wotlabs.net Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wotlabs.net/
Effective URL:
https://wotlabs.net/
Submission: On February 06 via api (February 6th 2024, 10:08:31 pm UTC) from US — Scanned from NL

Summary HTTP 182 Redirects Links 43 Behaviour Indicators

Summary

This website contacted 36 IPs in 3 countries across 22 domains to perform 182 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is wotlabs.net.
TLS certificate: Issued by GTS CA 1P5 on February 1st 2024. Valid for: 3 months.

This is the only time wotlabs.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
39	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:e8b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:731	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1 1	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
1 3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:631	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
9 12	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
6 12	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 9	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
4	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
1	138.201.63.145 138.201.63.145	24940 (HETZNER-AS) (HETZNER-AS)
2	23.215.22.232 23.215.22.232	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.53.43.65 23.53.43.65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	88.99.165.19 88.99.165.19	24940 (HETZNER-AS) (HETZNER-AS)
2	143.204.98.111 143.204.98.111	16509 (AMAZON-02) (AMAZON-02)
1 2	216.58.212.134 216.58.212.134	15169 (GOOGLE) (GOOGLE)
2	2600:9000:264... 2600:9000:2646:6c00:a:deb0:3380:93a1	16509 (AMAZON-02) (AMAZON-02)
14	95.101.148.38 95.101.148.38	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	85.114.131.235 85.114.131.235	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4	3.123.76.159 3.123.76.159	16509 (AMAZON-02) (AMAZON-02)
7	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
182	36

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

wotlabs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

wotlabs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:e8b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.datatables.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:731 (United States)

ASN13335 (CLOUDFLARENET, US)

c6.patreon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.patreon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c5.patreon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

pics.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.21 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:631 (United States)

ASN13335 (CLOUDFLARENET, US)

c5.patreon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.18.2 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.64.151.101 (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.89.210.90 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.63.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.215.22.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-22-232.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.53.43.65 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-43-65.deploy.static.akamaitechnologies.com

ajs-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.99.165.19 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de

hal900028.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-111.fra50.r.cloudfront.net

agen-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f134.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2646:6c00:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 95.101.148.38 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-38.deploy.static.akamaitechnologies.com

cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stat.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.131.235 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21039.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.123.76.159 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-76-159.eu-central-1.compute.amazonaws.com

ad-events.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	637 KB
32	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 309589	289 KB
24	wotlabs.net 1 redirects wotlabs.net	206 KB
20	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 954 cdn.flashtalking.com — Cisco Umbrella Rank: 1296 ad-events.flashtalking.com — Cisco Umbrella Rank: 1404 stat.flashtalking.com — Cisco Umbrella Rank: 1445 secure.flashtalking.com — Cisco Umbrella Rank: 2387	151 KB
12	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	6 KB
9	ad-score.com js.ad-score.com — Cisco Umbrella Rank: 3066 data.ad-score.com — Cisco Umbrella Rank: 2906	327 KB
9	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	10 KB
7	patreon.com c6.patreon.com — Cisco Umbrella Rank: 115279 www.patreon.com — Cisco Umbrella Rank: 23249 c5.patreon.com — Cisco Umbrella Rank: 49584	308 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 38309 hal900028.redintelligence.net — Cisco Umbrella Rank: 230831	11 KB
4	ftstatic.com ajs-assets.ftstatic.com — Cisco Umbrella Rank: 1744 agen-assets.ftstatic.com — Cisco Umbrella Rank: 1473	58 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	260 KB
3	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 570	17 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	63 KB
3	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 5289	167 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 ajax.googleapis.com — Cisco Umbrella Rank: 369	33 KB
2	paypal.com 1 redirects pics.paypal.com — Cisco Umbrella Rank: 16302 www.paypal.com — Cisco Umbrella Rank: 3015	9 KB
1	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 70174	24 KB
1	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2611
1	gstatic.com www.gstatic.com	19 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	13 KB
1	datatables.net cdn.datatables.net — Cisco Umbrella Rank: 4899	28 KB
182	22

	Domain	Requested by
36	pagead2.googlesyndication.com	wotlabs.net pagead2.googlesyndication.com 984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
24	wotlabs.net	1 redirects wotlabs.net
16	tpc.googlesyndication.com	984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com wotlabs.net googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
12	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com 984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com wotlabs.net
9	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
7	data.ad-score.com	js.ad-score.com
6	stat.flashtalking.com	wotlabs.net
6	cdn.flashtalking.com	ajs-assets.ftstatic.com wotlabs.net
4	ad-events.flashtalking.com	wotlabs.net
4	hal900028.redintelligence.net	1 redirects 984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com hal900028.redintelligence.net
4	ad.doubleclick.net	984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com 8019191.fls.doubleclick.net
4	www.googletagservices.com	984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com wotlabs.net googleads.g.doubleclick.net
4	984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	ssl.google-analytics.com	1 redirects wotlabs.net
3	c6.patreon.com	wotlabs.net www.patreon.com
3	securepubads.g.doubleclick.net	wotlabs.net securepubads.g.doubleclick.net
3	cdnjs.cloudflare.com	wotlabs.net
3	pro.fontawesome.com	wotlabs.net pro.fontawesome.com
2	secure.flashtalking.com	wotlabs.net
2	js.ad-score.com	ajs-assets.ftstatic.com
2	8019191.fls.doubleclick.net	1 redirects wotlabs.net
2	agen-assets.ftstatic.com	ajs-assets.ftstatic.com
2	ajs-assets.ftstatic.com	servedby.flashtalking.com
2	servedby.flashtalking.com	984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
2	c5.patreon.com	www.patreon.com c5.patreon.com
2	www.patreon.com	c6.patreon.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	8019191.fls.doubleclick.net
1	cdn.contentspread.net	hal900028.redintelligence.net
1	ajax.googleapis.com	hal900028.redintelligence.net
1	hal9000.redintelligence.net	984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
1	fonts.googleapis.com	c6.patreon.com
1	stats.g.doubleclick.net	wotlabs.net
1	www.paypalobjects.com	wotlabs.net
1	www.paypal.com	1 redirects
1	pics.paypal.com	wotlabs.net
1	www.gstatic.com	wotlabs.net
1	cdn.jsdelivr.net	wotlabs.net
1	cdn.datatables.net	wotlabs.net
182	41

This site contains links to these domains. Also see Links.

Domain
cookiesandyou.com
forum.wotlabs.net
shop.spreadshirt.com
wotlabs.spreadshirt.com
www.twitch.tv
worldoftanks.com
twitter.com
www.wargaming.net

Subject Issuer	Validity	Valid
wotlabs.net GTS CA 1P5	`2024-02-01` - `2024-05-01`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
patreon.com Cloudflare Inc ECC CA-3	`2023-04-08` - `2024-04-07`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-12` - `2024-10-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
redintelligence.net R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-09-14`	a year	crt.sh
*.ftstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh
cdn.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-04` - `2024-05-03`	a year	crt.sh
contentspread.net R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
ad-events.flashtalking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-17` - `2024-09-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://wotlabs.net/
Frame ID: 8F64D204556B3F081E9EFFF91D0BB8FE
Requests: 47 HTTP requests in this frame

Frame: https://www.patreon.com/platform/iframe?widget=become-patron-button&redirectURI=https%3A%2F%2Fwotlabs.net%2F&creatorID=162474
Frame ID: A3B8C870FED34A1F473DC844FDA12585
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20190131/zrt_lookup_fy2021.html
Frame ID: 38FE59C04DB6F5DB0A8FA4E8EE0459AE
Requests: 1 HTTP requests in this frame

Frame: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0D45F7F20C3E442B246AC58DA7AEFDC1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9235292526886004&output=html&adk=1812271804&adf=3025194257&lmt=1707257306&plaf=2%3A2&plat=3%3A16%2C4%3A16%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwotlabs.net%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707257306651&bpp=2&bdt=990&idt=160&shv=r20240201&mjsv=m202402050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3745435425010&frm=20&pv=2&ga_vid=728815700.1707257306&ga_sid=1707257306&ga_hid=445179707&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31080780%2C31080933%2C95320870%2C95324155%2C95324161%2C21065725&oid=2&pvsid=2665303978646082&tmod=262902213&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=171
Frame ID: 05F4830ACBF38C118CFF7E0D70AEA437
Requests: 1 HTTP requests in this frame

Frame: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AD9E5E9ADB6AABD301B875CE8CC7EA4A
Requests: 36 HTTP requests in this frame

Frame: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8AD2B4442EF19833165E79CAFF8B6EC8
Requests: 15 HTTP requests in this frame

Frame: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A4016533AB0C39CAA8EEDF807FE511F6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYlKyKggIwAQ&v=APEucNUvJbFSUL4Z3jTMBcM9bYhBQNgcM0ijSBXRx1KQ-nhE-MfSOuLF7NYjU56JWoZ1Q8tX08vi1LFFWDJvISHO1BL9xts6nsGWpBsvk62SPImWFjNOSOsMwW1XsdjnNsuW1ahQhk6IPQ99PaAEdyKaqmtV_DpXaRMaMhkT_y4hL4PTBdAtXUQ
Frame ID: 800093619A9D1D07D9DA6CCE779F6039
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2hbzGATAB&v=APEucNXCeywu6VBFiFD_IEFY7A5gKOVrcfzU3di_Amr-LyTIha1J3gamDZ2fu9xyUCMOJ0G_wLsrk6wAObsfOkYSkweiyTOvWmC4aJRFqhc_vWM-lbe5PDf1B3tDzqy8Bz3jh4ya1QJp_Jz2KopOicLXafiI0wXAdJsYKgHelf1FQdHo8GUgpGk
Frame ID: 8A6814D7D0ACB5581A94D061289EB68B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYk6yKggIwAQ&v=APEucNV6TbC7UH4AdLUb0hQsJD_DM2T4-5Ga_S2IRibdRtU9GxgCSLZP23mI1TxTFPTlx3fetz58MS8MC7IEiGN6hNfQsJvfYLgZmFxSm-lrKIYjDDK0xd-4rj00rV408rxAs8ro1EFxmwacPNcVDj-5lgbDrHaILJXjIFsoQ_KoCM0dXK0aylg
Frame ID: 1D25AA16728230B76E0518881FEBBBD4
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: A500EFC83351E52AFFAC061ED9F33812
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 43197AFC0233017E85F7A3416B5C67CF
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: EB460BEEF1B2009B1799377EB2A804AA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5BABEADB0B90C91C8CF0C76058B17FBA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 914E902BAB66DB52D8869C9825A23128
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js
Frame ID: C3899C862F642CDF0E9739FB31BCECA6
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CNz5k4vdl4QDFRZLkQUdIg8PWA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5774466780751.399
Frame ID: 56863E6A700E84E121BA38EA6962FC99
Requests: 3 HTTP requests in this frame

Frame: https://hal900028.redintelligence.net/request_content.php?s=67496600214369704444450012592028&a=8b5f4137
Frame ID: 2E9EE2E432F97893B86AFAF634665C40
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3268BA968BE43A71F7EC82FA4701A15E
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 09582B96562C5DCCD504BCEDD7F3494C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D6F2FBDA8EAED4EB58989800A67E804A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 129B38D675C4B2618461D1EDF7FC5A11
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WoTLabs.net - World of Tanks Statistics Tracker

Page URL History Show full URLs

http://wotlabs.net/ HTTP 301
https://wotlabs.net/ Page URL

Detected technologies

Chart.js (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

/Chart(?:\.bundle)?(?:\.min)?\.js
cdnjs\.cloudflare\.com/ajax/libs/Chart\.js/([\d.]+(?:-[^/]+)?)/Chart.*\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

182
Requests

88 %
HTTPS

57 %
IPv6

22
Domains

41
Subdomains

36
IPs

3
Countries

2623 kB
Transfer

7417 kB
Size

24
Cookies

43 Outgoing links

These are links going to different origins than the main page.

URL: https://cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://forum.wotlabs.net/index.php?/articles.html/
Title: Articles

Search URL Search Domain Scan URL

URL: https://forum.wotlabs.net/
Title: Forum

Search URL Search Domain Scan URL

URL: https://shop.spreadshirt.com/wotlabs
Title: Store

Search URL Search Domain Scan URL

URL: http://wotlabs.spreadshirt.com/
Title: Store

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/junkershiryu
Title: JunkersHiryu

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/trobsmonkey
Title: Trobsmonkey

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/anfieldw
Title: Anfield

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/selawot
Title: Sela

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/barks_internally
Title: Barks_Internally

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/nolan1243
Title: Nolan1243

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/zeven_na
Title: Zeven

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/blue_stealth
Title: bluestealth

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/smyleerage
Title: SmyleeRage

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/Oosa
Title: Oosa

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/asassian7
Title: Asassian7

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/overlord_prime
Title: Overlord_Prime

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/supernova_o7
Title: SuperNova_o7

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/haglar
Title: haglar

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/bobtheturkan
Title: BobTheTurkan

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/zerontv
Title: Zeronez

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/orzanel
Title: Orzanel

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/genghiswolves
Title: genghiswolves

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/tomosa_
Title: Tomosa

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/veitilein
Title: veitileiN

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/sirhavoc09
Title: Sir Havoc

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/aniallator114
Title: ANIALLATOR114

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/weeniswot
Title: Weenis

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/brucewaynegames
Title: BruceWayneGames

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/valheru_
Title: Va1heru

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/bolagnaise
Title: Bolagnaise

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/soslo_sr
Title: Soslo

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/themadmainer
Title: TheMadMainer

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/meatheadmilitia
Title: MeatheadMilitia

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/sofilein
Title: SOFILEIN

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/06wallst
Title: 06wallst

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/bted72
Title: BTed72

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/tragicloss
Title: TragicLoss

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/sakefox
Title: Sakefox

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/mountain_man
Title: Mountain_Man

Search URL Search Domain Scan URL

URL: https://worldoftanks.com/
Title: World of Tanks

Search URL Search Domain Scan URL

URL: https://twitter.com/nevrw
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.wargaming.net/
Title: World of Tanks

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wotlabs.net/ HTTP 301
https://wotlabs.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://www.paypal.com/en_BR/i/scr/pixel.gif HTTP 301
https://www.paypalobjects.com/en_BR/i/scr/pixel.gif

Request Chain 37

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=112000764&utmhn=wotlabs.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=WoTLabs.net%20-%20World%20of%20Tanks%20Statistics%20Tracker&utmhid=445179707&utmr=-&utmp=%2F&utmht=1707257306498&utmac=UA-36899569-1&utmcc=__utma%3D191158956.728815700.1707257306.1707257306.1707257306.1%3B%2B__utmz%3D191158956.1707257306.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1640474044&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-36899569-1&cid=728815700.1707257306&jid=1640474044&_v=5.7.2&z=112000764

Request Chain 72

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKTTgfzQpNPL6WBexNaGopk&google_cver=1

Request Chain 73

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcKt29LbQ2EpFNk10Q.XtQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFFltnaIqugBdgT8wNkBtoo&google_cver=1&google_hm=2

Request Chain 74

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEN_RcMeoLC8LCmUJU4whhf0&google_cver=1

Request Chain 75

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAxMzYwNTQzNzQxMjAwMjEwNA%3D%3D

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG2q9fiuOq4Q48Ro-at8mSM&google_cver=1

Request Chain 77

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcKt249XSoABhhcUR6.hkwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFFltnaIqugBdgT8wNkBtoo&google_cver=1&google_hm=2

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDNLUST0uWdOibU90LZaffk&google_cver=1

Request Chain 79

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAxMzYwNTQzNzQxMjAwMjEwNA%3D%3D

Request Chain 86

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFFltnaIqugBdgT8wNkBtoo&google_cver=1

Request Chain 87

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcKt29LbQ2EpFNk10Q.XtQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFFltnaIqugBdgT8wNkBtoo&google_cver=1&google_hm=2

Request Chain 88

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDNLUST0uWdOibU90LZaffk&google_cver=1

Request Chain 89

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAxMzYwNTQzNzQxMjAwMjEwNA%3D%3D

Request Chain 114

https://hal900028.redintelligence.net/request.php?zone=8e4hjwsd4phy&nw=20&renderingType=javascript&namespace=6df6f1082c&subid=&uid=d162a5e57094e03a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCd9Qj2q3CZcG7LJuV1PIPsoCqqAfM-Yagafu5x__3D_AuEAEgo9KICWCRBMgBCakClMnR6H8Jsj6oAwHIA5sEqgTiAU_QfHbARhXrClFTrz18gskTjwh4eBT_saWD6xE2M6UIIJIs-BCRTkqLbJFmi5A_MKzzsJNRrN94Bl62JNskzLvNJlhtasQDfEoTwfjPJtxB3wOwydOd6YDL9uLm2SGyCwqHxTJxB2GrcXF7UcZ1ARYEIlbmlR8doRnFUKmMyruYdpLO7JbCKuBq47BUMofvrEr5a25H97AcT5w2king9YS6hHdBmjsFRHXhisfPB5rY9FaB4WMt6lMXbCJiRs7PPTaAd-yaXrrVlHu8Drm3ooXWX6pCjJvi4uZDAHnkFnY1aBPABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJgiA4YAQEAEYHTICqgI6CYBAgICEgICECEi9_cE6WJTkuYrdl4QDgAoBmAsByAsBgAwBqg0CTkziDRMIr566it2XhAMVmwpVCB0ygAp1sBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_4ErEINtAzRVEX7HsU1phwcEr9npIq6fSqMWcy9NcmJLG9-ZzNOwutq5tQnnkqDWaegEZ44fUirigq2sd5lCL17_Ljv7ne9mO_6kYAQ%26sig%3DAOD64_0yGMdE2_RM_cjbppo6yzz98dr40A%26client%3Dca-pub-9235292526886004%26dbm_c%3DAKAmf-BnKkDLyHPClQEHILWMBIVP1EXHpKZeDfamrCkiIGNd0NK35qVUNYz4SaFX0aNp7gSGtGWrP1AP2O3WiarM1MQwPBPTpPkVLtpzpp6tFcZQysIOlE6XERa--6FzQDXU96VSqkSxQjA5cV6vMbRFLwW4efESOdz4-AcoI8X9k6X75t8vdMw%26cry%3D1%26dbm_d%3DAKAmf-Aks-n2twcavnodse5ikhdquakIxci4bnZ_tj548onP3JiSRGfcP2DOun7C6BUtRlvw_-fol1CfxDl-vlR3Q_dvAHKrn0PbmHb5eEE05RIbpTmbUSiq1qWKu4Gnn1yOegfFAY9F6eA0KUAB5qhvamaR76s6HGUKtSKbp71WeEi9u5nrJPsLY7PXRIbHDa8f9eue6aTkoJklKpeAKKqy8i0JMMm-JYf1wPdU2PDgjMUXHYcesTurh72R_WJFA6TVG6-_LRxI-WaPMQQ92HV9lAtLgkq5EjRWDryMgbwCndtDxj3cqyzYFvyQhtHOXt_zieLW8ClOcANlinNXLca2TWxWsrLDS9GZdQiDn0AV475_MtcQK1UYl4qFqCHd3qPqnLXyOT1heBrYe4RhbK6uQCHFTYoKHa6TDxl5sry1gMGGfyin5SAG4DOH41FevDB6qgGruAANdv9CdJNXJRm2qbjdyuY1R8AgyqLFVdV7X2QP2xl_ScyZJ_XQjtPEfjA17PjlespjCogcpNT2BqSocQpqhdnssPybJYZ68ntUvUtMTILM05Rvd9zpUPS0gTHTII_XxDrX%26adurl%3D&documentReferer=https%3A%2F%2Fwotlabs.net%2F&ancestorOrigins=https%3A%2F%2Fwotlabs.net&random=9624097796261&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900028.redintelligence.net/request.php?zone=8e4hjwsd4phy&nw=20&renderingType=javascript&namespace=6df6f1082c&subid=&uid=d162a5e57094e03a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCd9Qj2q3CZcG7LJuV1PIPsoCqqAfM-Yagafu5x__3D_AuEAEgo9KICWCRBMgBCakClMnR6H8Jsj6oAwHIA5sEqgTiAU_QfHbARhXrClFTrz18gskTjwh4eBT_saWD6xE2M6UIIJIs-BCRTkqLbJFmi5A_MKzzsJNRrN94Bl62JNskzLvNJlhtasQDfEoTwfjPJtxB3wOwydOd6YDL9uLm2SGyCwqHxTJxB2GrcXF7UcZ1ARYEIlbmlR8doRnFUKmMyruYdpLO7JbCKuBq47BUMofvrEr5a25H97AcT5w2king9YS6hHdBmjsFRHXhisfPB5rY9FaB4WMt6lMXbCJiRs7PPTaAd-yaXrrVlHu8Drm3ooXWX6pCjJvi4uZDAHnkFnY1aBPABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJgiA4YAQEAEYHTICqgI6CYBAgICEgICECEi9_cE6WJTkuYrdl4QDgAoBmAsByAsBgAwBqg0CTkziDRMIr566it2XhAMVmwpVCB0ygAp1sBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_4ErEINtAzRVEX7HsU1phwcEr9npIq6fSqMWcy9NcmJLG9-ZzNOwutq5tQnnkqDWaegEZ44fUirigq2sd5lCL17_Ljv7ne9mO_6kYAQ%26sig%3DAOD64_0yGMdE2_RM_cjbppo6yzz98dr40A%26client%3Dca-pub-9235292526886004%26dbm_c%3DAKAmf-BnKkDLyHPClQEHILWMBIVP1EXHpKZeDfamrCkiIGNd0NK35qVUNYz4SaFX0aNp7gSGtGWrP1AP2O3WiarM1MQwPBPTpPkVLtpzpp6tFcZQysIOlE6XERa--6FzQDXU96VSqkSxQjA5cV6vMbRFLwW4efESOdz4-AcoI8X9k6X75t8vdMw%26cry%3D1%26dbm_d%3DAKAmf-Aks-n2twcavnodse5ikhdquakIxci4bnZ_tj548onP3JiSRGfcP2DOun7C6BUtRlvw_-fol1CfxDl-vlR3Q_dvAHKrn0PbmHb5eEE05RIbpTmbUSiq1qWKu4Gnn1yOegfFAY9F6eA0KUAB5qhvamaR76s6HGUKtSKbp71WeEi9u5nrJPsLY7PXRIbHDa8f9eue6aTkoJklKpeAKKqy8i0JMMm-JYf1wPdU2PDgjMUXHYcesTurh72R_WJFA6TVG6-_LRxI-WaPMQQ92HV9lAtLgkq5EjRWDryMgbwCndtDxj3cqyzYFvyQhtHOXt_zieLW8ClOcANlinNXLca2TWxWsrLDS9GZdQiDn0AV475_MtcQK1UYl4qFqCHd3qPqnLXyOT1heBrYe4RhbK6uQCHFTYoKHa6TDxl5sry1gMGGfyin5SAG4DOH41FevDB6qgGruAANdv9CdJNXJRm2qbjdyuY1R8AgyqLFVdV7X2QP2xl_ScyZJ_XQjtPEfjA17PjlespjCogcpNT2BqSocQpqhdnssPybJYZ68ntUvUtMTILM05Rvd9zpUPS0gTHTII_XxDrX%26adurl%3D&documentReferer=https%3A%2F%2Fwotlabs.net%2F&ancestorOrigins=https%3A%2F%2Fwotlabs.net&random=9624097796261&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 125

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5774466780751.399 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CNz5k4vdl4QDFRZLkQUdIg8PWA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5774466780751.399

182 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
wotlabs.net/
Redirect Chain

http://wotlabs.net/
https://wotlabs.net/

39 KB
9 KB

845ms
789ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wotlabs.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38e90f12fa83876cc752170fbba33207d89ebc5b33da59671ac2b0747be2ed29

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8516b62b8e156661-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 06 Feb 2024 22:08:25 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVlfBCcvTKIVqDkzScAqidSf3CXpAwJpoUrSJbVq2eN%2BlQ%2B%2FVVS6jE6jZnEqmTjAs7%2BRDIehEVhoCy1vJKcryAFOOy0TBCRTPkJZx7U94HwV76VZOfsiDIgvIHJKE2I%2FWjRrTb1GTDmOsg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 8516b62abbd5437f-EWR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 06 Feb 2024 22:08:24 GMT
Expires: Tue, 06 Feb 2024 23:08:24 GMT
Location: https://wotlabs.net/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxHwzJlw%2BlcRLObdOtyQ6Vx5n%2B%2FTyaNglEFaoahtcAblvOobqW1WXjQz5eyztiLT%2B4Y9JyYbvC9GycXCsIe9ph4JIPqy8nqLD%2BnFTiSaOD3vBJKvndz3aAE6Dn95UqP5pdFjbGpWW%2FCBRw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 fonts.css
wotlabs.net/css/ 2 KB
725 B 132ms
128ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wotlabs.net/css/fonts.css
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e40b324bd6ce169dd4dbe62a4817a92c469621ea079c495e9245ff87820751d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 24 Aug 2016 04:00:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"9f3-53ac952a5fa40-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5uatn9LjZmFQEDdw5pxoGHMGfXHw0OQP%2FU8QaTGcTrWXui4hNC3TX3UomPaAOxxwY069SPfd%2FqcCXzXAyB1c%2Fgio54wQ6%2BwrvydvvaTI8kKm%2FGg7ZO0XU9FlCsGcprRmNNizRebPv8r4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 8516b6307d316661-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
wotlabs.net/css/ 34 KB
8 KB 143ms
140ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wotlabs.net/css/style.css
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5417766a00b1090b644db8eca110e5feb9031796ef34fd2318c2e2156e06fa48

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 12 Mar 2021 07:29:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"887d-5bd51db315fc0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEDGxV%2BSjgBFeZ4nCImCCshxuq4EL%2F8TT8pv80eyJcIGN3Jo5%2BVYbm38l1ibOGkgug1eAKF9NaEkA8lDuhpBs0ZTYtdz5czEHzrQWAKxAT%2BsgpNz%2FB%2FgQyvhRO3GLIMyc%2FtEb6uq16WIig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 8516b6307d336661-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.dataTables.min.css
wotlabs.net/css/ 16 KB
3 KB 132ms
130ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wotlabs.net/css/jquery.dataTables.min.css
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f126f656d4b1744741b81d0651156b61d13eac6b2de852a9ece802e837bc30c6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 01 Mar 2020 18:24:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4047-59fcf2d8fd1c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9T%2BcNZ6iriz0fdL3%2BYrJ5ygmGFkwRhfOowB5HWrjq31l7fK%2B3uTSE4V8jFswQCU6L2ud%2BgVEOPDL9A9djcMXEDdh64gobPDQkG%2B1z9CvW0p%2BQll69WHOir1WH0I0cJUX12TQMjApSFs3dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 8516b6307d346661-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-ui-1.10.4.custom.min.css
wotlabs.net/css/wotlabs-theme/ 27 KB
6 KB 140ms
138ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wotlabs.net/css/wotlabs-theme/jquery-ui-1.10.4.custom.min.css
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7982190b4ecab4d8375b7444de5227dfba51d2650bdd81fa8958e2fb7897bd79

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 07 Oct 2014 02:59:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6a60-504cc644a8c80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BCRmwp8s%2BEtX%2BTnIzir2nx842MT%2BoIlb9nnGXa2pqwwDmdhqkHW5LwZf8Qz%2BUTM5gtOxJyXyUIAibrB1Q2eYgk2fiXHOLmL3HA55Parhzbi6QdHa%2BFGCRTTH9oSYzPrYm4oROf%2BCxqsnxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 8516b6307d366661-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 owl.carousel.css
wotlabs.net/js/owl-carousel/ 1 KB
707 B 35ms
32ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wotlabs.net/js/owl-carousel/owl.carousel.css
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b171095e02df599b7839e0bda2b1868463b325eea68e55cbe54d87c2121c6a41

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1012
cf-polished: origSize=1489
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 12 Oct 2014 21:58:18 GMT
server: cloudflare
etag: W/"5d1-50540e135d280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBVcKzsJjqMQzi1UP1Gnk9PFFPOfA3zIm4VrMUxodo5LZdyqYuNuwkANjVHLEfJPenrtJTjyc2tiETbMGXG9OrQE%2B9vultyMBEFHJSJtZxppgJSXRof7HFUKfuXEWYGLKeUK44gJMN78MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8516b6307d376661-AMS

GET
H2 200 owl.theme.css
wotlabs.net/js/owl-carousel/ 1 KB
712 B 34ms
31ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wotlabs.net/js/owl-carousel/owl.theme.css
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f66d74a8cd6bf0302e20d08d7a15839391f81af608475c10884c489d78c76c2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5146
cf-polished: origSize=1664
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 13 Oct 2014 01:35:12 GMT
server: cloudflare
etag: W/"680-50543e8e7b400-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WK1gEjVTydjjkTDmRyUaQJRKe%2FSWzPCuE%2FKlc4gcCbyGpDobOteXU2HnhB69d%2Bn5Wszhc00Lefv6OrX8K%2Fl8D6BqvwkRG0mD09jdhURQMayTrjZ9pTM8%2FIKIPOjv3MMN3%2BqAHLVopev4jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8516b6307d386661-AMS

GET
H2 200 owl.transitions.css
wotlabs.net/js/owl-carousel/ 4 KB
977 B 32ms
30ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wotlabs.net/js/owl-carousel/owl.transitions.css
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df344411eb3c7585c6398e1b38475fcc3040ccdc4007ed707734d46e3a50843e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5146
cf-polished: origSize=4476
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 12 Oct 2014 21:00:26 GMT
server: cloudflare
etag: W/"117c-5054012434e80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9WTM8AMQinqzcSEsE2mc%2BahYpw7D%2FzWX%2FECWlKllVZj3cv29c4n7SpJ4Zg%2By2136%2F%2BQEJ68RuDf0zyeSrdZRn2GVIy9yZm5GpyVnjG0wBxJ8sAo8Nqcm9fJr5%2FpYc%2FHhjMWQzC25Z1CeBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8516b6307d396661-AMS

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.3.1/css/ 63 KB
13 KB 101ms
39ms Stylesheet
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.3.1/css/all.css
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 766618d32072335f0a3da8b317bb095e5541de3e20068bcdd31cc638478f0188

Request headers

Referer: https://wotlabs.net/
Origin: https://wotlabs.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:25 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 6Z5KS9DZM3FD1619
age: 3052668
x-amz-id-2: n7L2h3KTO9RiHuuJq0rm0E6b0foZhywg/O4VzcEOy9d8awmsNzw8UIHUrDtozXYuTl0EoyG27zJ8xcECm7yCRQ8vCYHJHqTz2E5wb/BXTXA=
last-modified: Mon, 28 Jun 2021 17:25:00 GMT
server: cloudflare
etag: W/"d0b60fd29c628ca3b0ea212ec00255e7"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: text/css
cache-control: max-age=31556926
cf-ray: 8516b630dea5696a-FRA

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 4 KB
2 KB 75ms
31ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css

Requested by

Host: wotlabs.net
URL: https://wotlabs.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 420308
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 975
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-fe0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBX3SWIbt15%2BQz8Tma%2FIk8tIrqTXFzJpybSdrHfnC7wVe79bfcc51MqiALacAyJGlUvRqzHzrdcm3uxkxw7lXecJfos%2BJyBVTRqHHmRj%2B%2B%2FULOvGqNGp7WHm2dpgiJbxog89HrVf2oM35KZldSoTZPCu"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8516b630bda62c01-FRA
expires: Sun, 26 Jan 2025 22:08:25 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 20 KB
6 KB 78ms
34ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js

Requested by

Host: wotlabs.net
URL: https://wotlabs.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4680842
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5978
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-5148"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y40aFGV9Ps1yfIHyRBnzHN%2F8YXCqhkwOa8X1OxIFrP%2FTuIafWR14d%2B4n%2BVq036siRB801uR9mvEdKH3Cm%2BThMspLmhq7e6PhLSr11tV%2BkGapYWZQ5cNmEPD0%2BSI19LpnUOmtby31YwiY8ok02uGs3ya0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8516b630bda82c01-FRA
expires: Sun, 26 Jan 2025 22:08:25 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 96 KB
29 KB 419ms
61ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: wotlabs.net
URL: https://wotlabs.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3113b3fac4d65f71a619de8799267e906de26fa8d7843aac72a349d6fb8f08a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29424
x-xss-protection: 0
server: cafe
etag: 538 / 19759 / m202402010101 / config-hash: 11818957895304582832
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 22:08:26 GMT

GET
H2 200 jquery.js Show response
wotlabs.net/js/ 92 KB
33 KB 137ms
135ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wotlabs.net/js/jquery.js
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56b9e01bb509391068533cd02a201bfe3773161921c34e3c593621e053f5c0bc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:25 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 22 Jan 2014 17:31:22 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=93867
etag: W/"16eab-4f0927e516e80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ng5QBt8bezbPy3has0ljtR0rfzg4pUemkLwPB3WY4Rp02pxcus7YHoxoKGAtxEWF4cAeZ%2BK%2BaCBDrBa%2B18lMusp2JqzewOzFkpjablWjyP0YmTTrYO3KSkX%2FzCI2aHT38qY687AgoUZotA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8516b6307d3a6661-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.dataTables.min.js Show response
cdn.datatables.net/1.10.19/js/ 80 KB
28 KB 93ms
32ms Script
application/javascript 2606:4700:10::ac43:e8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.10.19/js/jquery.dataTables.min.js

Requested by

Host: wotlabs.net
URL: https://wotlabs.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e8b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b796504d9b1b422f0dc6ccc2d740ac78a8c9e5078cc3934836d39742b1121925

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 7715525
content-length: 28049
last-modified: Tue, 17 Jul 2018 10:18:27 GMT
server: cloudflare
etag: "1121ce7-141eb-5712f4450dcca-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8516b630dceebb7d-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Fri, 08 Nov 2024 14:56:19 GMT

GET
H2 200 jquery.infieldlabel.min.js Show response
wotlabs.net/js/ 2 KB
1 KB 35ms
33ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wotlabs.net/js/jquery.infieldlabel.min.js
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15c390fc54814643250ccf0ab0530dcf3c0b86e6293b46c3e55fa861c4bd394e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Jan 2014 17:31:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5146
etag: W/"6c8-4f0927e516e80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYo0%2F6R84WoOnukrA4vZzSvw%2BKESpwT%2FxE8RjYm%2FaTJMo14e4K7BUKa%2BvjJBfsjm50moY8TjYb2DtM7vs4TMX3do4ls736mDa5KN6htKI4cM%2FYLJ8XXwmpOLNzAO1spjReY3HrH5HpVG3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8516b6307d3c6661-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 listscroll.js Show response
wotlabs.net/js/ 1 KB
1005 B 134ms
133ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wotlabs.net/js/listscroll.js
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ce87f89e9b06aa5d073a3f4ad4262547cdecceec5c5cb063d37cbdce06e01e0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:25 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 22 Jan 2014 17:31:22 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1718
etag: W/"6b6-4f0927e516e80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Li0sXMx0uKtK3Vdv9VX9xklqkAQoC6nY9r0fONpsDjr%2FNqMdcWU0GhIX85rjCS5xTtQ0KGVYdhw%2FpP3P3TZEKX9m8%2BcfQ6vRMj%2Bp0bSsp8sDCW%2F3ryIqCgomORg8Vpobac1XZ%2FAU%2Fvpy9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8516b6307d3e6661-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jscolor.js Show response
wotlabs.net/js/ 20 KB
6 KB 178ms
177ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wotlabs.net/js/jscolor.js
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00f43e163695dc5f1ddb1e99ba54e94ff42fdbb7b1785e0585a17cb05d75db3f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:25 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 22 Jan 2014 17:31:22 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=27389
etag: W/"6afd-4f0927e516e80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2K1nlf%2F9BMvTsxp9O2DmaWE5MvpLkLS9z6PfMfInQ7sBrHInoNcS0CNzPfNAHQVPuWenmdXVnNWkGsvirJa6r8qMuR2TbORGPh2XNbrp9Nl1egahcnKerKVi2egAFurlqpEIbJK2KWKd5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8516b6309d5b6661-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.form.js Show response
wotlabs.net/js/ 18 KB
7 KB 439ms
437ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wotlabs.net/js/jquery.form.js
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c406f45027896bbf67849499d93ce6f68d318773c31a72d390f910fa70be33e3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:26 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 22 Jan 2014 17:31:22 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=39371
etag: W/"99cb-4f0927e516e80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LIxcY6lhKKiEHrwG792ictzzbPAmHSGygVWbPx0XjRAPxRQm4odHlLiyUeSx2eqcSrb22pWmgbct9jpJM53T863Q2MGJf6jv1qaCSqENp3ovA2SG1Mblm9aW%2FUo%2ByfDomCuzWCWjKEsuXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8516b6309d606661-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.qtip-1.0.0-rc3.min.js Show response
wotlabs.net/js/ 38 KB
10 KB 437ms
435ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wotlabs.net/js/jquery.qtip-1.0.0-rc3.min.js
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a7171779924085d9fdbc1b1f169267aeb90a14121932e43973d784764626554

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Jan 2014 17:31:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"960b-4f0927e516e80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BCf3wCnKqVx5k9tLV%2BvhkBbtstUfLBM2SW6R0fDHXaar%2BdCwikqJaxZMkFc1hOFhV3gU4YA7klLGuMijWfHOP6i1OG1pA3v5Dro4QI4aMZh%2BeLMglw5%2FYt9GhNz5jH%2B5scVlSaneaGgUAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8516b6309d616661-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-ui-1.10.4.custom.min.js Show response
wotlabs.net/js/ 223 KB
61 KB 57ms
56ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wotlabs.net/js/jquery-ui-1.10.4.custom.min.js
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0930fda3dc815f74a4f9ff9d94a783514d2d0eea61bd2be8a21acd5c3a9cac5c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 04 Jun 2014 11:58:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5146
etag: W/"37cbb-4fb01587d7a40-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOgQ3h7woSwaEfXiSV%2Fs3ooNsiWBs%2BRjYHRRz0bZOWPGTWhSQxoXlnCP%2FxzC%2FSA5%2FIuvOTxOAZ5mzmKzi9qhaV8JduQoYFVKGsi2R%2Fo0voT9RPaOk6FfAsToVRAtNtSsSQ8ePxOkcxKt0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8516b6309d626661-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 owl.carousel.min.js Show response
wotlabs.net/js/owl-carousel/ 23 KB
7 KB 177ms
175ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wotlabs.net/js/owl-carousel/owl.carousel.min.js
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 12 Oct 2014 21:00:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5d52-5054012340c40-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UuH%2FTmkv4h3MOTiB9YC1JM1PZJZlOBq7x0uc%2Bx9HUo6FFjxQBa7RfqAz%2BgYIIdmvRVKY2u47shbrzYGv29cFPZCMxMnmZlt500UaEQxtlmm3aOAkQ5rGuUQE6LM%2FUDdx5AG8lfOm9UvlZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8516b6309d636661-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 flowtype.js Show response
wotlabs.net/js/ 566 B
636 B 188ms
187ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wotlabs.net/js/flowtype.js
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a679a4ac00a32122c75010ee36746f67d76807a6ef4383364fda43f9bdab06a7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:25 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 13 Oct 2014 00:20:51 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1461
etag: W/"5b5-50542df023ec0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLhzMGkI29nxfY4QuvaeGNohoQix%2FKbTz6uNe1okoE1IQDZjfj8WvwyCxyfV96ZCp9EFv1M%2B7T7%2FhQ0lqq2lT74Pj%2FM%2Fq781OPXeEpUNJPeEX4X5UQ2DuSOYefQO15F27jOXscRqMFunwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8516b6309d646661-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 Chart.bundle.min.js Show response
cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.3/ 205 KB
55 KB 78ms
35ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.3/Chart.bundle.min.js

Requested by

Host: wotlabs.net
URL: https://wotlabs.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

319a395d8d4087b67602e8b8fda9647de8aadc2a2931d57f6db91cfd2878d7eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4757692
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 55786
last-modified: Mon, 04 May 2020 16:03:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cee-335f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3w7%2FLFwMfhkZNZcX1qdNrGwAjFIftI7FqmcCpYVDApSpcTmZRQzfpTPdw5c9CsiLz2tQKpSikohPf2xIx%2B1t0cF%2B8GDAeKA5cgREcf37wjo0I6Yxu9o69VX867PfleaC5Shamekkn1ZLc%2F2532Rroi4Y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8516b630bda72c01-FRA
expires: Sun, 26 Jan 2025 22:08:25 GMT

GET
H2 200 chartjs-plugin-colorschemes.min.js Show response
cdn.jsdelivr.net/npm/chartjs-plugin-colorschemes@latest/dist/ 41 KB
13 KB 78ms
32ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/chartjs-plugin-colorschemes@latest/dist/chartjs-plugin-colorschemes.min.js

Requested by

Host: wotlabs.net
URL: https://wotlabs.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0adca6d3ae58b1aba052fcac4f99c76b22b29db883195a60341a9478f4402fed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 27422
x-jsd-version: 0.4.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230023-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"a3f7-qTzZUc9m4dvYz7N5UBhblxnjuF0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OC%2FjwulWh5WLptrSWmjsWbAvFol67rJSSpUO%2BPIRW9DE0VR3N7Td999Kia3gdxiUQljRnVf9VoZ2fikPy%2B0m594W6fjHF3S6oG2oQFMKoPJy9ywsufSYKYTwhG0thwDbpE9k11V%2BFYZCWhyspOc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8516b630b9ad5d81-FRA

GET
H2 200 loader.js Show response
www.gstatic.com/charts/ 61 KB
19 KB 70ms
20ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js

Requested by

Host: wotlabs.net
URL: https://wotlabs.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18534
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 17:52:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gviz"
vary: Accept-Encoding, Origin
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Tue, 06 Feb 2024 22:42:35 GMT

GET
H2 200 logo.svg
wotlabs.net/images/ 19 KB
10 KB 145ms
144ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wotlabs.net/images/logo.svg
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f072dd14a2c9e5cc52d4f52af97bee2d4067db1a25251339ca090c584cc54b8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 07 Jun 2015 20:46:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4a58-517f39eb977c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxqZ4boicGNzPuqWMviuGB6JB0TwU3nApl93TXnB5PxON3VRjch4mt81mpOsVUey68KFG3FuwO4B7%2FbkNFg3NzUY7mZn4XpwXrZ%2F7%2Ff%2FwwJDwnfS%2BEDjkHDntK%2FWeti0CsDYiG4%2Fa6OP1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8516b6309d676661-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 menuIcon.png
wotlabs.net/images/ 993 B
1 KB 143ms
143ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wotlabs.net/images/menuIcon.png
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec09c4008c762f7b37713c0d0a7a804ffa7720752d9a14df5e5ef083ea3f823c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:25 GMT
cf-cache-status: HIT
last-modified: Mon, 13 Oct 2014 01:50:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3e1-50544213b4240"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZfvv43VE6s0d3MF%2B%2BAOeDnQLsbkIEV6pGaRowJ9IFiLnxzryQj95lUIHRMfwBPZxAdiLNAZxaYyR6p3DzAj5VCuviIt6m%2B7bc6bOWRPkxi0SONPIPE9QYXIG4J15SvfZt%2FVeEYzWOqKcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8516b6309d696661-AMS
alt-svc: h3=":443"; ma=86400
content-length: 993

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 423ms
66ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: wotlabs.net
URL: https://wotlabs.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c639b92a06461cfa7d356fdb7fd62def7ecbac2477411e53c766c1b5351684c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51254
x-xss-protection: 0
server: cafe
etag: 6183978431250660505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 06 Feb 2024 22:08:26 GMT

GET
H2 200 becomePatronButton.bundle.js Show response
c6.patreon.com/ 527 KB
136 KB 380ms
41ms Script
text/javascript 2606:4700::6810:731
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c6.patreon.com/becomePatronButton.bundle.js

Requested by

Host: wotlabs.net
URL: https://wotlabs.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:731 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b419214cc5e79ea9e83a8926ee2f1dc4838c2ca8175e9d18cebc10d034dd6d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:26 GMT
content-encoding: gzip
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront)
x-amz-version-id: 1LqHn8lfKTOUvrpFawEuIh4HQgBIO7ai
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
x-amz-cf-pop: HIO50-C1
age: 1154
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-amz-replication-status: COMPLETED
content-length: 137788
last-modified: Tue, 30 Jan 2024 01:10:30 GMT
server: cloudflare
etag: "9bd69fa4f81f447c254d34dc149e85dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Jpi0VdSyJy5A0fzN%2BofIqld4g%2By0%2FS3Y%2B8ReDX4E%2FPQId6hOYXhqbRmrOadf9YypPZKJpsYQhT7i9PCbUoPyXSwO4lcxY7mhHTF9ENaiQtOh5oGURnZNkrKpiPxk7nION1JWT%2Bjw6cUw%2B6Z"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
accept-ranges: bytes
cf-ray: 8516b6356f5c0859-FRA
x-amz-cf-id: BskNl9wte1KX1ZS_QxAkfCTS65c5F7sfxVTQTm4bwc0gBYVIQQo2jA==

GET
H2 200 file.PNG
pics.paypal.com/00/s/NTRjNzNlYzctNTZmYS00YTY2LWIyYTktMTVlMzU0YjdkMDYy/ 8 KB
8 KB 89ms
16ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pics.paypal.com/00/s/NTRjNzNlYzctNTZmYS00YTY2LWIyYTktMTVlMzU0YjdkMDYy/file.PNG

Requested by

Host: wotlabs.net
URL: https://wotlabs.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48A7) /

Resource Hash

205a3b08bc75e589394dfa58f935cd1885e83b82484988f11f3bdb8172b167f2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: default-src 'none'
date: Tue, 06 Feb 2024 22:08:25 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: e35660d03d000
dc: ccg11-origin-www-1.paypal.com
content-length: 8075
correlation-id: e35660d03d000
last-modified: Sun, 08 May 2022 04:25:30 GMT
server: ECAcc (ama/48A7)
traceparent: 00-0000000000000000000e35660d03d000-84380acd26c8b10d-01
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=43200,s-maxage=12960000
accept-ranges: bytes
expires: Fri, 05 Jul 2024 23:08:25 GMT

GET
H2

404

pixel.gif
www.paypalobjects.com/en_BR/i/scr/
Redirect Chain

https://www.paypal.com/en_BR/i/scr/pixel.gif
https://www.paypalobjects.com/en_BR/i/scr/pixel.gif

0
0

175ms
164ms

Image
text/html

192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paypalobjects.com/en_BR/i/scr/pixel.gif
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: H2
Server: 192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Redirect headers

date: Tue, 06 Feb 2024 22:08:26 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS, MISS
paypal-debug-id: f22002201eabc
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-served-by: cache-fra-eddf8230075-FRA, cache-ams21022-AMS, cache-ams21022-AMS
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f22002201eabc-3e0b229fc196b44f-01
x-timer: S1707257306.463646,VS0,VE165
location: https://www.paypalobjects.com/en_BR/i/scr/pixel.gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: bytes
x-cache-hits: 0, 0, 0

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 363ms
21ms Script
text/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: wotlabs.net
URL: https://wotlabs.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 06 Feb 2024 21:54:57 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 809
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Tue, 06 Feb 2024 23:54:57 GMT

GET
H3 200 mainbg.png
wotlabs.net/images/ 15 KB
15 KB 310ms
310ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wotlabs.net/images/mainbg.png
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ebcbb6f5b7ccef3f747d3d4f5f00303c19e53068bd20ee9bcb1d25a58968737

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:26 GMT
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2016 23:52:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2889
etag: "3b32-53a39092c5340"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vej2osJaRIwC9PFvR9iY%2F1UEFwo6VYjDG6CMFIvVh%2Fch01u0PJOypHzsOWaWpUfWUJX1NJ07LWJiPwx%2FdnvB5aQCWbGOGPRc2tvOmkEwyy2aYMzIfUADHsd%2BCDMdxMAvQeDz7NuDzJvkYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8516b6351d083675-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15154

GET
H3 200 arrowUp.png
wotlabs.net/images/ 1 KB
1 KB 330ms
330ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wotlabs.net/images/arrowUp.png
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c81f53426e2cfcb060cc470d48ec695dcec442c29c20cb7e24002c322e8323a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:26 GMT
cf-cache-status: HIT
last-modified: Fri, 01 May 2015 19:57:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2889
etag: "41c-5150a9ded8ac0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVWNniRjCx8ZTvgbwciXNjko07KLnQXHrzedf%2B2LuN8QdO8rATpkkloCqWrOucLXFTGmk3c8TN61zDKUQkacxB9oTZik7zigBXQFkG%2BlQaIowMTED1FgIW%2FExNH5oKhdK4%2BDHN3%2F0FchJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8516b6351d0a3675-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1052

GET
H3 200 Open-Sans-regular.woff2
wotlabs.net/fonts/Open-Sans-regular/ 10 KB
11 KB 329ms
329ms Font
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wotlabs.net/fonts/Open-Sans-regular/Open-Sans-regular.woff2
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/css/fonts.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Request headers

Referer: https://wotlabs.net/css/fonts.css
Origin: https://wotlabs.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:26 GMT
cf-cache-status: HIT
last-modified: Sun, 14 Aug 2016 16:39:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2888
etag: "2870-53a0ac3865d00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DjB6IvuyUqadzSizmlqdLqxgke3zNqBU2T%2BCtGFGsVKgomSp5Gg4h7y6SbMXAyFT2K3dZCcxjbDJj%2FiTTvqIwkXDHExkMRnZr%2FAEwmXJriz%2FW4PRm9ktRNhKzKRcwsWCTek8nmtTpEdaWA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8516b6351d0b3675-FRA
alt-svc: h3=":443"; ma=86400
content-length: 10352

GET
H2 200 fa-solid-900.woff2
pro.fontawesome.com/releases/v5.3.1/webfonts/ 90 KB
90 KB 312ms
312ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.3.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a238cffffbfea4c2868fca1b142a3a9690574537a38c857dbe309ec27b033eb3

Request headers

Referer: https://pro.fontawesome.com/releases/v5.3.1/css/all.css
Origin: https://wotlabs.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:26 GMT
cf-cache-status: HIT
x-amz-request-id: FC5N2S63RTHQ9ZFD
age: 414877
content-length: 91792
x-amz-id-2: f6yDN89+UyatWNCcse4JkzAPIWaXynpUgx+W87rIHZI/7JsmmvPgR8gZk5EoF6H1Td6/knXeVIs=
last-modified: Mon, 28 Jun 2021 17:25:55 GMT
server: cloudflare
etag: "6897be186b147b75c308c29eb0782f14"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8516b6351a6a696a-FRA

GET
H2 200 fa-brands-400.woff2
pro.fontawesome.com/releases/v5.3.1/webfonts/ 64 KB
64 KB 334ms
334ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.3.1/webfonts/fa-brands-400.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.3.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799c126cfbfd39ec8b8d4aae428e39e0b189dfedb025dfbda40fbb385feb2bc4

Request headers

Referer: https://pro.fontawesome.com/releases/v5.3.1/css/all.css
Origin: https://wotlabs.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:26 GMT
cf-cache-status: HIT
x-amz-request-id: 3341SCYNWRQ0649J
age: 3052667
content-length: 65384
x-amz-id-2: BEJ4oqV9WnfXTNtjkkcQbJ8jmNQmLpIw7kp7DyD6pA3h+OocxoPhJmwcqbvZ6QanUUnN9NILWwg=
last-modified: Mon, 28 Jun 2021 17:25:55 GMT
server: cloudflare
etag: "0ea9a391ff82aa917f003c3ae87bc03e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8516b6351a6c696a-FRA

GET
H3 200 Open-Sans-600.woff2
wotlabs.net/fonts/Open-Sans-600/ 10 KB
11 KB 329ms
329ms Font
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wotlabs.net/fonts/Open-Sans-600/Open-Sans-600.woff2
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/css/fonts.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 417e156e282af4b7d146d16b8fc9505255de2d8d085d40e37afe5089b8fe9b77

Request headers

Referer: https://wotlabs.net/css/fonts.css
Origin: https://wotlabs.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:26 GMT
cf-cache-status: HIT
last-modified: Sun, 14 Aug 2016 16:39:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2888
etag: "2858-53a0ac3e1ea80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQXwQw2Sry6NiWcsLYjbKI1zgSQKx35WI8kJJkxQ9al5ZenNEvyB%2BclV0cFVEzBBkJFVPu%2BRNryXXbyXCUXMJJ3NyJ5FCIuLjLzaQf%2BYtutqNx3eMvBNuugDnyGPhQ2J5T4%2F%2FwfIBtXUaw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8516b6351d0c3675-FRA
alt-svc: h3=":443"; ma=86400
content-length: 10328

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=112000764&utmhn=wotlabs.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=WoTLabs.n...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-36899569-1&cid=728815700.1707257306&jid=1640474044&_v=5.7.2&z=112000764

35 B
337 B

65ms
22ms

Image
image/gif

2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-36899569-1&cid=728815700.1707257306&jid=1640474044&_v=5.7.2&z=112000764

Requested by

Host: wotlabs.net
URL: https://wotlabs.net/

Protocol

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Feb 2024 22:08:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:26 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-36899569-1&cid=728815700.1707257306&jid=1640474044&_v=5.7.2&z=112000764
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 369
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/ 436 KB
137 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b00ed7ac792010cdeddcb5d6c719ff7e719e5046dedac2053b3caf64fceb579a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 14:48:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26388
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139580
x-xss-protection: 0
server: cafe
etag: 9278201123426970819
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 05 Feb 2025 14:48:38 GMT

GET
H2 200 iframe Show response
www.patreon.com/platform/ Frame A3B8 1 KB
1 KB 312ms
285ms Document
text/html 2606:4700::6810:731
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patreon.com/platform/iframe?widget=become-patron-button&redirectURI=https%3A%2F%2Fwotlabs.net%2F&creatorID=162474

Requested by

Host: c6.patreon.com
URL: https://c6.patreon.com/becomePatronButton.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:731 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

547125beb7b0ef7a330136ab35990500b9f969acab840efeba72b30723071175

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wotlabs.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: public, s-maxage=300, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8516b63688960859-FRA
content-encoding: gzip
content-language: nl-NL
content-type: text/html; charset=utf-8
date: Tue, 06 Feb 2024 22:08:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: origin,strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AYcNAdma021zHwVokUCieSnZXh6kTYaAfmQQHbe5sfStcTrzxnl6Tck4W9d1sVlOGg6qoLiKeJ%2BXkr%2By%2BZd2miGbMHuWHGIRuMBvUqWLWKrRlhWSs9Tuqbm0kNiexPcJTlE5BReboR9X1elKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-patreon-sha: 171bb8472bd334331691b3fe102d221165a6d1e5
x-patreon-uuid: bcbd318c-f287-58fa-a387-517620631fce
x-xss-protection: 1; mode=block

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/ 406 KB
138 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9235292526886004&plah=wotlabs.net&aplac=true&bust=31080933

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35c9d2c41a57422745ec0fe668ae2ea08938503065ee179db5e22e70bf5e3979

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141203
x-xss-protection: 0
server: cafe
etag: 5026426759636013290
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 22:08:26 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240201/r20190131/ Frame 38FE 9 KB
5 KB 72ms
21ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240201/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wotlabs.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 73752
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 01:39:14 GMT
etag: 3890843268177463596
expires: Tue, 20 Feb 2024 01:39:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 85 KB
26 KB 724ms
724ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2665303978646082&correlator=1074064656280984&eid=31079956%2C31079958%2C31080156%2C44782503%2C21065725&output=ldjh&gdfp_req=1&vrg=202402010101&ptt=17&impl=fifs&iu_parts=22769950194%2Cheader%2Cfooter%2Csidebar&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=728x90%2C728x90%7C728x91%2C336x280&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1707257306676&lmt=1707257306&adxs=852%2C470%2C20&adys=15%2C1587%2C565&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwotlabs.net%2F&vis=1&psz=728x90%7C1100x90%7C400x280&msz=728x90%7C1100x90%7C400x280&fws=0%2C4%2C4&ohw=0%2C1160%2C1600&ga_vid=728815700.1707257306&ga_sid=1707257306&ga_hid=445179707&ga_fc=true&dlt=1707257305661&idt=996&adks=1557938739%2C2030663006%2C1519362784&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a448caef583e9e43971e2e81d29ebf9cde610b02a7ed1f586adee81ab54892f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26215
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://wotlabs.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0D45 6 KB
3 KB 157ms
52ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wotlabs.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 22:08:26 GMT
expires: Wed, 05 Feb 2025 22:08:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 05F4 127 KB
42 KB 632ms
632ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9235292526886004&output=html&adk=1812271804&adf=3025194257&lmt=1707257306&plaf=2%3A2&plat=3%3A16%2C4%3A16%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwotlabs.net%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707257306651&bpp=2&bdt=990&idt=160&shv=r20240201&mjsv=m202402050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3745435425010&frm=20&pv=2&ga_vid=728815700.1707257306&ga_sid=1707257306&ga_hid=445179707&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31080780%2C31080933%2C95320870%2C95324155%2C95324161%2C21065725&oid=2&pvsid=2665303978646082&tmod=262902213&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=171

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9235292526886004&plah=wotlabs.net&aplac=true&bust=31080933

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce4e0701cbf9eefd0a04860d3d25f490e3cea046541f6ea5be04ad945e18025d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wotlabs.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 42795
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 22:08:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gt-america.css
c5.patreon.com/external/fonts/ Frame A3B8 731 B
714 B 56ms
40ms Stylesheet
text/css 2606:4700::6810:731
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c5.patreon.com/external/fonts/gt-america.css

Requested by

Host: www.patreon.com
URL: https://www.patreon.com/platform/iframe?widget=become-patron-button&redirectURI=https%3A%2F%2Fwotlabs.net%2F&creatorID=162474

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:731 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

482ce392cf63e483ac92c9a7bd13c25da0eccec03b1525b42b92df4254a559c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.patreon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:26 GMT
x-amz-version-id: hL.JqBidiBvoZI_U2NmBEIWrOgg9lykq
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
x-amz-request-id: T2DB5KYWAPRHKPYV
age: 60440
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-replication-status: COMPLETED
x-amz-id-2: dZ7OXcd6C8yeStW47XSRd6yy+6edAoh5b1Q7iRcXMS5Nf3+L51RYEczJ/ZTg078fdaeEnYJLxl8=
last-modified: Fri, 17 Nov 2023 20:19:22 GMT
server: cloudflare
etag: W/"9a9cf200c3e5715829e92ef35046fe69"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hfaR26T2eLk6oYLo%2B95XuJhwRuRyg0TZWn15IwFsPixw8sbOpS3NuSPUX0EX6lR2FfYiiChyGRMFmykHbhYJQQRkX5Z6SwimFS4YD5%2BZjOVKgch8bAPD8tSxznzwOEW88kZEz9gE7EUXHZZ2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8516b6387a320859-FRA

GET
H2 200 widget.css
c6.patreon.com/nl-NL/ Frame A3B8 1 KB
1003 B 215ms
215ms Stylesheet
text/css 2606:4700::6810:731
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c6.patreon.com/nl-NL/widget.css

Requested by

Host: www.patreon.com
URL: https://www.patreon.com/platform/iframe?widget=become-patron-button&redirectURI=https%3A%2F%2Fwotlabs.net%2F&creatorID=162474

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:731 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f63641a2ed8a4345ba245490d7ec89ad7651446557b137e1527fc39ed9bf6fd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.patreon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:27 GMT
content-encoding: gzip
via: 1.1 2cc0d72858d30f224c6e9d9dfa96e1b4.cloudfront.net (CloudFront)
x-amz-version-id: aDpUhvHnxJ5ENbVE4TZBIHG7gmk99t2T
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: MAA51-C2
strict-transport-security: max-age=2592000
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 422
last-modified: Thu, 03 Mar 2022 16:57:32 GMT
server: cloudflare
etag: "4a20a26c329192ae003201fa0964fccf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPnPQ2BYiEg%2FnwAUk3L9U9kJ95ZeJbG%2BF%2FINUSEuUd4sFbGqgFY3gJjaZHNt7HcchQ9G6%2FGXnegdWokf7z%2BKYuMieMDjCyqxUHgOFax9ddrg2zJo7PYVrmb5gy8AjPD%2BmMN53Y2qHEYsw%2FPs"}],"group":"cf-nel","max_age":604800}
content-type: text/css
accept-ranges: bytes
cf-ray: 8516b6385a1c0859-FRA
x-amz-cf-id: W7qFv_Gvd7c7mVnuE9BImCtsqwoko73N0AEfH0eBh4ed5JsP-GgxBw==

GET
H2 200 becomePatronButton.bundle.js Show response
c6.patreon.com/nl-NL/ Frame A3B8 527 KB
135 KB 206ms
205ms Script
text/javascript 2606:4700::6810:731
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c6.patreon.com/nl-NL/becomePatronButton.bundle.js

Requested by

Host: www.patreon.com
URL: https://www.patreon.com/platform/iframe?widget=become-patron-button&redirectURI=https%3A%2F%2Fwotlabs.net%2F&creatorID=162474

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:731 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07295b606dc4247c90b8c23ece04b2431171c33010e6ab8968f2acae6281b90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.patreon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:27 GMT
content-encoding: gzip
via: 1.1 2bef1f8e3827fe543b7d8a49b233f462.cloudfront.net (CloudFront)
x-amz-version-id: V8oBAfKjH7w7p6mBdgw_lblP9YDLzBlX
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
x-amz-cf-pop: IST50-P1
x-content-type-options: nosniff
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 137793
last-modified: Mon, 29 Jan 2024 20:47:57 GMT
server: cloudflare
etag: "e27b4855a96a5460d15a3a3319090d33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fRYxQcS8sN5OTH0CVkAa1ck4DTnm3wNpTJXk3gHZHqesb%2FgJkF%2FT6N%2Bq2mndM%2FwJYplABD04%2FOAVF5MoE43xFpVI7%2BJQ%2F%2Bpj1bfW3fKN7YVyS7ui57UHK03bab4W%2FV1%2BcoDSkcMz7TDDytLQ"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
accept-ranges: bytes
cf-ray: 8516b6385a1e0859-FRA
x-amz-cf-id: -PKvHQBxYmlod7Gfg42EK1dMP2rphcOpUUMjgiS4T6_goIrb0mM7tQ==

GET
H2 200 css
fonts.googleapis.com/ Frame A3B8 7 KB
996 B 102ms
31ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,100,100italic,300,300italic,400italic,500,700,700italic,900,900italic

Requested by

Host: c6.patreon.com
URL: https://c6.patreon.com/nl-NL/becomePatronButton.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

10633aa7e5332c8d335f5c314d627898544e825ea7e78f2b8a8856fc70bbdccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.patreon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Feb 2024 22:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 22:08:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Feb 2024 22:08:27 GMT

GET
H2 200 GT-America-Standard-Regular.woff2
c5.patreon.com/external/fonts/gt-america/ Frame A3B8 33 KB
34 KB 89ms
41ms Font
font/woff2 2606:4700::6810:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c5.patreon.com/external/fonts/gt-america/GT-America-Standard-Regular.woff2

Requested by

Host: c5.patreon.com
URL: https://c5.patreon.com/external/fonts/gt-america.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:631 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5f30f93ffaeb0203cb18491f66e7b2e5aee2c66fbc23f1e34b5a4e2ce30af71

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://c5.patreon.com/external/fonts/gt-america.css
Origin: https://www.patreon.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:27 GMT
x-amz-version-id: so59Fhgs7JSk4.mMK5LVzmYkd_0v4UfA
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
x-amz-request-id: HAF4N30ACP3D9B70
age: 69103
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
content-length: 33304
x-amz-id-2: DPAbWBKrawqZDDhgh9wtWAwgPhq3Eoj0L0lPjaQF2piHyYCmxJONpCoXOUDBBUhIEJpSCRg8+AjavHsXzHaP4Q==
last-modified: Fri, 17 Nov 2023 20:19:22 GMT
server: cloudflare
etag: "3358db6a3157a3396942c2d0ba141395"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wMYSNccrF9BoVKw9quinrHTNVBYZHU6WX9omVg4ZwM1aqU66MmccwFsb103oic%2FlVfFXlT2iX99GN%2B7Abp0mqs1nDt1nPL2CHlzhslRPlwLZIzTJeuDzxbYM18AW9O3HMBtUVjweNtjToSv4"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8516b63a6e6d9b55-FRA

GET
H2 200 container.html Show response
984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AD9E 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wotlabs.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 22:08:26 GMT
expires: Wed, 05 Feb 2025 22:08:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8AD2 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wotlabs.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 22:08:26 GMT
expires: Wed, 05 Feb 2025 22:08:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A401 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wotlabs.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 22:08:26 GMT
expires: Wed, 05 Feb 2025 22:08:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8000 624 B
246 B 59ms
58ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYlKyKggIwAQ&v=APEucNUvJbFSUL4Z3jTMBcM9bYhBQNgcM0ijSBXRx1KQ-nhE-MfSOuLF7NYjU56JWoZ1Q8tX08vi1LFFWDJvISHO1BL9xts6nsGWpBsvk62SPImWFjNOSOsMwW1XsdjnNsuW1ahQhk6IPQ99PaAEdyKaqmtV_DpXaRMaMhkT_y4hL4PTBdAtXUQ

Requested by

Host: 984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
URL: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 22:08:27 GMT
expires: Tue, 06 Feb 2024 22:08:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AD9E 93 KB
33 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
URL: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 22:08:27 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AD9E 42 B
63 B 52ms
51ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BI0n_rBcqwaeBU5upjyhwP1xQFdDYaPx-OP1yn1ORxbVd5gMjGrrwBc755gtNz6c-QzOXwQfkWOIxM8JqKevz_OuOL6Jub79rJT5-1QAG2GAduQEM

Requested by

Host: 984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
URL: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame AD9E 3 KB
1 KB 108ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/window_focus_fy2021.js

Requested by

Host: 984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
URL: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 21:41:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame AD9E 20 KB
9 KB 86ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
URL: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81784
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 23:25:23 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame AD9E 205 KB
65 KB 157ms
97ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
URL: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 22:08:27 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8A68 624 B
246 B 61ms
60ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2hbzGATAB&v=APEucNXCeywu6VBFiFD_IEFY7A5gKOVrcfzU3di_Amr-LyTIha1J3gamDZ2fu9xyUCMOJ0G_wLsrk6wAObsfOkYSkweiyTOvWmC4aJRFqhc_vWM-lbe5PDf1B3tDzqy8Bz3jh4ya1QJp_Jz2KopOicLXafiI0wXAdJsYKgHelf1FQdHo8GUgpGk

Requested by

Host: 984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
URL: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 22:08:27 GMT
expires: Tue, 06 Feb 2024 22:08:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8AD2 93 KB
33 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
URL: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 22:08:27 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8AD2 42 B
63 B 53ms
52ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DI0zEVn3chWCygLmLd2IOIZ5p6RQ6jiu5ultYl3qOsYcP06-Y4C3uLp-4zqGfMOINbb0XIz675pGZNiE9Eyz8Y1tMzhcRxV6exb4I1mPyL_FLPvWc

Requested by

Host: 984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
URL: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame 8AD2 3 KB
1 KB 96ms
41ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/window_focus_fy2021.js

Requested by

Host: 984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
URL: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 21:41:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame 8AD2 20 KB
8 KB 77ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
URL: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81784
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 23:25:23 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8AD2 205 KB
65 KB 103ms
55ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
URL: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 22:08:27 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1D25 624 B
246 B 59ms
58ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYk6yKggIwAQ&v=APEucNV6TbC7UH4AdLUb0hQsJD_DM2T4-5Ga_S2IRibdRtU9GxgCSLZP23mI1TxTFPTlx3fetz58MS8MC7IEiGN6hNfQsJvfYLgZmFxSm-lrKIYjDDK0xd-4rj00rV408rxAs8ro1EFxmwacPNcVDj-5lgbDrHaILJXjIFsoQ_KoCM0dXK0aylg

Requested by

Host: wotlabs.net
URL: https://wotlabs.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 22:08:27 GMT
expires: Tue, 06 Feb 2024 22:08:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A500 93 KB
33 KB 64ms
62ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: wotlabs.net
URL: https://wotlabs.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 22:08:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame A500 3 KB
1 KB 86ms
42ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/window_focus_fy2021.js

Requested by

Host: wotlabs.net
URL: https://wotlabs.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 21:41:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame A500 20 KB
8 KB 70ms
26ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: wotlabs.net
URL: https://wotlabs.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81784
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 23:25:23 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A500 205 KB
65 KB 163ms
126ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: wotlabs.net
URL: https://wotlabs.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 22:08:27 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A500 42 B
63 B 54ms
54ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AOCc98pUAOMgdctRbvy70HllyGBBhzr8ZjKaQ3NYKZMAEgXBYJgksGW3ihnR8ni-YBRrc2OgOriKg0XcBmASU5DgavnIiHhuZfTdXHGGnAn5nLVTg

Requested by

Host: wotlabs.net
URL: https://wotlabs.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/ 165 KB
56 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/reactive_library_fy2021.js?bust=31080933

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

042bb23f35f12d019dd5e87f7107ac286512173a7d73757466d337276c98c50b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57139
x-xss-protection: 0
server: cafe
etag: 9439769553641355711
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 22:08:27 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 8000
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKTTgfzQpNPL6WBexNaGopk&google_cver=1

43 B
437 B

36ms
35ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKTTgfzQpNPL6WBexNaGopk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYlKyKggIwAQ&v=APEucNUvJbFSUL4Z3jTMBcM9bYhBQNgcM0ijSBXRx1KQ-nhE-MfSOuLF7NYjU56JWoZ1Q8tX08vi1LFFWDJvISHO1BL9xts6nsGWpBsvk62SPImWFjNOSOsMwW1XsdjnNsuW1ahQhk6IPQ99PaAEdyKaqmtV_DpXaRMaMhkT_y4hL4PTBdAtXUQ
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lT2rnYr%2BPCMMxucOHg2lRNgnaG5whtcJaFGVefnV1NO1%2Bf4b1GDqphDf7ZA2zFe0a2iKDKxubzlLncZVZuNFRzpQKBVpMIRQ%2F4F47JX0hIn6svwaqIspg4%2FZdJrIbSdsBu1OHKIZvjU0kg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8516b63cbc4d30ee-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKTTgfzQpNPL6WBexNaGopk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8000
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcKt29LbQ2EpFNk10Q.XtQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFFltnaIqugBdgT8wNkBtoo&google_cver=1&google_hm=2

43 B
736 B

36ms
36ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFFltnaIqugBdgT8wNkBtoo&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYlKyKggIwAQ&v=APEucNUvJbFSUL4Z3jTMBcM9bYhBQNgcM0ijSBXRx1KQ-nhE-MfSOuLF7NYjU56JWoZ1Q8tX08vi1LFFWDJvISHO1BL9xts6nsGWpBsvk62SPImWFjNOSOsMwW1XsdjnNsuW1ahQhk6IPQ99PaAEdyKaqmtV_DpXaRMaMhkT_y4hL4PTBdAtXUQ
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2F9QfATYF%2FVKKiRLWpjMo0zfBA5eijCtxlyV3%2FSS3eRIAQtULT2SEMY2FOY6Kb293R%2FFTiqPTp8xgqxVFclV2NUwxt4mPINWkRURnGD%2Fspe7yhqLATEMZZftq4xTMtcjTy9wLYAsjXWJ0w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8516b63d9ab01c6d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFFltnaIqugBdgT8wNkBtoo&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 8000
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEN_RcMeoLC8LCmUJU4whhf0&google_cver=1

43 B
1 KB

14ms
13ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEN_RcMeoLC8LCmUJU4whhf0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYlKyKggIwAQ&v=APEucNUvJbFSUL4Z3jTMBcM9bYhBQNgcM0ijSBXRx1KQ-nhE-MfSOuLF7NYjU56JWoZ1Q8tX08vi1LFFWDJvISHO1BL9xts6nsGWpBsvk62SPImWFjNOSOsMwW1XsdjnNsuW1ahQhk6IPQ99PaAEdyKaqmtV_DpXaRMaMhkT_y4hL4PTBdAtXUQ

Protocol

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
an-x-request-uuid: f375c03b-649b-453a-878e-dfe905be735e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.48.94.19; 37.48.94.19; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEN_RcMeoLC8LCmUJU4whhf0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8000
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAxMzYwNTQzNzQxMjAwMjEwNA%3D%3D

170 B
232 B

30ms
30ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAxMzYwNTQzNzQxMjAwMjEwNA%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
an-x-request-uuid: ca0f4cc7-b06d-4559-8cdf-36ee845e48f1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAxMzYwNTQzNzQxMjAwMjEwNA%3D%3D
x-proxy-origin: 37.48.94.19; 37.48.94.19; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 8A68
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG2q9fiuOq4Q48Ro-at8mSM&google_cver=1

43 B
322 B

37ms
36ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG2q9fiuOq4Q48Ro-at8mSM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2hbzGATAB&v=APEucNXCeywu6VBFiFD_IEFY7A5gKOVrcfzU3di_Amr-LyTIha1J3gamDZ2fu9xyUCMOJ0G_wLsrk6wAObsfOkYSkweiyTOvWmC4aJRFqhc_vWM-lbe5PDf1B3tDzqy8Bz3jh4ya1QJp_Jz2KopOicLXafiI0wXAdJsYKgHelf1FQdHo8GUgpGk
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjBvRt2Mzj7qpqj5FZvG9OA4ZHh1AuovWcvmzmw9vHljyshkh4SFNKMmJE7czhTCzsKg7Qevkicc81dyrXAyZ4hRE2nDlKuoNbrZG975pwF8LquLofMjcIDagtNFZ3wjzsGWRrNCPi9Ucw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8516b63cbc5030ee-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG2q9fiuOq4Q48Ro-at8mSM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8A68
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcKt249XSoABhhcUR6.hkwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFFltnaIqugBdgT8wNkBtoo&google_cver=1&google_hm=2

43 B
776 B

34ms
33ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFFltnaIqugBdgT8wNkBtoo&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2hbzGATAB&v=APEucNXCeywu6VBFiFD_IEFY7A5gKOVrcfzU3di_Amr-LyTIha1J3gamDZ2fu9xyUCMOJ0G_wLsrk6wAObsfOkYSkweiyTOvWmC4aJRFqhc_vWM-lbe5PDf1B3tDzqy8Bz3jh4ya1QJp_Jz2KopOicLXafiI0wXAdJsYKgHelf1FQdHo8GUgpGk
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTRz2SnoWYeS1aZBAzPgiuOtN9tPuIDzz%2B9MMFhkHJH9%2FacqXGKbTOO22%2BtIeuuUalRUInm70%2Fi3%2Fj6v5o3O8pzoR%2BG8CZKiO5Hlvn%2FyOzacHTgF2U696U%2FUQgOGmeVFx9latzvx%2FENk0w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8516b63d9aae1c6d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFFltnaIqugBdgT8wNkBtoo&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 8A68
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDNLUST0uWdOibU90LZaffk&google_cver=1

43 B
1 KB

14ms
14ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDNLUST0uWdOibU90LZaffk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2hbzGATAB&v=APEucNXCeywu6VBFiFD_IEFY7A5gKOVrcfzU3di_Amr-LyTIha1J3gamDZ2fu9xyUCMOJ0G_wLsrk6wAObsfOkYSkweiyTOvWmC4aJRFqhc_vWM-lbe5PDf1B3tDzqy8Bz3jh4ya1QJp_Jz2KopOicLXafiI0wXAdJsYKgHelf1FQdHo8GUgpGk

Protocol

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
an-x-request-uuid: 28967c19-8079-40aa-8078-1b9a39ee16a2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.48.94.19; 37.48.94.19; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDNLUST0uWdOibU90LZaffk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8A68
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAxMzYwNTQzNzQxMjAwMjEwNA%3D%3D

170 B
188 B

32ms
32ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAxMzYwNTQzNzQxMjAwMjEwNA%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
an-x-request-uuid: 0d129777-efe4-4e7a-9a1c-94ee803565c3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAxMzYwNTQzNzQxMjAwMjEwNA%3D%3D
x-proxy-origin: 37.48.94.19; 37.48.94.19; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AD9E 0
20 B 51ms
50ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=134619537735&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AD9E 0
20 B 51ms
51ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=134619537735&version=m202401290101&ct=77&x=1&cor=18154259029118460000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame AD9E 20 KB
13 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Brzt0V4Z43RolmWFXYiYmuNJGSZ4nFzUd_tPnVMz028NSaVP7iKEBi4K9LyfMjhAIZLoVVgC__LVCIAZRm25nppJGUZMgbSR1nYbp9FWjwsLzckEdmkNiOMAf3qdSU9aflfezJoR_H_0lRyw7lSZVtQYl0i1eV1WmMCUb2jC9RDlRyaeNGJXB5c-MKWipavrZpUMhw&cry=1&dbm_d=AKAmf-ApDPFxKu9YwKs4AYXOnahsDS--nHGkbI8ihBvji8Z4dorWaa92lZefnt-0K0XH4byWmXTMzcgEUUOCr76YEX3EdPHpj5aFBHSlIRGijK51_DnbdtxfYF9a_On-FTtXC4LoKR2JITNLN1h5_xgth1Lwum06BE8TaeZWHmrj7dMxUpzQr7b5mZk8TrIWEmOIvxwh8_PO9Fit9kqpnXCbY3LKW0GGtkZKKnS2c2Gh1PZl-OxMmL2GQ3vjz-TtCsaa-Jz5uJYEK1OqkwVUapdv9mvCnGyrZ31AK3-BN_B5MUzNwn16NwnK-B3vwsTE0Xw7TVMqcx4v1SYbFIKSzjp1PSMl8c-zc9NL-MlzRwy61ZV3dwNE1ExdgaQUmgihlhISE_191KsMNxReiFqH3D4xSxh47gJO-dWJCfGQ2M2Frrm3vRzn3hbCsUQrBTw7PTewFD1ZXb7U7TVjLR5CudcGnVMp7apDWYQMnP6c4FGSA9-OfVTQ0MbpTTKxJAaenIZdmcqZzuUnAoEHmHte3KbryMZP7y2wUmj2j_CmYt7i0s8KEPFAL6p2C2d3oOt7nC77AOuEBLwVQ7ehpHjWwdtcqhsof_SlWJr8mR3UkzKhz6tAShNheF6f5qVm7apLbLlHJDEbOqoUFH33IgKGKZdklQe21toKbWlg63zl5zj5K3p8kxekugH1oWwKsuqqu24E_6RVh3t5DzuhhFgFuXO_nA1nbNUCrn-GohCnPG_EBuccd_YUI1Rbz_51-_4YGzDK87rPWb6HRIBF-o6WxCFiyb6dynGoQXV9cbB6hMd_tC-Wbuhr9fa4baJcX-_LwDnCAuacs5J-YdBO2Z118syhCRVCmcLEXQVIuAEXnYfvUlE7P7_A5VMd5eZa-omDlDHOH_2JGlODZ9YTmhMXLG_0xGyWPi4y9fovE73WEqgJVZsoi6q6UlcIFZgm8yjdOLPr6YFDOhvV2_zSyKzclapssqlZrlGaJMuXaKdQIspIOjiXhA59HXK4OfoWkQzKP69vq8fWB5zY5NcD2RHhjFQg2tFO9TDR7TADMbFaByc08D0XwU2nJui1YyqihirCYbFHP5arvbyqVrns-Ov1JHKzyBCeowlWlIENR328RwEM0ihCRCkBJIeQmrZyW5kmZoBtMGAGI_01FitcWJWhPK-0gGKV2M6KfDSP3qtSs2aYQEigIX9BJr20WPSWAaTsJjdOUVrlfeLI8luwFchDx3PSrHSxyj-tfRq4kxP23GFWeE1mx0Ca6YAlVrXcXLsDS74TwNiD4mW03y-yx7ouEah4Q9_n46fCnyu6pQjnnxJQyrknINSxiN6qFV9WmyQFkZb-nqkeQ_uIxHJB_7cMJUPEzpMBlcZPjH87h-U6vOK2Jfb6h4QWKBhW7LdnamSiRMbqCnCeuoyo39sfCDEZ0EgS7_CA6SDeewleFaX_9coadgtZFAAFLVvnx0Z3I2MwUYptEIu7-OPHb6PIW5g5yi1a0Yeb_ZbH55konDzru8uflpn1eUfylaB_6z1of22yjKXuNHyI2kNaNnkIHgqThpitoWWRWPEL3Z44cMSRSkZbmOhOVLRUH6A6wqFdXJCETTbraFa-MlAfDsogj1YXl7k7BmZgrybU0kRU_jBFZPnxOU4mHML2YaUOzhxCMFR7brMC_l2qE-li7xk83bWYu2x6P7xH3l80Gh1fmFtGhDNPKkbLVAH_XGt4HTtZfjtftw06vDYWNYxURGvKge9jP1p4QtCYLR3eMN3Wl6rXMH2I37rrZcwvL3tmSqSYTC-h2u7dNDnBi7ob16qjDxg9qUQTNb1ZgQFV6go98scEfXyrs-perPshI71-hiE2dABPYSjY5KujsYcbPNuDyTQUhVrDwOT9xAb2pUtmiXZs2y5RNWlw9GRBMbPYr7UBL_DMabWSkKp9MPY0uCYUfqFTrYMWTXFl7sexbtT8eHztGB0qGSr-xMStIQYkfbAhXw-td7nNy9shVzA8-LzFrBVb0z2rtLR3pVHwH1Okm3nGl2BfIA2dO6JFYM-lfcpmKrqM1rkPaxDQ5PTo0PS0e4e128QoNJPNHPkb4zKHOWw4RWR0ZU8jzqsQN9in6whtxE0dAu4EIjqNdbHxFtjg8bdpdAGUU4JqUL5-Ry-cqSdHp0lEP9f8MF0i9LFVCCcY4mkQN8Dgi27vkd7EzcPpjVm7C1sXK0_QFQ4C5whmtDazloh42aA7ArS7fmvQKCMThFIhk1ql3ar7KX4M1-rG-vvkmymhnYX4JSMb1Lt5qzH_UvDqWP4KiMgX_zW08vySTUbhoaiArxsHM7R3CL0m6hLdbUeIZcao5_glh446H9x1usi5-awPJtBNTJSWSyOuFwXayllqlXlTtxR2DLm8gflB4nYLpeCEtSDdEHCYVdTu3qAYdmJmBl6UV8ia8yEKiKaBHVuein171lU8VqMV9QRct5Q9sQCyQ_P-kCxXlqGTvvdhIJFgo4C-43ccqZbobYYVxcYCZwbK_1IqdMBV-3j0mtuCXHlCFWnTvJB33OT11wkrHdXRS_rVVQe5sOvjCYXmyuRLzf5n2ZyMAAIe141RXn_hykRErhQpm9GrctZAuDAXVwENUsne2Xv0h9MPAramV00GoZZBk3VO7Z9gUMaMUJIcPloRYdmdknP-L5qrvP7H_NuDlq9z7EDcCEz-WBZmGGImgonwEKn0uOMn8RbGijqRKhFgpGqnfElrWVoXnRYclYNmMtqImfq7vnSXnf8mvY3oDz319asQ6Aq0O46AHaR17MNN48DXwU5hCueb0zCXdXSZZIyLtChX06P-5oAZqkyphC8fo9lyBMeD11oJazia46WP8OnYtqdObsg5yYNbVcqCSO4M8f8SdRusJRvGNAfBsfaKTyi63Z2AQlW0ZH2GvZICzWqF5cqSN5BioQZNVvS1JE81ucEaOc-ZKOyy3hyYm6SADNjsJnPdT1EV7YwURzxkHXB9sE9cLg22ShoV4zsxJn4aWQdSeqRsRBM5ZeNPm2oE4uUMYZnG2-B2B3OGYukL6kHXcWzdoAS9DgbXxneQew7XcORSUI0jGN7wdYFCtRJ_GAsAqymo_MkLF6_e3iODXSFL-fKWgeazvk8-8mFiglxRrwgzlpNehj7GrSGphXGR_aObYuGVOYm3byS694bUcQ0j62gCUqtvV9DA7h3n7WNFGMgmREVVeKIbe3G4VYHpz34kvSSmCy4Y4LNb5L9HjPawNcUxIYLnxK1qj7h-2xZbDcf-jRMcFPcSFlsTa04Cg95RCUC9TwBjkdxJaCsuRr5mA8dth8plv19hDTx3AoGdcOxbV1xfOa5k_d6u4rrUwyYbze5v24BbHPEj1hnVrhUFqbJu1OS3FXHusczoKXfD4HfKTSogOw-G4FY5n3UNJ6yqSqVwYyL-l6AC0O6HY49KDcgTWCVOMmyAohtaPBDGZ9xVV-ujwOUv4OvIUEx1a_LYDQzFtEAKnfSKO-7-_5keW-d7S3He2g5G-ctTZTZA1qqW4GcXvRW0--8tnijsh1ZB3LpXOx9yptA3cuC2KO2CYP4YJ9XL56WSI5arT2pgcXU94N-e5PUFnKiASrKmgg5ul7GZ1V_DLsIarenu4hVshrUrcYq4tA82GiKTCpo9AkXzOZmYdrDbGzB46CGnnyidJF5IhPOxqsNzCfSL0Yg4ItO-Xw7iiCp_hHhUIqnIcdjBVwFLRUuM2PZ1siBVYjA4m-0WdsJ4M6k5QFgEugOr0TyHL8Z1YgwATKGllhMuHHo&cid=CAQSTwAvHhf_4ErEINtAzRVEX7HsU1phwcEr9npIq6fSqMWcy9NcmJLG9-ZzNOwutq5tQnnkqDWaegEZ44fUirigq2sd5lCL17_Ljv7ne9mO_6kYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwotlabs.net%2F&ds=l&xdt=1&iif=1&cor=18154259029118460000&adk=250412561&idt=77&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad9f126d43e4c70a9d3be5948ee5d1089ce4a42872ef160da77c95192061393d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13564
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8AD2 0
20 B 51ms
51ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8206046118805&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8AD2 0
20 B 51ms
51ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8206046118805&version=m202401290101&ct=77&x=1&cor=18101172992651788000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8AD2 19 KB
13 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CEAyGPSvWs4pjpZc-2dYNH-pfLmziM6y7ZIeoJvzcJWQ2ZsaBKWFUW-jdGPY-gVL8aAHnE2RajR1v73JFESoMqHpqd_3BVRY9AK_mOoiV1jAooimmlxHkLcEhjNE3skgob2Ac9SAHzJcE_H-nG-q3m33gnZ3us9TuuZwxBYGQz7etynEU&cry=1&dbm_d=AKAmf-C9wfdbYFgNm07PGPkXxCUMVpt1XyNwVNmCLaUOAGMuB7T3fkSMqdVbGuT5iaJlk3Nd521J6fVRJ9PIRKCCEoti9uH2AoLuVOC0yp057JTgO9RnjNq1Agr5ZQmGHJAsbbi_PDp6Md7aqZXrUn4bHVZMUogHRDxgdag0ihflECJ14WB85_S7vFqkGSXiMxCnSXQVoY71a2xFDgYfAknYjck9GdDQ8tb3deNUV8e8hXgW-DFANwo7nrg90UXO59f9jAI2JFv-rbz--EXC6bvfr9CW9WxxnQeTufMc_d6ZzcoZKqaaPXC-2NFULppOUjWZcw9ADe5s33VqgC_YCDzAhNEmYCIc1OQmDv6Z80PjeuUbnZHIlxqHn3IK19pztk1--tLkYyE3cLddkGMIGA7jXvXRMqrpHgu00lR8sGdGoEmEM0WNhpGyXII24OtEf2qOgr9mHGb2Vto1s7c5eST4WOX9vsxAuXXC4sp15QDm8SylVkE0jB2URaWKfjj0cQWeHb-Xe0hu5pKHaghZNJOoEykrVqpck1hU_jGhoKqgG2ZUKLB6UK_XFHX6_eRQcPUbWw56bHJUDNf1eew6pm1O8l3wSMaIvBiQ8ZW2kgFRvwrkt6Q9VAF2v4aPl9B_6r088DYvjKFq2uxM8wtj661iJQnXcF2NHvPzvXAZRM9QmaCurBzXdPh2qCrVTl039Q4H9EEzm6YC_lFMaePM2lxoj_nqkpzn2MOR11_-H2Z5WTEEIgkje4_17xUcfCFriZbA36V4glNnYKpiSaa42TYTa31yB7wRwRSB65ChBOaSxtbYu_-V-Nj6TarjPUv8NGN05YRo6pDcY7Js8kvbw9Nm4QJYdQaqiHlaM36Pnlygueg1p0Rcugk3sFcZL-C722MoIBh3nuMtzw68czz4GI2UEGAzqZfqoXxYAEAVHvUMMLq78yhFJBAN5zRAuILvIbLT2X_kGA4LzTOxrFrJDG4d9mYWRayUqPBo-SEX_MqH_v6gEMgyEU7VKwKLWPT5RaXxUFVbi60_6mKI66R7gCiPMH780P7guMGkar92b2dEZQR2PKPec79uA2SWtx_lxfwRWoeZz8liEFrU6ls998-dm5uVJE66X8eEc4W6UM73xvJPPkdiTIcUieqGX2g44KrZ4UL5VwjdSmRY_WjtbdPpVgZUXBjDTVvfYtPoM7QVMNt5TmFWWVVdSJNhy-N5ipOOwA7jzWyhZMmDVfiWMCqXTpvlmVf-IEYpQmY7Zn9nHTvHvP2-AQfdihMw98O1UpX5wml1A49gthAQgklSpu-neqvWgXvHNz-cqfpPebh1kTgPsYawYcdQgXF2I4vNLma2xBWqYocwvXgV4ySPRahU2GCDsnJiaqZmvTgMpP2ub5GyC8dnenXlPBc7vcrWnV4G7QFSqs4LXXaTfYqnp0eiOzq-Uk1YSQLj_rtdmQ9XXgXglYetUGw4OAhFdDp4ZEyPKrlY51bHiXCQYhhoxEQzH2HN1FAqmAcSPxoQLpLaCRsy3veun0uIlkhb1ztF_jtp401yexqKsEoWkQDx1t9aWuNxavziHkGvfZqll2pnSwvKXgJF2Z2UUsHtOd2UTeLvWg5in3irAU21PlyTFQQa_l57fSHqDzy8Uw7xADnvQuTZ533DavhWTz-CALiue46PsscG7WsTEjpelSa3rxMygi2d6PQP5K6ABIKb-_yOTtaCTr_hu1CiHyGowLIpuqR1ANL36lXOO-TGqTZw2CPPAKS76swePgCFVEVqBFux4vmyPQUv1LzCp6mwB2QE9JKfn-OqO2Rm8sD-rFlDf2pGvHfP5m4zCxFP33PuXKFt3w6r0gAGvKfN3Xup_CXzDeNdOR8VHrUlbQnIv4-mHZz8o64QXWuZMmVcrqJrDIDV_wBew_Gakf_MKJXEJKssz9-MafWwHSmmzL7J3rhMQi3edRt76x0ILeEN-aJAx9nMhkv2GDYnHZCLw-FcTxy-rqzyGi6CMc0JEmIkmToW4dvNbOnYSHQSL-egwNXMgI7R9zzIuV1PYxNArkHeRIgpvWHUhiqYg0xk75N9HFBnVQd7Nt4AQ9sOElpwP-AMzEOl3sxA2zruFmapdDRBTewESS1rw2X4Ws5NAjDUtOyiYL-_RZBygoXen4DWHbTMvD87tleivbDdRZENrUcmINX3mJ08gTkxdqrynNZ3LDw7QacexaoyIJHN9VMVpEVwEmUVUao48rMOSvIhM4hUdYxWWCmo6kE2WoGuh3Y_F1mbPwubJW5jb7PY4CA-lNmEDtxLKvxdwEum-UWivWQY34FlLqhYi1BBqWBr74n-AyMz14QsEjYiQDfVerDdXtZZ_m3HEg35pTLgqRdqNCM6eYuAApsLA_ru9_MRgWUKXTkNVj3Ecr3Qw4UHohbYs6UWqax5efYa9tLGQY3yx2fLn1cE79nYRU9Ax6yrMDIC0ujHswy1eAT7uVSmA-DZr_kJAwAkm2eQoYZqXVEL3_fKRWdKD9n7eUMvA52rdPaqBPUAYeGvHWXqzquzkTwzRTDWG8sVwf2Aj3qI7nlxMbToghLqFTeFCY2AkHAIfOJCigSbuD3Cd03nVldS7XyHQhAsNCPRN1MQ03KXH29o4dhhZMCLMVKtXCGM6KAjM9N7D7sgudGe_1Y0c3jQigymAGVs5LW_bjE-S97UhXt3OPRDJktfT-sS-INFcCl1aMf4KQdmZMh-USGaXB7tlUaD-EREsocrGhyE_zjgRczlF7QhIFbPxBccGrHr0xhyTuFSO9UECNVSmTqFxz2h8WAtbdcCGaR1HVCVY9aObK7X4qwlNwcBCAMsFk31EccCd_slXfKEa9MHxuUCKgxyyo_ydw6CSHoyqqSglZJlEtjbszaviRLR1mAmoCxLwhHauON2GMlZbguWccGYR-gNRHgbmNuWhbFjoCFt_5i3BanINeJ03Z13URVdDVZCq6x_3B-pK4qQ58YHCsmyDD5orbJjXYbg3532DE14fGCQvzBy6eYrfXuKz0TmUxYhJPzzAsgHSAprtZbUm5XLfd7yBLwvSnTRH7l6AkYqMk2MIVov6BxbFZaosNULTkWmIOOMc8sjcTBdHko4ocLzqRBQKWh3lIOWq9NRXZihPckr-NXT3XNIdqdfneoSDMrulYsQbBA5RuGGiWo0Q29Zo2OrBImtCJMzJIt7NM_4wpI1898trtA4lXm5_BdSF5Ts2BgDtVrDDCjx3cPactHR29_5AIOwM2lAac6smWFAtJ6L9fd8EkkjNfSs6kKvghqgHIYPMWv1_bkyXNCOVQ2_5d8WRPO_VfkRsgiaEmkUuwF_xraUimQ8vTnYvTOqA2F8VjTejxjwxLeNq6C4z68x1bdUcmIGDEwfQ1hNnzCEEOX2mDs4NOsrIizhRy_gWF_vAXpkNLNZZboX5SOAEmrA5VQYTfKg3b71OrUWBe_no6NBTMy75rvIIX-7rKqOMKOjfGNMHjLy7MRb3jtVWSWLUJbBPp0_reeSmxSTALH7Cy5FKRpONp5WqkxfYHg5nX9DNXVyDxA-I9_tbcJUJF0w7ghk9IjUQH4MUNoEvzG8fwO-MLAL-Otq6PejHzKOSE84AXOSoVDhHULTWzvzJm_5eWzNPWDUtt2Pf6_SmphgnVPDaIroHJmtHssfPCjujzPLo7Hth3nT8OFRVqMhC00-w7WUsUCL14Y4d82ybMbHZEkCmJLfUbqthWU1GXJYjFOVTt_5_Be5gIacurMcbnZLyRfu92GKPMKIw54vZ7puVIeyIe0q8gAd3wyX74buOEG5czUC&cid=CAQSTwAvHhf_4ErEINtAzRVEX7HsU1phwcEr9npIq6fSqMWcy9NcmJLG9-ZzNOwutq5tQnnkqDWaegEZ44fUirigq2sd5lCL17_Ljv7ne9mO_6kYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwotlabs.net%2F&ds=l&xdt=1&iif=1&cor=18101172992651788000&adk=1964084971&idt=68&cac=0&dtd=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46d989e2c427ac0ecf9727ba1afe965c8861634d74ec7278ee866585fca0b2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13381
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 1D25
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFFltnaIqugBdgT8wNkBtoo&google_cver=1

43 B
326 B

37ms
37ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFFltnaIqugBdgT8wNkBtoo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYk6yKggIwAQ&v=APEucNV6TbC7UH4AdLUb0hQsJD_DM2T4-5Ga_S2IRibdRtU9GxgCSLZP23mI1TxTFPTlx3fetz58MS8MC7IEiGN6hNfQsJvfYLgZmFxSm-lrKIYjDDK0xd-4rj00rV408rxAs8ro1EFxmwacPNcVDj-5lgbDrHaILJXjIFsoQ_KoCM0dXK0aylg
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQqN0PLsrnx4gw1bHop%2BFqABuirDVJ41Iaw1UlahlweUBlidXECLnzgha7hr%2B%2FmwGiBx8O%2FnaM0OyQZ8SKQawcanTiDtKhLbopgcTSJt5iyLcBd7IMZxR4pGmkSQrbpuOgls3zUUZJkG8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8516b63cbc4f30ee-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFFltnaIqugBdgT8wNkBtoo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1D25
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcKt29LbQ2EpFNk10Q.XtQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFFltnaIqugBdgT8wNkBtoo&google_cver=1&google_hm=2

43 B
731 B

35ms
35ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFFltnaIqugBdgT8wNkBtoo&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYk6yKggIwAQ&v=APEucNV6TbC7UH4AdLUb0hQsJD_DM2T4-5Ga_S2IRibdRtU9GxgCSLZP23mI1TxTFPTlx3fetz58MS8MC7IEiGN6hNfQsJvfYLgZmFxSm-lrKIYjDDK0xd-4rj00rV408rxAs8ro1EFxmwacPNcVDj-5lgbDrHaILJXjIFsoQ_KoCM0dXK0aylg
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsAKIVgqsOrduxIT6%2B%2BkaVtdGhakih6nLjUbBs7vza92k8fWdnJ3Xyc17GIxvgVMqf0ketC8rSlDjyP19PdG9D2ikt4mLzARQb4WeZ3MISyhD1VJlb1%2FjjbvvVwXdtT1pcJ34RBzuOcKOg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8516b63d9ab21c6d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFFltnaIqugBdgT8wNkBtoo&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 1D25
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDNLUST0uWdOibU90LZaffk&google_cver=1

43 B
1 KB

15ms
15ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDNLUST0uWdOibU90LZaffk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYk6yKggIwAQ&v=APEucNV6TbC7UH4AdLUb0hQsJD_DM2T4-5Ga_S2IRibdRtU9GxgCSLZP23mI1TxTFPTlx3fetz58MS8MC7IEiGN6hNfQsJvfYLgZmFxSm-lrKIYjDDK0xd-4rj00rV408rxAs8ro1EFxmwacPNcVDj-5lgbDrHaILJXjIFsoQ_KoCM0dXK0aylg

Protocol

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
an-x-request-uuid: 211cba6f-ffb2-4a63-995d-cd543430c9c3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.48.94.19; 37.48.94.19; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDNLUST0uWdOibU90LZaffk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1D25
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAxMzYwNTQzNzQxMjAwMjEwNA%3D%3D

170 B
243 B

42ms
42ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAxMzYwNTQzNzQxMjAwMjEwNA%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
an-x-request-uuid: 81034cba-4a1c-4ebe-82c9-6571a9b5a814
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAxMzYwNTQzNzQxMjAwMjEwNA%3D%3D
x-proxy-origin: 37.48.94.19; 37.48.94.19; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A500 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5396036132746&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A500 0
20 B 57ms
56ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5396036132746&version=m202401290101&ct=77&x=1&cor=11002223638303795000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A500 19 KB
13 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DrVb5vc3bNpxNvSnO_o3zAHtoG-57UxsxOV-n53do-8SMNPfjuPiEFz1hHUCF3VAgJDUGKNH_wk2VKym1IvSdpAdrmPrK3ilPs6hEkIp8jQPWjCrEyzJahCobWIY-JBqZqBuoZna6lJm9GgnHz4OLiFfNyai9JiEyiFdbD7L4e1bQqVHk&cry=1&dbm_d=AKAmf-BDnlBs0g6-e3FHvl6jZHpIsMWk9fDd4ODE_QNEI-enY7ctitm9GkBkgPlE7gBn__XhQsXspZYtelWW-8FQQiToT68RxRo0Z-8FiNsSE2utrDfWBQWFDRznrd2vdG6ZecAtlJj00k0wIqnFDZqXhrCqcdK4qp_cXNzfDbkZ62LWLRTlibGDLIkOIG4ISK-QUhTsqKopu96gO1XXMGgF19jOUQ7J6BlKUvsHzODonGTvIiOJLuUSpiEAjl8JtlCqu9u2BlFMJBYd1c2dZZPiteZTxyYZiYyWGXA__-E9NrREhKmEC80RLNwpA1-nbnZ2R4Gx09nuTSpcwfHxs82DR7RcG0UaQwPGlRM8uwAUcS8Bsf2GcM3IHRMH49_3oY41fh-CEc7na8C-ZPQXvPEjYOQLFelD-gOsy5fSowsMHs8E_EYGqI3g0ehSyyvm_Ao8fUYZMlwqkMhOgI6RrPQ68E6lxBRMMlEqP_zw_oqaGufLeFaUBJaUSMELgTiQpDY3qeHc3p3oOQ50alQh5P2OWH6MQdf2nxo7ZePPRWnD367p8O3r3Oo49dP_-s1Gl4qYULQbJA-dlG6hrwA7aiCEuTggRwlpsdyqfINPRKpgHwmfMiILdtthv5er29MtbKs5zsfWEXwAZEOaYV2E9qkYn59G0T54RgywajWxjsEel0znV0XqombzTolqTOCfNqvklPZaF7LK9nCLz0EzCqKkLczcHial15h-eiaJjikPZqus7q0ximKZeyRM7NH9E1Rj9EyEW76ZxI5hBWhVZ5cXgWI4jvSnM_L52npAglw9ZUGYddMspFSHcwnfSbFEL_wT4drMQzQwlvK3KPBbMxnMagHCnFbRecd7c85h8FRDzKL4BvLUveOj95_ulhQaeGG-IPtskoreb2opksYLFCxMAraLfdZN35b-P-W1KFJXu_gEBOuAeQ0M6FCafO1GPUT-IJEXjo1jEBUFHLtB4JJohbWKrhevHJYj49LplXQwAtqpfmXh2JqJUxo7Zg2a5mLIWHyBRBO6FqzEKPraNAGzLxEOw6NWrgYKK013Ca_fy3MT3XHQ5bceVRsINiqqQA1mihCqmr3DMIVl_78EREzxyQ1A7HDRg6y9Jw3IPsUAGQnPbihoIL-xgHjGDQQ3iqNFn3BhlvN2H5BLwImFyiaLiAllJjwLCaQuu3vybWuWRjno-RQ2kGTaD2XP797G0Ynxc6IlDVKUzlsECM8d6hK4ttm8Ma0C0BCJ2uPrArAEEdJlX9Cjv-eagldt9eOYEH0si_CSoQM6TqWgovanHjRAPzfib5VMTT-gat17QLD22BmQ_VLgz7peEV-8CVnPaLqLfYlTk3xnnmVXo4j5Z-gaYkcJDfcwa4yp8Edq9dbSB7zszkxV3R85XJsskGgdMyDWG51TeLa1EhNEIFQ6cjNzc5hcFft4vG4zW5mznyqnFC5ftPQoMLFHnEZ4GspgEk2TtvylRGG-JfB7SR2MGPLM1Qs1SgMou-jPJX34Qb59yQFFHW8eoFBUPIgHhZZjL8cy3AZf0U8uLcJi6pZV8R86gDoufMaSG_zaznL6jJdgAGbaPqywIAXCrU-wObU9g5Vl1o_9n9ADRz0zfstjrGYdy7-I6mpFs3L0GwJdc8IY75AW_66aTs8TtXgDOkPG8Mj-v6sCuO8cmCpR9b7xTk3qQJpS1n8aEg8hIvhnxNU3rocgA1CkLaBNoApyJeJeGGPfOjQfVGgLo46tCQhaDOOZww284RL_4RB8y3D-NHcqocGOHvn0B21__nvLCwYNbdTaL1GDmwG-ejW5I51unJNH3S9X2s8sq3S3Ai8Q0-Awrx4s40TCSsf7Bb_DKhVUBcQPzRkpMh7z8-bpPOf4PfH1D4iYvjX8VPDvxLcfLk9UdF9V-8OtejQwEpt2r4gqzpYy91Y83hle9EeQxg4-QF09MKR9Dp8Bn92-tBR9X0yBoIMj8u8paAIciR7IyWSKm-W4JfJR3V88Peb0481vQ20XEQ15plIgJKAi3pzuQRSYn8rZesnMmHQa2FyRxkiLxBmxNOCTY1iVnaFwutU-9J_xuwzjVF_CWJ4o9w_epXrplrCldGW28kyyGvPJLtPl23g2FtQzHyXyAfScKCIxiALSesAPhpWpdUheLf7iv7AKeQzdtbkAxCdinCHTXuSCeCycUL9WJEwKi-f-dyh5bs10z8gCThUfOzhCreMvfW5r18uXjwDEcBHwu9_m_kpiP2xNgMSbmnYxZkCjeNKnO6bMSMHQf_HeBkkd3t4nA_K_zvpLfE91vZX5yesdjx6BQdvnmpsyptgkBmRid6dotUWls4FKI1Veiek2OrSLEGIrm9vvdTihzJfQ-ldJtD1Z3UA5Fp-m-OpZ4hP-kui6nMY38b-dA9DhkgVJ0trjohXhcDogEAVGpPoddSpxtbwb_sPqqzKGpY9sHvjD29HbZZV6MXOHBCE3yDjPdo1--bGpdSVvmhDKtGvN6kVhgyZlWk-Hyx7cVWDj76xUpCchV4jA1YOcvTWN1-93oH2uKUVj3D7hXmocGXMvSSgAYf98LhJtfAin59MymWxZXErfbscIBDIprY4wH8K72PJPm3QH2Z2cxD6TEk4wp6mrKCY1Cjxk-DH8c7gOBflRSK5G7FO9OT-s91gpcJcyOco-OlOrK-eCBk6JeGKIr8q79RO8sGHSekAC4qR9h2IcVnp5ha8NSoLocdeo14y5I2YjDGFjpbFkMItyl9nr5rXT_6Qn5KSBXSxeGlxksKn6fyIhUrkuEUPHPaog1DVApWZfaS_CiQftn330hPLALyi4Od71cOnqK4MFMEdZkXdTLUOZCOJhyaTaJ02EzkMR5YDDrT8Jru2yLqL9s_M_qR1GI8ZWW6O0yOYUyQM4F7Gq9zr-l_rq_fuafT_uXn0unPuDeQsi7b9Fb8H9ev5Un0aeCtUxkPTNKJ7h8Oz7LPQqH-eN0nz6XXzq9aO0G-7n7tIlv74y8oik0ZKMtTma9IvciaZ94R9bX17ZJJdhEiYMmZ3Dc6ou91HD2qPt7c7WYNjrjkx4EfU2WbJ9yThoNC6eLOnNiRpri3vsMhsx24SVY0UAXcExnkXaTw-ra6_fgVMo5EXoewKhTmcPyx4avFW6R-lentMlyprkTzRhdkfWfg2ZPWok4dqRIQ0PqiJuMDbIW-at1wW3Yh4Q0issArr40ICcisOeLJgS5wsrI7iCntMuVAiZ_3TjujnR18R37L__sJPChzJvivV7YmnYuWmE0LomPpoFCPEqN__gDeMw8qxPX7Fs2DZWUMRp-YSN93m25PCFiKeZMmeFQssRKkwOjarPrjPgJM_EDFxj_62M28KxaFY8UpCLr890gTd0SJBweXZKw3ZbBFJtKBjtZ2PAwafpED03uU2HmtChi5DzhZ4FEb4GVocNFL46GiyK40-8-24i7RCjU3hYRbjbxIT3CzhbBR2_EPlkbyqx_hwGBIfc-_jMnB6KBBMJy9GuZh_CL-X5CyyzFyTBNUhA5F_J2jcHLeremhv5IDkAL9aYCK-iKEDvBaVQYbskpyD68pocyeQWH-E_dcAhj0hlbjb1TVwwhI0rvs4977TN6UIELYOyDTnTDoOf9GYpwec2fo_x4PppzfoCHcea5A5oClYVj3TkXrlqJYJmAP7xw3RQtgJGdtJ26cxLI0nc-KYcwx2Y8YxbDLHDH50TXAXJMWM5UHi7_br8TlPZErs1oK4WQjm4GFrgE2XPcjgHLki8eWdkSUDx81BLHGW_4tnH36g4kXgeqhkpjp-3awwo&cid=CAQSTwAvHhf_4ErEINtAzRVEX7HsU1phwcEr9npIq6fSqMWcy9NcmJLG9-ZzNOwutq5tQnnkqDWaegEZ44fUirigq2sd5lCL17_Ljv7ne9mO_6kYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwotlabs.net%2F&ds=l&xdt=1&iif=1&cor=11002223638303795000&adk=1726166463&idt=72&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4566830d69e81c8769e238d2cd57098fdd020cc5f2a9a00fbdbb1a86f4d8ce9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13356
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/ Frame 4319 9 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wotlabs.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 13763
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 18:19:04 GMT
etag: 3890843268177463596
expires: Tue, 20 Feb 2024 18:19:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240201/r20110914/ Frame 4319 23 KB
9 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240201/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:47:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4859
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:47:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame 4319 3 KB
1 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240201/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 14:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27921
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 14:23:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame 4319 20 KB
8 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 04:42:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62784
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 04:42:03 GMT

GET
H2 200 8768922394276427679
tpc.googlesyndication.com/simgad/ Frame 4319 40 KB
40 KB 26ms
21ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8768922394276427679

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

110ef3d9c69ed03ab245650181c6734115746049b7bfa70e7edb4afe0ac075d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Mon, 03 Feb 2025 14:10:53 GMT
date: Sun, 04 Feb 2024 14:10:53 GMT
x-content-type-options: nosniff
age: 201454
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40482
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 09:50:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4319 205 KB
65 KB 60ms
56ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 22:08:27 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame 4319 36 KB
15 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240201/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

115d3e421898f8245b1436c3231f9f4ab3b0153f32f1719f4870d87fa0f6402e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 00:00:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14836
x-xss-protection: 0
server: cafe
etag: 9737977227763839993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 00:00:29 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8AD2 41 KB
14 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CEAyGPSvWs4pjpZc-2dYNH-pfLmziM6y7ZIeoJvzcJWQ2ZsaBKWFUW-jdGPY-gVL8aAHnE2RajR1v73JFESoMqHpqd_3BVRY9AK_mOoiV1jAooimmlxHkLcEhjNE3skgob2Ac9SAHzJcE_H-nG-q3m33gnZ3us9TuuZwxBYGQz7etynEU&cry=1&dbm_d=AKAmf-C9wfdbYFgNm07PGPkXxCUMVpt1XyNwVNmCLaUOAGMuB7T3fkSMqdVbGuT5iaJlk3Nd521J6fVRJ9PIRKCCEoti9uH2AoLuVOC0yp057JTgO9RnjNq1Agr5ZQmGHJAsbbi_PDp6Md7aqZXrUn4bHVZMUogHRDxgdag0ihflECJ14WB85_S7vFqkGSXiMxCnSXQVoY71a2xFDgYfAknYjck9GdDQ8tb3deNUV8e8hXgW-DFANwo7nrg90UXO59f9jAI2JFv-rbz--EXC6bvfr9CW9WxxnQeTufMc_d6ZzcoZKqaaPXC-2NFULppOUjWZcw9ADe5s33VqgC_YCDzAhNEmYCIc1OQmDv6Z80PjeuUbnZHIlxqHn3IK19pztk1--tLkYyE3cLddkGMIGA7jXvXRMqrpHgu00lR8sGdGoEmEM0WNhpGyXII24OtEf2qOgr9mHGb2Vto1s7c5eST4WOX9vsxAuXXC4sp15QDm8SylVkE0jB2URaWKfjj0cQWeHb-Xe0hu5pKHaghZNJOoEykrVqpck1hU_jGhoKqgG2ZUKLB6UK_XFHX6_eRQcPUbWw56bHJUDNf1eew6pm1O8l3wSMaIvBiQ8ZW2kgFRvwrkt6Q9VAF2v4aPl9B_6r088DYvjKFq2uxM8wtj661iJQnXcF2NHvPzvXAZRM9QmaCurBzXdPh2qCrVTl039Q4H9EEzm6YC_lFMaePM2lxoj_nqkpzn2MOR11_-H2Z5WTEEIgkje4_17xUcfCFriZbA36V4glNnYKpiSaa42TYTa31yB7wRwRSB65ChBOaSxtbYu_-V-Nj6TarjPUv8NGN05YRo6pDcY7Js8kvbw9Nm4QJYdQaqiHlaM36Pnlygueg1p0Rcugk3sFcZL-C722MoIBh3nuMtzw68czz4GI2UEGAzqZfqoXxYAEAVHvUMMLq78yhFJBAN5zRAuILvIbLT2X_kGA4LzTOxrFrJDG4d9mYWRayUqPBo-SEX_MqH_v6gEMgyEU7VKwKLWPT5RaXxUFVbi60_6mKI66R7gCiPMH780P7guMGkar92b2dEZQR2PKPec79uA2SWtx_lxfwRWoeZz8liEFrU6ls998-dm5uVJE66X8eEc4W6UM73xvJPPkdiTIcUieqGX2g44KrZ4UL5VwjdSmRY_WjtbdPpVgZUXBjDTVvfYtPoM7QVMNt5TmFWWVVdSJNhy-N5ipOOwA7jzWyhZMmDVfiWMCqXTpvlmVf-IEYpQmY7Zn9nHTvHvP2-AQfdihMw98O1UpX5wml1A49gthAQgklSpu-neqvWgXvHNz-cqfpPebh1kTgPsYawYcdQgXF2I4vNLma2xBWqYocwvXgV4ySPRahU2GCDsnJiaqZmvTgMpP2ub5GyC8dnenXlPBc7vcrWnV4G7QFSqs4LXXaTfYqnp0eiOzq-Uk1YSQLj_rtdmQ9XXgXglYetUGw4OAhFdDp4ZEyPKrlY51bHiXCQYhhoxEQzH2HN1FAqmAcSPxoQLpLaCRsy3veun0uIlkhb1ztF_jtp401yexqKsEoWkQDx1t9aWuNxavziHkGvfZqll2pnSwvKXgJF2Z2UUsHtOd2UTeLvWg5in3irAU21PlyTFQQa_l57fSHqDzy8Uw7xADnvQuTZ533DavhWTz-CALiue46PsscG7WsTEjpelSa3rxMygi2d6PQP5K6ABIKb-_yOTtaCTr_hu1CiHyGowLIpuqR1ANL36lXOO-TGqTZw2CPPAKS76swePgCFVEVqBFux4vmyPQUv1LzCp6mwB2QE9JKfn-OqO2Rm8sD-rFlDf2pGvHfP5m4zCxFP33PuXKFt3w6r0gAGvKfN3Xup_CXzDeNdOR8VHrUlbQnIv4-mHZz8o64QXWuZMmVcrqJrDIDV_wBew_Gakf_MKJXEJKssz9-MafWwHSmmzL7J3rhMQi3edRt76x0ILeEN-aJAx9nMhkv2GDYnHZCLw-FcTxy-rqzyGi6CMc0JEmIkmToW4dvNbOnYSHQSL-egwNXMgI7R9zzIuV1PYxNArkHeRIgpvWHUhiqYg0xk75N9HFBnVQd7Nt4AQ9sOElpwP-AMzEOl3sxA2zruFmapdDRBTewESS1rw2X4Ws5NAjDUtOyiYL-_RZBygoXen4DWHbTMvD87tleivbDdRZENrUcmINX3mJ08gTkxdqrynNZ3LDw7QacexaoyIJHN9VMVpEVwEmUVUao48rMOSvIhM4hUdYxWWCmo6kE2WoGuh3Y_F1mbPwubJW5jb7PY4CA-lNmEDtxLKvxdwEum-UWivWQY34FlLqhYi1BBqWBr74n-AyMz14QsEjYiQDfVerDdXtZZ_m3HEg35pTLgqRdqNCM6eYuAApsLA_ru9_MRgWUKXTkNVj3Ecr3Qw4UHohbYs6UWqax5efYa9tLGQY3yx2fLn1cE79nYRU9Ax6yrMDIC0ujHswy1eAT7uVSmA-DZr_kJAwAkm2eQoYZqXVEL3_fKRWdKD9n7eUMvA52rdPaqBPUAYeGvHWXqzquzkTwzRTDWG8sVwf2Aj3qI7nlxMbToghLqFTeFCY2AkHAIfOJCigSbuD3Cd03nVldS7XyHQhAsNCPRN1MQ03KXH29o4dhhZMCLMVKtXCGM6KAjM9N7D7sgudGe_1Y0c3jQigymAGVs5LW_bjE-S97UhXt3OPRDJktfT-sS-INFcCl1aMf4KQdmZMh-USGaXB7tlUaD-EREsocrGhyE_zjgRczlF7QhIFbPxBccGrHr0xhyTuFSO9UECNVSmTqFxz2h8WAtbdcCGaR1HVCVY9aObK7X4qwlNwcBCAMsFk31EccCd_slXfKEa9MHxuUCKgxyyo_ydw6CSHoyqqSglZJlEtjbszaviRLR1mAmoCxLwhHauON2GMlZbguWccGYR-gNRHgbmNuWhbFjoCFt_5i3BanINeJ03Z13URVdDVZCq6x_3B-pK4qQ58YHCsmyDD5orbJjXYbg3532DE14fGCQvzBy6eYrfXuKz0TmUxYhJPzzAsgHSAprtZbUm5XLfd7yBLwvSnTRH7l6AkYqMk2MIVov6BxbFZaosNULTkWmIOOMc8sjcTBdHko4ocLzqRBQKWh3lIOWq9NRXZihPckr-NXT3XNIdqdfneoSDMrulYsQbBA5RuGGiWo0Q29Zo2OrBImtCJMzJIt7NM_4wpI1898trtA4lXm5_BdSF5Ts2BgDtVrDDCjx3cPactHR29_5AIOwM2lAac6smWFAtJ6L9fd8EkkjNfSs6kKvghqgHIYPMWv1_bkyXNCOVQ2_5d8WRPO_VfkRsgiaEmkUuwF_xraUimQ8vTnYvTOqA2F8VjTejxjwxLeNq6C4z68x1bdUcmIGDEwfQ1hNnzCEEOX2mDs4NOsrIizhRy_gWF_vAXpkNLNZZboX5SOAEmrA5VQYTfKg3b71OrUWBe_no6NBTMy75rvIIX-7rKqOMKOjfGNMHjLy7MRb3jtVWSWLUJbBPp0_reeSmxSTALH7Cy5FKRpONp5WqkxfYHg5nX9DNXVyDxA-I9_tbcJUJF0w7ghk9IjUQH4MUNoEvzG8fwO-MLAL-Otq6PejHzKOSE84AXOSoVDhHULTWzvzJm_5eWzNPWDUtt2Pf6_SmphgnVPDaIroHJmtHssfPCjujzPLo7Hth3nT8OFRVqMhC00-w7WUsUCL14Y4d82ybMbHZEkCmJLfUbqthWU1GXJYjFOVTt_5_Be5gIacurMcbnZLyRfu92GKPMKIw54vZ7puVIeyIe0q8gAd3wyX74buOEG5czUC&cid=CAQSTwAvHhf_4ErEINtAzRVEX7HsU1phwcEr9npIq6fSqMWcy9NcmJLG9-ZzNOwutq5tQnnkqDWaegEZ44fUirigq2sd5lCL17_Ljv7ne9mO_6kYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwotlabs.net%2F&ds=l&xdt=1&iif=1&cor=18101172992651788000&adk=1964084971&idt=68&cac=0&dtd=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 19:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10829
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 19:07:58 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzI1NzMwNzU3Nzg1MgogIHNlcnZlcl9pcDogMTM0MDU2ODAyCiAgcHJvY2Vzc19pZDogMzY0MTUwNTcyNAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 8AD2 0
507 B 126ms
72ms Image
image/png 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzI1NzMwNzU3Nzg1MgogIHNlcnZlcl9pcDogMTM0MDU2ODAyCiAgcHJvY2Vzc19pZDogMzY0MTUwNTcyNAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA2NjQzOTQ5MjA2MzQ4MjQxODM4CmRlYnVnX2tleTogODU3MjQ2ODE1NTExODI1ODg4NwppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDItMDYiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjE3ODkzMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjM4MzAyMTAxCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjE5ODk0CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4xLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjIuY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: 984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
URL: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xcffa90c964f5d4f90000000000000000","13":"0x68953a3c78d082b30000000000000000","14":"0xb11d3aaf26331b250000000000000000","15":"0x8f938d28ed786adf0000000000000000"},"debug_key":"8572468155118258887","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"6643949206348241838"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame AD9E 41 KB
14 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Brzt0V4Z43RolmWFXYiYmuNJGSZ4nFzUd_tPnVMz028NSaVP7iKEBi4K9LyfMjhAIZLoVVgC__LVCIAZRm25nppJGUZMgbSR1nYbp9FWjwsLzckEdmkNiOMAf3qdSU9aflfezJoR_H_0lRyw7lSZVtQYl0i1eV1WmMCUb2jC9RDlRyaeNGJXB5c-MKWipavrZpUMhw&cry=1&dbm_d=AKAmf-ApDPFxKu9YwKs4AYXOnahsDS--nHGkbI8ihBvji8Z4dorWaa92lZefnt-0K0XH4byWmXTMzcgEUUOCr76YEX3EdPHpj5aFBHSlIRGijK51_DnbdtxfYF9a_On-FTtXC4LoKR2JITNLN1h5_xgth1Lwum06BE8TaeZWHmrj7dMxUpzQr7b5mZk8TrIWEmOIvxwh8_PO9Fit9kqpnXCbY3LKW0GGtkZKKnS2c2Gh1PZl-OxMmL2GQ3vjz-TtCsaa-Jz5uJYEK1OqkwVUapdv9mvCnGyrZ31AK3-BN_B5MUzNwn16NwnK-B3vwsTE0Xw7TVMqcx4v1SYbFIKSzjp1PSMl8c-zc9NL-MlzRwy61ZV3dwNE1ExdgaQUmgihlhISE_191KsMNxReiFqH3D4xSxh47gJO-dWJCfGQ2M2Frrm3vRzn3hbCsUQrBTw7PTewFD1ZXb7U7TVjLR5CudcGnVMp7apDWYQMnP6c4FGSA9-OfVTQ0MbpTTKxJAaenIZdmcqZzuUnAoEHmHte3KbryMZP7y2wUmj2j_CmYt7i0s8KEPFAL6p2C2d3oOt7nC77AOuEBLwVQ7ehpHjWwdtcqhsof_SlWJr8mR3UkzKhz6tAShNheF6f5qVm7apLbLlHJDEbOqoUFH33IgKGKZdklQe21toKbWlg63zl5zj5K3p8kxekugH1oWwKsuqqu24E_6RVh3t5DzuhhFgFuXO_nA1nbNUCrn-GohCnPG_EBuccd_YUI1Rbz_51-_4YGzDK87rPWb6HRIBF-o6WxCFiyb6dynGoQXV9cbB6hMd_tC-Wbuhr9fa4baJcX-_LwDnCAuacs5J-YdBO2Z118syhCRVCmcLEXQVIuAEXnYfvUlE7P7_A5VMd5eZa-omDlDHOH_2JGlODZ9YTmhMXLG_0xGyWPi4y9fovE73WEqgJVZsoi6q6UlcIFZgm8yjdOLPr6YFDOhvV2_zSyKzclapssqlZrlGaJMuXaKdQIspIOjiXhA59HXK4OfoWkQzKP69vq8fWB5zY5NcD2RHhjFQg2tFO9TDR7TADMbFaByc08D0XwU2nJui1YyqihirCYbFHP5arvbyqVrns-Ov1JHKzyBCeowlWlIENR328RwEM0ihCRCkBJIeQmrZyW5kmZoBtMGAGI_01FitcWJWhPK-0gGKV2M6KfDSP3qtSs2aYQEigIX9BJr20WPSWAaTsJjdOUVrlfeLI8luwFchDx3PSrHSxyj-tfRq4kxP23GFWeE1mx0Ca6YAlVrXcXLsDS74TwNiD4mW03y-yx7ouEah4Q9_n46fCnyu6pQjnnxJQyrknINSxiN6qFV9WmyQFkZb-nqkeQ_uIxHJB_7cMJUPEzpMBlcZPjH87h-U6vOK2Jfb6h4QWKBhW7LdnamSiRMbqCnCeuoyo39sfCDEZ0EgS7_CA6SDeewleFaX_9coadgtZFAAFLVvnx0Z3I2MwUYptEIu7-OPHb6PIW5g5yi1a0Yeb_ZbH55konDzru8uflpn1eUfylaB_6z1of22yjKXuNHyI2kNaNnkIHgqThpitoWWRWPEL3Z44cMSRSkZbmOhOVLRUH6A6wqFdXJCETTbraFa-MlAfDsogj1YXl7k7BmZgrybU0kRU_jBFZPnxOU4mHML2YaUOzhxCMFR7brMC_l2qE-li7xk83bWYu2x6P7xH3l80Gh1fmFtGhDNPKkbLVAH_XGt4HTtZfjtftw06vDYWNYxURGvKge9jP1p4QtCYLR3eMN3Wl6rXMH2I37rrZcwvL3tmSqSYTC-h2u7dNDnBi7ob16qjDxg9qUQTNb1ZgQFV6go98scEfXyrs-perPshI71-hiE2dABPYSjY5KujsYcbPNuDyTQUhVrDwOT9xAb2pUtmiXZs2y5RNWlw9GRBMbPYr7UBL_DMabWSkKp9MPY0uCYUfqFTrYMWTXFl7sexbtT8eHztGB0qGSr-xMStIQYkfbAhXw-td7nNy9shVzA8-LzFrBVb0z2rtLR3pVHwH1Okm3nGl2BfIA2dO6JFYM-lfcpmKrqM1rkPaxDQ5PTo0PS0e4e128QoNJPNHPkb4zKHOWw4RWR0ZU8jzqsQN9in6whtxE0dAu4EIjqNdbHxFtjg8bdpdAGUU4JqUL5-Ry-cqSdHp0lEP9f8MF0i9LFVCCcY4mkQN8Dgi27vkd7EzcPpjVm7C1sXK0_QFQ4C5whmtDazloh42aA7ArS7fmvQKCMThFIhk1ql3ar7KX4M1-rG-vvkmymhnYX4JSMb1Lt5qzH_UvDqWP4KiMgX_zW08vySTUbhoaiArxsHM7R3CL0m6hLdbUeIZcao5_glh446H9x1usi5-awPJtBNTJSWSyOuFwXayllqlXlTtxR2DLm8gflB4nYLpeCEtSDdEHCYVdTu3qAYdmJmBl6UV8ia8yEKiKaBHVuein171lU8VqMV9QRct5Q9sQCyQ_P-kCxXlqGTvvdhIJFgo4C-43ccqZbobYYVxcYCZwbK_1IqdMBV-3j0mtuCXHlCFWnTvJB33OT11wkrHdXRS_rVVQe5sOvjCYXmyuRLzf5n2ZyMAAIe141RXn_hykRErhQpm9GrctZAuDAXVwENUsne2Xv0h9MPAramV00GoZZBk3VO7Z9gUMaMUJIcPloRYdmdknP-L5qrvP7H_NuDlq9z7EDcCEz-WBZmGGImgonwEKn0uOMn8RbGijqRKhFgpGqnfElrWVoXnRYclYNmMtqImfq7vnSXnf8mvY3oDz319asQ6Aq0O46AHaR17MNN48DXwU5hCueb0zCXdXSZZIyLtChX06P-5oAZqkyphC8fo9lyBMeD11oJazia46WP8OnYtqdObsg5yYNbVcqCSO4M8f8SdRusJRvGNAfBsfaKTyi63Z2AQlW0ZH2GvZICzWqF5cqSN5BioQZNVvS1JE81ucEaOc-ZKOyy3hyYm6SADNjsJnPdT1EV7YwURzxkHXB9sE9cLg22ShoV4zsxJn4aWQdSeqRsRBM5ZeNPm2oE4uUMYZnG2-B2B3OGYukL6kHXcWzdoAS9DgbXxneQew7XcORSUI0jGN7wdYFCtRJ_GAsAqymo_MkLF6_e3iODXSFL-fKWgeazvk8-8mFiglxRrwgzlpNehj7GrSGphXGR_aObYuGVOYm3byS694bUcQ0j62gCUqtvV9DA7h3n7WNFGMgmREVVeKIbe3G4VYHpz34kvSSmCy4Y4LNb5L9HjPawNcUxIYLnxK1qj7h-2xZbDcf-jRMcFPcSFlsTa04Cg95RCUC9TwBjkdxJaCsuRr5mA8dth8plv19hDTx3AoGdcOxbV1xfOa5k_d6u4rrUwyYbze5v24BbHPEj1hnVrhUFqbJu1OS3FXHusczoKXfD4HfKTSogOw-G4FY5n3UNJ6yqSqVwYyL-l6AC0O6HY49KDcgTWCVOMmyAohtaPBDGZ9xVV-ujwOUv4OvIUEx1a_LYDQzFtEAKnfSKO-7-_5keW-d7S3He2g5G-ctTZTZA1qqW4GcXvRW0--8tnijsh1ZB3LpXOx9yptA3cuC2KO2CYP4YJ9XL56WSI5arT2pgcXU94N-e5PUFnKiASrKmgg5ul7GZ1V_DLsIarenu4hVshrUrcYq4tA82GiKTCpo9AkXzOZmYdrDbGzB46CGnnyidJF5IhPOxqsNzCfSL0Yg4ItO-Xw7iiCp_hHhUIqnIcdjBVwFLRUuM2PZ1siBVYjA4m-0WdsJ4M6k5QFgEugOr0TyHL8Z1YgwATKGllhMuHHo&cid=CAQSTwAvHhf_4ErEINtAzRVEX7HsU1phwcEr9npIq6fSqMWcy9NcmJLG9-ZzNOwutq5tQnnkqDWaegEZ44fUirigq2sd5lCL17_Ljv7ne9mO_6kYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwotlabs.net%2F&ds=l&xdt=1&iif=1&cor=18154259029118460000&adk=250412561&idt=77&cac=0&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 19:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10829
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 19:07:58 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzI1NzMwNzU4MDMzMAogIHNlcnZlcl9pcDogMTM0MDU5NjMzCiAgcHJvY2Vzc19pZDogMzM3MjYyMjQ1Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUy...
ad.doubleclick.net/ddm/activity/ Frame AD9E 0
498 B 107ms
54ms Image
image/png 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzI1NzMwNzU4MDMzMAogIHNlcnZlcl9pcDogMTM0MDU5NjMzCiAgcHJvY2Vzc19pZDogMzM3MjYyMjQ1Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9hZG9iZS5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogMzI0NzEyNDE2ODU2ODQzNDYwNgpkZWJ1Z19rZXk6IDExNzAxMjg4NzI1OTMzNzAzODkyCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMi0wNiIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDkyMTIyNTIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzODQ1ODg3NTAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDczOTk0ODk2NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxODUxMDIxNTAzOAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDU0MTIzNDcwOAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZG9iZS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9mbGFzaHRhbGtpbmcuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: 984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
URL: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xceecab9bf1b407cb0000000000000000","13":"0xe6cf2ffc6db5d1de0000000000000000","14":"0x71d017ac52f5732f0000000000000000","15":"0x621fce13c22136b20000000000000000"},"debug_key":"11701288725933703892","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"3247124168568434606"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 8e4hjwsd4phy Show response
hal9000.redintelligence.net/zone/ Frame 8AD2 11 KB
4 KB 91ms
24ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/8e4hjwsd4phy?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCd9Qj2q3CZcG7LJuV1PIPsoCqqAfM-Yagafu5x__3D_AuEAEgo9KICWCRBMgBCakClMnR6H8Jsj6oAwHIA5sEqgTiAU_QfHbARhXrClFTrz18gskTjwh4eBT_saWD6xE2M6UIIJIs-BCRTkqLbJFmi5A_MKzzsJNRrN94Bl62JNskzLvNJlhtasQDfEoTwfjPJtxB3wOwydOd6YDL9uLm2SGyCwqHxTJxB2GrcXF7UcZ1ARYEIlbmlR8doRnFUKmMyruYdpLO7JbCKuBq47BUMofvrEr5a25H97AcT5w2king9YS6hHdBmjsFRHXhisfPB5rY9FaB4WMt6lMXbCJiRs7PPTaAd-yaXrrVlHu8Drm3ooXWX6pCjJvi4uZDAHnkFnY1aBPABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJgiA4YAQEAEYHTICqgI6CYBAgICEgICECEi9_cE6WJTkuYrdl4QDgAoBmAsByAsBgAwBqg0CTkziDRMIr566it2XhAMVmwpVCB0ygAp1sBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_4ErEINtAzRVEX7HsU1phwcEr9npIq6fSqMWcy9NcmJLG9-ZzNOwutq5tQnnkqDWaegEZ44fUirigq2sd5lCL17_Ljv7ne9mO_6kYAQ%26sig%3DAOD64_0yGMdE2_RM_cjbppo6yzz98dr40A%26client%3Dca-pub-9235292526886004%26dbm_c%3DAKAmf-BnKkDLyHPClQEHILWMBIVP1EXHpKZeDfamrCkiIGNd0NK35qVUNYz4SaFX0aNp7gSGtGWrP1AP2O3WiarM1MQwPBPTpPkVLtpzpp6tFcZQysIOlE6XERa--6FzQDXU96VSqkSxQjA5cV6vMbRFLwW4efESOdz4-AcoI8X9k6X75t8vdMw%26cry%3D1%26dbm_d%3DAKAmf-Aks-n2twcavnodse5ikhdquakIxci4bnZ_tj548onP3JiSRGfcP2DOun7C6BUtRlvw_-fol1CfxDl-vlR3Q_dvAHKrn0PbmHb5eEE05RIbpTmbUSiq1qWKu4Gnn1yOegfFAY9F6eA0KUAB5qhvamaR76s6HGUKtSKbp71WeEi9u5nrJPsLY7PXRIbHDa8f9eue6aTkoJklKpeAKKqy8i0JMMm-JYf1wPdU2PDgjMUXHYcesTurh72R_WJFA6TVG6-_LRxI-WaPMQQ92HV9lAtLgkq5EjRWDryMgbwCndtDxj3cqyzYFvyQhtHOXt_zieLW8ClOcANlinNXLca2TWxWsrLDS9GZdQiDn0AV475_MtcQK1UYl4qFqCHd3qPqnLXyOT1heBrYe4RhbK6uQCHFTYoKHa6TDxl5sry1gMGGfyin5SAG4DOH41FevDB6qgGruAANdv9CdJNXJRm2qbjdyuY1R8AgyqLFVdV7X2QP2xl_ScyZJ_XQjtPEfjA17PjlespjCogcpNT2BqSocQpqhdnssPybJYZ68ntUvUtMTILM05Rvd9zpUPS0gTHTII_XxDrX%26adurl%3D
Requested by: Host: 984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
URL: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 23b7a911df3328a988b3048a0bdff9ffb33a898a1e1d035302ed7c3dfd7ae546

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 22:08:27 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4158
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame A500 41 KB
14 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DrVb5vc3bNpxNvSnO_o3zAHtoG-57UxsxOV-n53do-8SMNPfjuPiEFz1hHUCF3VAgJDUGKNH_wk2VKym1IvSdpAdrmPrK3ilPs6hEkIp8jQPWjCrEyzJahCobWIY-JBqZqBuoZna6lJm9GgnHz4OLiFfNyai9JiEyiFdbD7L4e1bQqVHk&cry=1&dbm_d=AKAmf-BDnlBs0g6-e3FHvl6jZHpIsMWk9fDd4ODE_QNEI-enY7ctitm9GkBkgPlE7gBn__XhQsXspZYtelWW-8FQQiToT68RxRo0Z-8FiNsSE2utrDfWBQWFDRznrd2vdG6ZecAtlJj00k0wIqnFDZqXhrCqcdK4qp_cXNzfDbkZ62LWLRTlibGDLIkOIG4ISK-QUhTsqKopu96gO1XXMGgF19jOUQ7J6BlKUvsHzODonGTvIiOJLuUSpiEAjl8JtlCqu9u2BlFMJBYd1c2dZZPiteZTxyYZiYyWGXA__-E9NrREhKmEC80RLNwpA1-nbnZ2R4Gx09nuTSpcwfHxs82DR7RcG0UaQwPGlRM8uwAUcS8Bsf2GcM3IHRMH49_3oY41fh-CEc7na8C-ZPQXvPEjYOQLFelD-gOsy5fSowsMHs8E_EYGqI3g0ehSyyvm_Ao8fUYZMlwqkMhOgI6RrPQ68E6lxBRMMlEqP_zw_oqaGufLeFaUBJaUSMELgTiQpDY3qeHc3p3oOQ50alQh5P2OWH6MQdf2nxo7ZePPRWnD367p8O3r3Oo49dP_-s1Gl4qYULQbJA-dlG6hrwA7aiCEuTggRwlpsdyqfINPRKpgHwmfMiILdtthv5er29MtbKs5zsfWEXwAZEOaYV2E9qkYn59G0T54RgywajWxjsEel0znV0XqombzTolqTOCfNqvklPZaF7LK9nCLz0EzCqKkLczcHial15h-eiaJjikPZqus7q0ximKZeyRM7NH9E1Rj9EyEW76ZxI5hBWhVZ5cXgWI4jvSnM_L52npAglw9ZUGYddMspFSHcwnfSbFEL_wT4drMQzQwlvK3KPBbMxnMagHCnFbRecd7c85h8FRDzKL4BvLUveOj95_ulhQaeGG-IPtskoreb2opksYLFCxMAraLfdZN35b-P-W1KFJXu_gEBOuAeQ0M6FCafO1GPUT-IJEXjo1jEBUFHLtB4JJohbWKrhevHJYj49LplXQwAtqpfmXh2JqJUxo7Zg2a5mLIWHyBRBO6FqzEKPraNAGzLxEOw6NWrgYKK013Ca_fy3MT3XHQ5bceVRsINiqqQA1mihCqmr3DMIVl_78EREzxyQ1A7HDRg6y9Jw3IPsUAGQnPbihoIL-xgHjGDQQ3iqNFn3BhlvN2H5BLwImFyiaLiAllJjwLCaQuu3vybWuWRjno-RQ2kGTaD2XP797G0Ynxc6IlDVKUzlsECM8d6hK4ttm8Ma0C0BCJ2uPrArAEEdJlX9Cjv-eagldt9eOYEH0si_CSoQM6TqWgovanHjRAPzfib5VMTT-gat17QLD22BmQ_VLgz7peEV-8CVnPaLqLfYlTk3xnnmVXo4j5Z-gaYkcJDfcwa4yp8Edq9dbSB7zszkxV3R85XJsskGgdMyDWG51TeLa1EhNEIFQ6cjNzc5hcFft4vG4zW5mznyqnFC5ftPQoMLFHnEZ4GspgEk2TtvylRGG-JfB7SR2MGPLM1Qs1SgMou-jPJX34Qb59yQFFHW8eoFBUPIgHhZZjL8cy3AZf0U8uLcJi6pZV8R86gDoufMaSG_zaznL6jJdgAGbaPqywIAXCrU-wObU9g5Vl1o_9n9ADRz0zfstjrGYdy7-I6mpFs3L0GwJdc8IY75AW_66aTs8TtXgDOkPG8Mj-v6sCuO8cmCpR9b7xTk3qQJpS1n8aEg8hIvhnxNU3rocgA1CkLaBNoApyJeJeGGPfOjQfVGgLo46tCQhaDOOZww284RL_4RB8y3D-NHcqocGOHvn0B21__nvLCwYNbdTaL1GDmwG-ejW5I51unJNH3S9X2s8sq3S3Ai8Q0-Awrx4s40TCSsf7Bb_DKhVUBcQPzRkpMh7z8-bpPOf4PfH1D4iYvjX8VPDvxLcfLk9UdF9V-8OtejQwEpt2r4gqzpYy91Y83hle9EeQxg4-QF09MKR9Dp8Bn92-tBR9X0yBoIMj8u8paAIciR7IyWSKm-W4JfJR3V88Peb0481vQ20XEQ15plIgJKAi3pzuQRSYn8rZesnMmHQa2FyRxkiLxBmxNOCTY1iVnaFwutU-9J_xuwzjVF_CWJ4o9w_epXrplrCldGW28kyyGvPJLtPl23g2FtQzHyXyAfScKCIxiALSesAPhpWpdUheLf7iv7AKeQzdtbkAxCdinCHTXuSCeCycUL9WJEwKi-f-dyh5bs10z8gCThUfOzhCreMvfW5r18uXjwDEcBHwu9_m_kpiP2xNgMSbmnYxZkCjeNKnO6bMSMHQf_HeBkkd3t4nA_K_zvpLfE91vZX5yesdjx6BQdvnmpsyptgkBmRid6dotUWls4FKI1Veiek2OrSLEGIrm9vvdTihzJfQ-ldJtD1Z3UA5Fp-m-OpZ4hP-kui6nMY38b-dA9DhkgVJ0trjohXhcDogEAVGpPoddSpxtbwb_sPqqzKGpY9sHvjD29HbZZV6MXOHBCE3yDjPdo1--bGpdSVvmhDKtGvN6kVhgyZlWk-Hyx7cVWDj76xUpCchV4jA1YOcvTWN1-93oH2uKUVj3D7hXmocGXMvSSgAYf98LhJtfAin59MymWxZXErfbscIBDIprY4wH8K72PJPm3QH2Z2cxD6TEk4wp6mrKCY1Cjxk-DH8c7gOBflRSK5G7FO9OT-s91gpcJcyOco-OlOrK-eCBk6JeGKIr8q79RO8sGHSekAC4qR9h2IcVnp5ha8NSoLocdeo14y5I2YjDGFjpbFkMItyl9nr5rXT_6Qn5KSBXSxeGlxksKn6fyIhUrkuEUPHPaog1DVApWZfaS_CiQftn330hPLALyi4Od71cOnqK4MFMEdZkXdTLUOZCOJhyaTaJ02EzkMR5YDDrT8Jru2yLqL9s_M_qR1GI8ZWW6O0yOYUyQM4F7Gq9zr-l_rq_fuafT_uXn0unPuDeQsi7b9Fb8H9ev5Un0aeCtUxkPTNKJ7h8Oz7LPQqH-eN0nz6XXzq9aO0G-7n7tIlv74y8oik0ZKMtTma9IvciaZ94R9bX17ZJJdhEiYMmZ3Dc6ou91HD2qPt7c7WYNjrjkx4EfU2WbJ9yThoNC6eLOnNiRpri3vsMhsx24SVY0UAXcExnkXaTw-ra6_fgVMo5EXoewKhTmcPyx4avFW6R-lentMlyprkTzRhdkfWfg2ZPWok4dqRIQ0PqiJuMDbIW-at1wW3Yh4Q0issArr40ICcisOeLJgS5wsrI7iCntMuVAiZ_3TjujnR18R37L__sJPChzJvivV7YmnYuWmE0LomPpoFCPEqN__gDeMw8qxPX7Fs2DZWUMRp-YSN93m25PCFiKeZMmeFQssRKkwOjarPrjPgJM_EDFxj_62M28KxaFY8UpCLr890gTd0SJBweXZKw3ZbBFJtKBjtZ2PAwafpED03uU2HmtChi5DzhZ4FEb4GVocNFL46GiyK40-8-24i7RCjU3hYRbjbxIT3CzhbBR2_EPlkbyqx_hwGBIfc-_jMnB6KBBMJy9GuZh_CL-X5CyyzFyTBNUhA5F_J2jcHLeremhv5IDkAL9aYCK-iKEDvBaVQYbskpyD68pocyeQWH-E_dcAhj0hlbjb1TVwwhI0rvs4977TN6UIELYOyDTnTDoOf9GYpwec2fo_x4PppzfoCHcea5A5oClYVj3TkXrlqJYJmAP7xw3RQtgJGdtJ26cxLI0nc-KYcwx2Y8YxbDLHDH50TXAXJMWM5UHi7_br8TlPZErs1oK4WQjm4GFrgE2XPcjgHLki8eWdkSUDx81BLHGW_4tnH36g4kXgeqhkpjp-3awwo&cid=CAQSTwAvHhf_4ErEINtAzRVEX7HsU1phwcEr9npIq6fSqMWcy9NcmJLG9-ZzNOwutq5tQnnkqDWaegEZ44fUirigq2sd5lCL17_Ljv7ne9mO_6kYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwotlabs.net%2F&ds=l&xdt=1&iif=1&cor=11002223638303795000&adk=1726166463&idt=72&cac=0&dtd=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 19:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10829
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 19:07:58 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzI1NzMwNzU4ODc4NQogIHNlcnZlcl9pcDogMTQ2NTM0MDM4CiAgcHJvY2Vzc19pZDogMzEwNDYwNDgzNAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUy...
ad.doubleclick.net/ddm/activity/ Frame A500 0
858 B 105ms
54ms Image
image/png 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzI1NzMwNzU4ODc4NQogIHNlcnZlcl9pcDogMTQ2NTM0MDM4CiAgcHJvY2Vzc19pZDogMzEwNDYwNDgzNAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9hZG9iZS5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogOTMxNDYyNzc4NDM3MjY3MzA3NgpkZWJ1Z19rZXk6IDYxMDc3MTU1NDE5MDQxOTY3ODMKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAyLTA2IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogOTIxMjI1MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM4NDU4Nzc5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNzM5OTQ4OTY2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE4NTEwMjE1MDM4CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNTQxMjM0NzA3CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2Fkb2JlLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2ZsYXNodGFsa2luZy5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4xLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Host: 984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
URL: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:27 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xceecab9bf1b407cb0000000000000000","13":"0xe6cf2ffc6db5d1de0000000000000000","14":"0x71d017ac52f5732f0000000000000000","15":"0xd42bdebcac00ee450000000000000000"},"debug_key":"6107715541904196783","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"9314627784372673076"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/1/225038;7983016;201;js;DV360;DV360FY20CCPSPAudExNLDSKBAN300x250/ Frame A500 2 KB
1 KB 72ms
23ms Script
text/javascript 23.215.22.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/imp/1/225038;7983016;201;js;DV360;DV360FY20CCPSPAudExNLDSKBAN300x250/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwotlabs.net%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_partnerimpid=ABAjH0iL-WJJWpJsrgBIoTxd8RXH&bundle_id=&site_url=https://wotlabs.net/&pub_id=1&sup_platform=1&cachebuster=24953.462435842288

Requested by

Host: 984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
URL: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.215.22.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-215-22-232.deploy.static.akamaitechnologies.com

Software

prod-xre-app14.frk11 /

Resource Hash

62ba95ee71835e2e03dac54eff7587b72519c3ebc380d1741de7729b9fec3779

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 22:08:27 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app14.frk11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 898
Expires: Tue, 06 Feb 2024 22:08:27 GMT

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/1/225038;7983018;201;js;DV360;DV360FY20CCPSPAudExNLDSKBAN728x90/ Frame AD9E 2 KB
1 KB 79ms
29ms Script
text/javascript 23.215.22.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/imp/1/225038;7983018;201;js;DV360;DV360FY20CCPSPAudExNLDSKBAN728x90/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=wotlabs.net&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwotlabs.net%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_partnerimpid=ABAjH0jJD-bsggo_PuGHgCyjXLww&bundle_id=&site_url=https://wotlabs.net/&pub_id=1&sup_platform=1&cachebuster=761536.8334477813

Requested by

Host: 984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
URL: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.215.22.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-215-22-232.deploy.static.akamaitechnologies.com

Software

prod-xre-app4.frk11 /

Resource Hash

12549d9adf97845f7a4ddaeaa87a3773ade7319ea5372602d15564573083b07d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 22:08:27 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app4.frk11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 909
Expires: Tue, 06 Feb 2024 22:08:27 GMT

GET
DATA 200
OK truncated
/ Frame 4319 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 731396b7cd68357f4f75d7a0840a31ab33d3dee7e50109fa1dfdfa68ca5e4360

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame EB46 38 KB
13 KB 21ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 10809
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 19:08:18 GMT
expires: Wed, 05 Feb 2025 19:08:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK ftUtils.js Show response
ajs-assets.ftstatic.com/ Frame A500 86 KB
27 KB 112ms
21ms Script
application/javascript 23.53.43.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ajs-assets.ftstatic.com/ftUtils.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/225038;7983016;201;js;DV360;DV360FY20CCPSPAudExNLDSKBAN300x250/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwotlabs.net%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_partnerimpid=ABAjH0iL-WJJWpJsrgBIoTxd8RXH&bundle_id=&site_url=https://wotlabs.net/&pub_id=1&sup_platform=1&cachebuster=24953.462435842288
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-65.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cbbabf32ca01dbb0beda9a574acb9602fc4728afff9b9eb5a51aa92b0a889981

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 22:08:27 GMT
Content-Encoding: gzip
Akamai-Cache-Status: Miss from child
x-amz-request-id: 40ESQGHM8MC9YXM3
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 26343
x-amz-id-2: GL9YIJfa3axs1fqoX+A5DCdl+uxzXuKc51SyAxpGY2h2/jS60SNOA79mLg2hsztmORrytH1OxxI=
Last-Modified: Wed, 24 Jan 2024 14:32:35 GMT
Server: AmazonS3
ETag: W/"72851d1caa0fb39691fdc257bcee7227"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary: Accept-Encoding, Accept-Encoding
Cache-Control: max-age=86400
X-Varnish: 94827559 88891190
Accept-Ranges: bytes
Expires: Wed, 07 Feb 2024 22:08:27 GMT

GET
H/1.1 200
OK ftUtils.js Show response
ajs-assets.ftstatic.com/ Frame AD9E 86 KB
27 KB 131ms
41ms Script
application/javascript 23.53.43.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ajs-assets.ftstatic.com/ftUtils.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/225038;7983018;201;js;DV360;DV360FY20CCPSPAudExNLDSKBAN728x90/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=wotlabs.net&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwotlabs.net%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_partnerimpid=ABAjH0jJD-bsggo_PuGHgCyjXLww&bundle_id=&site_url=https://wotlabs.net/&pub_id=1&sup_platform=1&cachebuster=761536.8334477813
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-65.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cbbabf32ca01dbb0beda9a574acb9602fc4728afff9b9eb5a51aa92b0a889981

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 22:08:27 GMT
Content-Encoding: gzip
Akamai-Cache-Status: Miss from child
x-amz-request-id: 40ESQGHM8MC9YXM3
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 26343
x-amz-id-2: GL9YIJfa3axs1fqoX+A5DCdl+uxzXuKc51SyAxpGY2h2/jS60SNOA79mLg2hsztmORrytH1OxxI=
Last-Modified: Wed, 24 Jan 2024 14:32:35 GMT
Server: AmazonS3
ETag: W/"72851d1caa0fb39691fdc257bcee7227"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary: Accept-Encoding, Accept-Encoding
Cache-Control: max-age=86400
X-Varnish: 94827560 88891190
Accept-Ranges: bytes
Expires: Wed, 07 Feb 2024 22:08:27 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 5BAB 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 10809
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 19:08:18 GMT
expires: Wed, 05 Feb 2025 19:08:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal900028.redintelligence.net/ Frame 8AD2
Redirect Chain

https://hal900028.redintelligence.net/request.php?zone=8e4hjwsd4phy&nw=20&renderingType=javascript&namespace=6df6f1082c&subid=&uid=d162a5e57094e03a&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900028.redintelligence.net/request.php?zone=8e4hjwsd4phy&nw=20&renderingType=javascript&namespace=6df6f1082c&subid=&uid=d162a5e57094e03a&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

146ms
92ms

Script
application/x-javascript

88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/request.php?zone=8e4hjwsd4phy&nw=20&renderingType=javascript&namespace=6df6f1082c&subid=&uid=d162a5e57094e03a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCd9Qj2q3CZcG7LJuV1PIPsoCqqAfM-Yagafu5x__3D_AuEAEgo9KICWCRBMgBCakClMnR6H8Jsj6oAwHIA5sEqgTiAU_QfHbARhXrClFTrz18gskTjwh4eBT_saWD6xE2M6UIIJIs-BCRTkqLbJFmi5A_MKzzsJNRrN94Bl62JNskzLvNJlhtasQDfEoTwfjPJtxB3wOwydOd6YDL9uLm2SGyCwqHxTJxB2GrcXF7UcZ1ARYEIlbmlR8doRnFUKmMyruYdpLO7JbCKuBq47BUMofvrEr5a25H97AcT5w2king9YS6hHdBmjsFRHXhisfPB5rY9FaB4WMt6lMXbCJiRs7PPTaAd-yaXrrVlHu8Drm3ooXWX6pCjJvi4uZDAHnkFnY1aBPABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJgiA4YAQEAEYHTICqgI6CYBAgICEgICECEi9_cE6WJTkuYrdl4QDgAoBmAsByAsBgAwBqg0CTkziDRMIr566it2XhAMVmwpVCB0ygAp1sBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_4ErEINtAzRVEX7HsU1phwcEr9npIq6fSqMWcy9NcmJLG9-ZzNOwutq5tQnnkqDWaegEZ44fUirigq2sd5lCL17_Ljv7ne9mO_6kYAQ%26sig%3DAOD64_0yGMdE2_RM_cjbppo6yzz98dr40A%26client%3Dca-pub-9235292526886004%26dbm_c%3DAKAmf-BnKkDLyHPClQEHILWMBIVP1EXHpKZeDfamrCkiIGNd0NK35qVUNYz4SaFX0aNp7gSGtGWrP1AP2O3WiarM1MQwPBPTpPkVLtpzpp6tFcZQysIOlE6XERa--6FzQDXU96VSqkSxQjA5cV6vMbRFLwW4efESOdz4-AcoI8X9k6X75t8vdMw%26cry%3D1%26dbm_d%3DAKAmf-Aks-n2twcavnodse5ikhdquakIxci4bnZ_tj548onP3JiSRGfcP2DOun7C6BUtRlvw_-fol1CfxDl-vlR3Q_dvAHKrn0PbmHb5eEE05RIbpTmbUSiq1qWKu4Gnn1yOegfFAY9F6eA0KUAB5qhvamaR76s6HGUKtSKbp71WeEi9u5nrJPsLY7PXRIbHDa8f9eue6aTkoJklKpeAKKqy8i0JMMm-JYf1wPdU2PDgjMUXHYcesTurh72R_WJFA6TVG6-_LRxI-WaPMQQ92HV9lAtLgkq5EjRWDryMgbwCndtDxj3cqyzYFvyQhtHOXt_zieLW8ClOcANlinNXLca2TWxWsrLDS9GZdQiDn0AV475_MtcQK1UYl4qFqCHd3qPqnLXyOT1heBrYe4RhbK6uQCHFTYoKHa6TDxl5sry1gMGGfyin5SAG4DOH41FevDB6qgGruAANdv9CdJNXJRm2qbjdyuY1R8AgyqLFVdV7X2QP2xl_ScyZJ_XQjtPEfjA17PjlespjCogcpNT2BqSocQpqhdnssPybJYZ68ntUvUtMTILM05Rvd9zpUPS0gTHTII_XxDrX%26adurl%3D&documentReferer=https%3A%2F%2Fwotlabs.net%2F&ancestorOrigins=https%3A%2F%2Fwotlabs.net&random=9624097796261&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
URL: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 790c651c8055ed67fbd4c7e58fcaae435679e532e19c15337fa0a1b59c7e97cf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 22:08:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 67496600214369704444450012592028
Connection: close
Content-Length: 894
Expires: Tue, 06 Feb 2024 22:08:27 +0100

Redirect headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 22:08:27 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=8e4hjwsd4phy&nw=20&renderingType=javascript&namespace=6df6f1082c&subid=&uid=d162a5e57094e03a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCd9Qj2q3CZcG7LJuV1PIPsoCqqAfM-Yagafu5x__3D_AuEAEgo9KICWCRBMgBCakClMnR6H8Jsj6oAwHIA5sEqgTiAU_QfHbARhXrClFTrz18gskTjwh4eBT_saWD6xE2M6UIIJIs-BCRTkqLbJFmi5A_MKzzsJNRrN94Bl62JNskzLvNJlhtasQDfEoTwfjPJtxB3wOwydOd6YDL9uLm2SGyCwqHxTJxB2GrcXF7UcZ1ARYEIlbmlR8doRnFUKmMyruYdpLO7JbCKuBq47BUMofvrEr5a25H97AcT5w2king9YS6hHdBmjsFRHXhisfPB5rY9FaB4WMt6lMXbCJiRs7PPTaAd-yaXrrVlHu8Drm3ooXWX6pCjJvi4uZDAHnkFnY1aBPABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJgiA4YAQEAEYHTICqgI6CYBAgICEgICECEi9_cE6WJTkuYrdl4QDgAoBmAsByAsBgAwBqg0CTkziDRMIr566it2XhAMVmwpVCB0ygAp1sBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_4ErEINtAzRVEX7HsU1phwcEr9npIq6fSqMWcy9NcmJLG9-ZzNOwutq5tQnnkqDWaegEZ44fUirigq2sd5lCL17_Ljv7ne9mO_6kYAQ%26sig%3DAOD64_0yGMdE2_RM_cjbppo6yzz98dr40A%26client%3Dca-pub-9235292526886004%26dbm_c%3DAKAmf-BnKkDLyHPClQEHILWMBIVP1EXHpKZeDfamrCkiIGNd0NK35qVUNYz4SaFX0aNp7gSGtGWrP1AP2O3WiarM1MQwPBPTpPkVLtpzpp6tFcZQysIOlE6XERa--6FzQDXU96VSqkSxQjA5cV6vMbRFLwW4efESOdz4-AcoI8X9k6X75t8vdMw%26cry%3D1%26dbm_d%3DAKAmf-Aks-n2twcavnodse5ikhdquakIxci4bnZ_tj548onP3JiSRGfcP2DOun7C6BUtRlvw_-fol1CfxDl-vlR3Q_dvAHKrn0PbmHb5eEE05RIbpTmbUSiq1qWKu4Gnn1yOegfFAY9F6eA0KUAB5qhvamaR76s6HGUKtSKbp71WeEi9u5nrJPsLY7PXRIbHDa8f9eue6aTkoJklKpeAKKqy8i0JMMm-JYf1wPdU2PDgjMUXHYcesTurh72R_WJFA6TVG6-_LRxI-WaPMQQ92HV9lAtLgkq5EjRWDryMgbwCndtDxj3cqyzYFvyQhtHOXt_zieLW8ClOcANlinNXLca2TWxWsrLDS9GZdQiDn0AV475_MtcQK1UYl4qFqCHd3qPqnLXyOT1heBrYe4RhbK6uQCHFTYoKHa6TDxl5sry1gMGGfyin5SAG4DOH41FevDB6qgGruAANdv9CdJNXJRm2qbjdyuY1R8AgyqLFVdV7X2QP2xl_ScyZJ_XQjtPEfjA17PjlespjCogcpNT2BqSocQpqhdnssPybJYZ68ntUvUtMTILM05Rvd9zpUPS0gTHTII_XxDrX%26adurl%3D&documentReferer=https%3A%2F%2Fwotlabs.net%2F&ancestorOrigins=https%3A%2F%2Fwotlabs.net&random=9624097796261&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Tue, 06 Feb 2024 22:08:27 +0100

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 914E 38 KB
13 KB 23ms
23ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 10809
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 19:08:18 GMT
expires: Wed, 05 Feb 2025 19:08:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4319 0
0 55ms
54ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0UaO2q3CZc7yNqDNxtYPwOWS2AWJoNaldYuK6tqyEgoQASCj0ogJYJEEoAHfupnKKcgBA6gDAcgDyQSqBLsBT9C8HKX7EOm0ZyZ4Pk8y6bvJe0ACtMP1eynRixKglnYMqDu8lxdQCRrg-o-ogVV5dTkwjG0rYpf79rLxGZ_hIA6RgB2z0zwZntAYeElQXFL_gXu-d5DUE4oha9GvjNvG_tB1HnEHpNNg2ooKA_X-dDJgQPVKeoTsfsnWJwf7BlIgqIkTjUPwv48WWrg4bXTIuRJ7JGKM-DZydLC6nUsLjuuKq-sXf-WpwCuW2OLtpGKxUYcoMc-cpK0zVMAEh7GrnLEEiAXZ3KKJTJIFBAgEGAGSBQQIBRgEoAYDgAff8umpBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEELnrBtIIKQiR4YBwEAEYHzIF64uAgCA6CYBAgICAgICECEi9_cE6WIqQwordl4QDmgkkaHR0cHM6Ly9ibG9ja2NoYWluLWxpZmUuY29tL2FzaWEvZW4vgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTkyMzUyOTI1MjY4ODYwMDQYAA&sigh=OtZcfs6vS1s&uach_m=%5BUACH%5D&ase=2&cbvp=2&vis=1&nis=5

Requested by

Host: wotlabs.net
URL: https://wotlabs.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?fsb=1
Attribution-Reporting-Eligible: event-source
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 06 Feb 2024 22:08:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js Show response
pagead2.googlesyndication.com/bg/ Frame C389 50 KB
19 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:33:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19644
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 16:33:02 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame EB46 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 15:35:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 15:35:13 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 5BAB 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 15:35:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 15:35:13 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 914E 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 15:35:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 15:35:13 GMT

GET
DATA 200
OK truncated
/ Frame A500 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37c93d34afde9c82164c97e1727361cbd3e14934e5817accb3e35b101776ca98

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4595329.json Show response
agen-assets.ftstatic.com/display/7983016/ Frame A500 5 KB
2 KB 90ms
23ms XHR
application/json 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agen-assets.ftstatic.com/display/7983016/4595329.json
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-111.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 26d4c30c5966fab722d37251775d12ad8a786c6a3f074b2cd3b3ac1f90e2ee8d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:21 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/5.2), 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
last-modified: Tue, 30 Jan 2024 18:05:18 GMT
server: AmazonS3
etag: W/"1174f025f876f49dc02820045050925f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=30
x-varnish: 591226578
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: ySu2N7iTnqK3rEa0RE4_DVUOu4tdVCELxz5eQ0I2sgrWT65qaQLnWA==

GET
DATA 200
OK truncated
/ Frame AD9E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c9f605991ad296db3da9f0dbec2afffa649ce57e1e5678928167b45e6701c34

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4595331.json Show response
agen-assets.ftstatic.com/display/7983018/ Frame AD9E 5 KB
2 KB 228ms
216ms XHR
application/json 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agen-assets.ftstatic.com/display/7983018/4595331.json
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-111.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21daf3f2f366316e9903cafa273a7f2da718f8ad3e33ee96fb158db466c23b8f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:29 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/5.2), 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 1808
last-modified: Tue, 30 Jan 2024 18:03:45 GMT
server: AmazonS3
etag: W/"995c3529adaa648116cdb3605fc58aae"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=30
x-varnish: 64896475
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: LnwMLcrpQeklN8s_UYsjjtEb5-dEeiTwm6KCmb6yVl4XU8RciY-63g==

GET
H2

200

activityi;dc_pre=CNz5k4vdl4QDFRZLkQUdIg8PWA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5774466780751.399 Show response
8019191.fls.doubleclick.net/ Frame 5686
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5774466780751.399?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CNz5k4vdl4QDFRZLkQUdIg8PWA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5774466780751.399?

2 KB
1 KB

76ms
74ms

Document
text/html

216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CNz5k4vdl4QDFRZLkQUdIg8PWA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5774466780751.399?

Requested by

Host: wotlabs.net
URL: https://wotlabs.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f134.1e100.net

Software

cafe /

Resource Hash

62d30e328308a04cc1fe6f3ebb2b26c537093cddee3bdbd3f22a84bd3b0e65f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 911
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 22:08:28 GMT
expires: Tue, 06 Feb 2024 22:08:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 22:08:28 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CNz5k4vdl4QDFRZLkQUdIg8PWA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5774466780751.399?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900028.redintelligence.net/ Frame 2E9E 7 KB
3 KB 74ms
25ms Document
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/request_content.php?s=67496600214369704444450012592028&a=8b5f4137
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=8e4hjwsd4phy&nw=20&renderingType=javascript&namespace=6df6f1082c&subid=&uid=d162a5e57094e03a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCd9Qj2q3CZcG7LJuV1PIPsoCqqAfM-Yagafu5x__3D_AuEAEgo9KICWCRBMgBCakClMnR6H8Jsj6oAwHIA5sEqgTiAU_QfHbARhXrClFTrz18gskTjwh4eBT_saWD6xE2M6UIIJIs-BCRTkqLbJFmi5A_MKzzsJNRrN94Bl62JNskzLvNJlhtasQDfEoTwfjPJtxB3wOwydOd6YDL9uLm2SGyCwqHxTJxB2GrcXF7UcZ1ARYEIlbmlR8doRnFUKmMyruYdpLO7JbCKuBq47BUMofvrEr5a25H97AcT5w2king9YS6hHdBmjsFRHXhisfPB5rY9FaB4WMt6lMXbCJiRs7PPTaAd-yaXrrVlHu8Drm3ooXWX6pCjJvi4uZDAHnkFnY1aBPABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJgiA4YAQEAEYHTICqgI6CYBAgICEgICECEi9_cE6WJTkuYrdl4QDgAoBmAsByAsBgAwBqg0CTkziDRMIr566it2XhAMVmwpVCB0ygAp1sBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_4ErEINtAzRVEX7HsU1phwcEr9npIq6fSqMWcy9NcmJLG9-ZzNOwutq5tQnnkqDWaegEZ44fUirigq2sd5lCL17_Ljv7ne9mO_6kYAQ%26sig%3DAOD64_0yGMdE2_RM_cjbppo6yzz98dr40A%26client%3Dca-pub-9235292526886004%26dbm_c%3DAKAmf-BnKkDLyHPClQEHILWMBIVP1EXHpKZeDfamrCkiIGNd0NK35qVUNYz4SaFX0aNp7gSGtGWrP1AP2O3WiarM1MQwPBPTpPkVLtpzpp6tFcZQysIOlE6XERa--6FzQDXU96VSqkSxQjA5cV6vMbRFLwW4efESOdz4-AcoI8X9k6X75t8vdMw%26cry%3D1%26dbm_d%3DAKAmf-Aks-n2twcavnodse5ikhdquakIxci4bnZ_tj548onP3JiSRGfcP2DOun7C6BUtRlvw_-fol1CfxDl-vlR3Q_dvAHKrn0PbmHb5eEE05RIbpTmbUSiq1qWKu4Gnn1yOegfFAY9F6eA0KUAB5qhvamaR76s6HGUKtSKbp71WeEi9u5nrJPsLY7PXRIbHDa8f9eue6aTkoJklKpeAKKqy8i0JMMm-JYf1wPdU2PDgjMUXHYcesTurh72R_WJFA6TVG6-_LRxI-WaPMQQ92HV9lAtLgkq5EjRWDryMgbwCndtDxj3cqyzYFvyQhtHOXt_zieLW8ClOcANlinNXLca2TWxWsrLDS9GZdQiDn0AV475_MtcQK1UYl4qFqCHd3qPqnLXyOT1heBrYe4RhbK6uQCHFTYoKHa6TDxl5sry1gMGGfyin5SAG4DOH41FevDB6qgGruAANdv9CdJNXJRm2qbjdyuY1R8AgyqLFVdV7X2QP2xl_ScyZJ_XQjtPEfjA17PjlespjCogcpNT2BqSocQpqhdnssPybJYZ68ntUvUtMTILM05Rvd9zpUPS0gTHTII_XxDrX%26adurl%3D&documentReferer=https%3A%2F%2Fwotlabs.net%2F&ancestorOrigins=https%3A%2F%2Fwotlabs.net&random=9624097796261&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: b28fe6a741e02661b9cd8c6338c647ad453ea4ac7c6d6190845498dece4c2cb6

Request headers

Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2296
Content-Type: text/html; charset=utf-8
Date: Tue, 06 Feb 2024 22:08:28 GMT
Expires: Tue, 06 Feb 2024 22:08:28 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 914E 0
22 B 53ms
53ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BsszH263CZfH3I5bd7_UPooWyyAsAAAAAOAHgBAI&bg=!z8ylzIPNAAa8BdJLnAU7ADQBe5WfOPpEilqbfeyWswEIyBK6ui-UNJePsirbMhQhDhEGwat2lw7DphAYlYM7pdW9pPFEAgAAAHNSAAAAAWgBB5kDUbm_GvV6riMSpb-z2h_AJ91--uXNgL9UBVhSvdT_-Lic3hMxV5QdbKEHGPLpUTR53kk6hp0007pH-2TgYo8OvONYpQF6dA2A4mlJ-goqizNFo6Qx3JE3_C0OQVZgWoy4OVKXkIuMwtYHN8L30Ls2qnLJ9euD6zU3X3diAWqztVohPcpm64aMpJT_ikS0CzQYAGAQuBGjkt9u_vFCnCMR6XfXyd-FBOhGMdnuXzAF_xAOLsY7TLT2vp4eTcGbttHn8auiZ6AQ53AejtVajcgn5TmPdk_MnUbetXbfG8IxB6UG6M-Gx_oYief_DAsXDtvqaetI2JiZ3iOrlFyPTv_O3ndQ-GvFu9UbvGnzg5DXp8WUT_6XyIKwHSJf39AYi0AsVmM-Q3jxm6CdM8KKc9aAjdtgUiTfEG5hdwkkYIXZyOMOSeW3tsLxrTcqv9APpSLOelvkulx2qPCaPAYfExx53Psmrnw3HiJbsZTROZvFhgMWTERGEr-ewYdYv0Ap3h6GWTulvXMczq_2bkXD4LQBuJA2IZLIfMqfulbisQ0L5X3VuAs0dEki8debkjiMLc5HYPYnSoQiwKwq0UzPkL3tKZ3oCV0vzEeMaj1zyOZjw4-EayXGt25LOZ-xAGteCQsM3hSkKgGyYm7G6a9mTwFzCXEtEiN4Q2ZPR--JQxIhz0g2EJGhUxBRN8Sv9Ki-IhZTm-s4Vs4SBoG3_mtJwV7jjoXpddDo7J2Hfv0cEDF0U5wbBCA_KM85rp-J1h0QOT44jgQyzQjLF2BaKPWJ2vk6LZia73WiQEpggQAbQ7Yi1oELjIx-MHORZCllXGaFLlHI0kZclePIzmcbP1ivJsUC_bRge8LH4fPVEtHKy4K-0tbruwVzPrGNCBp0LDzvSm3X2SQStIWiXduJ19dPCjog1FsfYkUtIcaFahfyYsgTcYyAD3_Bo0TrgBgn01VVv1UKs_w0Gj7HNfy_YsfrfmU0PoHwjlSKJWzty3rVv6NFfy5SiJrug0e0OQGDm9SQ51uWqqYHEI3j3CzZ4irqG-A5Y5ctykFYyAL3H_mANTWFQFxbSFddfBq0yrWVw7NEbbhWJhNAaZEnLEU8jDYf7-DsNhC9pKPu-Sp-QPBGXVHoSNqZew

Requested by

Host: wotlabs.net
URL: https://wotlabs.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8AD2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4f4bc9a699597a2ca611116e2b20d8c6a18aa71d7ea0974c47f21ab6ef4b3fd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EB46 0
22 B 54ms
54ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BXSOS263CZbyiI-KW9u8PvO-zyA0AAAAAOAHgBAI&bg=!lJell9jNAAa8BdJLnAU7ADQBe5WfONy5ryAg_Nx9O2Nxst5yLCzIj9sJbuyOyuh13VERze5_KyU4JosdRoCvsw4SqTsHAgAAAIxSAAAAAWgBBwoANZQibVOWfNCkOQI4JrhUmzL92IqeKJ1uDNLgEVuA-aUDhbguwyWiSUY9zK5l7OEmwcULoQsWmQMKz1U109g0RN6wPWScg1cqXZPikqOD90X9XV7-oGYdtfg5H5mmYcvN32xZ7e1ro2QvOmz7FGo50HnCnZDElrsjgf1tlzduOj6raS8vu92SvIEce43ulMw9Bdn5IqFiqoI-sPEaVBlliSLTEG731ehytMMGHzttTsni1JO9HFbPDvwHDy4dUiztCGLa_J-xghJIFsCGCuvLahwlZ-tpI3l1REhm-uxMCSsckwIVRrpCwrCJcBcE4ornXiwHunUuKW-h9CO1GUwMXzkg85G51kHOBNnQB_M9V_M7OWHPW2f9mjEQekERQ5A7EeEcMWXo-pIYl-tVY95-_cdldPP03G2Y7SVmqPjk3K3-Un6M-PFE1K7iOntCjAjX9OCAm-UO7KPH0XJsdT12XiZbrsUXGaBzIod505h_-gOIat40CM6YQGvJ1ugqX9ueZTM5z-ixsRJieJ2r7-OxUY012rwjPc1OXy_zUIk0Vj302H2-IbyBneFvSCPJTKd7rD-5eMtkD6TWa6DBIegMFdg4EqYDSYNSZ5trxvHMomzRKaMqppU6OVEUlYeI8AlWQvzU0xaCAy-Q9MWfm4-KrrnRfdGMKWTTeN3cALmAhND_DJiPDL2C9e3USqrwSpRBacgd9EtEOdV2od70iy9LS7Oi1YMqAD_X5pHDRkf2Ej3RVJbUAnj5kec6g6plQvGGb9FRbp3zD0bRRtQ3x0CC4lMelCaseAr3q6AH3fsNqeXyvmfN89nBLys0q1RNcVvrGiLiKeiQREPntYVIZ0Nus0zpm0yYDblzTDLWpDltDRrND0QTDpkVwVQo8n9c3jcxVUvdldBqnzTCY0grYuEKwHdRv_gi3R88NiFpZKLiTPEN_2WTcHUMW-FL3DXkqGhlSserEVFgkfyO2wW-bGShYldmy30pE5TvChrfDW-0c5SalTewBG231ne8-s9nDfMMprXWHwiaXblkScb0ehws_xCZ96hyrDn6QuatA9oC0FO7eSbEwQUTBnzrZ7fppRPDcf-_3YRj9RMKQYX2BNBS7dTPqg

Requested by

Host: 984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
URL: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5BAB 0
22 B 53ms
53ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BSTrZ263CZeq1I_Gs9u8P9cSYyAwAAAAAOAHgBAI&bg=!PzylPHPNAAa8BdJLnAU7ADQBe5WfOI_cBjuoW50nGCFSzHBUix_F_ZTo4O8uAy8QsqEZH1lPHW4Kio3epqCx9KaGVqpeAgAAAH5SAAAAAmgBB5kDDV0xRUPqm2BkHMeor0suFBn7YF8zUvl3XQYfRfzeUWHMBoNOYMGxmv5ewrIFx5Zk3spz0p24P3y6G0oDLTRDstG4PE9Jj7Py5DrcQv4Vcv--4AVgB1ojeAROy3WBWpjyJczw3mZats7VJZerEPC-HmkQ9tYc9t8iMPrz1GtzvI8yWbu6fPHa1GGU7SyOg7IuMfUB6BTESaya6Y3cN6udPXtf-bTZ2gCoPGzsjNBYtknxX1Qv7QqARX64nVfmtW2xe8YrwZwsJzns9BKy86SD7auxF1K8kMNvudLqgl8ItSzytutLefOmNfnX7B1vCf0mNTvY5bjRBnNrl1jg98IFH56NsW5-Ut44Eo0P73naZH6wJhBCpvK00L6Qm5jgyNtbuHjLUeiZLO7-ap1xOy9t8gaCIEWZI2i1AwrqxEHBOt6vn3VbVasuf5dYVzoUxAyP7_YhSorM2pOV6k1cmNscyucosYqR8KedhwGlap8OKkvX4PcWENDXwPyN_eHrsUazhY_Kj_8ioK8q3wKW_zvMho2QGE3O9YnDNdC5L-q-AoFcBbe6Smx5AX9PWx0s1H3GfhsFR2nUTbFhqsMsMEkRL-1txtCBqnTpQQaaEato-ioYSbddljXzdw48hvfoHrwrXiljQW2Y8a-hIIc85pBTxMYQBTiBmr4ZdUy27v_xMsbEdFlaMlHE6msdKGUxBaFAtlBnCYJlpv3-STloxdxf1gEuiDrMkyG9LoyHHIPT__j2vGNGMkrmXOHFO3Yn1T0WDmCju417YsJAkZZ2_aIM4IRuKmplTX-hPSRDAPmjPCMUNDkdAJ5yS9uYlZDje1oQootSyy2fjMSJLaZ_QvtGYYaK9E2x3ZZd5-5qyDiTOszf9tR5rtlHKJuhaFgw6eGy8vLMIwvnlGCzT5RbOA3On-3UZgine6ugcKrH5meGjkO24qpTxzCRkxcTRR1qTd-xMeCMoksaq9dCIP3KTuvxALm5OmaEEDKdbnm2JlANi7CpxDjyT6XkEfJXZ11J55pCUo1ReMwwXzutRTr3jjc

Requested by

Host: wotlabs.net
URL: https://wotlabs.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ Frame A500 601 KB
162 KB 95ms
24ms Script
application/javascript 2600:9000:2646:6c00:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7983016&l4=4595329&l5=1&l6=1&utid=93B1B888-0FCE-22E0-CA6E-9B1B1722327A&creative_type=display&adid=ftdiv7983016&pub_app=&pub_domain=https://wotlabs.net/&uid=&cb=358832.1459469899&pub_ts=1706637952&23886211
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:6c00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2888a1210e6391da4d3687df611934171605a4cf610c882964334d2de24719e8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 15:28:54 GMT
Content-Encoding: br
Via: 1.1 6ce3814cb60a4c907ac701e60e4c1e5a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P5
Age: 23974
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 06 Feb 2024 15:28:54 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: FbcCJ_bgWGor7ZUQfIKo5wkRbKUT6bk5YLY6_AII2b_4Lcb2UcOpag==
Expires: Wed, 07 Feb 2024 15:28:54 GMT

GET
H/1.1 200
OK ftpagefold_v4.7.2.js Show response
cdn.flashtalking.com/pageFold/ Frame A500 17 KB
6 KB 126ms
30ms Script
application/javascript 95.101.148.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-38.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 22:08:28 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Nov 2022 15:59:45 GMT
Server: Flashtalking (AKA)
ETag: W/"41e1de2061b5162671c94aaf53e51cc1"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Varnish: 245816087 241254950
Cache-Control: max-age=22494
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5545
Expires: Wed, 07 Feb 2024 04:23:22 GMT

GET
H/1.1 200
OK FY24Q1_CC_Individual_CCIAllApps_nl_nl_Contingency-31stJan-14thFeb_ST_300x250_NA.jpg
cdn.flashtalking.com/189813/4595329/ Frame A500 67 KB
68 KB 125ms
29ms Image
image/jpeg 95.101.148.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/189813/4595329/FY24Q1_CC_Individual_CCIAllApps_nl_nl_Contingency-31stJan-14thFeb_ST_300x250_NA.jpg?507554154
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-38.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: e32711b9c7dc1dcf45b74e970977c1e7b7408d1274989f4e7e2564e4b6e0152d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 22:08:28 GMT
Last-Modified: Tue, 23 Jan 2024 09:35:53 GMT
Server: Flashtalking (AKA)
ETag: W/"d83fe12e8d527b1c9f9aead039ae82d3"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 1058530769
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1200
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68865
Expires: Tue, 06 Feb 2024 22:28:28 GMT

GET
H/1.1 200
OK iconc.png
cdn.flashtalking.com/oba/icon/ Frame A500 1 KB
2 KB 124ms
27ms Image
image/png 95.101.148.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-38.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 22:08:28 GMT
Last-Modified: Sat, 12 Apr 2014 19:14:32 GMT
Server: Flashtalking (AKA)
ETag: W/"db320ef6f3c45ab5c90887ef618de2bb"
Content-Type: image/png
X-Varnish: 511612315 382618673
Cache-Control: max-age=1262347
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1308
Expires: Wed, 21 Feb 2024 12:47:35 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 2E9E 89 KB
32 KB 80ms
31ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=67496600214369704444450012592028&a=8b5f4137

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 18:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 18:49:23 GMT

GET
H/1.1 200
OK S-728x90.gif
cdn.contentspread.net/24i/content/soberfb/EN/ Frame 2E9E 24 KB
24 KB 104ms
34ms Image
image/gif 85.114.131.235
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/EN/S-728x90.gif
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=67496600214369704444450012592028&a=8b5f4137
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.235 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21039.dus4.fastwebserver.de
Software: nginx /
Resource Hash: bb7af425c43258678e12b76bf22f6eaab51fd7dfd6e285131a86a3002d547ee9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 22:08:28 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:29 GMT
Server: nginx
ETag: "5b55f201-5fb9"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 24505

GET
H2 200 /
ad-events.flashtalking.com/state/7983016;4595329;0;271;93B1B888-0FCE-22E0-CA6E-9B1B1722327A/ Frame A500 0
67 B 125ms
19ms Image
text/plain 3.123.76.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/7983016;4595329;0;271;93B1B888-0FCE-22E0-CA6E-9B1B1722327A/?cachebuster=635737973
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.76.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-76-159.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:28 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame A500 1 B
377 B 102ms
25ms Image
text/plain 95.101.148.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7983016;4595329;0-304-0-0-443266968
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-38.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 22:08:28 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Tue, 06 Feb 2024 22:08:28 GMT

GET
H/1.1 200
OK viewability Show response
hal900028.redintelligence.net/ Frame 2E9E 0
150 B 75ms
24ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/viewability?s=67496600214369704444450012592028&a=270c10ea&vb=m
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=67496600214369704444450012592028&a=8b5f4137
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900028.redintelligence.net/request_content.php?s=67496600214369704444450012592028&a=8b5f4137
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 22:08:28 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 2E9E 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame A500 101 B
697 B 531ms
135ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=PrbqbzrrRnqCWmdnPLTEPPSbKzqEuApZ-FE7fPshldVrqKD8Y33LIG07APA==-E03BO89kaFHhMg==&pm_ct=2864c9d5f169433ef7e2952f&pm_pl=1707257308271&pm_td=13&pid=1000941&en=1.1&callback=__pm_glbl_ZQv0b5qYNHvcgdGTFByM2pf8._gc1&tt=g&v=f487d82
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7983016&l4=4595329&l5=1&l6=1&utid=93B1B888-0FCE-22E0-CA6E-9B1B1722327A&creative_type=display&adid=ftdiv7983016&pub_app=&pub_domain=https://wotlabs.net/&uid=&cb=358832.1459469899&pub_ts=1706637952&23886211
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5a536e95a2c5d777a974a7cc452357c2b727863b76bd687209ed397c21fb157e

Request headers

Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 22:08:28 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 101

GET
DATA 200
OK truncated
/ Frame 3268 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A500 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dc_pre=CNz5k4vdl4QDFRZLkQUdIg8PWA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5774466780751.399
adservice.google.com/ddm/fls/z/ Frame 5686 42 B
401 B 110ms
56ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNz5k4vdl4QDFRZLkQUdIg8PWA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5774466780751.399

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CNz5k4vdl4QDFRZLkQUdIg8PWA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5774466780751.399?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDgwMTkxOTEKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2dvb2dsZXN5bmRpY2F0aW9uLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04K...
ad.doubleclick.net/ddm/activity/ Frame 5686 0
1 KB 55ms
54ms Image
image/png 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDgwMTkxOTEKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2dvb2dsZXN5bmRpY2F0aW9uLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04KZGVidWdfa2V5OiA4NTUyMTA0MTc5MzYyNzY0NjI3CmN0Y19jb252ZXJzaW9uX2J1Y2tldDogMQphcmNoZXR5cGVfaWQ6IDEKYXJjaGV0eXBlX2lkOiAzCmFyY2hldHlwZV9pZDogNAphcmNoZXR5cGVfaWQ6IDUKYXJjaGV0eXBlX2lkOiA2CmFyY2hldHlwZV9pZDogNwphcmNoZXR5cGVfaWQ6IDgKYXJjaGV0eXBlX2lkOiA5CmFyY2hldHlwZV9pZDogMTAKYXJjaGV0eXBlX2lkOiAxMQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFyY2hldHlwZV9pZDogMTYKYXJjaGV0eXBlX2lkOiAxNwphcmNoZXR5cGVfaWQ6IDE4CmFyY2hldHlwZV9pZDogMTkKYXJjaGV0eXBlX2lkOiAyMAphcmNoZXR5cGVfaWQ6IDIxCmNvbnZlcnNpb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IENPTlZFUlNJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQUNUSVZJVFlfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDYwMzkwMDEKICB9Cn0KY29udmVyc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogQ09OVkVSU0lPTl9ESU1FTlNJT05fQ09OVkVSU0lPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDItMDYiCiAgfQp9CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA1NzA0MjUzNDQKZ2NsaWQ6ICIiCnRyaWdnZXJfZGVkdXBsaWNhdGlvbl9rZXk6IDExMjY0MTEwNjA4NTExNjUzMTM1Cg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:28 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"11264110608511653135"}],"aggregatable_trigger_data":[{"filters":{"14":["6039001"]},"key_piece":"0x229d6528dd72fae9","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0x54e43f177d5852ab","not_filters":{"14":["6039001"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["6039001"]},"key_piece":"0x7f943ac4f1479f60","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xd51c334b82bb79a8","not_filters":{"14":["6039001"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"8552104179362764627","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"11264110608511653135","filters":{"14":["6039001"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"11264110608511653135","filters":{"14":["6039001"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"11264110608511653135","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"11264110608511653135","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["8019191"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 1b64fdca-c368-4170-9e10-4d8dd3b72b25
https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/ Frame A500 720 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/1b64fdca-c368-4170-9e10-4d8dd3b72b25
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 720
Content-Type: application/javascript

GET
BLOB 200
OK 9148e922-d51d-414a-ac40-d3bde1372864
https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/ Frame A500 725 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/9148e922-d51d-414a-ac40-d3bde1372864
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 725
Content-Type: text/javascript

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ Frame AD9E 601 KB
162 KB 21ms
20ms Script
application/javascript 2600:9000:2646:6c00:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7983018&l4=4595331&l5=1&l6=1&utid=55AAAFD6-9F51-9BAC-485F-427C5128730E&creative_type=display&adid=ftdiv7983018&pub_app=&pub_domain=https://wotlabs.net/&uid=&cb=161949.42842965666&pub_ts=1706637824&684963177
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:6c00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2888a1210e6391da4d3687df611934171605a4cf610c882964334d2de24719e8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 15:28:54 GMT
Content-Encoding: br
Via: 1.1 6ce3814cb60a4c907ac701e60e4c1e5a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P5
Age: 23974
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 06 Feb 2024 15:28:54 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: 26EE4kL2bMvPCH9M1bnmRcp_iH_kcOB-pSvjEbtnsuOZWUrW8hjW_g==
Expires: Wed, 07 Feb 2024 15:28:54 GMT

GET
H/1.1 200
OK iconc.png
cdn.flashtalking.com/oba/icon/ Frame AD9E 1 KB
2 KB 22ms
22ms Image
image/png 95.101.148.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-38.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 22:08:28 GMT
Last-Modified: Sat, 12 Apr 2014 19:14:32 GMT
Server: Flashtalking (AKA)
ETag: W/"db320ef6f3c45ab5c90887ef618de2bb"
Content-Type: image/png
X-Varnish: 511612315 382618673
Cache-Control: max-age=1262347
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1308
Expires: Wed, 21 Feb 2024 12:47:35 GMT

GET
H/1.1 200
OK ftpagefold_v4.7.2.js Show response
cdn.flashtalking.com/pageFold/ Frame AD9E 17 KB
6 KB 23ms
23ms Script
application/javascript 95.101.148.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-38.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 22:08:28 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Nov 2022 15:59:45 GMT
Server: Flashtalking (AKA)
ETag: W/"41e1de2061b5162671c94aaf53e51cc1"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Varnish: 245816087 241254950
Cache-Control: max-age=22494
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5545
Expires: Wed, 07 Feb 2024 04:23:22 GMT

GET
H/1.1 200
OK FY24Q1_CC_Individual_CCIAllApps_nl_nl_Contingency-31stJan-14thFeb_ST_728x90_NA.jpg
cdn.flashtalking.com/189813/4595331/ Frame AD9E 51 KB
51 KB 23ms
22ms Image
image/jpeg 95.101.148.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/189813/4595331/FY24Q1_CC_Individual_CCIAllApps_nl_nl_Contingency-31stJan-14thFeb_ST_728x90_NA.jpg?587838992
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-38.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 92a3d514d50fe1156fa3b54a537207ba6d17fe69ef32421e1139923380f682e2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 22:08:28 GMT
Last-Modified: Tue, 23 Jan 2024 09:35:53 GMT
Server: Flashtalking (AKA)
ETag: W/"91f52f8acea3293f607165b872531186"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 242275483 241198751
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1200
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52015
Expires: Tue, 06 Feb 2024 22:28:28 GMT

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame A500 1 B
377 B 19ms
19ms Image
text/plain 95.101.148.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7983016;4595329;0-306-0-0-240191378
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-38.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 22:08:28 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Tue, 06 Feb 2024 22:08:28 GMT

GET
BLOB 200
OK 3f3e78f2-8408-455d-b3a7-598230e6d44c
https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/ Frame A500 288 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/3f3e78f2-8408-455d-b3a7-598230e6d44c
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 288
Content-Type: text/javascript

GET
H2 200 /
ad-events.flashtalking.com/state/7983018;4595331;0;271;55AAAFD6-9F51-9BAC-485F-427C5128730E/ Frame AD9E 0
66 B 19ms
19ms Image
text/plain 3.123.76.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/7983018;4595331;0;271;55AAAFD6-9F51-9BAC-485F-427C5128730E/?cachebuster=939070072
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.76.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-76-159.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:28 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame AD9E 1 B
377 B 21ms
21ms Image
text/plain 95.101.148.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7983018;4595331;0-304-0-0-103884133
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-38.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 22:08:28 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Tue, 06 Feb 2024 22:08:28 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame AD9E 101 B
697 B 336ms
130ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=PrbqbzrrRnqCWmdnPLTEPPSbKzqEuApZ-FE7fPshldVrqKD8Y33LIG07APA==-E03BO89kaFHhMg==&pm_ct=a74cf8d5d41b5b23457c36be&pm_pl=1707257308595&pm_td=15&pid=1000941&en=1.1&callback=__pm_glbl_lPUkRMdkmI9qjy43i7qMa4MD._gc1&tt=g&v=f487d82
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7983018&l4=4595331&l5=1&l6=1&utid=55AAAFD6-9F51-9BAC-485F-427C5128730E&creative_type=display&adid=ftdiv7983018&pub_app=&pub_domain=https://wotlabs.net/&uid=&cb=161949.42842965666&pub_ts=1706637824&684963177
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: af35d4ed404cccc6c7aeba72ddef6c6405f8c0942815504f972f8541767fe555

Request headers

Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 22:08:28 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 101

GET
DATA 200
OK truncated
/ Frame AD9E 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0958 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Referer

Response headers

Content-Type: image/svg+xml

GET
BLOB 200
OK 3c8a0bbf-9acc-4777-b812-b6d58c65cd0a
https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/ Frame AD9E 720 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/3c8a0bbf-9acc-4777-b812-b6d58c65cd0a
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 720
Content-Type: application/javascript

GET
BLOB 200
OK 19bf5fbe-c6dc-439e-83e9-d7b7dbc76708
https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/ Frame AD9E 725 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/19bf5fbe-c6dc-439e-83e9-d7b7dbc76708
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 725
Content-Type: text/javascript

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame AD9E 1 B
377 B 21ms
21ms Image
text/plain 95.101.148.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7983018;4595331;0-306-0-0-659593016
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-38.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 22:08:28 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Tue, 06 Feb 2024 22:08:28 GMT

GET
DATA 200
OK truncated
/ Frame A500 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif

GET
BLOB 200
OK a0807c3f-f218-4c20-978d-35485465ebd0
https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/ Frame AD9E 288 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/a0807c3f-f218-4c20-978d-35485465ebd0
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 288
Content-Type: text/javascript

GET
H3 200 __utm.gif
ssl.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1297870768&utmhn=wotlabs.net&utmt=event&utme=14(4260*0*50*780*0*220*1530*1530)(4261*0*55*788*2*223*1531*1531)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=WoTLabs.net%20-%20World%20of%20Tanks%20Statistics%20Tracker&utmhid=445179707&utmr=-&utmp=%2F&utmht=1707257308855&utmac=UA-36899569-1&utmcc=__utma%3D191158956.728815700.1707257306.1707257306.1707257306.1%3B%2B__utmz%3D191158956.1707257306.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:40:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5262
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 110ms
66ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8dd0dba88d70a642967ea6e1ed20efe9d0d7192812dea345189b262335cf4afe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12123
x-xss-protection: 0

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame A500 1 B
320 B 266ms
261ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=PrbqbzrrRnqCWmdnPLTEPPSbKzqEuApZ-FE7fPshldVrqKD8Y33LIG07APA==-E03BO89kaFHhMg==&pm_ct=2864c9d5f169433ef7e2952f&pm_pl=1707257308271&pm_td=593&pid=1000941&en=1.1&callback=__pm_glbl_ZQv0b5qYNHvcgdGTFByM2pf8._gc2&tt=g&v=f487d82
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7983016&l4=4595329&l5=1&l6=1&utid=93B1B888-0FCE-22E0-CA6E-9B1B1722327A&creative_type=display&adid=ftdiv7983016&pub_app=&pub_domain=https://wotlabs.net/&uid=&cb=358832.1459469899&pub_ts=1706637952&23886211
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
Date: Tue, 06 Feb 2024 22:08:29 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
DATA 200
OK truncated
/ Frame AD9E 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame AD9E 1 B
320 B 262ms
262ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=PrbqbzrrRnqCWmdnPLTEPPSbKzqEuApZ-FE7fPshldVrqKD8Y33LIG07APA==-E03BO89kaFHhMg==&pm_ct=a74cf8d5d41b5b23457c36be&pm_pl=1707257308595&pm_td=355&pid=1000941&en=1.1&callback=__pm_glbl_lPUkRMdkmI9qjy43i7qMa4MD._gc2&tt=g&v=f487d82
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7983018&l4=4595331&l5=1&l6=1&utid=55AAAFD6-9F51-9BAC-485F-427C5128730E&creative_type=display&adid=ftdiv7983018&pub_app=&pub_domain=https://wotlabs.net/&uid=&cb=161949.42842965666&pub_ts=1706637824&684963177
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
Date: Tue, 06 Feb 2024 22:08:29 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A500 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstaOLFlz22vqNmS6OMQ0EDN1b4fzl0Y8b1VEGbVFOo504E-cfMlSznxdgx7ggqSGNZ99vGTqbAMa6RnBiqn4R-PwKA6wMbwW2iUAXX9BdsFSa4zeu1zKeBQaoW2qoxGVtVsBag9HX2r2DpT87Ll82oBg4-kBDx9rrQBTA&sai=AMfl-YQPLUEr493GccKqVvaoVAzlsc9x7JQYUPmBXwmZGxSgXGKRk0gRFpxGsARJbNoTiDu5s3qjNYHJCAG_S1ILBvkbB6e68YlF5qve6sxIHNP8Nda-45Lyb0_f532kdDP2WDPEayvMXDUMASq_7Lx0BQ&sig=Cg0ArKJSzEeLEfmW_VC9EAE&cid=CAQSTwAvHhf_4ErEINtAzRVEX7HsU1phwcEr9npIq6fSqMWcy9NcmJLG9-ZzNOwutq5tQnnkqDWaegEZ44fUirigq2sd5lCL17_Ljv7ne9mO_6kYAQ&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240205&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1519362784&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=319010700&rst=1707257307480&rpt=475&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 22:08:29 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A500 0
22 B 51ms
50ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5396036132746&version=m202401290101&ct=77&x=1&cor=11002223638303795000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AD9E 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-L5j3PdbO4NHYE0UjceBN_WSvIQo-aJwh1bf-zwR2vPge39myJlb2s-EcESa19ufkoNAxpAWRhS5e1AEdToav5LYun-Bi3vPyEZOHogZfBnNlpd3EAuZgmtFLzgbZMyjmfX6rPeoPpjG2kf14BvpWFKU8bvaGISjuPg&sai=AMfl-YQ7Z8ucjBoZh7vQwlcNac07joQONaGf5bLQfLYzbQWa9UDwijjCqxb3d5IYydQGadfL-6goPk-a-ItNEXOUOiqsOjacI5mPUVaKuh2xzC4nJ2Q-k0LEQox1UeLfY7nqTbpa9vKtVzk28cSrNBeitw&sig=Cg0ArKJSzL_ZzmyIdEq1EAE&cid=CAQSTwAvHhf_4ErEINtAzRVEX7HsU1phwcEr9npIq6fSqMWcy9NcmJLG9-ZzNOwutq5tQnnkqDWaegEZ44fUirigq2sd5lCL17_Ljv7ne9mO_6kYAQ&id=lidar2&mcvt=1000&p=15,852,105,1580&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240205&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1557938739&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=319010700&rst=1707257307423&rpt=565&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AD9E 0
22 B 51ms
51ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=134619537735&version=m202401290101&ct=77&x=1&cor=18154259029118460000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4319 42 B
64 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssi3UJsbU3edOMGOzTMKOOAULFU0qNOeNtG0vlDi9ZLEh7_0V6qDYEBSkIAGK9_qBFq9VQgxb7N43by2Hy_74DJI3L9nLfv0xKy6MtB_hQNQn-gNHy02pkilxNBBrZmVUm3xBKG48-lSq3L291BeDkX85Ak3UEOKa2tqYKivw&sig=Cg0ArKJSzByQUwQ1zO1aEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=111,794,1000,1121,1210&tos=111,683,206,121,89&v=20240205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=319010700&rst=1707257307589&rpt=210&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D6F2 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wotlabs.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 21:41:44 GMT
expires: Wed, 05 Feb 2025 21:41:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 129B 829 B
1 KB 83ms
30ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

30720b76dacb067a93b6c6f46cf435cfb461d562889eb56f416df5dfd525394d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-o1nQ3bxgLfS6JbmLAk-4UA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wotlabs.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-o1nQ3bxgLfS6JbmLAk-4UA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 22:08:29 GMT
expires: Tue, 06 Feb 2024 22:08:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame D6F2 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 15:35:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 15:35:13 GMT

GET
H/1.1 200
OK consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame A500 6 KB
6 KB 120ms
31ms Image
image/png 95.101.148.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-38.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 22:08:29 GMT
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Server: Flashtalking (AKA)
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
Content-Type: image/png
X-Varnish: 69423302 69718121
Cache-Control: max-age=354
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5953
Expires: Tue, 06 Feb 2024 22:14:23 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D6F2 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?o-wpVA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 129B 0
0 53ms
53ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402010101&jk=2665303978646082&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame AD9E 1 B
320 B 128ms
128ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=PrbqbzrrRnqCWmdnPLTEPPSbKzqEuApZ-FE7fPshldVrqKD8Y33LIG07APA==-E03BO89kaFHhMg==&pm_ct=a74cf8d5d41b5b23457c36be&pm_pl=1707257308595&pm_td=621&pid=1000941&en=1.1&callback=__pm_glbl_lPUkRMdkmI9qjy43i7qMa4MD._gc3&tt=g&v=f487d82
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7983018&l4=4595331&l5=1&l6=1&utid=55AAAFD6-9F51-9BAC-485F-427C5128730E&creative_type=display&adid=ftdiv7983018&pub_app=&pub_domain=https://wotlabs.net/&uid=&cb=161949.42842965666&pub_ts=1706637824&684963177
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
Date: Tue, 06 Feb 2024 22:08:29 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame AD9E 6 KB
6 KB 21ms
21ms Image
image/png 95.101.148.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Requested by: Host: wotlabs.net
URL: https://wotlabs.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-38.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 22:08:29 GMT
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Server: Flashtalking (AKA)
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
Content-Type: image/png
X-Varnish: 69423302 69718121
Cache-Control: max-age=354
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5953
Expires: Tue, 06 Feb 2024 22:14:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 67ms
67ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402010101&jk=2665303978646082&bg=!tbaltvnNAAa8BdJLnAU7ADQBe5WfOG73m7lS-ZCI5PkJZhuvuyv3NlB0xZmKVTrmW77CTgw7GDowHCcrrPV5gBSpA4vfAgAAADhSAAAAAWgBB5kCzKnfZzv8CBnGD5G8TB8usb9vNDyCp2tk4wMtMeFTWVgsLWLGlUx-1fohgYp-AYTZFznkvFx7bqKWzejkF9GIBLHn5RqRcPX5pOiRH7gLxPw6lrsT_CNmH8pJwFX-CnsAlrttpd2MJRT9XV0fZVATmpGw_40RJfDovoZopX6i7bgbVQE1odaoepJrdQ43Pev7JNtBLTWXYai2sdIjjpGXBCLoNIUVb-1N8s8N9YbwwwfXcF7pn6bcT973XltK6croF3z3W3PiCUPzRgtN60SElXUbAhiMCpDX7DQdABGMO-IOW64IDBpB5WOZk5RNZd_sQqSAgJk8j9IQ_i6dZUe6JDVZh0qh49A3ae9ukVi3d7fHHa3poIvZ9WtCBxqVOzn2Cwq9v5rN3qhyOT3m90Djmc4O0zLQzJL4A28KYr-dZnYAMLaSoEI18gIqJFUhXgvQ8sCj6lDpNj5Z9aeCKu8NCaWM2XxTzD64dP0RD1A0DwfDsUYQOZuqvGwavJC_5b81bYvM1nd1dHZYmvWaEHPU47bUagfLavIqwqz0BUivt_IJe8V7FpZX5XoGnv0qb9JEY25UlhjMzdQuLoaNnT7FTWffYkcHuRoYWs-_mtC78gP85nmoXPrKAAza76cHWzRd4LHwixzaG9K1tM9r7wb3tXVMu8QFQFDqbmLs7Kpl24NQj90R0TtraYA9y5UzmOrcoN781mg-cEDihlpwAEIH_jYgs4G9GaUx5E-VduJxmHQsOUY4LcSzlkSMgYqwZeylYzJ63iUmgsMFORmf43qALes36d16KxixXjIeCoiGpxEv8Ci1mOUZ6kdKl9TuQw_Bm_qiY0_ZXtwyma3WgYg3SHIhxRPx0k55sBCQUG42Zd0VeVcw4vdDF9nIJUvy-MgPVnLxh-KFjGASwzIjq7KEHWDcuZjn1aXhQL_vr1Tjr-g0iMApk8OCLFxqH4aj
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wotlabs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame A500 1 B
320 B 131ms
131ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=PrbqbzrrRnqCWmdnPLTEPPSbKzqEuApZ-FE7fPshldVrqKD8Y33LIG07APA==-E03BO89kaFHhMg==&pm_ct=2864c9d5f169433ef7e2952f&pm_pl=1707257308271&pm_td=1495&pid=1000941&en=1.1&callback=__pm_glbl_ZQv0b5qYNHvcgdGTFByM2pf8._gc3&tt=g&v=f487d82
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7983016&l4=4595329&l5=1&l6=1&utid=93B1B888-0FCE-22E0-CA6E-9B1B1722327A&creative_type=display&adid=ftdiv7983016&pub_app=&pub_domain=https://wotlabs.net/&uid=&cb=358832.1459469899&pub_ts=1706637952&23886211
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
Date: Tue, 06 Feb 2024 22:08:29 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8AD2 0
22 B 51ms
51ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8206046118805&version=m202401290101&ct=77&x=1&cor=18101172992651788000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 22:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame A500 1 B
377 B 22ms
22ms Image
text/plain 95.101.148.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7983016;4595329;0-307-0-0-21034662
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-38.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 22:08:29 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Tue, 06 Feb 2024 22:08:29 GMT

GET
H2 200 /
ad-events.flashtalking.com/state/7983016;4595329;0;202;93B1B888-0FCE-22E0-CA6E-9B1B1722327A/ Frame A500 0
66 B 21ms
20ms Image
text/plain 3.123.76.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/7983016;4595329;0;202;93B1B888-0FCE-22E0-CA6E-9B1B1722327A/?cachebuster=374840801
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.76.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-76-159.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:29 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame AD9E 1 B
377 B 76ms
54ms Image
text/plain 95.101.148.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7983018;4595331;0-307-0-0-731832670
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-38.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 22:08:29 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Tue, 06 Feb 2024 22:08:29 GMT

GET
H2 200 /
ad-events.flashtalking.com/state/7983018;4595331;0;202;55AAAFD6-9F51-9BAC-485F-427C5128730E/ Frame AD9E 0
66 B 19ms
19ms Image
text/plain 3.123.76.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/7983018;4595331;0;202;55AAAFD6-9F51-9BAC-485F-427C5128730E/?cachebuster=386951556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.76.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-76-159.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:08:29 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame AD9E 1 B
320 B 128ms
128ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=PrbqbzrrRnqCWmdnPLTEPPSbKzqEuApZ-FE7fPshldVrqKD8Y33LIG07APA==-E03BO89kaFHhMg==&pm_ct=a74cf8d5d41b5b23457c36be&pm_pl=1707257308595&pm_td=1272&pid=1000941&en=1.1&callback=__pm_glbl_lPUkRMdkmI9qjy43i7qMa4MD._gc4&tt=g&v=f487d82
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7983018&l4=4595331&l5=1&l6=1&utid=55AAAFD6-9F51-9BAC-485F-427C5128730E&creative_type=display&adid=ftdiv7983018&pub_app=&pub_domain=https://wotlabs.net/&uid=&cb=161949.42842965666&pub_ts=1706637824&684963177
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
Date: Tue, 06 Feb 2024 22:08:29 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

POST
H2 200 tracking Show response
www.patreon.com/api/ Frame A3B8 7 B
792 B 253ms
252ms XHR
text/html 2606:4700::6810:731
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patreon.com/api/tracking

Requested by

Host: c6.patreon.com
URL: https://c6.patreon.com/nl-NL/becomePatronButton.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:731 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.patreon.com/platform/iframe?widget=become-patron-button&redirectURI=https%3A%2F%2Fwotlabs.net%2F&creatorID=162474
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 06 Feb 2024 22:08:30 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-patreon-uuid: 152d571e-50e6-5004-8140-8aba50cad985
content-encoding: gzip
x-patreon-sha: 171bb8472bd334331691b3fe102d221165a6d1e5
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJXm1%2F1R0Y99ti7%2BxSzcOEqLf4CF4vI%2B4MYzNEa6UHewnVrtCENKKreYbsEBY2i35Ntvv4ervRJoRKrmP9BWjlZBfXA%2B6OHeqLWpllzN%2FG2e%2BWsaGQJzfaCi6wSPKrZlfH363ZGpYhIVbZB3FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private
cf-ray: 8516b64cda090859-FRA

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
wotlabs.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: utrasgguhmiaa0i41dumr61dm4
.wotlabs.net/	1970-01-21 03:50:17	Name: __utma Value: 191158956.728815700.1707257306.1707257306.1707257306.1
.wotlabs.net/	1969-12-31 23:59:59	Name: __utmc Value: 191158956
.wotlabs.net/	1970-01-20 22:37:05	Name: __utmz Value: 191158956.1707257306.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.wotlabs.net/	1970-01-20 18:14:17	Name: __utmt Value: 1
.patreon.com/	1970-01-20 18:14:19	Name: __cf_bm Value: lEkX9wpSDiTHfF91M9M5hpFdia8k0WZ_6it_XtTLEUc-1707257306-1-Aaci4DEMD4PDN1XyVLy3OISa5lIC0nvsznPo6fQ06gS4tWvQ1h6u+/QVYDtmPSOh4jGG2YllaO+y6KAZL3j9N4ABx9H+z5e270UUdbnQNW3d
.paypal.com/	1970-01-21 03:50:17	Name: ts Value: vreXpYrS%3D1801951706%26vteXpYrS%3D1707259106%26vr%3D80771db618d0a553405d6b1efa9f03c5%26vt%3D80771db618d0a553405d6b1efa9f03c4%26vtyp%3Dnew
.paypal.com/	1970-01-21 03:50:17	Name: ts_c Value: vr%3D80771db618d0a553405d6b1efa9f03c5%26vt%3D80771db618d0a553405d6b1efa9f03c4
.wotlabs.net/	1970-01-21 03:35:53	Name: __gads Value: ID=887ba25737f955bf:T=1707257306:RT=1707257306:S=ALNI_MZeNIesvdLgWBQRN4aNvwYr7NJpZA
.wotlabs.net/	1970-01-21 03:35:53	Name: __gpi Value: UID=00000d52466ddadf:T=1707257306:RT=1707257306:S=ALNI_MboZq7DGHTjR9w-_I1HMey4LGV2Gg
.doubleclick.net/	1970-01-21 03:35:53	Name: IDE Value: AHWqTUlhgNtcwd_oIdhiwS4arRjbi9k7JvBE03sJko_ZRfakO72prRVLAQdKg0uA
.adnxs.com/	1970-01-21 03:50:17	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:23:53	Name: XANDR_PANID Value: JChB_C1-vGthQh2g5e53dCwv-ljyCQEwdczpxJQkBqyary3bFhZn0GiOtd2IiBakowpXZKU2Q62pYaabB3NZSQmdWKsyqzaOi8axzO02qLM.
.adnxs.com/	1970-01-20 20:23:53	Name: uuid2 Value: 8013605437412002104
.doubleclick.net/	1970-01-20 22:33:29	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-20 20:23:53	Name: CMPS Value: 2188
.doubleclick.net/	1970-01-20 22:33:29	Name: APC Value: AfxxVi5Gtduo-vJ_dYM2NtmxL4iQFbw7oJSobsBG2zYEUOB8tESvVQ
.adnxs.com/	1970-01-20 20:23:53	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU'vu`an!]tbPl1M>e)ZlrFUfJ+tGXxoyX530BPiBf#QPX8=[58(D@.=%:`dZ>gC3l/lbpRzqF1`b_Bd+V$S
.wotlabs.net/	1970-01-20 22:33:29	Name: __eoi Value: ID=798cad39408cc301:T=1707257306:RT=1707257306:S=AA-AfjYvhnOStXoy0sMTJ5lb-ORF
.casalemedia.com/	1970-01-21 02:59:53	Name: CMID Value: ZcKt29LbQ2EpFNk10Q.XtQAA
.casalemedia.com/	1970-01-20 20:23:53	Name: CMPRO Value: 2188
.doubleclick.net/	1970-01-20 18:57:29	Name: ar_debug Value: 1
.redintelligence.net/	1970-01-20 20:23:53	Name: 8lcfmzhxc8d6_uid Value: 54e8c228ef2d36a7
.wotlabs.net/	1970-01-20 18:14:19	Name: __utmb Value: 191158956.2.9.1707257308855

140 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.paypalobjects.com/en_BR/i/scr/pixel.gif Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7983016&l4=4595329&l5=1&l6=1&utid=93B1B888-0FCE-22E0-CA6E-9B1B1722327A&creative_type=display&adid=ftdiv7983016&pub_app=&pub_domain=https://wotlabs.net/&uid=&cb=358832.1459469899&pub_ts=1706637952&23886211(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7983016&l4=4595329&l5=1&l6=1&utid=93B1B888-0FCE-22E0-CA6E-9B1B1722327A&creative_type=display&adid=ftdiv7983016&pub_app=&pub_domain=https://wotlabs.net/&uid=&cb=358832.1459469899&pub_ts=1706637952&23886211(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7983016&l4=4595329&l5=1&l6=1&utid=93B1B888-0FCE-22E0-CA6E-9B1B1722327A&creative_type=display&adid=ftdiv7983016&pub_app=&pub_domain=https://wotlabs.net/&uid=&cb=358832.1459469899&pub_ts=1706637952&23886211(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7983016&l4=4595329&l5=1&l6=1&utid=93B1B888-0FCE-22E0-CA6E-9B1B1722327A&creative_type=display&adid=ftdiv7983016&pub_app=&pub_domain=https://wotlabs.net/&uid=&cb=358832.1459469899&pub_ts=1706637952&23886211(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7983016&l4=4595329&l5=1&l6=1&utid=93B1B888-0FCE-22E0-CA6E-9B1B1722327A&creative_type=display&adid=ftdiv7983016&pub_app=&pub_domain=https://wotlabs.net/&uid=&cb=358832.1459469899&pub_ts=1706637952&23886211(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7983016&l4=4595329&l5=1&l6=1&utid=93B1B888-0FCE-22E0-CA6E-9B1B1722327A&creative_type=display&adid=ftdiv7983016&pub_app=&pub_domain=https://wotlabs.net/&uid=&cb=358832.1459469899&pub_ts=1706637952&23886211(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7983018&l4=4595331&l5=1&l6=1&utid=55AAAFD6-9F51-9BAC-485F-427C5128730E&creative_type=display&adid=ftdiv7983018&pub_app=&pub_domain=https://wotlabs.net/&uid=&cb=161949.42842965666&pub_ts=1706637824&684963177(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7983018&l4=4595331&l5=1&l6=1&utid=55AAAFD6-9F51-9BAC-485F-427C5128730E&creative_type=display&adid=ftdiv7983018&pub_app=&pub_domain=https://wotlabs.net/&uid=&cb=161949.42842965666&pub_ts=1706637824&684963177(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7983018&l4=4595331&l5=1&l6=1&utid=55AAAFD6-9F51-9BAC-485F-427C5128730E&creative_type=display&adid=ftdiv7983018&pub_app=&pub_domain=https://wotlabs.net/&uid=&cb=161949.42842965666&pub_ts=1706637824&684963177(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7983018&l4=4595331&l5=1&l6=1&utid=55AAAFD6-9F51-9BAC-485F-427C5128730E&creative_type=display&adid=ftdiv7983018&pub_app=&pub_domain=https://wotlabs.net/&uid=&cb=161949.42842965666&pub_ts=1706637824&684963177(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7983018&l4=4595331&l5=1&l6=1&utid=55AAAFD6-9F51-9BAC-485F-427C5128730E&creative_type=display&adid=ftdiv7983018&pub_app=&pub_domain=https://wotlabs.net/&uid=&cb=161949.42842965666&pub_ts=1706637824&684963177(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225038&l2=DV360&l3=7983018&l4=4595331&l5=1&l6=1&utid=55AAAFD6-9F51-9BAC-485F-427C5128730E&creative_type=display&adid=ftdiv7983018&pub_app=&pub_domain=https://wotlabs.net/&uid=&cb=161949.42842965666&pub_ts=1706637824&684963177(Line 1) Message: Failed to create WebGPU Context Provider
other	warning	URL: https://wotlabs.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
984502cdb51048912d60949c7b1eb872.safeframe.googlesyndication.com
ad-events.flashtalking.com
ad.doubleclick.net
adservice.google.com
agen-assets.ftstatic.com
ajax.googleapis.com
ajs-assets.ftstatic.com
c5.patreon.com
c6.patreon.com
cdn.contentspread.net
cdn.datatables.net
cdn.flashtalking.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
data.ad-score.com
dsum-sec.casalemedia.com
fonts.googleapis.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900028.redintelligence.net
ib.adnxs.com
js.ad-score.com
pagead2.googlesyndication.com
pics.paypal.com
pro.fontawesome.com
secure.flashtalking.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
ssl.google-analytics.com
stat.flashtalking.com
stats.g.doubleclick.net
tpc.googlesyndication.com
wotlabs.net
www.google.com
www.googletagservices.com
www.gstatic.com
www.patreon.com
www.paypal.com
www.paypalobjects.com
130.211.115.4
138.201.63.145
142.250.185.70
143.204.98.111
151.101.129.21
172.217.18.2
172.64.151.101
185.89.210.90
192.229.221.25
216.58.212.134
23.215.22.232
23.53.43.65
2600:9000:2646:6c00:a:deb0:3380:93a1
2606:4700:10::ac43:e8b
2606:4700:4400::6812:2844
2606:4700::6810:5614
2606:4700::6810:631
2606:4700::6810:731
2606:4700::6811:190e
2a00:1450:4001:806::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::2008
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2004
2a00:1450:400c:c00::9a
2a06:98c1:3120::3
2a06:98c1:3121::3
3.123.76.159
85.114.131.235
88.99.165.19
95.101.148.38
00f43e163695dc5f1ddb1e99ba54e94ff42fdbb7b1785e0585a17cb05d75db3f
042bb23f35f12d019dd5e87f7107ac286512173a7d73757466d337276c98c50b
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94
07295b606dc4247c90b8c23ece04b2431171c33010e6ab8968f2acae6281b90b
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0930fda3dc815f74a4f9ff9d94a783514d2d0eea61bd2be8a21acd5c3a9cac5c
0adca6d3ae58b1aba052fcac4f99c76b22b29db883195a60341a9478f4402fed
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10633aa7e5332c8d335f5c314d627898544e825ea7e78f2b8a8856fc70bbdccf
110ef3d9c69ed03ab245650181c6734115746049b7bfa70e7edb4afe0ac075d8
115d3e421898f8245b1436c3231f9f4ab3b0153f32f1719f4870d87fa0f6402e
12549d9adf97845f7a4ddaeaa87a3773ade7319ea5372602d15564573083b07d
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
15c390fc54814643250ccf0ab0530dcf3c0b86e6293b46c3e55fa861c4bd394e
1e40b324bd6ce169dd4dbe62a4817a92c469621ea079c495e9245ff87820751d
205a3b08bc75e589394dfa58f935cd1885e83b82484988f11f3bdb8172b167f2
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
21daf3f2f366316e9903cafa273a7f2da718f8ad3e33ee96fb158db466c23b8f
23b7a911df3328a988b3048a0bdff9ffb33a898a1e1d035302ed7c3dfd7ae546
26d4c30c5966fab722d37251775d12ad8a786c6a3f074b2cd3b3ac1f90e2ee8d
2888a1210e6391da4d3687df611934171605a4cf610c882964334d2de24719e8
30720b76dacb067a93b6c6f46cf435cfb461d562889eb56f416df5dfd525394d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
319a395d8d4087b67602e8b8fda9647de8aadc2a2931d57f6db91cfd2878d7eb
35c9d2c41a57422745ec0fe668ae2ea08938503065ee179db5e22e70bf5e3979
369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c
37c93d34afde9c82164c97e1727361cbd3e14934e5817accb3e35b101776ca98
38e90f12fa83876cc752170fbba33207d89ebc5b33da59671ac2b0747be2ed29
417e156e282af4b7d146d16b8fc9505255de2d8d085d40e37afe5089b8fe9b77
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4566830d69e81c8769e238d2cd57098fdd020cc5f2a9a00fbdbb1a86f4d8ce9f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d989e2c427ac0ecf9727ba1afe965c8861634d74ec7278ee866585fca0b2f7
482ce392cf63e483ac92c9a7bd13c25da0eccec03b1525b42b92df4254a559c2
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4a7171779924085d9fdbc1b1f169267aeb90a14121932e43973d784764626554
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5417766a00b1090b644db8eca110e5feb9031796ef34fd2318c2e2156e06fa48
547125beb7b0ef7a330136ab35990500b9f969acab840efeba72b30723071175
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b9e01bb509391068533cd02a201bfe3773161921c34e3c593621e053f5c0bc
5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94
5a448caef583e9e43971e2e81d29ebf9cde610b02a7ed1f586adee81ab54892f
5a536e95a2c5d777a974a7cc452357c2b727863b76bd687209ed397c21fb157e
5c9f605991ad296db3da9f0dbec2afffa649ce57e1e5678928167b45e6701c34
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ba95ee71835e2e03dac54eff7587b72519c3ebc380d1741de7729b9fec3779
62d30e328308a04cc1fe6f3ebb2b26c537093cddee3bdbd3f22a84bd3b0e65f5
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c81f53426e2cfcb060cc470d48ec695dcec442c29c20cb7e24002c322e8323a
6f66d74a8cd6bf0302e20d08d7a15839391f81af608475c10884c489d78c76c2
731396b7cd68357f4f75d7a0840a31ab33d3dee7e50109fa1dfdfa68ca5e4360
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
766618d32072335f0a3da8b317bb095e5541de3e20068bcdd31cc638478f0188
790c651c8055ed67fbd4c7e58fcaae435679e532e19c15337fa0a1b59c7e97cf
7982190b4ecab4d8375b7444de5227dfba51d2650bdd81fa8958e2fb7897bd79
799c126cfbfd39ec8b8d4aae428e39e0b189dfedb025dfbda40fbb385feb2bc4
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
7ce87f89e9b06aa5d073a3f4ad4262547cdecceec5c5cb063d37cbdce06e01e0
7f072dd14a2c9e5cc52d4f52af97bee2d4067db1a25251339ca090c584cc54b8
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8dd0dba88d70a642967ea6e1ed20efe9d0d7192812dea345189b262335cf4afe
91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf
92a3d514d50fe1156fa3b54a537207ba6d17fe69ef32421e1139923380f682e2
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
9b419214cc5e79ea9e83a8926ee2f1dc4838c2ca8175e9d18cebc10d034dd6d6
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9ebcbb6f5b7ccef3f747d3d4f5f00303c19e53068bd20ee9bcb1d25a58968737
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a238cffffbfea4c2868fca1b142a3a9690574537a38c857dbe309ec27b033eb3
a679a4ac00a32122c75010ee36746f67d76807a6ef4383364fda43f9bdab06a7
ad9f126d43e4c70a9d3be5948ee5d1089ce4a42872ef160da77c95192061393d
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
af35d4ed404cccc6c7aeba72ddef6c6405f8c0942815504f972f8541767fe555
b00ed7ac792010cdeddcb5d6c719ff7e719e5046dedac2053b3caf64fceb579a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b171095e02df599b7839e0bda2b1868463b325eea68e55cbe54d87c2121c6a41
b28fe6a741e02661b9cd8c6338c647ad453ea4ac7c6d6190845498dece4c2cb6
b5f30f93ffaeb0203cb18491f66e7b2e5aee2c66fbc23f1e34b5a4e2ce30af71
b796504d9b1b422f0dc6ccc2d740ac78a8c9e5078cc3934836d39742b1121925
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b
bb7af425c43258678e12b76bf22f6eaab51fd7dfd6e285131a86a3002d547ee9
c3113b3fac4d65f71a619de8799267e906de26fa8d7843aac72a349d6fb8f08a
c406f45027896bbf67849499d93ce6f68d318773c31a72d390f910fa70be33e3
c639b92a06461cfa7d356fdb7fd62def7ecbac2477411e53c766c1b5351684c1
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
cbbabf32ca01dbb0beda9a574acb9602fc4728afff9b9eb5a51aa92b0a889981
ce4e0701cbf9eefd0a04860d3d25f490e3cea046541f6ea5be04ad945e18025d
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
df344411eb3c7585c6398e1b38475fcc3040ccdc4007ed707734d46e3a50843e
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c
e32711b9c7dc1dcf45b74e970977c1e7b7408d1274989f4e7e2564e4b6e0152d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f4bc9a699597a2ca611116e2b20d8c6a18aa71d7ea0974c47f21ab6ef4b3fd
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec09c4008c762f7b37713c0d0a7a804ffa7720752d9a14df5e5ef083ea3f823c
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f126f656d4b1744741b81d0651156b61d13eac6b2de852a9ece802e837bc30c6
f63641a2ed8a4345ba245490d7ec89ad7651446557b137e1527fc39ed9bf6fd7
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

wotlabs.net Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

182 Requests

88 %HTTPS

57 %IPv6

22 Domains

41 Subdomains

36 IPs

3 Countries

2623 kBTransfer

7417 kBSize

24 Cookies

43 Outgoing links

Page URL History

Redirected requests

182 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wotlabs.net Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

182
Requests

88 %
HTTPS

57 %
IPv6

22
Domains

41
Subdomains

36
IPs

3
Countries

2623 kB
Transfer

7417 kB
Size

24
Cookies

182 HTTP transactions
11 data transactions