7f33d5281d6
9e1dae23d3ad3212f67d09ca79a50003c32953c36bab976f634c9b38d8a8c6dc
9fa72a41206d10617054ef8d06898a6b49f18aa80703f1c203ac880f64983fc2
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a5950c0c5ca80c85d524deccd4d0b2c34d3567ec90e568e670fcd858cf6a2ead
a65634ad828e4cc58a93b42d6b27e9f8c45782545e72640a85bd6d41574a86ca
a66da3004ab7904cb4abc086d932fde6720e5db5ae6acc974e48fa3b16d69ab0
a73196bf6fa5a7622db1c693ef0bf3693fb2d4bd78839626ec8456c11ba71a34
a75625bcb8b2f8a5639ff1506332ea4e38e004b77adc00091a33baae1b25b41d
a75f04c5bc8994196e9fe7f02718d1e61ffe0f99ea4b0410fccbd2fd7951d521
a93f78df4ad9497b5572e41249c7b7d4b09363e578310fef1bf17d3f18ff14ce
a97d688e7c8d57e612cc4f2aa9b178f8d4bd3da083af25fd634be351222e1906
aa3f803b6bc294d9d94bb022b546d95348bd22272c5b3dee7dc1fb08927c1d9c
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac6a18772b37bd25e8c8fcb93b22548a5f7d295ce5cb2adf57f466dda4c255bb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aea93023a2d274263f6101924a63becedad2b7cbd5053606e9198f979d3e617e
af09083ec6c480dde4512723fb4c9452dda5c6d3ca064badc03fa55542c07393
af775583ea19948c74a6d6ac7269448b4a65d249fe451f77b17166e0e627d8a3
b02e88fd9517be25d7e992a8af15798a422e594e8914b7f278dd3e94bd626d42
b097fc471c067f5960fbf018f38f1e00396bb71612d79be26976b8f18cf8da26
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d2e598746447f4a54c87810caebfd512c8240bfc199edede0c8777e07b8cb8
b568e5aaca6785004d4fc5aca50de28bc83cd11c68982954c6f7873a6c4a95e0
b5f581484f223d0306f2dc2ac483caf931b3537787df2e9a8cc0592d64a45cab
b64313d40139589a6c42cf655401d32c197bcb58934798e4513bcbea6eb8e396
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b7b1ce83c9dd97cc02e41747ca249670957b6af2bc274a5423cf2877996ed547
b7d84a9a6e7e0f7fc0677ab1d113605a021f2dba8418120287b46864f0d89b6b
b7feff50b45f6c2a51cfb7f7f7b1d68f8179e0e6a5942d261eb69396b874e7cb
b933c7861a4827b1f97757ed577f74eabaaf5cbb3b433449b5d6480b753f1680
b9a7d8a200923afff7e873c8a767e7854b5b936ff1f14981d424454832a44296
badfa074305e76d87a0f35cae2add583b7fd4f8b5bd922b14cb595d1376ed593
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b
bc0175b93f999309cd46e83e04376c083c5088c56f7349f97d15f46539ed369d
bd113bf16c8248ed5f35534237857f87f43acdc099257ec1a7f2656f05011b63
bd18e405cbfb6fb5c27224b38e792c8b6542d9b7eae37aa5883808b69392dcef
bd6decebc89f978d993068f4994b61fdacfebf0f972414e11843f5399363e3c5
bdac2745964474b4fa61f6a4fd05dd41f378473fb1387332c589107baabe2d41
bedbc35c46946b75378bc6f313a7e879ed7bcfeafac2d0f65346094613bf85a1
bf16183f8806dbe3a30453399b18c28def5d4acf9826fab5149812fb6a324aa9
c0b1c3c6995c24eabd1a6fcc4f00523e022b546cf1fa4fce6c30d04763244d1b
c19c5264bcf2703ddbb4f5da702a480d4b318ec374e8078d01ba16e1f3c6d83a
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c35120d0268808fb40a53787c20c3a398e1cd1dde2426c3b1f83f00308ec85fa
c3871a07937613600d1003f707c3380700180ffbbb0aeeb56901bb5007e7abd6
c44a5670a47fe3a6a3800fc9d37a9ca5cb4337706d65c7b73b4e23ef359b6e91
c53c02aa1aa5ae620776307e63a7a76ea60c53b58981899d86d85b3c154b72b2
c8398e3a12c77db0695fb66a0b180d4492ccfe268435a59abdb9a056bbbf92a8
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
c97100b48405d4c87585e3872be079434d03dd1bdda05563a257d22a85957055
ca5a691ea0a5a7485c48827ef56c36cb4414693c72ef5f6a0067e5c9d3e00261
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbb295c31cc22395174ac1691d4a5a7e63a890323a941af98c7ffebe85fd9878
cc2a604a1e6f73444e8db5d749a64c62899943e68ad07feeee39050b4fdb32cb
cccf612ffc64a3afd3a2dc91d3a0f3d87a174807c3bf1b3e0d085af34fa6983d
cd5045feb326715cef412711171595c01ac62afdaefb1de315f170b96cd18144
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d1fc7ff024d262b4a77b3c840996c8736fa7bce2bfed3338d7a01e33e7f3cff0
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d3eca65aed0066b29374be412ca4a64abd6070d77cfa3a6cc30b710f5e6208bf
d440a124fcffc3e7e1587a280221fb52d989969e041420c759ca4395a854abba
d4b6686371b616551a8660e8ccb104224e2466ef91853ee69c0e1a212ff32423
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d67c0937d3e83180de80fe7acfa1903276f193f83a6845b069f87bd4b4f4a831
d6b1feac9e5bf407012a3fcf906271073e1e8dece1ca415c400510f604bd6f09
d6e181c17a48b71bc532a1260e427a201c105d8475f802e75bce3781f9398abf
d709d1a1a12f372cbd746fb29638bbbe4e88a256998da13c8c859a7fd6a29f6c
d766dfc45ab20fc94bcc3f46dd8215e2baef8b1dd02466a650c1ac88f4dee802
da70372b2f4dcd9a1a4058bf3c46989c9ba4edf359d9c982cd2cb2b8e4858188
dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384
dd7a017dbcdafb17fa65cedf64792e1f11b91fa1dc3f079d8c918101797d04ff
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de43c959bac4dc95ff19d7a48dccd5de3a5e40ec26162b21ade159c182365b3c
e19ff24b75696e9906de7e3fb216caa47f4587e16e2be5952d4ed621ddd7203b
e2c59efc225f8f4c764df3d92f9aaa6ac25e22b787aa96b24c2e188f02418b08
e33299037d93b04eec33ecdc17b0531bf9fbf3aa40f06c1718fcda322d00394d
e342968dd46b0a9f1122f545e5d5edfbb3f6f68e3d18b2db6a4783c01d4024c3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40392e86c82f3bce196182c21ed8467cca4aea225e451db8fd16ca727fa52d8
e4dd3bb15ae6492d5ddff59e08075a6023463b82cfe6c284470fec0d86fe52ae
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e6e9523c85d37bb7c9677eb459366fb81a650df0ecfef5ab6e661dd18bbdaacb
e873e49bddadb10f21d5fc6713e2f59c21a4b1e0b3fc539caa82fcaca870ab1c
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb8af542ba20247fbbb6ffa6735e228adca4f317d7a1f0f5a60a1bb2942323a0
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
eeba6a113ffd1115c3e7b7eb7b28889130ebe4e51c6f556957c88e5a6babb072
eefd62bfe6d0ad2f3f2b7bddb8f2c46d7c8b6ed4897e3f9309968a58dc078753
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8256ebd363ae9c97363df9c6bf91e2d52f6a898b19cb0a824d1ae2dbec7f94
f073976e40047e8fe5aa8c9499780d4570f4ff249d16a75848d1a61631e18c4b
f0be4ffe665fae3c4d967e3c26cf94ef58c9b44e659e2b62a87750b4654fe157
f182e9af89b104eaeceb40e923e37c9f0fee9e2f205e4bd88c2819a18a093444
f36c6a626a123c7de8f76abd40df8233e96dcf259ef9a98d03eb57bf18d27d3f
f3a1fd8266856287b3f458f6b1624b8369d1d742d14fe682d5a59170aed5cea9
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3d8844038cdeee3708a5737c008aa2df6b3b01d23abfa337535b8368bba6f41
f45c30e27274a675e8a922f3ac1aaf61fc23bce57e6b0b751a381c851f39be48
f4c0a510f9a9b12132334022a3ac925eed43a78e6c72f39f1359b4634958b1aa
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6842643014e102f22bd79ad19e74fcf1b79468706512a4e78e1eab7d6c8e884
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
f98cd4afcd2d9e3f26332d83b533ce7b62fc8c9dc93900588a1a897ea1f8c5ae
fa97af6b6b0f6968b5ac1aa45a051ac24641c87d4b6ce4d2636e3fb3b8480cc7
fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678
fc3e4edfb15709a4c3a9bf3a7d2cfb9a9cc7f97ec9ae5a38d1587d2f7edd6fd9
fc4bc292c56d1936dd14ac852eaa70d42eafdf94c36bfb98e2320d6687181c50
fc90f7695ae76c37b7a10f81466d81112d495fe65b6bb5f22f38bfe23275e914
fe22e680a8ee7639ce8d61b2b4e3b6b84e9627c88fcf285a41e410e77ef31f8b
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

www.j-hero.com Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

499 Requests

91 %HTTPS

36 %IPv6

50 Domains

82 Subdomains

66 IPs

11 Countries

14398 kBTransfer

34035 kBSize

37 Cookies

4 Outgoing links

Page URL History

Redirected requests

499 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 19 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.j-hero.com Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

499
Requests

91 %
HTTPS

36 %
IPv6

50
Domains

82
Subdomains

66
IPs

11
Countries

14398 kB
Transfer

34035 kB
Size

37
Cookies

499 HTTP transactions
19 data transactions