giveawaybot.party Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://giveawaybot.party/
Effective URL:
https://giveawaybot.party/
Submission: On December 31 via api (December 31st 2023, 8:34:07 pm UTC) from US — Scanned from NL

Summary HTTP 191 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 27 IPs in 7 countries across 32 domains to perform 191 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is giveawaybot.party.
TLS certificate: Issued by GTS CA 1P5 on December 28th 2023. Valid for: 3 months.

This is the only time giveawaybot.party was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::6815:501b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
7 26	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::201b	15169 (GOOGLE) (GOOGLE)
46	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
4 8	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
14	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2 4	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
2 18	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	52.57.164.72 52.57.164.72	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	3.123.94.79 3.123.94.79	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 3	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.158.179.1 18.158.179.1	16509 (AMAZON-02) (AMAZON-02)
3 3	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:5c9b:2a11:2441:222	16509 (AMAZON-02) (AMAZON-02)
1 1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
191	27

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

giveawaybot.party	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

giveawaybot.party	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:501b (United States)

ASN13335 (CLOUDFLARENET, US)

img.shields.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 7 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.dialogflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.164.11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.185.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.164.72 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-164-72.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.94.79 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-94-79.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.182 (Sweden) 3 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.179.1 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-179-1.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.5.133 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:5c9b:2a11:2441:222 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	784 KB
44	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	305 KB
19	gstatic.com www.gstatic.com fonts.gstatic.com	290 KB
14	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 storage.googleapis.com — Cisco Umbrella Rank: 287	104 KB
9	giveawaybot.party 1 redirects giveawaybot.party	126 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	515 KB
8	google.com 4 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	2 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 560	2 KB
3	de17a.com 3 redirects d5p.de17a.com — Cisco Umbrella Rank: 4497	923 B
3	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	310 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	297 B
2	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 711	140 B
2	blismedia.com 1 redirects tr.blismedia.com — Cisco Umbrella Rank: 1618	569 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 818	2 KB
2	dialogflow.com static.dialogflow.com — Cisco Umbrella Rank: 42455	3 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 714	389 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1771	296 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	717 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1226	204 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428	587 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 686	731 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 749	463 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 49153	608 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	538 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	82 KB
1	shields.io img.shields.io — Cisco Umbrella Rank: 41084	927 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
191	32

	Domain	Requested by
46	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
26	googleads.g.doubleclick.net	7 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
24	pagead2.googlesyndication.com	giveawaybot.party pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
18	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
14	www.googleadservices.com	googleads.g.doubleclick.net
11	www.gstatic.com	giveawaybot.party www.gstatic.com googleads.g.doubleclick.net
9	giveawaybot.party	1 redirects giveawaybot.party
8	www.googletagservices.com	googleads.g.doubleclick.net
8	www.google.com	4 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com
8	fonts.googleapis.com	giveawaybot.party www.gstatic.com googleads.g.doubleclick.net
3	c1.adform.net	3 redirects
3	d5p.de17a.com	3 redirects
3	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	match.adsrvr.org	googleads.g.doubleclick.net
2	id.rlcdn.com	googleads.g.doubleclick.net
2	tr.blismedia.com	1 redirects googleads.g.doubleclick.net
2	pm.w55c.net	2 redirects
2	r.turn.com
2	ad.turn.com	2 redirects
2	storage.googleapis.com	www.gstatic.com
2	static.dialogflow.com	www.gstatic.com
2	www.google-analytics.com	giveawaybot.party www.google-analytics.com
1	onetag-sys.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	d.agkn.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	img.shields.io	giveawaybot.party
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
191	39

This site contains links to these domains. Also see Links.

Domain
github.com
twitter.com

Subject Issuer	Validity	Valid
giveawaybot.party GTS CA 1P5	`2023-12-28` - `2024-03-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
shields.io GTS CA 1P5	`2023-12-31` - `2024-03-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
devsite-sni.developers.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://giveawaybot.party/
Frame ID: D0903CE64BC5AC440C87243578AA91F4
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 70E5CE1B4FAAC31991F065C3CA6BCA8B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&adk=1812271804&adf=3025194257&lmt=1672713655&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054842827&bpp=5&bdt=212&idt=180&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7245805957596&frm=20&pv=2&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=195
Frame ID: 5870EBFBCA578E8029E92FCAE4919F6F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=238524979&pi=t.aa~a.4253654230~i.27~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2
Frame ID: A34C262B84C7378F847DCA28103CA9C7
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=3227553192&pi=t.aa~a.4253654230~i.31~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=3&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=4
Frame ID: 83E314DC1853B9484BD83ACC19BAF0E9
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=78745041&pi=t.aa~a.4253654230~i.39~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1471&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2557&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=6
Frame ID: 9C2E0B5979D78EE4C22EAF8312DCAC7F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1672713655&rafmt=1&to=qs&pwprc=5495611743&format=1200x90&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844094&bpp=1&bdt=1478&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280%2C750x280&nras=5&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=2
Frame ID: 630E10615A48BBFB76DCBB9976B4B41C
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=60&adk=273762757&adf=3083609282&pi=t.aa~a.1066642098~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1672713655&rafmt=1&to=qs&pwprc=5495611743&format=1200x60&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844094&bpp=1&bdt=1479&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280%2C750x280%2C1200x90&nras=6&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=4
Frame ID: 3C943754E03F81A7A90FEE96AB056FE5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: C1F399EF37E220060654DA39517D6D60
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 4E0FB9325D0E38E574E6D5F11CCB4F42
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8F811F434D05EE02C84C633179D86DC8
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 26784BD49E655E3BA74810A566FB98BD
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C1526ECC1D6E2F1E4A7369ADE7AAE168
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 572C851AAF1BE2F079EA8F9682854FE7
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: A517D3F11976410772C72B9ECADB632E
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8EF2890C20F087A2C5E7B0970ACCCF7A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B719D93F2AB47DDD28D942126D855728
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 616B12719C118C03C97F791B4A1049D2
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6E8AB29FE0C1CB9AAEFB27825EA04448
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 07BF9525818D6836006F4DB0417037BA
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 669E8F462A4DA476B5DC793A45015989
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E294A21525BDB6538295447162EFCD04
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: E2A7FE90250B8158C393A019AEB41A86
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: D1B5EB7866E4CDB58715B34DDC229266
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 28DBF644481CDEB0BFAC79E813E59CC6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: F91F2A9519CB825981EC1FF3A7034995
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 16DA4CBEBACB3C26306A6B3594F64B79
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 6A49A02C5029BB55EAE1175F3C0114B9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A8E97659AD5E5C4C59BE6B6F2C49BC14
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: F5D4BE6B887EED2A7CAD7CF27E8360A3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 369232826712CAFF1DDE0631BD7FA56A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GiveawayBot - Discord Giveaway Bot

Page URL History Show full URLs

http://giveawaybot.party/ HTTP 301
https://giveawaybot.party/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

191
Requests

88 %
HTTPS

53 %
IPv6

32
Domains

39
Subdomains

27
IPs

7
Countries

2234 kB
Transfer

5960 kB
Size

27
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/jagrosh/GiveawayBot
Title: Github

Search URL Search Domain Scan URL

URL: https://twitter.com/GiveawayDiscord
Title: Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://giveawaybot.party/ HTTP 301
https://giveawaybot.party/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://googleads.g.doubleclick.net/pagead/adview?ai=CBdmpPNCRZbWyB8mA1fAP-umJmA6f1ev6dPXhztP_Ee2O_MIDEAEgvsmBHGCRBKAB9-KbtCjIAQKoAwHIA8kEqgTRAU_Q7FodPdwQtwQbSIXe3nAGdjWVaR4q3bL7d0QCIkaExEngJeND5PFMrjirNKkREGhzFbo0U4c0LS885_oAGPBURe8YTCwfH1jGomDAHtIqceksqiGobexekxeToolgIK1TxC3YgGdKmKduJB0g05Xe6-mYsdc24rBdi-NF6r1Hqj4SkJihs9h2Jy4nN6fs1sDCtM-CkO6TIx9KaJJsasmyQQrWLzfnlfZ1TRTvdTsZ3jkJlDhxZUxJqYySnIBEBAYAswrASdjwV0vHOO71oH3bwASk77rlwQSIBYKir-lMkgUECAQYAZIFBAgFGASgBgKAB_ea7JMDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQz6ED0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljxo6X9wrqDA5oJOmh0dHBzOi8vZnJlZS53ZWJjb21wYW5pb24uY29tL21pbmltZS8_Y2FtcGFpZ249MjA2MjIwNzAwMTiACgHICwGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbEC2BMN0BUBgBcBshccChoIABIUcHViLTg1MTI0MTE5MjU2Nzc3OTUYAA&sigh=pVVqtnTJ-bc&uach_m=%5BUACH%5D&ase=2&cid=CAQSPAAvHhf_DiQ0dK2GB5Twlfs4TD_TcxYVEdH1ZKvFHbCdcse1PIv40WUKiMqIRO_0UBY46es3ebBmdbTTlRgB&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222726406360682746370%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2212-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223095934636581869905%22}&andc=true

Request Chain 101

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHj9In0soL2XxSHeeA-ytOs&google_cver=1&google_push=AXcoOmTK5k46bgzQ48c0irTYSVu2w__TN3jHW3C4kjlaik335E-JQReCUOYFc6eq9ebZSxXIqLgntw5swS5N4HL9YRpHjD6Bl4T5fw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjMxOTUyNzU1MDI2MDYxMDM4Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL2zq0louqMjqsFVNDQ0Ls8&google_cver=1

Request Chain 103

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOhxZJrnSkiK8K10vN6O5z0&google_cver=1&google_push=AXcoOmTF0gCBG5Mmt2cY_7bRoIXgM8D0nZGePKX3DKTZApuO1462GFiOojfvIrnMssRDpofoGLDz4v1IuCjvJt7Gd0hm2Bu4S_VwBA HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOhxZJrnSkiK8K10vN6O5z0&google_cver=1&google_push=AXcoOmTF0gCBG5Mmt2cY_7bRoIXgM8D0nZGePKX3DKTZApuO1462GFiOojfvIrnMssRDpofoGLDz4v1IuCjvJt7Gd0hm2Bu4S_VwBA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VlJVclk3MzkxUmsydnk1&google_gid=CAESEOhxZJrnSkiK8K10vN6O5z0&google_cver=1&google_push=AXcoOmTF0gCBG5Mmt2cY_7bRoIXgM8D0nZGePKX3DKTZApuO1462GFiOojfvIrnMssRDpofoGLDz4v1IuCjvJt7Gd0hm2Bu4S_VwBA

Request Chain 104

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDutFKTwGTlt4CTmDvWHhLY&google_cver=1&google_push=AXcoOmSUXBgaWfmxh46P3cQn5X5FepGRkZSoH80VlgTmSFOQRT1bFUtoKt5c2V8WB9lZP5BHRqsUnJDC_i1qhfshJ8sKbjQm4M_4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDutFKTwGTlt4CTmDvWHhLY&google_push=AXcoOmSUXBgaWfmxh46P3cQn5X5FepGRkZSoH80VlgTmSFOQRT1bFUtoKt5c2V8WB9lZP5BHRqsUnJDC_i1qhfshJ8sKbjQm4M_4

Request Chain 105

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECSCXFzg34zpYUocdQSX2NA&google_cver=1&google_push=AXcoOmQzQSY4foPgeVhwGatwJe0P83NU0BfCOfgUihS5aHS59N7huz831AKZ12Fh-mwyPkMzXsiSTxQO4Bm_qTgME4miDD9mQ_gx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQzQSY4foPgeVhwGatwJe0P83NU0BfCOfgUihS5aHS59N7huz831AKZ12Fh-mwyPkMzXsiSTxQO4Bm_qTgME4miDD9mQ_gx&google_hm=LiDOHJ3LQg6dgeKASKjDOUQ

Request Chain 109

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 117

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 124

https://d.agkn.com/pixel/2175/?google_gid=CAESENyXJ0KMSwGrlQcwLMsSCkU&google_cver=1&google_push=AXcoOmR3Pb6mLUXPfrGNpQowU938I3LbsXn1EdYIBXunHtvXkR89i1ZC8zCRgpZApEfI6_QGG4q2O-UGNilIV80bioIOPadkO-gtHg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmR3Pb6mLUXPfrGNpQowU938I3LbsXn1EdYIBXunHtvXkR89i1ZC8zCRgpZApEfI6_QGG4q2O-UGNilIV80bioIOPadkO-gtHg&google_hm=Q0FFU0VOeVhKMEtNU3dHcmxRY3dMTXNTQ2tV

Request Chain 125

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPz9Xrhzm6tBZMhDdt1zCRo&google_cver=1&google_push=AXcoOmSFZFdqIPgZnFT_ExWhxdvT6acWJvYgg8J9cCyVFf2CTUF8Ik2hqn1ITI_rp2UTqvhuD4ccioSON-cvyjHafNPH3GWIYEZSvho HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxODg1OTgyNTU4MTg0ODcyMg%3D%3D&google_push=AXcoOmSFZFdqIPgZnFT_ExWhxdvT6acWJvYgg8J9cCyVFf2CTUF8Ik2hqn1ITI_rp2UTqvhuD4ccioSON-cvyjHafNPH3GWIYEZSvho

Request Chain 126

https://d5p.de17a.com/cookies/google?google_gid=CAESEDSRory7181pNpfc3esZL08&google_cver=1&google_push=AXcoOmSdhZSr56eP_Wf2Rn90gzd0mqGlcvgxY2OHw54YUiAo2h82gpl2HG39Ri6LO67oPeBJXu5KeYUJP_GEBFz9T5uatiFtaHk_JJI HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDSRory7181pNpfc3esZL08&google_cver=1&google_push=AXcoOmSdhZSr56eP_Wf2Rn90gzd0mqGlcvgxY2OHw54YUiAo2h82gpl2HG39Ri6LO67oPeBJXu5KeYUJP_GEBFz9T5uatiFtaHk_JJI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSdhZSr56eP_Wf2Rn90gzd0mqGlcvgxY2OHw54YUiAo2h82gpl2HG39Ri6LO67oPeBJXu5KeYUJP_GEBFz9T5uatiFtaHk_JJI

Request Chain 130

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 134

https://googleads.g.doubleclick.net/pagead/adview?ai=CDWQtO9CRZa67A7-v1fAP-fqSoAq59_jjdNyQ0rbzEdLNnLHoDhABIL7JgRxgkQSgAbqmocsDyAEBqQJBaUj1GoWyPqgDAcgDywSqBNEBT9Bj-RYizz6XQb35fBGCF69rgVjEvZw5B8tdBT7fcdxtgHMXjU3nEkPJR2LONTbow794Cksrqp6ZxQYZLhhziTrLIDOvajlwvtZdGdssn0Gl5pR-2eywVa_tlDmsvfuow8tWfyKeggr2EZnWPm5jsl0_R_QpzFOi8q0OYInKx9cQXtJzvm8evMRqfGHDoxzyPjderyaOsyNEZOeBwbanwhQnEZlcwjJ8s4oB1Qb-yrWydQT4DlRgBQ3FzPPv4xnN1YOvaxgrzsiZ6sXcO9G_fk7ABI_Rn8_CBIgFpqqE2k2gBgKAB4zkhjWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCYlwbSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WNqe5PzCuoMDmglSaHR0cHM6Ly93d3cudW5pdGVkY29uc3VtZXJzLmNvbS96b3JndmVyemVrZXJpbmcvP2NpZD11Y19nb29nbGVfem9yZzQmc2lkPWJyYW5kaW5nMoAKAcgLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtgTA4gUAdAVAYAXAbIXHAoaCAASFHB1Yi04NTEyNDExOTI1Njc3Nzk1GAA&sigh=beQMPdhI3Js&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_B44uM6GwBXL6uXXlWF-N1GA5t3G00KK-htRhzFjHQHyNb7yaCIS8gq_MkRfdbg09tD3k12BouvB45_T3820xEf7jQAo5okvra0QYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212292960651354172256%22,%22debug_reporting%22:true,%22destination%22:%22https://unitedconsumers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22963138362%22],%2222%22:[%22true%22],%224%22:[%2212-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212165205118338330993%22}&andc=true

Request Chain 145

https://a.tribalfusion.com/i.match?p=b6&u=CAESEAKQB2DyG0wdR-RRh5Fod1g&google_cver=1&google_push=AXcoOmSOQsSPhiTzSWn1OIYBIs_qg12ptmXXG21Lp-a-UwvTK-GbGqDORGeCdX9eCKWgXuknGzz3zAhc5jIgqvFoXgTztmW3tA18&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSOQsSPhiTzSWn1OIYBIs_qg12ptmXXG21Lp-a-UwvTK-GbGqDORGeCdX9eCKWgXuknGzz3zAhc5jIgqvFoXgTztmW3tA18%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAKQB2DyG0wdR-RRh5Fod1g&google_cver=1&google_push=AXcoOmSOQsSPhiTzSWn1OIYBIs_qg12ptmXXG21Lp-a-UwvTK-GbGqDORGeCdX9eCKWgXuknGzz3zAhc5jIgqvFoXgTztmW3tA18&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSOQsSPhiTzSWn1OIYBIs_qg12ptmXXG21Lp-a-UwvTK-GbGqDORGeCdX9eCKWgXuknGzz3zAhc5jIgqvFoXgTztmW3tA18%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 147

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEGR5fJUxRCr5NtoZM8zWTSM&google_cver=1&google_push=AXcoOmRmKsgpHUeW_Ql_nvCg2glvU_WUgACb7Roc8XBDYVmu-NYcuWHJQ6lBHqWOKqLxr_UDlmSr_N9BeAT8IDPodWrJhCp7Jkdp1g HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRmKsgpHUeW_Ql_nvCg2glvU_WUgACb7Roc8XBDYVmu-NYcuWHJQ6lBHqWOKqLxr_UDlmSr_N9BeAT8IDPodWrJhCp7Jkdp1g&google_hm=hmWR0DyIlYYJMVGaRA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6591D03C8895860931519A44BLIS

Request Chain 149

https://d5p.de17a.com/cookies/google?google_gid=CAESEMHot2gyc-Y2gL1F_wXOwVE&google_cver=1&google_push=AXcoOmTh6WK9vE-uiVRuMxW_UPLnFAJo9PsWxDLdXhvAOd0B1vJ1J7UkCfFYbxyxew3_GgUS7zm7YJOUN2Uf24PULaeYNrcTBAr9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTh6WK9vE-uiVRuMxW_UPLnFAJo9PsWxDLdXhvAOd0B1vJ1J7UkCfFYbxyxew3_GgUS7zm7YJOUN2Uf24PULaeYNrcTBAr9

Request Chain 150

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEC6d8YB4nZbTV59izSxTaFg&google_cver=1&google_push=AXcoOmTG32HJfW8PN6U37uB-c-QkLtccZLKgx8AMX-qhrwnALMRVtj-ecMU_igNXhPuYmWxFVd5Hkq2TGmQMbcwdVrytSoHur1bpJg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEC6d8YB4nZbTV59izSxTaFg&google_cver=1&google_push=AXcoOmTG32HJfW8PN6U37uB-c-QkLtccZLKgx8AMX-qhrwnALMRVtj-ecMU_igNXhPuYmWxFVd5Hkq2TGmQMbcwdVrytSoHur1bpJg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUwNDA4MTM2MTA1ODA0NzkyMA&google_push=AXcoOmTG32HJfW8PN6U37uB-c-QkLtccZLKgx8AMX-qhrwnALMRVtj-ecMU_igNXhPuYmWxFVd5Hkq2TGmQMbcwdVrytSoHur1bpJg

Request Chain 152

https://googleads.g.doubleclick.net/pagead/adview?ai=CTbOWPNCRZcykB7rI1fAPmrGH6Auf1ev6dPXhztP_Ee2O_MIDEAEgvsmBHGCRBKAB9-KbtCjIAQKoAwHIA8kEqgTXAU_Q-hMD49ps-i_Hnfgswi4I8O3O78G_Cu770EdnigGGAtsf3sq9ilVc2AwoW76Id8hG6HCu8zmiw4QGtSrkH1MGb22go9ecPy6ePaSNw9WyMdQWgf89D04n4Goq1qOjAdoO5YWj5rcqnozoMJyysRjREf72joDmtgk_iY8V1BTVv9cKPIfA_i3816Zs2vZ30BATqWqLyXdftryNYNC0WvVUC6scOKeiJaJBbQVa27VU-CygeQmlxCOF2xLgmILd4Cp-d78ZGwss0EA63QpuLNGn0WWUbWf1wASk77rlwQSIBYKir-lMkgUECAQYAZIFBAgFGASgBgKAB_ea7JMDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ0t0C0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljkl6X9wrqDA5oJOmh0dHBzOi8vZnJlZS53ZWJjb21wYW5pb24uY29tL21pbmltZS8_Y2FtcGFpZ249MjA2MjIwNzAwMTiACgHICwGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7EC2BMN0BUBgBcBshccChoIABIUcHViLTg1MTI0MTE5MjU2Nzc3OTUYAA&sigh=AlbUdp6Se8w&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_vUKn6vDv6DpGxeh5ksb313EQ0-ueyNwlFqrz9ulR46kvWM3Ipw4lw6a6YjAWyTLb4BE017eFGAE&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213945888261362019512%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2212-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222475919381613770881%22}&andc=true

Request Chain 155

https://googleads.g.doubleclick.net/pagead/adview?ai=C89StO9CRZa-7A7-v1fAP-fqSoAq59_jjdNyQ0rbzEdLNnLHoDhABIL7JgRxgkQSgAbqmocsDyAEJqQJBaUj1GoWyPqgDAcgDywSqBNABT9AoIf21OMlXDZZBSXOAQmaujUO5USavC6XwVNIGdFYX8GxfKC0OBGd2Vx8wQtbxyKKBHqLJBram_bZJB4eok-i4PMLoj5Qdp93mgcGqWeWjY3ZnOAYSPefvwwFw7GwtXaks-1KwJuPYHupkCtey-6UbJKkh5gj90pevqGE45lenxSS8_8oS8Xt_KbwNMg4FJdxg4YXqmG8nQdd2hRJE6QxsL6Lz5OhZ5oPoOLmeHZIJEsXNCW3RjTG8cvZjeMoS94ci_HWF0PHKLxsk_8H88MAEj9Gfz8IEiAWmqoTaTaAGLoAHjOSGNagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEJDeA9IIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY2p7k_MK6gwOaCVJodHRwczovL3d3dy51bml0ZWRjb25zdW1lcnMuY29tL3pvcmd2ZXJ6ZWtlcmluZy8_Y2lkPXVjX2dvb2dsZV96b3JnNCZzaWQ9YnJhbmRpbmcygAoByAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECuBPkA9gTA4gUAdAVAYAXAbIXHAoaCAASFHB1Yi04NTEyNDExOTI1Njc3Nzk1GAA&sigh=vteXVCnNvRo&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_B44uM6GwBXL6uXXlWF-N1GA5t3G00KK-htRhzFjHQHyNb7yaCIS8gq_MkRfdbg09tD3k12BouvB45_T3820xEf7jQAo5okvra0QYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217447619125063466587%22,%22debug_reporting%22:true,%22destination%22:%22https://unitedconsumers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22963138362%22],%2222%22:[%22true%22],%224%22:[%2212-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227995638522979376753%22}&andc=true

Request Chain 156

https://googleads.g.doubleclick.net/pagead/adview?ai=CyozXO9CRZbC7A7-v1fAP-fqSoArtm5r4dLjI7fXGErrKv4GxOhABIL7JgRxgkQSgAZXq7usByAEBqAMByAPLBKoE0gFP0ONZlBl5FLbZ6stgdL9H8u4qIdeksb7n9-8D9WOyPgwQy4pdxn39zQPcjPm1FquHKLHQAHl-B2EtTUCt9Z4OwxmSu4M4fJCJroUalUIwuNxE17hhbid9s-OmuRUqpLNvpg0NrkDNQStf-JitRwLOWByzBaivR5Cj4c3_VOt6T7dH10eNFg29GZsjno9FvIwmkNhGtOw4YueoBjN0WYIZ_IsQf8t71h2SVhG_NuKDfWKSGjQsKuoDL1Yqq2AG0rSnRp81QzDW236oHamS8WIcksbABIT1tZzPBIgF0-3o5k2SBQQIBBgBkgUECAUYBIAH05WRlAKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDZlw3SCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WNqe5PzCuoMDmgl_aHR0cHM6Ly9ub3JkcGFzcy5jb20vbm9yZHBhc3MtYXV0aGVudGljYXRvci8_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1jcGMmdXRtX2NhbXBhaWduPTIwODg1MTU3NTg3JnV0bV9jb250ZW50PTE1ODcwNDk1ODA4NIAKAcgLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04NTEyNDExOTI1Njc3Nzk1GAA&sigh=1kV4CZQ4LDg&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_B44uM6GwBXL6uXXlWF-N1GA5t3G00KK-htRhzFjHQHyNb7yaCIS8gq_MkRfdbg09tD3k12BouvB45_T3820xEf7jQAo5okvra0QYAQ&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221140696039417937686%22,%22debug_reporting%22:true,%22destination%22:%22https://nordpass.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22494646549%22],%2222%22:[%22true%22],%224%22:[%2212-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215860753181116781297%22}&andc=true

Request Chain 158

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 161

https://googleads.g.doubleclick.net/pagead/adview?ai=CsjSVPNCRZcCUB-KD1fAPjoqF-A-f1ev6dPXhztP_Ee2O_MIDEAEgvsmBHGCRBKAB9-KbtCjIAQKoAwHIA8kEqgTRAU_QQLpvhf-rhIEYFY3_5rtigl5qLFdAdnQgimcroMBLTIWs-gtGfywPXtj_8cw0IQNdfGV3novYr10dzPaIdyZvrSivW0FYia92Vo3EbKnlUCZcFVhvxuPd_xskE4TlTFEQgTGtbcYKfuI9wztB1w5FOt_Q0GCO6FkKzcefNZrwusxS8148RT7Yi6zjlr3bVOasmjBgiijcUz-3RAmiCyg0iiSXmyvWsVWhp8XlO3kCv31mFxbGWR-x92_qlnOOAE3Z9EK1nTct4O8y4wnqG-L8wASk77rlwQSIBYKir-lMkgUECAQYAZIFBAgFGASgBgKAB_ea7JMDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ0PkC0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlikhKX9wrqDA5oJOmh0dHBzOi8vZnJlZS53ZWJjb21wYW5pb24uY29tL21pbmltZS8_Y2FtcGFpZ249MjA2MjIwNzAwMTiACgHICwGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbEC2BMN0BUBgBcBshccChoIABIUcHViLTg1MTI0MTE5MjU2Nzc3OTUYAA&sigh=KvqJSriApLc&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_llaFKSiNxI6THbVvKWy3rth-5scx4cMG9qDoJwvlpDwFG64rxV6GFNat6ox8jwzda3M5BkLGGAE&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223505659321736941833%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2212-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216449442758356176705%22}&andc=true

Request Chain 180

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEL2zq0louqMjqsFVNDQ0Ls8&google_cver=1&google_push=AXcoOmT4gRrIYlV-0YNDYMfozdfV4w_dGHxC1gI3c3SezpnTcZ1gCC5uST2UUDGEtEMSTmB7o6I2lcqKKo0CUpOis3Kjqg6NmVI5Ut0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjMxOTUyNzU1MDI2MDYxMDM4Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL2zq0louqMjqsFVNDQ0Ls8&google_cver=1

Request Chain 181

https://um.simpli.fi/gp_match?google_gid=CAESEG8ZzfSkj1Ap6alGiPplLvM&google_cver=1&google_push=AXcoOmTetw2_o2FAL0MJkqSQeayWcjytVqC3456aWWcEnD5itORCUXmkUrjyHXlLNmLrwEo2VCIyV_SGB-UxNTW_Yd7OpTid9KQmRE0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CD48F73700C24F45B58E9A5DE1A4BA58&google_push=AXcoOmTetw2_o2FAL0MJkqSQeayWcjytVqC3456aWWcEnD5itORCUXmkUrjyHXlLNmLrwEo2VCIyV_SGB-UxNTW_Yd7OpTid9KQmRE0

Request Chain 183

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMoOXLiEcAExLIX4vJVXcns&google_cver=1&google_push=AXcoOmSK-IzgsKON-AUUkh_EAmyHX9Shj4-YO30MBoxTfO-ZurVQIS3bErsKHnlEHKH_1aAT-BWprbjw6SJFN52dqRGFehAnDETtApNU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUwNDA4MTM2MTA1ODA0NzkyMA&google_push=AXcoOmSK-IzgsKON-AUUkh_EAmyHX9Shj4-YO30MBoxTfO-ZurVQIS3bErsKHnlEHKH_1aAT-BWprbjw6SJFN52dqRGFehAnDETtApNU

Request Chain 185

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEUG5K-xlBwW-Wr8K8mImYw&google_cver=1&google_push=AXcoOmRDRFDMg3yUiSuQEkV1q6x3V3vd8DHQDFxFcRMXa_EOtWm9mTTS2gvWyBgijxGY0w6OZybih9Pcl0z8gGU9NKkN9-bmqFGqNGw1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRDRFDMg3yUiSuQEkV1q6x3V3vd8DHQDFxFcRMXa_EOtWm9mTTS2gvWyBgijxGY0w6OZybih9Pcl0z8gGU9NKkN9-bmqFGqNGw1

Request Chain 190

https://googleads.g.doubleclick.net/pagead/adview?ai=CW3TIPNCRZcnCD8DJs8IP3LK94Aq59_jjdNyQ0rbzEeK3jPG-ARABIL7JgRxgkQSgAbqmocsDyAEJqQJBaUj1GoWyPqgDAcgDywSqBNEBT9DjIxI14C5n8mSDy90pGfF-bfRHxAxtmDdh6MmlqksTUIOpg5m3R_QjOtYTO24QlDJ5kkGeVjQzR8X8z8xUThh3sjdXrC-vG7zUH2hauTX2NrHYrUUWZvheVSUgf8bNVD2RHXyJq5OCsuOYGt-7P-XT28b1djYyTIfst_At_BlWkziqBC7vOBTNZ9KoOz6M2ezrroh2nHxhQhWfTLR4w2xlfj0vUWDO33FdiT9u5qKEeTBuTtSARoote-iS-ZPElnZ9pExKglLmzTGq5IKzk0LABI_Rn8_CBIgFpqqE2k2gBi6AB4zkhjWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCQ3gPSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WJ3Qpf3CuoMDmglSaHR0cHM6Ly93d3cudW5pdGVkY29uc3VtZXJzLmNvbS96b3JndmVyemVrZXJpbmcvP2NpZD11Y19nb29nbGVfem9yZzQmc2lkPWJyYW5kaW5nMoAKAcgLAaIMECoOCgzktLEC7rWxArW4sQK4E-QD2BMDiBQB0BUBgBcBshccChoIABIUcHViLTg1MTI0MTE5MjU2Nzc3OTUYAA&sigh=xD7BunABNgM&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_9DiFFyD55NqtCkRB27JURCEFvAJuGyhWWdN7Wi462BSQnUHUD_HuQ1XV1PF6FdgqKgnnALFJABgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226584509383162524667%22,%22debug_reporting%22:true,%22destination%22:%22https://unitedconsumers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22963138362%22],%2222%22:[%22true%22],%224%22:[%2212-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22610857946440132353%22}&andc=true

191 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
giveawaybot.party/
Redirect Chain

http://giveawaybot.party/
https://giveawaybot.party/

8 KB
3 KB

336ms
292ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://giveawaybot.party/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2f415a12b7288203ce7732113afa5f1f5e66225ca31fe588a152928398cb28c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 83e54d0c88dfbb41-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 31 Dec 2023 20:34:02 GMT
expires: Sun, 31 Dec 2023 20:43:27 GMT
last-modified: Tue, 03 Jan 2023 02:40:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKT%2FzUHnHvKwOd5GwrvnYMEvsE0YibjadaiqZqKLY2LTd2uJWQRnO2RUxQiqL%2BG1OZBuq3cttCyyE8ovyrjYNJrhO%2BBiDnBbQJOdN0Zjef5n2khJuIMPk0HngTy9IiKGbLvMXkyAiKQx46FLcIsXug%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-github-request-id: A6D6:609B:199DCB1:21AEAAD:6591D03A
x-proxy-cache: HIT

Redirect headers

CF-RAY: 83e54d0c1fcf1d96-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 31 Dec 2023 20:34:02 GMT
Expires: Sun, 31 Dec 2023 21:34:02 GMT
Location: https://giveawaybot.party/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQirAK6xysH6lB157p%2FuYw5w1EViAauFO5xPtWXDxgAhSC62x%2B67HiUAfnMGpXvl%2BWapm6njZNUjbbHVEY1Oy9E7bOgAs1du1N%2Bx4vs45NEUKE7KhB2VTAHP31s%2FI%2BQfBNnyviO83TuqyLo8gt9gyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.min.css
giveawaybot.party/css/ 120 KB
20 KB 330ms
329ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://giveawaybot.party/css/bootstrap.min.css
Requested by: Host: giveawaybot.party
URL: https://giveawaybot.party/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sun, 31 Dec 2023 20:34:02 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 03 Jan 2023 02:40:55 GMT
server: cloudflare
x-github-request-id: A002:8029:326D5D4:40FE50B:654EE606
etag: W/"63b395b7-1deac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7mY4FWiacdO3%2F%2Bq1SBQBZSwn%2FxnXyvifol54PSqmmd2gL52kW6iyjHQhpgeBpRFtW4Rrd75RL%2FEsRneecO6sjyiu%2FlNWU9ncdw%2FpuDiTym39ewXvacARnVRlOWxML%2FALNCud9DcVrGko8a0hKRWyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 83e54d0e6afabb41-FRA
expires: Sun, 31 Dec 2023 20:42:30 GMT

GET
H2 200 custom.css
giveawaybot.party/css/ 8 KB
2 KB 329ms
328ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://giveawaybot.party/css/custom.css
Requested by: Host: giveawaybot.party
URL: https://giveawaybot.party/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3df3e9c13a518a3ff8049f27bfad9968d9e37e46cd796cb21ea544a8a61b9c3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Sun, 31 Dec 2023 20:34:02 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 03 Jan 2023 02:40:55 GMT
server: cloudflare
x-github-request-id: 9228:3C9C:5330D0:6CA4E5:6566E0AA
etag: W/"63b395b7-20be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FmmkRNd3qetdTVhYU7OxzfDwx7uygzUDypVgBpotGHkNGkiOb2Ko%2BGaJju0odmOCQcIOOQM8O84OGbySKJ9zeFX%2F0FLpziQd2BLLSGi6LPVKhN08CnFoVuJb82yeUUFywdpwhRl5lk6Oh7ztp8DCnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 83e54d0e6afebb41-FRA
expires: Sun, 31 Dec 2023 20:43:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 55 KB
3 KB 76ms
28ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Requested by

Host: giveawaybot.party
URL: https://giveawaybot.party/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4692a7234b95c9908d1a9068f1bc9191815a6b1d9e3b3b84ad12ee10caaaaee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 31 Dec 2023 20:34:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 31 Dec 2023 20:03:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 31 Dec 2023 20:34:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 147ms
99ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: giveawaybot.party
URL: https://giveawaybot.party/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

848c6787ac492cb69a154fda885afb3fda61237d59b23f64296389d5012250ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51330
x-xss-protection: 0
server: cafe
etag: 5746795032337350101
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 20:34:02 GMT

GET
H2 200 giveaway_ava_epic.png
giveawaybot.party/images/ 52 KB
53 KB 300ms
300ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://giveawaybot.party/images/giveaway_ava_epic.png
Requested by: Host: giveawaybot.party
URL: https://giveawaybot.party/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc9503caf6a0836738d11e19c42868aeb68444cca98480532e1a8cdff3ce52c6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Sun, 31 Dec 2023 20:34:02 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 53498
last-modified: Tue, 03 Jan 2023 02:40:55 GMT
server: cloudflare
x-github-request-id: 634E:5F37:277CDF:358A2A:65659E2B
etag: "63b395b7-d0fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyOtwdbiyiZ08LGqOyxhR0S7U%2FVg5r%2BQY7qBh%2FBAofDI%2FRhG6f3EpbIMYVm1AttxpgPJZHb8%2FT6mXoWkbWEY5hgsLDILIczEaxZQt91nKVxW5NnAIL2d9sdFGILzVdE8w68xiTZfPnTfWvyhu4wYWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83e54d0e6b00bb41-FRA
expires: Sun, 31 Dec 2023 20:42:21 GMT

GET
H2 200 json.svg
img.shields.io/badge/dynamic/ 674 B
927 B 519ms
462ms Image
image/svg+xml 2606:4700:3037::6815:501b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shields.io/badge/dynamic/json.svg?label=Servers&style=for-the-badge&url=https%3A%2F%2Fdiscord.bots.gg%2Fapi%2Fv1%2Fbots%2F294882584201003009&query=%24.guildCount&colorB=7289DA
Requested by: Host: giveawaybot.party
URL: https://giveawaybot.party/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:501b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f5c783a9f019b292cc7a74758f3597635f45724868dfc041c41899933bd484c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:03 GMT
via: 2 fly.io
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
fly-request-id: 01HK0SASAR87EWD1M9WSN8G8BN-fra
last-modified: Sun, 31 Dec 2023 20:21:55 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8XywR4hYlK8fU3Fc4DXjvlU1XJBRdqO0bLvogzLDhgn4XJS9hdXCcM9fC1g7ue1V2g2v9tXzqv8NrpmAzztqf2DNmzThpmHD0opAy%2FHugKQrpxhjWZKm7rpjQrgvM%2BapIGDORilQQF3kUPjtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=120, s-maxage=120
cf-ray: 83e54d0ecbab4d93-FRA
expires: Sun, 31 Dec 2023 20:36:03 GMT

GET
H2 200 jquery-1.11.3.min.js Show response
giveawaybot.party/js/ 94 KB
34 KB 317ms
316ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://giveawaybot.party/js/jquery-1.11.3.min.js
Requested by: Host: giveawaybot.party
URL: https://giveawaybot.party/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Sun, 31 Dec 2023 20:34:02 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 03 Jan 2023 02:40:55 GMT
server: cloudflare
x-github-request-id: A1E0:25A0:B91462:EE12D2:65681B02
etag: W/"63b395b7-176d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVelIslYymRnJQcGlj9Kxw89b5Uc2H7XJ01pkjk3yCTED5UTJua2zinjnHP%2B3m%2FRRu4PW3K0ftJENOT2B9VvorsZdNnk%2FmSBYTJDe%2F6%2BUWNTjOAWmPW03XhrJn9QLQXR79wokSp45L8VUkvcEeCd9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 83e54d0e8b1cbb41-FRA
expires: Sun, 31 Dec 2023 20:43:27 GMT

GET
H2 200 bootstrap.min.js Show response
giveawaybot.party/js/ 36 KB
10 KB 319ms
318ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://giveawaybot.party/js/bootstrap.min.js
Requested by: Host: giveawaybot.party
URL: https://giveawaybot.party/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Sun, 31 Dec 2023 20:34:02 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 03 Jan 2023 02:40:55 GMT
server: cloudflare
x-github-request-id: 6046:0ED2:137E269:19CA09E:65697215
etag: W/"63b395b7-8fd0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k13oDX%2FAR3CCD5yLHzTOFG6eeG%2BgC6XwWexJAKQnDXUur5opGRgSLhg48QB3%2B59inqUCXgbqP3tSZyMekAlyiLYOlkfcWCX2vYhJr2zoDr5K0qeucNIP%2F9BFJWv97vqPIlddCrnnXPtkZ7%2FGWugDlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 83e54d0e8b1dbb41-FRA
expires: Sun, 31 Dec 2023 20:44:02 GMT

GET
H2 200 jquery.easing.min.js Show response
giveawaybot.party/js/ 5 KB
2 KB 316ms
315ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://giveawaybot.party/js/jquery.easing.min.js
Requested by: Host: giveawaybot.party
URL: https://giveawaybot.party/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecfc183e33d25d24aa7c06218e0a413488fff8774e4b4b87543c766db9b0b8ba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Sun, 31 Dec 2023 20:34:02 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 03 Jan 2023 02:40:55 GMT
server: cloudflare
x-github-request-id: 43B8:1426:96FD0C:C20CB8:655D5192
etag: W/"63b395b7-15bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTbfkoQNWePjtdS4pI6XsP%2BMlkKgtVaFxci5vYyOzTFdt3HCjYkFNfd3qgOCVEtnVPCBZRFk0%2FOuE%2FPlb18%2B0bvK%2BhOZDoBqopgfrPj469KeWowKs5%2BQZZIyeIAG%2FH%2F5vz%2F7ZtRNS1q1P%2B7%2B%2B4sr0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 83e54d0e8b1fbb41-FRA
expires: Sun, 31 Dec 2023 20:44:02 GMT

GET
H2 200 custom.js Show response
giveawaybot.party/js/ 79 B
552 B 318ms
317ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://giveawaybot.party/js/custom.js
Requested by: Host: giveawaybot.party
URL: https://giveawaybot.party/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aaee4d6282fe9fb122b24017bbea1e7bd5d3f2bbc1eceddd89092e3ffa913ff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Sun, 31 Dec 2023 20:34:02 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 03 Jan 2023 02:40:55 GMT
server: cloudflare
x-github-request-id: F3C0:76F8:3E4033:54BD39:656EC70B
etag: W/"63b395b7-4f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0M1KLE6Rj5i3z5VwyEVq8TMt%2FUjfNo6iD97Dkn5hSnSu3wPuv0p1SVb4lGHlrWMFlhP1SX6YCMZlyE19VVyW5CNObmhYRhRFWU9JnBNDBQfRTbztscBH7LLieDJlfH9tynRwicWoaNrWqS9XLw6%2B7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 83e54d0e8b20bb41-FRA
expires: Sun, 31 Dec 2023 20:44:02 GMT

GET
H2 200 bootstrap.js Show response
www.gstatic.com/dialogflow-console/fast/messenger/ 2 KB
1 KB 76ms
28ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/dialogflow-console/fast/messenger/bootstrap.js?v=1

Requested by

Host: giveawaybot.party
URL: https://giveawaybot.party/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dcecee0daf79c26403db79ad6cac73f864d47a47bd786d328a0bce42519265a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/dialogflow-console
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 696
x-xss-protection: 0
pragma: no-cache
last-modified: Tue, 15 Aug 2023 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="dialogflow-console"
vary: Accept-Encoding
report-to: {"group":"dialogflow-console","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dialogflow-console"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8512411925677795&plah=giveawaybot.party

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7b50d11597480f7a08d61a7a84bab29d4264343f5625023c50718bf8f079539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137956
x-xss-protection: 0
server: cafe
etag: 7460425030389379346
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 20:34:02 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 70E5 9 KB
4 KB 68ms
21ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveawaybot.party/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 76509
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Dec 2023 23:18:53 GMT
etag: 5585625838579639069
expires: Sat, 13 Jan 2024 23:18:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 68ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://giveawaybot.party
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 06:01:29 GMT
x-content-type-options: nosniff
age: 311554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Dec 2024 06:01:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: giveawaybot.party
URL: https://giveawaybot.party/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 31 Dec 2023 19:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2746
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 31 Dec 2023 21:48:17 GMT

GET
H2 200 custom-elements-es5-adapter.js Show response
static.dialogflow.com/common/messenger/webcomponentsjs/2.1.3/ 930 B
588 B 113ms
21ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.dialogflow.com/common/messenger/webcomponentsjs/2.1.3/custom-elements-es5-adapter.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/dialogflow-console/fast/messenger/bootstrap.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7034ae8d8aaa077dc02a62b5b4a0b9d0eefacc5619832a2637a9afd4ef626cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/dialogflow-console
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 493
x-xss-protection: 0
last-modified: Fri, 26 Oct 2018 00:59:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="dialogflow-console"
vary: Accept-Encoding
report-to: {"group":"dialogflow-console","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dialogflow-console"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 02 Jan 2024 00:10:45 GMT

GET
H2 200 webcomponents-loader.js Show response
static.dialogflow.com/common/messenger/webcomponentsjs/2.1.3/ 6 KB
3 KB 112ms
20ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.dialogflow.com/common/messenger/webcomponentsjs/2.1.3/webcomponents-loader.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/dialogflow-console/fast/messenger/bootstrap.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c8eb3fac2da085b9b9162f25b769e760c25fbbfbe5edd7a354def8ee0bebe6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 20:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/dialogflow-console
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2021
x-xss-protection: 0
last-modified: Fri, 26 Oct 2018 00:59:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="dialogflow-console"
vary: Accept-Encoding
report-to: {"group":"dialogflow-console","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dialogflow-console"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 01 Jan 2024 20:53:46 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5870 706 KB
121 KB 946ms
945ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&adk=1812271804&adf=3025194257&lmt=1672713655&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054842827&bpp=5&bdt=212&idt=180&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7245805957596&frm=20&pv=2&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=195

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8512411925677795&plah=giveawaybot.party

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a6fa39d03ad207cf310579ead1c40409c68135ff271a93216ace80e46bb6e2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveawaybot.party/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 123174
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 20:34:03 GMT
expires: Sun, 31 Dec 2023 20:34:03 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 54ms
53ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&id=siteNav&cls=navbar%20navbar-default%20navbar-fixed-top%20affix-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: giveawaybot.party
URL: https://giveawaybot.party/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
222 B 27ms
27ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1513025253&t=pageview&_s=1&dl=https%3A%2F%2Fgiveawaybot.party%2F&ul=en-us&de=UTF-8&dt=GiveawayBot%20-%20Discord%20Giveaway%20Bot&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAACAAI~&jid=1182946012&gjid=2027735952&cid=1229480501.1704054843&tid=UA-105328174-1&_gid=2083099390.1704054843&_r=1&_slc=1&z=1004872957

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b2ad47b98d17a6097f99c971e06f28c0330ae2739c9787ccf053457e0fe55f36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://giveawaybot.party/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://giveawaybot.party
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
82 KB 84ms
36ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PFGY0SEDN8&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d2583305cfa5b0cce1f1ae3107a98d26c3045969bb00eabe56e72423f9ac48d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83444
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 31 Dec 2023 20:34:03 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
246 B 67ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PFGY0SEDN8&gtm=45je3bt0v9107623443&_p=1704054843098&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1229480501.1704054843&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fgiveawaybot.party%2F&dt=GiveawayBot%20-%20Discord%20Giveaway%20Bot&sid=1704054843&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1034
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PFGY0SEDN8&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://giveawaybot.party
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 109ms
68ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74ff7ba85ec0c02ca3ce4c58e7f0e1ad3c534138da5c53d53471a53ea8d0ef97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12010
x-xss-protection: 0

GET
H2 200 messenger-internal.min.js Show response
www.gstatic.com/dialogflow-console/fast/messenger/ 117 KB
30 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/dialogflow-console/fast/messenger/messenger-internal.min.js?v=4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/dialogflow-console/fast/messenger/bootstrap.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c29fc696d1501f4634511d57f6e751c893aa7e24ca4ee35b5c1ad752c6b4078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/dialogflow-console
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30733
x-xss-protection: 0
pragma: no-cache
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="dialogflow-console"
vary: Accept-Encoding
report-to: {"group":"dialogflow-console","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dialogflow-console"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 113ms
113ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ceafdbaef6e2cc899acd190e4e0e0e8e9c60fd783f5b8f89c806571557ce846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56007
x-xss-protection: 0
server: cafe
etag: 12442470680831955509
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 20:34:04 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A34C 104 KB
39 KB 400ms
400ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=238524979&pi=t.aa~a.4253654230~i.27~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dedbe1d57133e944db9d37dd4334e94d104838f387b605bf6031a67c44c0acba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveawaybot.party/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40408
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 20:34:04 GMT
expires: Sun, 31 Dec 2023 20:34:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 83E3 104 KB
39 KB 319ms
319ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=3227553192&pi=t.aa~a.4253654230~i.31~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=3&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f7040e81932186066c1636c42cb75f2970d9ab0a20a9e4ef49d7a6cdf30746d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveawaybot.party/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40299
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 20:34:04 GMT
expires: Sun, 31 Dec 2023 20:34:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9C2E 99 KB
38 KB 337ms
337ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=78745041&pi=t.aa~a.4253654230~i.39~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1471&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2557&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ea55ba8dabff6483c2aa7e6031ac8cff4c62cbf6f09deb98552e45989e6112b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveawaybot.party/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38532
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 20:34:04 GMT
expires: Sun, 31 Dec 2023 20:34:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 630E 124 KB
43 KB 682ms
681ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1672713655&rafmt=1&to=qs&pwprc=5495611743&format=1200x90&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844094&bpp=1&bdt=1478&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280%2C750x280&nras=5&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1a3820a95d758012d0437979e342486e0a5d4f527f532146b7daa858e3524f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveawaybot.party/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43809
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 20:34:04 GMT
expires: Sun, 31 Dec 2023 20:34:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3C94 730 B
385 B 583ms
582ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=60&adk=273762757&adf=3083609282&pi=t.aa~a.1066642098~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1672713655&rafmt=1&to=qs&pwprc=5495611743&format=1200x60&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844094&bpp=1&bdt=1479&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280%2C750x280%2C1200x90&nras=6&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fadd7891a17b26098307d064c91bd92952a060d9ac069037bf72446f513edc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveawaybot.party/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 360
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 20:34:04 GMT
expires: Sun, 31 Dec 2023 20:34:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 icon
fonts.googleapis.com/ 569 B
439 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/dialogflow-console/fast/messenger/messenger-internal.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 31 Dec 2023 20:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 31 Dec 2023 20:34:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 31 Dec 2023 20:34:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
666 B 29ms
28ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/dialogflow-console/fast/messenger/messenger-internal.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 31 Dec 2023 20:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 31 Dec 2023 18:57:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 31 Dec 2023 20:34:04 GMT

GET
H2 200 6b63e41e-5a11-435c-abc4-0093753795e3_x.png
storage.googleapis.com/cloudprod-apiai/ 48 KB
49 KB 193ms
133ms Image
application/octet-stream 2a00:1450:4001:831::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/cloudprod-apiai/6b63e41e-5a11-435c-abc4-0093753795e3_x.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 71767aa4abe747e817c1b7e8834be570367ab9a7aaeec65947d016e5cc532aae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
age: 0
x-guploader-uploadid: ABPtcPqCd3H5zIgvuX0TbhP3pusoZF9wdgJ40ah7vvouwpJSgrZXGHlswQjCBQDBfiaO7CKQZwI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49412
last-modified: Sat, 07 Dec 2019 23:38:47 GMT
server: UploadServer
etag: "c502e251d6f858c6d7e45b0efe2e0c35"
x-goog-generation: 1575761927818750
x-goog-hash: crc32c=5ffc3A==, md5=xQLiUdb4WMbX5FsO/i4MNQ==
content-type: application/octet-stream
cache-control: public, max-age=3600
x-goog-stored-content-length: 49412
accept-ranges: bytes
expires: Sun, 31 Dec 2023 21:34:04 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://giveawaybot.party
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 08:54:09 GMT
x-content-type-options: nosniff
age: 473995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 08:54:09 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 83ms
37ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 20:34:04 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame C1F3 9 KB
4 KB 31ms
30ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveawaybot.party/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 81400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Dec 2023 21:57:24 GMT
etag: 5585625838579639069
expires: Sat, 13 Jan 2024 21:57:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 4E0F 9 KB
4 KB 31ms
30ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveawaybot.party/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 81400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Dec 2023 21:57:24 GMT
etag: 5585625838579639069
expires: Sat, 13 Jan 2024 21:57:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 8F81 9 KB
4 KB 30ms
30ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveawaybot.party/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 81400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Dec 2023 21:57:24 GMT
etag: 5585625838579639069
expires: Sat, 13 Jan 2024 21:57:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 2678 9 KB
4 KB 33ms
33ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveawaybot.party/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 81400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Dec 2023 21:57:24 GMT
etag: 5585625838579639069
expires: Sat, 13 Jan 2024 21:57:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame C1F3 4 KB
671 B 28ms
28ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 31 Dec 2023 20:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 31 Dec 2023 20:29:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 31 Dec 2023 20:34:04 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C1F3 205 B
229 B 31ms
31ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 22:18:58 GMT
x-content-type-options: nosniff
age: 166506
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 28 Dec 2024 22:18:58 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C1F3 604 B
628 B 32ms
32ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 11:50:07 GMT
x-content-type-options: nosniff
age: 117837
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 29 Dec 2024 11:50:07 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame C1F3 16 KB
7 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:54:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6766
x-xss-protection: 0
server: cafe
etag: 14924840246271906451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 01:54:43 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame C1F3 22 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 10:17:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36980
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 10:17:44 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C152 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://giveawaybot.party/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 15157
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 16:21:27 GMT
expires: Mon, 30 Dec 2024 16:21:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 572C 829 B
1 KB 171ms
29ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d9aadff25042096a6b3a99d7099db1c57b53fa6ddc89ed7e26ed91f941585401

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mqPVF4bP4GSXNyAPID5Xjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://giveawaybot.party/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-mqPVF4bP4GSXNyAPID5Xjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 20:34:04 GMT
expires: Sun, 31 Dec 2023 20:34:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4E0F 2 KB
903 B 19ms
19ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 01:54:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 4E0F 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jan 2024 23:00:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4E0F 3 KB
1 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 16:18:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 16:18:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4E0F 20 KB
8 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E0F 203 KB
65 KB 164ms
40ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Dec 2023 20:34:04 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 4E0F 37 KB
15 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 13:56:43 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8F81 6 KB
706 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 31 Dec 2023 20:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 31 Dec 2023 20:15:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 31 Dec 2023 20:34:04 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8F81 2 KB
856 B 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 01:54:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 8F81 23 KB
9 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jan 2024 23:00:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8F81 3 KB
1 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 16:18:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 16:18:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8F81 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8F81 203 KB
64 KB 186ms
69ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Dec 2023 20:34:04 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 8F81 37 KB
15 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 13:56:43 GMT

GET
H3 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame 2678 9 KB
4 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 01:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 502185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 25 Mar 2024 01:04:19 GMT

GET
H3 200 eca8f43f04ace2cb887c6c133446ca43.js Show response
www.gstatic.com/mysidia/ Frame 2678 11 KB
5 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eca8f43f04ace2cb887c6c133446ca43.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2366f8ceefa49f15dbf946bb02a4cf52b6d2999f71712d3f52e8bd5f56e1988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4745
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 22:07:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2678 14 KB
1 KB 29ms
29ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 31 Dec 2023 20:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 31 Dec 2023 19:13:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 31 Dec 2023 20:34:04 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2678 2 KB
856 B 27ms
26ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 01:54:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 2678 23 KB
9 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jan 2024 23:00:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2678 3 KB
1 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 16:18:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 16:18:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2678 20 KB
8 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2678 203 KB
64 KB 216ms
103ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Dec 2023 20:34:04 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 2678 37 KB
15 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 13:56:43 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A517 2 KB
480 B 31ms
29ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 31 Dec 2023 20:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 31 Dec 2023 18:59:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 31 Dec 2023 20:34:04 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A517 2 KB
856 B 32ms
32ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 01:54:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame A517 23 KB
9 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jan 2024 23:00:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A517 3 KB
1 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 16:18:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 16:18:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A517 20 KB
8 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A517 203 KB
64 KB 203ms
110ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Dec 2023 20:34:04 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame A517 37 KB
15 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 13:56:43 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame C152 39 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 16:18:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 30 Dec 2024 16:18:25 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/11189946938822968948/ Frame 2678 2 KB
2 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11189946938822968948/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1d6a28a2cd404ca733f771f47ffe21d0ad30f6de33126ad6ab8690f8d2aa024

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 25 Dec 2024 09:10:20 GMT
date: Tue, 26 Dec 2023 09:10:20 GMT
x-content-type-options: nosniff
age: 473024
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1705
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 14:33:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8EF2 143 B
166 B 44ms
44ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 3340
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 19:38:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6b63e41e-5a11-435c-abc4-0093753795e3_x.png
storage.googleapis.com/cloudprod-apiai/ 48 KB
48 KB 21ms
21ms Image
application/octet-stream 2a00:1450:4001:831::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/cloudprod-apiai/6b63e41e-5a11-435c-abc4-0093753795e3_x.png
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/dialogflow-console/fast/messenger/messenger-internal.min.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 71767aa4abe747e817c1b7e8834be570367ab9a7aaeec65947d016e5cc532aae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
age: 0
x-guploader-uploadid: ABPtcPqCd3H5zIgvuX0TbhP3pusoZF9wdgJ40ah7vvouwpJSgrZXGHlswQjCBQDBfiaO7CKQZwI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49412
last-modified: Sat, 07 Dec 2019 23:38:47 GMT
server: UploadServer
etag: "c502e251d6f858c6d7e45b0efe2e0c35"
x-goog-generation: 1575761927818750
x-goog-hash: crc32c=5ffc3A==, md5=xQLiUdb4WMbX5FsO/i4MNQ==
content-type: application/octet-stream
cache-control: public, max-age=3600
x-goog-stored-content-length: 49412
accept-ranges: bytes
expires: Sun, 31 Dec 2023 21:34:04 GMT

GET
DATA 200
OK truncated
/ Frame 2678 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1140401f0225d977b5ff23e40930e0d81a8eecec287a5a188a7d9ad3cf3c36a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 10395337855871828871
tpc.googlesyndication.com/simgad/ Frame 83E3 8 KB
8 KB 25ms
24ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10395337855871828871?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlFRgGI60KzjpcK9PJGkPRuuKXoPQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=3227553192&pi=t.aa~a.4253654230~i.31~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=3&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccccd5a9a53d06ced27d28e2c901ea1d843011ae279785a1d4b218ddef3c334f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 09:10:01 GMT
x-content-type-options: nosniff
age: 473043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7989
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 15:24:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Dec 2024 09:10:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 83E3 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jan 2024 23:00:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 83E3 3 KB
1 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 16:18:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 16:18:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 83E3 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 83E3 203 KB
64 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Dec 2023 20:34:04 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 83E3 36 KB
14 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 02:51:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14812
x-xss-protection: 0
server: cafe
etag: 15202890134401013038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 02:51:51 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B719 143 B
166 B 31ms
31ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=3227553192&pi=t.aa~a.4253654230~i.31~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=3&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 3340
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 19:38:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 616B 1 KB
643 B 21ms
21ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 40834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 09:13:30 GMT
etag: 48472445140208031
expires: Mon, 01 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 9C2E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CBdmpPNCRZbWyB8mA1fAP-umJmA6f1ev6dPXhztP_Ee2O_MIDEAEgvsmBHGCRBKAB9-KbtCjIAQKoAwHIA8kEqgTRAU_Q7FodPdwQtwQbSIXe3nAGdjWVaR4q3bL7d0QCIkaExEngJeND5PF...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222726406360682746370%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%...

0
0

106ms
66ms

Fetch
text/css

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222726406360682746370%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2212-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223095934636581869905%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=78745041&pi=t.aa~a.4253654230~i.39~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1471&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2557&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=6

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"2726406360682746370","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["12-31"],"6":["true"]},"priority":"500","source_event_id":"3095934636581869905"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 31 Dec 2023 20:34:04 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 31 Dec 2023 20:34:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2726406360682746370","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["12-31"],"6":["true"]},"priority":"500","source_event_id":"3095934636581869905"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 10395337855871828871
tpc.googlesyndication.com/simgad/ Frame 9C2E 8 KB
8 KB 20ms
20ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10395337855871828871?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlFRgGI60KzjpcK9PJGkPRuuKXoPQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=78745041&pi=t.aa~a.4253654230~i.39~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1471&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2557&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccccd5a9a53d06ced27d28e2c901ea1d843011ae279785a1d4b218ddef3c334f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 09:10:01 GMT
x-content-type-options: nosniff
age: 473043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7989
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 15:24:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Dec 2024 09:10:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 9C2E 23 KB
9 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=78745041&pi=t.aa~a.4253654230~i.39~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1471&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2557&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jan 2024 23:00:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6E8A 143 B
166 B 30ms
30ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=78745041&pi=t.aa~a.4253654230~i.39~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1471&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2557&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=78745041&pi=t.aa~a.4253654230~i.39~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1471&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2557&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 3340
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 19:38:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9C2E 3 KB
1 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=78745041&pi=t.aa~a.4253654230~i.39~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1471&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2557&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 16:18:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 16:18:25 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 07BF 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=78745041&pi=t.aa~a.4253654230~i.39~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1471&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2557&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 40834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 09:13:30 GMT
etag: 48472445140208031
expires: Mon, 01 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9C2E 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=78745041&pi=t.aa~a.4253654230~i.39~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1471&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2557&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 01:54:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9C2E 0
0 28ms
26ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQcJtvbTA-Bkwtz-6LmSL7DAtxt3g1qrNZmaATHhursIsmTLTmfzeYAMtmGQ3mlac9R7UGWSgYCY2m9e8waCY4T7YnEfA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=78745041&pi=t.aa~a.4253654230~i.39~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1471&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2557&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C2E 203 KB
64 KB 72ms
69ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=78745041&pi=t.aa~a.4253654230~i.39~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1471&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2557&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Dec 2023 20:34:04 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9C2E 36 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=78745041&pi=t.aa~a.4253654230~i.39~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1471&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2557&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 02:51:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14812
x-xss-protection: 0
server: cafe
etag: 15202890134401013038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 02:51:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 572C 0
0 54ms
53ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1696347455544213&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C152 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6ONVPQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ Frame 83E3 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5ac576fe162ec4b4fd8ef463ba80dd7697d9fd78af7871308297a9db3e42a88

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 616B
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHj9In0soL2XxSHeeA-ytOs&google_cver=1&google_push=AXcoOmTK5k46bgzQ48c0irTYSVu2w__TN3jHW3C4kjlaik335E-JQReCUOYFc6eq9ebZSxXIqLgntw5swS5N4HL9YRpHjD6Bl4T5fw
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjMxOTUyNzU1MDI2MDYxMDM4Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL2zq0louqMjqsFVNDQ0Ls8&google_cver=1

43 B
398 B

55ms
14ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL2zq0louqMjqsFVNDQ0Ls8&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 31 Dec 2023 20:34:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL2zq0louqMjqsFVNDQ0Ls8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 616B 0
104 B 135ms
69ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIOsEsGYF_G7Gisd2tFjdoQ&google_cver=1&google_push=AXcoOmRTTVFS7RR-VsCx2-lFfXXqcrIHfHGgPQG3lcpG5ZODFhtDuuk9pgcNxv3j4dHV6ogGHCng94RKD4wY3frddkeHSon58EKz5w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=3227553192&pi=t.aa~a.4253654230~i.31~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=3&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:04 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 616B
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOhxZJrnSkiK8K10vN6O5z0&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOhxZJrnSkiK8K10vN6O5z0&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VlJVclk3MzkxUmsydnk1&google_gid=CAESEOhxZJrnSkiK8K10vN6O5z0&google_cver=1&google_push=AXcoOmTF0gCBG5Mmt2cY_7bRoIXgM8D0nZGePKX3DKTZApu...

170 B
232 B

40ms
40ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VlJVclk3MzkxUmsydnk1&google_gid=CAESEOhxZJrnSkiK8K10vN6O5z0&google_cver=1&google_push=AXcoOmTF0gCBG5Mmt2cY_7bRoIXgM8D0nZGePKX3DKTZApuO1462GFiOojfvIrnMssRDpofoGLDz4v1IuCjvJt7Gd0hm2Bu4S_VwBA

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 31 Dec 2023 20:34:04 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VlJVclk3MzkxUmsydnk1&google_gid=CAESEOhxZJrnSkiK8K10vN6O5z0&google_cver=1&google_push=AXcoOmTF0gCBG5Mmt2cY_7bRoIXgM8D0nZGePKX3DKTZApuO1462GFiOojfvIrnMssRDpofoGLDz4v1IuCjvJt7Gd0hm2Bu4S_VwBA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 616B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDutFKTwGTlt4CTmDvWHhLY&google_push=AXcoOmSUXBgaWfmxh46P3cQn5X5FepGRkZSoH80VlgTmSFOQRT1bFUtoKt...

170 B
232 B

40ms
40ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDutFKTwGTlt4CTmDvWHhLY&google_push=AXcoOmSUXBgaWfmxh46P3cQn5X5FepGRkZSoH80VlgTmSFOQRT1bFUtoKt5c2V8WB9lZP5BHRqsUnJDC_i1qhfshJ8sKbjQm4M_4

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-ams21073-AMS
pragma: no-cache
date: Sun, 31 Dec 2023 20:34:04 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1704054845.540009,VS0,VE84
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDutFKTwGTlt4CTmDvWHhLY&google_push=AXcoOmSUXBgaWfmxh46P3cQn5X5FepGRkZSoH80VlgTmSFOQRT1bFUtoKt5c2V8WB9lZP5BHRqsUnJDC_i1qhfshJ8sKbjQm4M_4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 616B
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECSCXFzg34zpYUocdQSX2NA&google_cver=1&google_push=AXcoOmQzQSY4foPgeVhwGatwJe0P83NU0BfCOfgUihS5aHS59N7huz831AKZ12Fh-mwyPkMzXsiSTxQO4Bm...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQzQSY4foPgeVhwGatwJe0P83NU0BfCOfgUihS5aHS59N7huz831AKZ12Fh-mwyPkMzXsiSTxQO4Bm_qTgME4miDD9mQ_gx&google_hm=LiDOHJ3LQg6dgeKASKjDOUQ

170 B
329 B

62ms
42ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQzQSY4foPgeVhwGatwJe0P83NU0BfCOfgUihS5aHS59N7huz831AKZ12Fh-mwyPkMzXsiSTxQO4Bm_qTgME4miDD9mQ_gx&google_hm=LiDOHJ3LQg6dgeKASKjDOUQ

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:04 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQzQSY4foPgeVhwGatwJe0P83NU0BfCOfgUihS5aHS59N7huz831AKZ12Fh-mwyPkMzXsiSTxQO4Bm_qTgME4miDD9mQ_gx&google_hm=LiDOHJ3LQg6dgeKASKjDOUQ
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 616B 0
172 B 56ms
19ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEVBgxf6lUcW05_SavAE4f0&google_cver=1&google_push=AXcoOmStBsKoISpC_EYV8hxmmi3loAiIzx90FSy4gzmMi6RCvPXxadFEOzKqrXerqZFzDZHYEb7i_1daFAGY7SHNTheB3TZS6cXS3Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=3227553192&pi=t.aa~a.4253654230~i.31~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=3&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 616B 0
98 B 71ms
21ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQheNTqo6lP92r9FbKbtSURgO5MTtOgfRJRSWREy9ZnETyc47Jgi6faWxb7ntxyqESngAxuI9BuLSvbVUpQz1fE8WjetpoXVQ&google_gid=CAESEOBxgCADcWmvQDWTVsIizis&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=3227553192&pi=t.aa~a.4253654230~i.31~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=3&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 616B 0
130 B 119ms
38ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KJ5PG3GedWJy5v95xgRKiY-EZsYftIHzLBZ7Xsh1g0rFp494hFXPQJ_d_temCBlOAjWo2N

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8EF2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

42ms
42ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 20:34:04 GMT
expires: Sun, 31 Dec 2023 20:34:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 20:34:04 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 10395337855871828871
tpc.googlesyndication.com/simgad/ Frame A34C 8 KB
8 KB 20ms
19ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10395337855871828871?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlFRgGI60KzjpcK9PJGkPRuuKXoPQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=238524979&pi=t.aa~a.4253654230~i.27~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccccd5a9a53d06ced27d28e2c901ea1d843011ae279785a1d4b218ddef3c334f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 09:10:01 GMT
x-content-type-options: nosniff
age: 473043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7989
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 15:24:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Dec 2024 09:10:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame A34C 23 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=238524979&pi=t.aa~a.4253654230~i.27~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jan 2024 23:00:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A34C 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=238524979&pi=t.aa~a.4253654230~i.27~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 16:18:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 16:18:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A34C 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=238524979&pi=t.aa~a.4253654230~i.27~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 01:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A34C 0
0 28ms
28ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSL67cJBEiaGdZ4agJyxxVJhGgLtPdmtcYbzY9FCRtvtz98lqjVMkr-0Wy-C46qczumUfXCqEFyFTNa-NpF9uWA-uxFZw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=238524979&pi=t.aa~a.4253654230~i.27~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A34C 203 KB
64 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=238524979&pi=t.aa~a.4253654230~i.27~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Dec 2023 20:34:04 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A34C 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=238524979&pi=t.aa~a.4253654230~i.27~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 02:51:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14812
x-xss-protection: 0
server: cafe
etag: 15202890134401013038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 02:51:51 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B719
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

50ms
50ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 20:34:04 GMT
expires: Sun, 31 Dec 2023 20:34:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 20:34:04 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 669E 143 B
166 B 31ms
30ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=238524979&pi=t.aa~a.4253654230~i.27~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=238524979&pi=t.aa~a.4253654230~i.27~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 3340
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 19:38:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E294 1 KB
643 B 21ms
21ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=238524979&pi=t.aa~a.4253654230~i.27~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 40834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 09:13:30 GMT
etag: 48472445140208031
expires: Mon, 01 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9C2E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8de43842e78764ae4b4b6286813827e0eb83f52e8e5ccf2a92608ec8b0c1ea8a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 07BF 35 B
463 B 66ms
23ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEB9t-OCYC3zIBaYcs1d08fk&google_cver=1&google_push=AXcoOmStmF_GaHvSb8jxCL82ncOQhEL4ufGZQ2-LoY1XFFeifVDKh647ZQpveFSxLVi2ESgwzY6UuQQKHPPrxLrrgtb1YXZGMcYWUQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=78745041&pi=t.aa~a.4253654230~i.39~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1471&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2557&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 07BF 0
103 B 75ms
69ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBEZQagTPk3ToFdSnCQp1d4&google_cver=1&google_push=AXcoOmRotyhbEfakStzYciW5I9bRR8PlFHNdSEpTZzV7c7Gh0LZ_fIub5r4H0jC7ZRC9E7Qhfw2ctio2EjC2hEQFPXN5XhBskZaorf0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=78745041&pi=t.aa~a.4253654230~i.39~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1471&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2557&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:04 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 07BF 70 B
149 B 96ms
30ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPRtdxJdPvbECgHX4JaAJUE&google_cver=1&google_push=AXcoOmQ6M-FWHniT9zTamvOPFEjkphGcLhkQBBKDtQLBVrx8JM-kHoqik2gW_BmW9BPa337foS9sV2ju3aRnIt3OSzJSoeFaszcTUTw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=78745041&pi=t.aa~a.4253654230~i.39~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1471&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2557&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 07BF
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESENyXJ0KMSwGrlQcwLMsSCkU&google_cver=1&google_push=AXcoOmR3Pb6mLUXPfrGNpQowU938I3LbsXn1EdYIBXunHtvXkR89i1ZC8zCRgpZApEfI6_QGG4q2O-UGNilIV80bioIOPadkO-gtHg
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmR3Pb6mLUXPfrGNpQowU938I3LbsXn1EdYIBXunHtvXkR89i1ZC8zCRgpZApEfI6_QGG4q2O-UGNilIV80bioIOPadkO-gtHg&google_hm=Q0FFU0VOeVhKMEtNU3d...

170 B
188 B

42ms
41ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmR3Pb6mLUXPfrGNpQowU938I3LbsXn1EdYIBXunHtvXkR89i1ZC8zCRgpZApEfI6_QGG4q2O-UGNilIV80bioIOPadkO-gtHg&google_hm=Q0FFU0VOeVhKMEtNU3dHcmxRY3dMTXNTQ2tV

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=78745041&pi=t.aa~a.4253654230~i.39~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1471&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2557&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=6

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 31 Dec 2023 20:34:04 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmR3Pb6mLUXPfrGNpQowU938I3LbsXn1EdYIBXunHtvXkR89i1ZC8zCRgpZApEfI6_QGG4q2O-UGNilIV80bioIOPadkO-gtHg&google_hm=Q0FFU0VOeVhKMEtNU3dHcmxRY3dMTXNTQ2tV
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 07BF
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPz9Xrhzm6tBZMhDdt1zCRo&google_cver=1&google_push=AXcoOmSFZFdqIPgZnFT_ExWhxdvT6acWJvYgg8J9cCyVFf2CTUF8Ik2hqn1ITI_rp2UTqvhuD4ccioSON-cvyj...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxODg1OTgyNTU4MTg0ODcyMg%3D%3D&google_push=AXcoOmSFZFdqIPgZnFT_ExWhxdvT6acWJvYgg8J9cCyVFf2CTUF8Ik2hqn1ITI_rp2UTqvhuD4ccioSON-cvyjHafN...

170 B
232 B

41ms
40ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxODg1OTgyNTU4MTg0ODcyMg%3D%3D&google_push=AXcoOmSFZFdqIPgZnFT_ExWhxdvT6acWJvYgg8J9cCyVFf2CTUF8Ik2hqn1ITI_rp2UTqvhuD4ccioSON-cvyjHafNPH3GWIYEZSvho

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=78745041&pi=t.aa~a.4253654230~i.39~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1471&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2557&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=6

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxODg1OTgyNTU4MTg0ODcyMg%3D%3D&google_push=AXcoOmSFZFdqIPgZnFT_ExWhxdvT6acWJvYgg8J9cCyVFf2CTUF8Ik2hqn1ITI_rp2UTqvhuD4ccioSON-cvyjHafNPH3GWIYEZSvho
Date: Sun, 31 Dec 2023 20:34:04 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 07BF
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEDSRory7181pNpfc3esZL08&google_cver=1&google_push=AXcoOmSdhZSr56eP_Wf2Rn90gzd0mqGlcvgxY2OHw54YUiAo2h82gpl2HG39Ri6LO67oPeBJXu5KeYUJP_GEBFz9T5uatiF...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDSRory7181pNpfc3esZL08&google_cver=1&google_push=AXcoOmSdhZSr56eP_Wf2Rn90gzd0mqGlcvgxY2OHw54YUiAo2h82gpl2HG39Ri6LO67oPeBJXu5KeYUJP_GEBFz9T5uat...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSdhZSr56eP_Wf2Rn90gzd0mqGlcvgxY2OHw54YUiAo2h82gpl2HG39Ri6LO67oPeBJXu5KeYUJP_GEBFz9T5uatiFtaHk_JJI

170 B
188 B

40ms
40ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSdhZSr56eP_Wf2Rn90gzd0mqGlcvgxY2OHw54YUiAo2h82gpl2HG39Ri6LO67oPeBJXu5KeYUJP_GEBFz9T5uatiFtaHk_JJI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=78745041&pi=t.aa~a.4253654230~i.39~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1471&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2557&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=6

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSdhZSr56eP_Wf2Rn90gzd0mqGlcvgxY2OHw54YUiAo2h82gpl2HG39Ri6LO67oPeBJXu5KeYUJP_GEBFz9T5uatiFtaHk_JJI
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 07BF 42 B
204 B 58ms
19ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEE9UXPpLOqp1xeR-tK7Rqb8&google_push=AXcoOmSBR950PxKmNFzZ_K7OF3YjP-ppoTS28n4ZLFyydYY7aMNrUjL0Nnxc3MY46IE49dfiB3kuMLg2E-T4GFXIcTKiMqzUhXHuvfo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=78745041&pi=t.aa~a.4253654230~i.39~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1471&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2557&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 07BF 0
40 B 59ms
39ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LUgmQ1bCe5U7NaYAF0TPBdd8tnDVX4UIC8DO9vCoiEYIBGp0FGcDJpmW6nhfwjQ4LLOvO9

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=78745041&pi=t.aa~a.4253654230~i.39~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1471&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2557&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 135ms
66ms Preflight
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 31 Dec 2023 20:34:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6E8A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

40ms
40ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=78745041&pi=t.aa~a.4253654230~i.39~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1471&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2557&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 20:34:04 GMT
expires: Sun, 31 Dec 2023 20:34:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 20:34:04 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 3008341565082279097
tpc.googlesyndication.com/daca_images/simgad/ Frame 4E0F 34 KB
34 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3008341565082279097?w=360&h=720&tw=1&q=75

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

670648541bc3f988e5f4c388a8edd56bec9434ab8ca2d8be9a8fc2fe277b8182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 06 Jan 2024 21:46:58 GMT
date: Sat, 30 Dec 2023 21:46:58 GMT
x-content-type-options: nosniff
age: 82026
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34436
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 18:39:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 4E0F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3ef0cc7e370a7edcf0d8cbba95302c6e88d42aae29e48db334e9bb1c4a439ca

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame E2A7 50 KB
19 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: giveawaybot.party
URL: https://giveawaybot.party/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 456288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 13:49:16 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4E0F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CDWQtO9CRZa67A7-v1fAP-fqSoAq59_jjdNyQ0rbzEdLNnLHoDhABIL7JgRxgkQSgAbqmocsDyAEBqQJBaUj1GoWyPqgDAcgDywSqBNEBT9Bj-RYizz6XQb35fBGCF69rgVjEvZw5B8tdBT7...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212292960651354172256%22,%22debug_reporting%22:true,%22destination%22:%22https://unitedconsumers.com%22,%22event_report_win...

0
0

67ms
67ms

Fetch
text/css

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212292960651354172256%22,%22debug_reporting%22:true,%22destination%22:%22https://unitedconsumers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22963138362%22],%2222%22:[%22true%22],%224%22:[%2212-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212165205118338330993%22}&andc=true

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12292960651354172256","debug_reporting":true,"destination":"https://unitedconsumers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["963138362"],"22":["true"],"4":["12-31"],"6":["true"]},"priority":"500","source_event_id":"12165205118338330993"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 31 Dec 2023 20:34:04 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 31 Dec 2023 20:34:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12292960651354172256","debug_reporting":true,"destination":"https://unitedconsumers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["963138362"],"22":["true"],"4":["12-31"],"6":["true"]},"priority":"500","source_event_id":"12165205118338330993"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/5816357107952481036/ Frame 8F81 34 KB
34 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5816357107952481036/2076313506083323656

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0935d9558533203dbf5ab77ae74f5185006fa6181eeb277368b6b396f809d79c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 29 Dec 2024 21:50:59 GMT
date: Sat, 30 Dec 2023 21:50:59 GMT
x-content-type-options: nosniff
age: 81785
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34586
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 13:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/17210230683680310867/ Frame 8F81 2 KB
2 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17210230683680310867/14763004658117789537?w=100&h=100&tw=1&q=75

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196567916e3a9da4a425033e61db05aa7e632fd5e3b1258217dd60d2bcb5f8df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 26 Dec 2024 13:01:11 GMT
date: Wed, 27 Dec 2023 13:01:11 GMT
x-content-type-options: nosniff
age: 372773
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1577
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 15:00:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 8F81 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8F81 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1688228c44bcfebd4550aaea3cefe8e164a750ef258b0ab48840d8dd1df381ee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8F81 15 KB
16 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 186883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Dec 2024 16:39:21 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8F81 15 KB
15 KB 31ms
31ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:01:51 GMT
x-content-type-options: nosniff
age: 505933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 00:01:51 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8F81 15 KB
15 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 08:54:09 GMT
x-content-type-options: nosniff
age: 473995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 08:54:09 GMT

GET
DATA 200
OK truncated
/ Frame A34C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e90a62aca6002d619e81c671c119829ccb7c2db3fa04ca4d14654b34855064d0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 2678 33 KB
33 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 21:01:51 GMT
x-content-type-options: nosniff
age: 343933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Dec 2024 21:01:51 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame E294 0
103 B 18ms
15ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDW4VZuwQfYnDV3GbCMjw2s&google_cver=1&google_push=AXcoOmRUo9Bfu4ZRlBjofgfcCar_RlG02IQ0oqhD7hOB3IynfQCFMUDGiVriv3OhkGwW2iPRGA4vBDfUJH6shxfbk9v7Blgh6Z1fWw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=238524979&pi=t.aa~a.4253654230~i.27~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:04 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame E294
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEAKQB2DyG0wdR-RRh5Fod1g&google_cver=1&google_push=AXcoOmSOQsSPhiTzSWn1OIYBIs_qg12ptmXXG21Lp-a-UwvTK-GbGqDORGeCdX9eCKWgXuknGzz3zAhc5jIgqvFoXgTztmW3tA18&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAKQB2DyG0wdR-RRh5Fod1g&google_cver=1&google_push=AXcoOmSOQsSPhiTzSWn1OIYBIs_qg12ptmXXG21Lp-a-UwvTK-GbGqDORGeCdX9eCKWgXuknGzz3zAhc5jIgqvFoXgTztmW3tA1...

43 B
457 B

190ms
175ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAKQB2DyG0wdR-RRh5Fod1g&google_cver=1&google_push=AXcoOmSOQsSPhiTzSWn1OIYBIs_qg12ptmXXG21Lp-a-UwvTK-GbGqDORGeCdX9eCKWgXuknGzz3zAhc5jIgqvFoXgTztmW3tA18&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSOQsSPhiTzSWn1OIYBIs_qg12ptmXXG21Lp-a-UwvTK-GbGqDORGeCdX9eCKWgXuknGzz3zAhc5jIgqvFoXgTztmW3tA18%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=238524979&pi=t.aa~a.4253654230~i.27~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:05 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 83e54d1cebbb5d74-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:04 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 635
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAKQB2DyG0wdR-RRh5Fod1g&google_cver=1&google_push=AXcoOmSOQsSPhiTzSWn1OIYBIs_qg12ptmXXG21Lp-a-UwvTK-GbGqDORGeCdX9eCKWgXuknGzz3zAhc5jIgqvFoXgTztmW3tA18&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSOQsSPhiTzSWn1OIYBIs_qg12ptmXXG21Lp-a-UwvTK-GbGqDORGeCdX9eCKWgXuknGzz3zAhc5jIgqvFoXgTztmW3tA18%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 83e54d1b9a1d5d74-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame E294 70 B
148 B 35ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESED0b7Zd6Endyl0c3KlM9Hwg&google_cver=1&google_push=AXcoOmRlzvR-MzBjCWLkgEEjCFdymVIuPUedOfFMQLCKQ-gMUXm5uRuBXbx8z8CcCqgjpXKzaUD9ZKHUhonJ1gTfaRnWwyslsyB1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=238524979&pi=t.aa~a.4253654230~i.27~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E294
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEGR5fJUxRCr5NtoZM8zWTSM&google_cver=1&google_push=AXcoOmRmKsgpHUeW_Ql_nvCg2glvU_WUgACb7Roc8XBDYVmu-NYcuWHJQ6lBHqWOKqLxr_UDlmSr_N9BeAT8ID...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRmKsgpHUeW_Ql_nvCg2glvU_WUgACb7Roc8XBDYVmu-NYcuWHJQ6lBHqWOKqLxr_UDlmSr_N9BeAT8IDPodWrJhCp7Jkdp1g&google_hm=hmWR0DyIlYYJMVG...

170 B
188 B

42ms
42ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRmKsgpHUeW_Ql_nvCg2glvU_WUgACb7Roc8XBDYVmu-NYcuWHJQ6lBHqWOKqLxr_UDlmSr_N9BeAT8IDPodWrJhCp7Jkdp1g&google_hm=hmWR0DyIlYYJMVGaRA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6591D03C8895860931519A44BLIS

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=238524979&pi=t.aa~a.4253654230~i.27~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRmKsgpHUeW_Ql_nvCg2glvU_WUgACb7Roc8XBDYVmu-NYcuWHJQ6lBHqWOKqLxr_UDlmSr_N9BeAT8IDPodWrJhCp7Jkdp1g&google_hm=hmWR0DyIlYYJMVGaRA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6591D03C8895860931519A44BLIS
date: Sun, 31 Dec 2023 20:34:04 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame E294 43 B
146 B 72ms
24ms Image
image/gif 18.158.179.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGOpKWo2gMyjORWLod6HMh8&google_cver=1&google_push=AXcoOmTILRUI2Dh3dhVWlh31iOIaGH6DAH1MudPOVfCTJ8FqgQMT1IzfwP4JlXgvoHcLnSOhIT91beDGLoxvSxn5jdNsVItWNZGGJw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=238524979&pi=t.aa~a.4253654230~i.27~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.179.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-179-1.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E294
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEMHot2gyc-Y2gL1F_wXOwVE&google_cver=1&google_push=AXcoOmTh6WK9vE-uiVRuMxW_UPLnFAJo9PsWxDLdXhvAOd0B1vJ1J7UkCfFYbxyxew3_GgUS7zm7YJOUN2Uf24PULaeYNrc...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTh6WK9vE-uiVRuMxW_UPLnFAJo9PsWxDLdXhvAOd0B1vJ1J7UkCfFYbxyxew3_GgUS7zm7YJOUN2Uf24PULaeYNrcTBAr9

170 B
188 B

41ms
41ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTh6WK9vE-uiVRuMxW_UPLnFAJo9PsWxDLdXhvAOd0B1vJ1J7UkCfFYbxyxew3_GgUS7zm7YJOUN2Uf24PULaeYNrcTBAr9

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=238524979&pi=t.aa~a.4253654230~i.27~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTh6WK9vE-uiVRuMxW_UPLnFAJo9PsWxDLdXhvAOd0B1vJ1J7UkCfFYbxyxew3_GgUS7zm7YJOUN2Uf24PULaeYNrcTBAr9
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E294
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEC6d8YB4nZbTV59izSxTaFg&google_cver=1&google_push=AXcoOmTG32HJfW8PN6U37uB-c-QkLtccZLKgx8AMX-qhrwnALMRVtj-ecMU_igNXhPuYmWxFVd5Hkq2T...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEC6d8YB4nZbTV59izSxTaFg&google_cver=1&google_push=AXcoOmTG32HJfW8PN6U37uB-c-QkLtccZLKgx8AMX-qhrwnALMRVtj-ecMU_igNXhPuYmWxFVd5...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUwNDA4MTM2MTA1ODA0NzkyMA&google_push=AXcoOmTG32HJfW8PN6U37uB-c-QkLtccZLKgx8AMX-qhrwnALMRVtj-ecMU_igNXhPuYmWxFVd5Hkq...

170 B
188 B

41ms
41ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUwNDA4MTM2MTA1ODA0NzkyMA&google_push=AXcoOmTG32HJfW8PN6U37uB-c-QkLtccZLKgx8AMX-qhrwnALMRVtj-ecMU_igNXhPuYmWxFVd5Hkq2TGmQMbcwdVrytSoHur1bpJg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=238524979&pi=t.aa~a.4253654230~i.27~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUwNDA4MTM2MTA1ODA0NzkyMA&google_push=AXcoOmTG32HJfW8PN6U37uB-c-QkLtccZLKgx8AMX-qhrwnALMRVtj-ecMU_igNXhPuYmWxFVd5Hkq2TGmQMbcwdVrytSoHur1bpJg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E294 0
12 B 40ms
39ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KGkV56GqqNiVwWpwBygx4TG1UWcjSxuonfiXDYWFDA0IeTe8MzH7OuClBpgMbijU_Bubw1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=238524979&pi=t.aa~a.4253654230~i.27~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 83E3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CTbOWPNCRZcykB7rI1fAPmrGH6Auf1ev6dPXhztP_Ee2O_MIDEAEgvsmBHGCRBKAB9-KbtCjIAQKoAwHIA8kEqgTXAU_Q-hMD49ps-i_Hnfgswi4I8O3O78G_Cu770EdnigGGAtsf3sq9ilV...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213945888261362019512%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window...

0
0

66ms
66ms

Fetch
text/css

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213945888261362019512%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2212-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222475919381613770881%22}&andc=true

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13945888261362019512","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["12-31"],"6":["true"]},"priority":"500","source_event_id":"2475919381613770881"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 31 Dec 2023 20:34:04 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 31 Dec 2023 20:34:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13945888261362019512","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["12-31"],"6":["true"]},"priority":"500","source_event_id":"2475919381613770881"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame D1B5 50 KB
19 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: giveawaybot.party
URL: https://giveawaybot.party/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 456288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 13:49:16 GMT

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 28DB 50 KB
19 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: giveawaybot.party
URL: https://giveawaybot.party/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 456288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 13:49:16 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8F81
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C89StO9CRZa-7A7-v1fAP-fqSoAq59_jjdNyQ0rbzEdLNnLHoDhABIL7JgRxgkQSgAbqmocsDyAEJqQJBaUj1GoWyPqgDAcgDywSqBNABT9AoIf21OMlXDZZBSXOAQmaujUO5USavC6XwVNI...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217447619125063466587%22,%22debug_reporting%22:true,%22destination%22:%22https://unitedconsumers.com%22,%22event_report_win...

0
0

66ms
65ms

Fetch
text/css

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217447619125063466587%22,%22debug_reporting%22:true,%22destination%22:%22https://unitedconsumers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22963138362%22],%2222%22:[%22true%22],%224%22:[%2212-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227995638522979376753%22}&andc=true

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"17447619125063466587","debug_reporting":true,"destination":"https://unitedconsumers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["963138362"],"22":["true"],"4":["12-31"],"6":["true"]},"priority":"500","source_event_id":"7995638522979376753"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 31 Dec 2023 20:34:04 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 31 Dec 2023 20:34:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17447619125063466587","debug_reporting":true,"destination":"https://unitedconsumers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["963138362"],"22":["true"],"4":["12-31"],"6":["true"]},"priority":"500","source_event_id":"7995638522979376753"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 2678
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CyozXO9CRZbC7A7-v1fAP-fqSoArtm5r4dLjI7fXGErrKv4GxOhABIL7JgRxgkQSgAZXq7usByAEBqAMByAPLBKoE0gFP0ONZlBl5FLbZ6stgdL9H8u4qIdeksb7n9-8D9WOyPgwQy4pdxn3...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221140696039417937686%22,%22debug_reporting%22:true,%22destination%22:%22https://nordpass.com%22,%22event_report_window%22:%...

0
0

66ms
65ms

Fetch
text/css

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221140696039417937686%22,%22debug_reporting%22:true,%22destination%22:%22https://nordpass.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22494646549%22],%2222%22:[%22true%22],%224%22:[%2212-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215860753181116781297%22}&andc=true

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"1140696039417937686","debug_reporting":true,"destination":"https://nordpass.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["494646549"],"22":["true"],"4":["12-31"],"6":["true"]},"priority":"500","source_event_id":"15860753181116781297"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 31 Dec 2023 20:34:04 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 31 Dec 2023 20:34:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1140696039417937686","debug_reporting":true,"destination":"https://nordpass.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["494646549"],"22":["true"],"4":["12-31"],"6":["true"]},"priority":"500","source_event_id":"15860753181116781297"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame F91F 50 KB
19 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 456288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 13:49:16 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 669E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

46ms
46ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=238524979&pi=t.aa~a.4253654230~i.27~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 20:34:04 GMT
expires: Sun, 31 Dec 2023 20:34:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 20:34:04 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 66ms
66ms Preflight
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 31 Dec 2023 20:34:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 16DA 50 KB
19 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=78745041&pi=t.aa~a.4253654230~i.39~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1471&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2557&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 456288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 13:49:16 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A34C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CsjSVPNCRZcCUB-KD1fAPjoqF-A-f1ev6dPXhztP_Ee2O_MIDEAEgvsmBHGCRBKAB9-KbtCjIAQKoAwHIA8kEqgTRAU_QQLpvhf-rhIEYFY3_5rtigl5qLFdAdnQgimcroMBLTIWs-gtGfyw...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223505659321736941833%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%...

0
0

66ms
65ms

Fetch
text/css

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223505659321736941833%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2212-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216449442758356176705%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=238524979&pi=t.aa~a.4253654230~i.27~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"3505659321736941833","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["12-31"],"6":["true"]},"priority":"500","source_event_id":"16449442758356176705"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 31 Dec 2023 20:34:04 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 31 Dec 2023 20:34:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3505659321736941833","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["12-31"],"6":["true"]},"priority":"500","source_event_id":"16449442758356176705"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 6A49 50 KB
19 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 456288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 13:49:16 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 55ms
55ms Preflight
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 31 Dec 2023 20:34:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 56ms
55ms Preflight
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 31 Dec 2023 20:34:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 56ms
56ms Preflight
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 31 Dec 2023 20:34:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 630E 4 KB
655 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1672713655&rafmt=1&to=qs&pwprc=5495611743&format=1200x90&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844094&bpp=1&bdt=1478&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280%2C750x280&nras=5&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 31 Dec 2023 20:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 31 Dec 2023 20:01:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 31 Dec 2023 20:34:04 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 630E 2 KB
822 B 20ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 01:54:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 630E 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jan 2024 23:00:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 630E 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 16:18:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 16:18:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 630E 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 01:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 630E 0
0 27ms
27ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR_5qk_sackawV1zPsGfdHwfRyzjHKd1yY5qNAxD69mB1Nbc4eBFlV5L111JH_LOTUrhsagzPEkXkAdwfDYK6chkZs0YA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1672713655&rafmt=1&to=qs&pwprc=5495611743&format=1200x90&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844094&bpp=1&bdt=1478&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280%2C750x280&nras=5&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 630E 203 KB
64 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Dec 2023 20:34:04 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 630E 37 KB
15 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 13:56:43 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 55ms
55ms Preflight
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 31 Dec 2023 20:34:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A8E9 1 KB
643 B 20ms
20ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 40834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Dec 2023 09:13:30 GMT
etag: 48472445140208031
expires: Mon, 01 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/5816357107952481036/ Frame 630E 39 KB
39 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5816357107952481036/6592766407814317453

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abb52c85dbfcdccadde6651ddeb72d240e541f18d0c17c9d19d4a2d761130a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 26 Dec 2024 13:24:11 GMT
date: Wed, 27 Dec 2023 13:24:11 GMT
x-content-type-options: nosniff
age: 371393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40063
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 13:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/17210230683680310867/ Frame 630E 2 KB
2 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17210230683680310867/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196567916e3a9da4a425033e61db05aa7e632fd5e3b1258217dd60d2bcb5f8df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 26 Dec 2024 13:01:11 GMT
date: Wed, 27 Dec 2023 13:01:11 GMT
x-content-type-options: nosniff
age: 372773
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1577
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 15:00:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame F5D4 50 KB
19 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=280&adk=2508816157&adf=238524979&pi=t.aa~a.4253654230~i.27~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1672713655&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5495611743&ad_type=text_image&format=750x280&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844086&bpp=1&bdt=1470&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 456288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 13:49:16 GMT

GET
DATA 200
OK truncated
/ Frame 630E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f0c995d3a9349bc5ef33727c0834ae220d0741fa02869675f538a3810720f20

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A8E9
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEL2zq0louqMjqsFVNDQ0Ls8&google_cver=1&google_push=AXcoOmT4gRrIYlV-0YNDYMfozdfV4w_dGHxC1gI3c3SezpnTcZ1gCC5uST2UUDGEtEMSTmB7o6I2lcqKKo0CUpOis3Kjqg6NmVI5Ut0
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjMxOTUyNzU1MDI2MDYxMDM4Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL2zq0louqMjqsFVNDQ0Ls8&google_cver=1

43 B
398 B

14ms
13ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL2zq0louqMjqsFVNDQ0Ls8&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 31 Dec 2023 20:34:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL2zq0louqMjqsFVNDQ0Ls8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A8E9
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEG8ZzfSkj1Ap6alGiPplLvM&google_cver=1&google_push=AXcoOmTetw2_o2FAL0MJkqSQeayWcjytVqC3456aWWcEnD5itORCUXmkUrjyHXlLNmLrwEo2VCIyV_SGB-UxNTW_Yd7OpTid9KQmRE0
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CD48F73700C24F45B58E9A5DE1A4BA58&google_push=AXcoOmTetw2_o2FAL0MJkqSQeayWcjytVqC3456aWWcEnD5itORCUXmkUrjyHXlLNmLrwEo2VCIyV_SGB-UxNTW...

170 B
188 B

42ms
42ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CD48F73700C24F45B58E9A5DE1A4BA58&google_push=AXcoOmTetw2_o2FAL0MJkqSQeayWcjytVqC3456aWWcEnD5itORCUXmkUrjyHXlLNmLrwEo2VCIyV_SGB-UxNTW_Yd7OpTid9KQmRE0

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 31 Dec 2023 20:34:05 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CD48F73700C24F45B58E9A5DE1A4BA58&google_push=AXcoOmTetw2_o2FAL0MJkqSQeayWcjytVqC3456aWWcEnD5itORCUXmkUrjyHXlLNmLrwEo2VCIyV_SGB-UxNTW_Yd7OpTid9KQmRE0
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 30 Dec 2023 20:34:05 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame A8E9 0
42 B 24ms
23ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQxjU-MKccb0z8z3FrzppzC7ERQwllBRek1126FIOBTK0izArDdJZj0H7D68Lpt0qTFzbT0I1bfmEg0LWELf5pD-uiFGacbqLTR&google_gid=CAESEDOrHwYkiA6x1APf-xo5hE8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1672713655&rafmt=1&to=qs&pwprc=5495611743&format=1200x90&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844094&bpp=1&bdt=1478&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280%2C750x280&nras=5&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A8E9
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMoOXLiEcAExLIX4vJVXcns&google_cver=1&google_push=AXcoOmSK-IzgsKON-AUUkh_EAmyHX9Shj4-YO30MBoxTfO-ZurVQIS3bErsKHnlEHKH_1aAT-BWprbjw...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUwNDA4MTM2MTA1ODA0NzkyMA&google_push=AXcoOmSK-IzgsKON-AUUkh_EAmyHX9Shj4-YO30MBoxTfO-ZurVQIS3bErsKHnlEHKH_1aAT-BWprb...

170 B
188 B

42ms
42ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUwNDA4MTM2MTA1ODA0NzkyMA&google_push=AXcoOmSK-IzgsKON-AUUkh_EAmyHX9Shj4-YO30MBoxTfO-ZurVQIS3bErsKHnlEHKH_1aAT-BWprbjw6SJFN52dqRGFehAnDETtApNU

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUwNDA4MTM2MTA1ODA0NzkyMA&google_push=AXcoOmSK-IzgsKON-AUUkh_EAmyHX9Shj4-YO30MBoxTfO-ZurVQIS3bErsKHnlEHKH_1aAT-BWprbjw6SJFN52dqRGFehAnDETtApNU
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 trk
ag.innovid.com/ Frame A8E9 43 B
296 B 300ms
21ms Image
image/gif 2a05:d01c:1d8:8100:5c9b:2a11:2441:222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEBUoev52t0aP2TFlJZ28tKo&google_cver=1&google_push=AXcoOmTaUJoSSE4CNww-I-_F1nx3pXVJ4auHhPkxbILLGJgy2lSwpiy6aIn36dEUD1568TUVZZ2JvFD7mU1LiwKpr9odM0GOU9rb_XH6
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8512411925677795&output=html&h=90&adk=2743202993&adf=854766408&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1672713655&rafmt=1&to=qs&pwprc=5495611743&format=1200x90&url=https%3A%2F%2Fgiveawaybot.party%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704054844094&bpp=1&bdt=1478&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C750x280%2C750x280&nras=5&correlator=7245805957596&frm=20&pv=1&ga_vid=1229480501.1704054843&ga_sid=1704054843&ga_hid=1513025253&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31079979%2C95320868%2C95320884&oid=2&pvsid=1696347455544213&tmod=912350139&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:5c9b:2a11:2441:222 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 31 Dec 2023 20:34:05 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A8E9
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEUG5K-xlBwW-Wr8K8mImYw&google_cver=1&google_push=AXcoOmRDRFDMg3yUiSuQEkV1q6x3V3vd8DHQDFxFcRMXa_EOtWm9mTTS2gvWyBgijxGY0w6OZybih9Pcl0z8...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRDRFDMg3yUiSuQEkV1q6x3V3vd8DHQDFxFcRMXa_EOtWm9mTTS2gvWyBgijxGY0w6OZybih9Pcl0z8gGU9NKkN9-bmqFGqNGw1

170 B
188 B

41ms
41ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRDRFDMg3yUiSuQEkV1q6x3V3vd8DHQDFxFcRMXa_EOtWm9mTTS2gvWyBgijxGY0w6OZybih9Pcl0z8gGU9NKkN9-bmqFGqNGw1

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRDRFDMg3yUiSuQEkV1q6x3V3vd8DHQDFxFcRMXa_EOtWm9mTTS2gvWyBgijxGY0w6OZybih9Pcl0z8gGU9NKkN9-bmqFGqNGw1
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET googleredir
googlecm.hit.gemius.pl/ Frame A8E9 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A8E9 0
12 B 39ms
39ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KTc3KGKwLkM_rL7xXGkp3PvJY3DuYTjBISg9UwE8xm7tyOj3_fds5s48tXlxf70Eaboe1WOw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 630E 15 KB
16 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 186883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Dec 2024 16:39:21 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 630E 15 KB
15 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 08:54:09 GMT
x-content-type-options: nosniff
age: 473995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 08:54:09 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 630E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CW3TIPNCRZcnCD8DJs8IP3LK94Aq59_jjdNyQ0rbzEeK3jPG-ARABIL7JgRxgkQSgAbqmocsDyAEJqQJBaUj1GoWyPqgDAcgDywSqBNEBT9DjIxI14C5n8mSDy90pGfF-bfRHxAxtmDdh6Mm...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226584509383162524667%22,%22debug_reporting%22:true,%22destination%22:%22https://unitedconsumers.com%22,%22event_report_wind...

0
0

66ms
66ms

Fetch
text/css

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226584509383162524667%22,%22debug_reporting%22:true,%22destination%22:%22https://unitedconsumers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22963138362%22],%2222%22:[%22true%22],%224%22:[%2212-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22610857946440132353%22}&andc=true

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:05 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"6584509383162524667","debug_reporting":true,"destination":"https://unitedconsumers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["963138362"],"22":["true"],"4":["12-31"],"6":["true"]},"priority":"500","source_event_id":"610857946440132353"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 31 Dec 2023 20:34:05 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 31 Dec 2023 20:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6584509383162524667","debug_reporting":true,"destination":"https://unitedconsumers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["963138362"],"22":["true"],"4":["12-31"],"6":["true"]},"priority":"500","source_event_id":"610857946440132353"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 3692 50 KB
19 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 456289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 13:49:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
56ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1696347455544213&bg=!4uGl4a7NAAY3kmNgF5I7ADQBe5WfOO5xAH6qsgNGvC_3yezIEmgCkQ7R9JFxjQ97PvHsm8B5nLNroGZwEi9CclKSsKXGAgAAAExSAAAAAmgBBwoAgMWFUU7pEI9d86ljPi3Hwux7hJLjf_E84d3V0IxeQ_Rz52Qs9fdxESCbG1A0Vai9lR1e1IExWLiR_VjEFkHCkhxsqMMYzXBIyzjbp_bJ0EYbt3sW6k1UwOzwuzfJIQM2oALHZNQdfRpcFkxR43k3lHbvgkK1M0eTwhaps_Z_blDNmQMHM0RCeF3rL_uELCVekwNxZJ_NIKXX9o_RkRPs2At--sY6S6ylKE3C03aRn4vmCXlvLae-SJUfgrrBy98jttvb7w7-ggOwAkr4GD9B6UO2fAwMBqzK-5VTHh51i5ZRdd9jUCbSKwU37Kd09Loq3kPEazeXqLLgIFYeg-aySW1p72mYUla04DiaWO3ts8Lw4CS_ixWnZjai28KKdrjD3HbSgwTi6T7hPNvLRLjhhZNm9ijPI-id7NSh1EWnO4UvpaROrYC8LrLE_ovUl-wmHeLu32BJ-U8gYQv6kd8GCJfxqMsKKsY8W8jtZwK9pkbEmb4pDxq6PBLzaRsWdDccKa7Gio8SZ9hTtK5DQ0LQYLQ_dpDWaMMAqjpYLEveyIVsSGOM3sdXV-YQXDJVSa0PqlusLCtILRB7SavPuHNujAouMEZwOQd0zIep33CA5p9sgqWKmYKw7hc-YBBEJ-kvNpcvWVpUAVDYTJaJaNbXNlPPQa8tGfly4oaeNDKjyNooN_FmI6_wRtqyLs6RW_Hd8Edf6JHNkkjYvF_GRff_aabR03hA08uVQS2UmjPpje7kvgjAUHvpChVjM6fLLrghD1HS5HXYFyuqVCI4Qg24Ev_yQTgyJRGYIsx2FbICxcIkBBftH7pY1rpWOvBK_5g6I-tXtbgYK13Fog9XX8k1fFdQ4vWyBwp-7SSw3X_6Kb9l79h35HyLCrLSlq3FoDkpQ8LtRWaiwVmexPGRM-_HqHF1Jt_OFu6y0HQNR7c6EwNc6TpcDlyjpZvq1-tsHCXTIQGEFFrTaPFRnPMi4a5lKICf99zKsLwU84m7zHOXRXQaE7Mggj0j2EjURY2-gdtfzfY4Lk-Zd5o0e5KTHRnB-BdtB-jGE9MADY4R8Lw-xBoFcZFIB4ZY2QigTY8gmm5HFKlQOHcT1brV6QBxlE9QTEuIUK5iSZt3Y3OxkdV-gKdDFPExtPmpBuwGAb0X0zjBcP0RAVS5JehgI0pAC-ObbaiY1imIxT8inUfq7mOfILkcQjD9pd5JYNxcxg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://giveawaybot.party/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 55ms
55ms Preflight
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 31 Dec 2023 20:34:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4E0F 42 B
64 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzVpn93_J57da7Cjwy_FGEhzr3GUY--il7syYp-Pi_ktHSnFUOKbZyOzfkwi84EelUEK3hCxjVarvYjy2Ir8GQq5H_S-ymCWS3HsMCHUNItL47FnF_XOk0TTeFO1ehilkyFYIIodU9qxUz5FWv_ON57CpbOAn0PqNBNUOHoyAenzNhXamdMKATzRSz-85Kycrs2tgf5IC3ksG6iSB4hlpujzZlmvdm8xlr3jd8Wo5VBBjEqMzDV8y4ypSyCLF3yQu6kjjQV56m2ZDjqlbih4g89jL5PXxhXuuES6axB6puqN0U35e3YaavFdLWIOQU9Na20c6Q3UeusVCeVNPK8iJtmy2SDHEmJg_yvRQBuMvb_xoH9DH5Wjm0mc_yKrKNhgDx4sQQI3hSrvEM_MVn9TZTpQ45vuzajLhjnH3hc-Pll58U3ijkCMervBb9Yian_iNnZotWvjRJjTn9LIXcEAuW_LnhBqt0cIP0LkBhGFrV2jeWkg2aX22XoGfJaLsvKBDnHNWj2N-plXRQOf50X4Tfu7BeaHvO4YOstRMON-AkO2Qx4v0Jr3AQd0GoNIUKu0IrVUL7dxPhfoHLd9Oz3XK7EUqU4U2GpvN7uysKEglz8xb8AlQp4TjJgzwX1fwhwDTZ-H7_28e5Jr84Jzi6TAbALEgcisd_xTvizFnnyn9MYrCtvpURvK4kW2QmwQyy8Tt9ZbxdnX2fZ_YHe0g4dW0leD4WdPO9OIXtJVxCcpGXIRUGc9QYcZbfqr_ZF5dEWLSxYxQR9-wxzwkGs1uxXYZfR-QilaMHjZ-tuayKnsmVWKp6s8gHjDoMNZxAfcs_PZL9U_z8i-EnQ3zhahk_oGNfOw5XzQh8eHxjSYxVENkbX7bokdpdwLFpjpIoIjC9pLATRx78KrtwZgz5ES4wxJ9Sk2RNWGbmSrwCA19vRss8XJztnUKzt3oRlf851GiCM2iJCjF8UiLRNBJa4xglUCf_Lz4yg5iBTzJIv5iru4Bv_p7s-ZuRUyhBYqG3y6gwasXGoQFVfV3UhqDt5ETB3IOinL9FCHD7dNsDmewHLSTYG4YZMJzOtCfWT9rASJ1fc8t028hnhDKYEi6BiWe9AKKsyoIPL_M1nDIjRTEINA-osmBwrsjxz_L2LIA4pS3I3qRF84lwErNjIAw34Q9u6h8yqUR-BRi7_u4utwWU-ZLHPjoS2cmrLtacetnHWSd24F7j1lvyQLMyg4dWrDv8okGe&sai=AMfl-YQPogS4SqqWzMeJQQqI-yp57_MO8E7D56ku8xf1L-XpS413rI9CedO6eJlEcHQKzTAtGkpM_WaTngxeJbgiYvmSHBAmIyq1e0LbSWkYjH_sk0WbzGOgjjLGFqzCxp7zGFiwp46A71RM_PBVn5CVvX39x4zTTR-GLCGdx2I&sig=Cg0ArKJSzGT3ZaOlDnyMEAE&cid=CAQSTwAvHhf_B44uM6GwBXL6uXXlWF-N1GA5t3G00KK-htRhzFjHQHyNb7yaCIS8gq_MkRfdbg09tD3k12BouvB45_T3820xEf7jQAo5okvra0QYAQ&id=lidar2&mcvt=1000&p=-50,0,450,200&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704054844233&rpt=327&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2678 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJRAM61jxfQCrZXwX4eCtP7dFcw0e83Xe1P9OuvZIMNRolayjYiaG4Rz_MxYo3XQn0AxH7yo51_qOLYduEQYYTKwDmvxYzrPOKXiqQbpOF3Ti7nO5b-MOiBYzVvwBqyOJntRimO48DYZoTrU5jPLXZWKoc&sai=AMfl-YTpuz2fdTeHOP0HOKXyJ43Hb05TaewtvT6k4BKsWZePoUCRryk8n87fVrd1dfrKoKacm2FrgIsC43DN6ci45LmU_UO24hZbbpF0X5jbeX2aoaKtPv_b1uQjQBOAJEsKr_F_-rdrdSKmrE5cbq_9Qg&sig=Cg0ArKJSzBbSkLvQml8EEAE&cid=CAQSTwAvHhf_B44uM6GwBXL6uXXlWF-N1GA5t3G00KK-htRhzFjHQHyNb7yaCIS8gq_MkRfdbg09tD3k12BouvB45_T3820xEf7jQAo5okvra0QYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=189,786,1000,1000,1000&tos=189,597,214,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704054844234&rpt=466&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8F81 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuB8eHujADqCUfndfdePfjU44mlEY5OrUhbYZgAvE1w8bZ0qKdifEjFNx_o70-oAHQF7oCe8C9-6_mWdES9KA8Y6pSm8JuvGSUQhGq6xGlWWI7-L8jgVQnUyV5TxyAJf0W89Nh5iPmvaMUvGdgE2lkm_8sjZZjQQaOUEcWdnvEU_WcgdddKMZpyWgmEnScF5nu7sR_1W3jKnplW3B6ReByxzX7dmyWRyIsArQBsVm-9WXp3amT1GQsz0TJAXhLXXg8KO2U_P3ve_G-g0Hyk0LwFexl-PjnCYvb0NEbskkX3HSDUj6EnAG8-jhtQx-mMzWWsxjjzQEeU9VRw4TDq9EanOVkboBuI93KXW0y_8ABsi0i7fpbhkfgDcbnTALSYFmlHLblxPZi2K5tWpkjLccbd15xW4vFKHIyECvYkseCoE5eK_iMVP5nXCumEkGZNM1gxEp66eGOb8i05zqTZd9iuRzJIMMLTeLY1IOVvi0PWZnbhL7rrVRCHCpy0S0M47KrRWZ8fbUrvTlW6M3ObOKDOHh6DHawkb0lwgq3YFEpjhBZYwrHTI2nMaNnd3G3hgEOXepLTGnC_QkngY7F9rCVgzVfvp0ye2HQMJg29wg8XEcMmMTxC1VIzEkVqekgEg7D0uM9p-UrRmcgpE9QXZvQZH551M2IChLG_Eti1nfQjmMM8eZFamUKXqlTAkIq6CwYtvkHPublUKgbulWVxLKPyspy6SsSO2ZUw_j-Vq_XmIgCgs_IIZpaK1lDbXt-tlGUZVq4HlVf8Ism3Q6SivnBZYroGcslVGnNxlXb4az1Fyt7v30H_bKpizcQPrFObe0_6h4pFhEFCtMKANHazC3FsPVmNuLeLud29p22SpO-DgTgvIBhgX3iGetI8LgN1fZtTpSGdWlW31WY7VHu5q5kjYHtdFT-m5TfgskbMBX4z7sdWZvNKLZfHL0lmTaHodCu38LIEcfhd-povYfNAjA2aXTVLPYppx_qauGDMs0E014zMDGDNCZZGVvRwXjX9d7OivDr9sUGi6m7yk2Lko_0X5dD94m7Fsvr9rPHtrccaAmvY2yn94Dt_7aq62WAAZt0Z6TuQ9fyLfp0UCnX66MgpjNlYc7Wubzjn37MOvzvHHR-3t6MKzjnCGCUIR1CobCTPyxTqxAiTYXZ7josoySKMv9Q2XGE5xXlQwVBqfeUN_cy6z-66k2ScGereUOAf9ak-uuH9fkT5eanqFflZ-oKbdm1OAQ&sai=AMfl-YTOdgpIo5LryQ74l0T3W7zhU_U1_KOltSdpp7K-NTWRSI5ION6y5O7FSjd1cwskL5uMCH67JRFJjGytYligC4M7E8Z8z0QTgKpBtrC21lGCmLWy4F2SEjZw1q3Zr0Fpax3wnW9pM4XIUgURI8flVWpYayQQkyO3NlSv5bg&sig=Cg0ArKJSzOW3MOp9sxa2EAE&cid=CAQSTwAvHhf_B44uM6GwBXL6uXXlWF-N1GA5t3G00KK-htRhzFjHQHyNb7yaCIS8gq_MkRfdbg09tD3k12BouvB45_T3820xEf7jQAo5okvra0QYAQ&id=lidar2&mcvt=1003&p=0,0,600,200&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704054844234&rpt=398&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 630E 42 B
64 B 64ms
64ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMEvCH2SC6f2k2QfOSKrGk2zNr-raMEriu-Wzji0ShOKpFtjW0NkP6WEIbgR6ViES-nm7rEqg8h4FZLFcXP47jqbo6c4DRWKfms4T7h-sPkRH_rlAEhpbvrvuzOodCAsj1bo_lKa60fucHgkpCkVhJB_B3fe5cnxCxRb4zfOXxrDxjgO2Pi4ldu7_NN7q7LGlqgdFvLfPHMaMOwVuhK2g5MZPN_UyvdtVxABWGb4DH1e9wVHhawNSl-gGE8HHwFOI3yWJZmWZFOa5mprQidzQuxB6JBSngy_2F7PVd_0MJVwaF9QoqW_7qoL6Jc6xcClJLUqWXL9dCx1o3QSDaReG-VebOzO1msuwfZIRLIDOqftpfw1ICcUoOaYB-hFOEjMqeog08DnZAV8-0eVcMRFVKpWsYaEDFY7KHAOlikhfT9-HP0MoFH20TdEk0GYemUsuFSgltbGRn0ZHogxdh-i5Y9Dx--QBmEo5lfflAKwzulxz-pKDkuznhNV_jOmLKqRcDLrwBCPvCTa21RP-Of6aRXWG3ez7D-H7RELpYgkPFBgWkQQE6ozl98JEhsnXKqn9ja4uSauUur2n1EPsLbsFhXiruuMg-jJP6TjagWsLZsAbvorQ-n4yi_46UzfOlGGtgTwV-87x1QfWxthzaXKq4LwOAZ_3PHQN6smpi5r6diznhyx2nDxKW2ODGAQooyZFkY6hlG0lT3co3Kb9U8-RR77XFet_k-wTt9uHXVfmmvFSp2Eo-UnySJRmS0pzAdJ0hUQ706exN_kMBWo-igjIQ063t7gjWjTPhVzogdQC_99O5ASA91-xSlaoQKkjVfmJXDQPhUlOhmojhIPpj_mJak8z3FmOU8kyHHBoio8LUFhVdQ9ItPWv-ZPLKFMkhqmdR_rFFk4f0KXtpWE_qWPuLlAE39nsyNT8cWrWmy_Pl-5taTBYQ7E7TflP4lZIuOJ2h_K00Lml13FxFR7ZZ85eASwFwJT8e0XJ_Jx2Z-bNZRVkJhV2zI_kzbUHJzj7SRZvOmKWc6iD1qbuCJl2psd6_FpukoM1uFvsxeVwUql67vg9ky9AHGd4hLPFPHwao9_fyqFgH2Fq7GzzpqEumPmfAntxqcuDASp7jbYV3SiM3gZ2nGli8p2axSGeoSNtIpZ2NHHJlpG3i-srCuzVBUWSCQ_gS640-E9yt3qP4SVlYfoknn3TvuGhU2Y5viVR-_W9T1CxTdgEwgR1R&sai=AMfl-YT_s6ZFLCqD_vqv2NjEQ3OpvP6REmc626yIjyQYGJWCdDMJTVWcRTMuouGq6pJcyQBEqJn9P2JOyadkL7G9YfrpRfeue-UKFIpVMhjIrFMqTvLYY4hIoKwwRoj5usdo1wbJ4O_rL-yA1g&sig=Cg0ArKJSzLSyTVMHUDVqEAE&cid=CAQSPAAvHhf_9DiFFyD55NqtCkRB27JURCEFvAJuGyhWWdN7Wi462BSQnUHUD_HuQ1XV1PF6FdgqKgnnALFJABgB&id=lidar2&mcvt=1000&p=0,0,90,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2743202993&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704054844097&rpt=896&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 20:34:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMkQRtRNML6POpoWIioWUvA&google_cver=1&google_push=AXcoOmSjCU9RhU9y7WoaHoFMRKLk8brjEx7w4au0QY0rUg05JDr8C9R_SE0Fp4fdxA8rGf5qoHCnJtXetrNsE5AmjMkhQEJShpqUyQPhFw

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.giveawaybot.party/	1970-01-21 02:56:54	Name: _ga Value: GA1.2.1229480501.1704054843
.giveawaybot.party/	1970-01-20 17:22:21	Name: _gid Value: GA1.2.2083099390.1704054843
.giveawaybot.party/	1970-01-20 17:20:54	Name: _gat Value: 1
.giveawaybot.party/	1970-01-21 02:56:54	Name: _ga_PFGY0SEDN8 Value: GS1.2.1704054843.1.0.1704054843.0.0.0
.giveawaybot.party/	1970-01-21 02:42:30	Name: __gads Value: ID=bfbf2bf3ebff9b30:T=1704054843:RT=1704054843:S=ALNI_MZCcP7O0lpAXHfQ_ybKwM3ZZ_cmxQ
.giveawaybot.party/	1970-01-21 02:42:30	Name: __gpi Value: UID=00000ceb2c866a17:T=1704054843:RT=1704054843:S=ALNI_MbBQX2u0E1H35SkGchk6XKiVx44Yw
.blismedia.com/	1970-01-21 02:06:34	Name: b Value: 6591D03C8895860931519A44BLIS
.ctnsnet.com/	1970-01-21 02:06:30	Name: gid_CAESECSCXFzg34zpYUocdQSX2NA Value: 1
.ctnsnet.com/	1970-01-21 02:06:30	Name: cid_2e20ce1c9dcb420e9d81e28048a8c339 Value: 1
.doubleclick.net/	1970-01-20 17:20:58	Name: DSID Value: NO_DATA
.w55c.net/	1970-01-21 02:52:35	Name: wfivefivec Value: VRUrY7391Rk2vy5
.adfarm1.adition.com/	1970-01-20 19:30:30	Name: UserID1 Value: 7318859825581848722
.w55c.net/	1970-01-20 18:04:06	Name: matchgoogle Value: 5
.quantserve.com/	1970-01-20 19:30:30	Name: d Value: EFcBCQHlKoEA
.quantserve.com/	1970-01-21 02:51:09	Name: mc Value: 6591d03c-8e87e-ab459-ee1f3
.everesttech.net/	1970-01-21 02:06:30	Name: everest_g_v2 Value: g_surferid~ZZHQPAALHp4dcwBH
.de17a.com/	1970-01-21 01:59:18	Name: guid Value: 1.7199273315566888978
.agkn.com/	1970-01-21 02:06:30	Name: ab Value: 0001%3AKPLrvB44iUIQ7jYQj7q6tLfnObq3e%2F68
.agkn.com/	1970-01-21 02:06:30	Name: u Value: C\|0CEAtJIy8LSSMvAAAAAAAAQ13AQCAAQpAAAAAAA
.adform.net/	1970-01-20 18:05:33	Name: C Value: 1
.doubleclick.net/	1970-01-21 02:42:30	Name: IDE Value: AHWqTUkTOykSVEneddgly99CZ2qUhRMoZFLCdtpVyi-TrRkyKodkGy3Twf6a4U62qlA
.googleadservices.com/	1970-01-20 19:30:30	Name: ar_debug Value: 1
.adform.net/	1970-01-20 18:47:18	Name: uid Value: 7504081361058047920
.turn.com/	1970-01-20 21:40:06	Name: uid Value: 2319527550260610383
.simpli.fi/	1970-01-21 02:07:57	Name: suid Value: CD48F73700C24F45B58E9A5DE1A4BA58
.tribalfusion.com/	1970-01-20 19:30:30	Name: ANON_ID Value: arnt6ZaNZaiMjAmemFnSwbS9Cm7AFEUZbA8NttRQZcVL36oUYWJGgiXUvJXxuIP2JPVpTPuJxZbZbuAhufZaT3d4c3rWMDoRHRt
.innovid.com/	1970-01-20 19:30:30	Name: uuid Value: 3a13b089-eaad-4fef-9656-11f8c05ef942-20231231 15:34:05

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQheNTqo6lP92r9FbKbtSURgO5MTtOgfRJRSWREy9ZnETyc47Jgi6faWxb7ntxyqESngAxuI9BuLSvbVUpQz1fE8WjetpoXVQ&google_gid=CAESEOBxgCADcWmvQDWTVsIizis&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQxjU-MKccb0z8z3FrzppzC7ERQwllBRek1126FIOBTK0izArDdJZj0H7D68Lpt0qTFzbT0I1bfmEg0LWELf5pD-uiFGacbqLTR&google_gid=CAESEDOrHwYkiA6x1APf-xo5hE8&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ag.innovid.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
giveawaybot.party
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
img.shields.io
match.adsrvr.org
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
pm.w55c.net
r.turn.com
region1.google-analytics.com
s.tribalfusion.com
static.dialogflow.com
storage.googleapis.com
sync-tm.everesttech.net
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
googlecm.hit.gemius.pl
142.250.185.226
151.101.130.49
172.217.18.98
18.158.179.1
2001:4860:4802:32::36
213.155.156.182
2606:4700:3037::6815:501b
2606:4700::6812:18ad
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2003
2a00:1450:4001:831::201b
2a02:fa8:8806:13::1370
2a05:d01c:1d8:8100:5c9b:2a11:2441:222
2a06:98c1:3120::3
2a06:98c1:3121::3
3.123.94.79
34.160.236.64
34.96.105.8
35.186.193.173
35.204.74.118
35.244.174.68
37.157.5.133
46.228.164.11
51.89.9.253
52.223.40.198
52.57.164.72
85.114.159.118
0935d9558533203dbf5ab77ae74f5185006fa6181eeb277368b6b396f809d79c
0a6fa39d03ad207cf310579ead1c40409c68135ff271a93216ace80e46bb6e2a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ea55ba8dabff6483c2aa7e6031ac8cff4c62cbf6f09deb98552e45989e6112b
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f7040e81932186066c1636c42cb75f2970d9ab0a20a9e4ef49d7a6cdf30746d
1140401f0225d977b5ff23e40930e0d81a8eecec287a5a188a7d9ad3cf3c36a6
1688228c44bcfebd4550aaea3cefe8e164a750ef258b0ab48840d8dd1df381ee
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
196567916e3a9da4a425033e61db05aa7e632fd5e3b1258217dd60d2bcb5f8df
1abb52c85dbfcdccadde6651ddeb72d240e541f18d0c17c9d19d4a2d761130a8
1c29fc696d1501f4634511d57f6e751c893aa7e24ca4ee35b5c1ad752c6b4078
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4d2583305cfa5b0cce1f1ae3107a98d26c3045969bb00eabe56e72423f9ac48d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
670648541bc3f988e5f4c388a8edd56bec9434ab8ca2d8be9a8fc2fe277b8182
6dcecee0daf79c26403db79ad6cac73f864d47a47bd786d328a0bce42519265a
7034ae8d8aaa077dc02a62b5b4a0b9d0eefacc5619832a2637a9afd4ef626cc6
71767aa4abe747e817c1b7e8834be570367ab9a7aaeec65947d016e5cc532aae
74ff7ba85ec0c02ca3ce4c58e7f0e1ad3c534138da5c53d53471a53ea8d0ef97
7c8eb3fac2da085b9b9162f25b769e760c25fbbfbe5edd7a354def8ee0bebe6b
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
848c6787ac492cb69a154fda885afb3fda61237d59b23f64296389d5012250ac
8aaee4d6282fe9fb122b24017bbea1e7bd5d3f2bbc1eceddd89092e3ffa913ff
8ceafdbaef6e2cc899acd190e4e0e0e8e9c60fd783f5b8f89c806571557ce846
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de43842e78764ae4b4b6286813827e0eb83f52e8e5ccf2a92608ec8b0c1ea8a
8f0c995d3a9349bc5ef33727c0834ae220d0741fa02869675f538a3810720f20
8f5c783a9f019b292cc7a74758f3597635f45724868dfc041c41899933bd484c
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1d6a28a2cd404ca733f771f47ffe21d0ad30f6de33126ad6ab8690f8d2aa024
a2366f8ceefa49f15dbf946bb02a4cf52b6d2999f71712d3f52e8bd5f56e1988
a4692a7234b95c9908d1a9068f1bc9191815a6b1d9e3b3b84ad12ee10caaaaee
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b2ad47b98d17a6097f99c971e06f28c0330ae2739c9787ccf053457e0fe55f36
b3ef0cc7e370a7edcf0d8cbba95302c6e88d42aae29e48db334e9bb1c4a439ca
b5ac576fe162ec4b4fd8ef463ba80dd7697d9fd78af7871308297a9db3e42a88
c8fadd7891a17b26098307d064c91bd92952a060d9ac069037bf72446f513edc
ccccd5a9a53d06ced27d28e2c901ea1d843011ae279785a1d4b218ddef3c334f
d3df3e9c13a518a3ff8049f27bfad9968d9e37e46cd796cb21ea544a8a61b9c3
d7b50d11597480f7a08d61a7a84bab29d4264343f5625023c50718bf8f079539
d9aadff25042096a6b3a99d7099db1c57b53fa6ddc89ed7e26ed91f941585401
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
dc9503caf6a0836738d11e19c42868aeb68444cca98480532e1a8cdff3ce52c6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dedbe1d57133e944db9d37dd4334e94d104838f387b605bf6031a67c44c0acba
e2f415a12b7288203ce7732113afa5f1f5e66225ca31fe588a152928398cb28c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e90a62aca6002d619e81c671c119829ccb7c2db3fa04ca4d14654b34855064d0
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ecfc183e33d25d24aa7c06218e0a413488fff8774e4b4b87543c766db9b0b8ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a3820a95d758012d0437979e342486e0a5d4f527f532146b7daa858e3524f3
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

giveawaybot.party Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

191 Requests

88 %HTTPS

53 %IPv6

32 Domains

39 Subdomains

27 IPs

7 Countries

2234 kBTransfer

5960 kBSize

27 Cookies

2 Outgoing links

Page URL History

Redirected requests

191 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

giveawaybot.party Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

191
Requests

88 %
HTTPS

53 %
IPv6

32
Domains

39
Subdomains

27
IPs

7
Countries

2234 kB
Transfer

5960 kB
Size

27
Cookies

191 HTTP transactions
8 data transactions