toaz.info Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://toaz.info/docgeneratev2/?fileurl=https%3A%2F%2Fdl2.pdfcoffee.com%2Fdlapi%2Fblue-team-handbook-soc-siem-thr...
Effective URL:
https://toaz.info/doc-view-2
Submission: On August 12 via manual (August 12th 2023, 7:16:48 pm UTC) from AT — Scanned from NL

Summary HTTP 181 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 21 domains to perform 181 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is toaz.info.
TLS certificate: Issued by GTS CA 1P5 on July 20th 2023. Valid for: 3 months.

This is the only time toaz.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 39	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3 6	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
5 21	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
10	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
4 10	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.180 213.155.156.180	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 2	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
10	2606:4700::68... 2606:4700::6812:ad65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
181	25

39 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

toaz.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.227 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

p4-aixpdfvhgiooi-mqhd7qniycdkq27g-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.98 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.66 (Grosse Pointe, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.212 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.180 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:ad65 (United States)

ASN13335 (CLOUDFLARENET, US)

c.bannerflow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 151	712 KB
39	toaz.info 1 redirects toaz.info	867 KB
33	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 239 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 366	235 KB
11	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1216 www.googleadservices.com — Cisco Umbrella Rank: 150	601 B
10	bannerflow.net c.bannerflow.net — Cisco Umbrella Rank: 10371	557 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com p4-aixpdfvhgiooi-mqhd7qniycdkq27g-if-v6exp3-v4.metric.gstatic.com	351 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	338 KB
6	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 3	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 623	3 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 318	55 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 221	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 54 region1.google-analytics.com — Cisco Umbrella Rank: 2069	21 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	3 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1405	448 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4741	651 B
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 814	926 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 841 s.tribalfusion.com — Cisco Umbrella Rank: 1914	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	142 KB
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 44105	609 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 818	716 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3044	104 B
181	21

	Domain	Requested by
39	toaz.info	1 redirects toaz.info
33	tpc.googlesyndication.com	googleads.g.doubleclick.net toaz.info tpc.googlesyndication.com pagead2.googlesyndication.com
28	pagead2.googlesyndication.com	toaz.info pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
21	googleads.g.doubleclick.net	5 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net toaz.info
10	c.bannerflow.net	s0.2mdn.net c.bannerflow.net
10	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net toaz.info
10	www.googleadservices.com	toaz.info googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net toaz.info
6	www.google.com	3 redirects toaz.info googleads.g.doubleclick.net tpc.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	s0.2mdn.net	toaz.info googleads.g.doubleclick.net s0.2mdn.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	www.google.com googleads.g.doubleclick.net
3	fonts.googleapis.com	toaz.info googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	toaz.info
2	sync.teads.tv	1 redirects
2	d5p.de17a.com	2 redirects
2	id.rlcdn.com	2 redirects
2	p4-aixpdfvhgiooi-mqhd7qniycdkq27g-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-aixpdfvhgiooi-mqhd7qniycdkq27g-if-v6exp3-v4.metric.gstatic.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	toaz.info www.googletagmanager.com
1	gcm.ctnsnet.com	1 redirects
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com	toaz.info
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
181	29

This site contains no links.

Subject Issuer	Validity	Valid
toaz.info GTS CA 1P5	`2023-07-20` - `2023-10-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-11` - `2024-05-10`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://toaz.info/doc-view-2
Frame ID: 1788964332EF74C4AA3DEB42B742C426
Requests: 29 HTTP requests in this frame

Frame: https://toaz.info/viewer/web/viewer.html?file=https%3A%2F%2Ftoaz.info%2Fdocdownloadv2-blue-team-handbook-soc-siem-threats-hunting-use-cases-notes-from-fields-v1-pr_9efcaeb7b67ba4c9e688aefa70016449%3Fdata_code%3D9be2596b9f2edadce254909b2b385133
Frame ID: FBA341C654D243A7E57BBBDB38920E31
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html
Frame ID: 3F57BE9D9DF51998DB205CEF487FBE9A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5789165178709115&output=html&h=280&slotname=7058684672&adk=3012457269&adf=4134371643&pi=t.ma~as.7058684672&w=730&fwrn=4&fwrnh=100&lmt=1691860603&rafmt=1&format=730x280&url=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691867802934&bpp=5&bdt=638&idt=256&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&correlator=6391662765563&frm=20&pv=2&ga_vid=2117704786.1691867803&ga_sid=1691867803&ga_hid=2018095835&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=99&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759875%2C44759926%2C44759837%2C31076875%2C31076924%2C31077016%2C44795921%2C31076951&oid=2&pvsid=92126982325076&tmod=1453618474&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PkmkeLL1Ts&p=https%3A//toaz.info&dtd=288
Frame ID: 1542F7D595EA03709BCD31EFC86A6AC7
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5789165178709115&output=html&h=280&slotname=7058684672&adk=166103319&adf=2931138512&pi=t.ma~as.7058684672&w=350&fwrn=4&fwrnh=100&lmt=1691860603&rafmt=1&format=350x280&url=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691867802939&bpp=1&bdt=643&idt=301&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=6391662765563&frm=20&pv=1&ga_vid=2117704786.1691867803&ga_sid=1691867803&ga_hid=2018095835&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=426&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759875%2C44759926%2C44759837%2C31076875%2C31076924%2C31077016%2C44795921%2C31076951&oid=2&pvsid=92126982325076&tmod=1453618474&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bfWm7I27sh&p=https%3A//toaz.info&dtd=308
Frame ID: 00D54B48BF5D50ABCC1E80CF70F822A4
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5789165178709115&output=html&adk=1812271804&adf=3025194257&lmt=1691860603&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691867802966&bpp=2&bdt=670&idt=291&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C350x280&nras=1&correlator=6391662765563&frm=20&pv=1&ga_vid=2117704786.1691867803&ga_sid=1691867803&ga_hid=2018095835&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759875%2C44759926%2C44759837%2C31076875%2C31076924%2C31077016%2C44795921%2C31076951&oid=2&pvsid=92126982325076&tmod=1453618474&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=311
Frame ID: 0B1912C405B309A99760ABF269D98CC6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1E3F63C7D163D58CCDFA009EB777C350
Requests: 2 HTTP requests in this frame

Frame: https://p4-aixpdfvhgiooi-mqhd7qniycdkq27g-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: ECD2B6198415583AF96833901210A938
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5789165178709115&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.3543130935~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691860604&rafmt=1&to=qs&pwprc=5119181533&format=1200x280&url=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691867804631&bpp=1&bdt=2334&idt=1&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da5c0223486353a14-22049ca64ede00a4%3AT%3D1691867803%3ART%3D1691867803%3AS%3DALNI_MZLGvs0K255rxfIRZcTZiyUgkP-bA&gpic=UID%3D00000c5fa3b1b0ca%3AT%3D1691867803%3ART%3D1691867803%3AS%3DALNI_MabRu89dtZleSZqeWDjsZmpP7zI1g&prev_fmts=730x280%2C350x280%2C0x0&nras=2&correlator=6391662765563&frm=20&pv=1&ga_vid=2117704786.1691867803&ga_sid=1691867803&ga_hid=2018095835&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3240&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759875%2C44759926%2C44759837%2C31076875%2C31076924%2C31077016%2C44795921%2C31076951&oid=2&psts=AOrYGskmkOhcm1t5osMhZfaLTkrs2X6y6qU8-PTwMugq8sWLrtj72Zi9zzfnhojsVE4xZ7bFo_uejnN3bYHDujZbJ-r6iuk%2CAOrYGslTmj5BVLFcwa6yMN2XKhezMCrIEhFCokSqsGB7czCSfds70u97Kox-7bKgrhvhXrpY6jQ0dWAfCeXYM8Kg1lh4PaKY&pvsid=92126982325076&tmod=1453618474&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=wwdMWBfORI&p=https%3A//toaz.info&dtd=7
Frame ID: FCB6995FB9D02E68109FDDBB1F6B3BE3
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Frame ID: 63DA927B0EC215142CB9841ECBB8E2FB
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Frame ID: DC3D4F3A00A263F92E3B971257558463
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3656712FEE6A69486135488A08B79BF4
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
Frame ID: 80215ABC3DA52FB265A2442763F4DADB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: ECCE232CD2A9D93BCFACFF5369B99630
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMu2VBCU-GcYxc_05QEwAQ&v=APEucNU1z6Z8UozagbmYi-kOrGqmwHO8uhPdnEKz8DXjTvuibEwJTmIff1ffeu9wC8gxD5Gs1fPkzssxbUoQrq7WfsYCRFmKIDfPac83gzvlz2jee7qkwELPA5QmYdv9orlijOPjpHePujjZRFDFGODa7Z8PquRAg3LPWwHdGkyVpY9YZdpi6xU
Frame ID: 82770E8800C8411C7FCA0C4A8AF02AC4
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: D30CB8F1E93343E545B74E7FBAE5D486
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
Frame ID: 10319596B94F8F4D12E8133CFD7381C9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D850E0C533B523541B1E15394F339D9F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 857D6063D5943E5BB193B9A9AEF8A87F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
Frame ID: 804BADA01A9F5AF9C485C38EE0F7D54C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
Frame ID: 5625A2BD95A41ADD3D9F5C062EA6E488
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BF041107E666FF0A22581CD409101A2A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
Frame ID: D9A1C6B62F4222ADC98BE8B20B207FFC
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4956559708212166656/Energie2023-Prospecting-Display-Energievastecontracten-160x600-638162781635625259-498b0c1d-143a-4001-a7a7-50a42d55846d.html?ev=01_250
Frame ID: 47EC262CD1654D6AB8DB4A603E1A0C62
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C26BD4D38D24A380D0295A9F98120EAE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B092598BC950113C22247D8A9A94FAE6
Requests: 2 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/f8312f09-283f-4a80-a157-797df6456adc
Frame ID: E2D2D0B71FD3DC7C08FA458C90143594
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/independer/58b00b62657197058cc7e813/images/5d0d963f-f16a-4763-a782-9e6fa301a1f1.svg
Frame ID: F3C5CCC441BB07405ABC0864744C0778
Requests: 2 HTTP requests in this frame

Frame: https://c.bannerflow.net/bf-videos/58b00a5ccc269b0e807d983b/IND_BANNER_CONTRACT_01-c428669b50744e39890568b947d13e2c.mp4
Frame ID: 6AB03DA326F3F61445FB56FF6C6E1250
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Blue Team Handbook - SOC, SIEM Threats Hunting Use Cases Notes from Fields (v1.02) by Don Murdoch.pdf | TOAZ.INFO

Page URL History Show full URLs

https://toaz.info/docgeneratev2/?fileurl=https%3A%2F%2Fdl2.pdfcoffee.com%2Fdlapi%2Fblue-team-h... HTTP 307
https://toaz.info/doc-view-2 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

CodeIgniter (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

181
Requests

91 %
HTTPS

61 %
IPv6

21
Domains

29
Subdomains

25
IPs

6
Countries

3285 kB
Transfer

31578 kB
Size

23
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://toaz.info/docgeneratev2/?fileurl=https%3A%2F%2Fdl2.pdfcoffee.com%2Fdlapi%2Fblue-team-handbook-soc-siem-threats-hunting-use-cases-notes-from-fields-v102-by-don-murdochpdf-pdf-free.html&title=Blue+Team+Handbook+-+SOC%2C+SIEM++Threats+Hunting+Use+Cases+Notes+from+Fields+%28v1.02%29+by+Don+Murdoch.pdf&utm_source=pdfcoffee&utm_medium=queue&utm_campaign=blue-team-handbook-soc-siem-threats-hunting-use-cases-notes-from-fields-v102-by-don-murdochpdf HTTP 307
https://toaz.info/doc-view-2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 79

https://googleads.g.doubleclick.net/pagead/adview?ai=C8H1dm9rXZLrQEIGMtwepzb6oCfS-veNxp6H9044S9sKZvo0OEAEgh-PsNmCRhKCFjBigAaGV8u0CyAEJqQKoPV_hbl6yPqgDAcgDywSqBMUBT9BlzJsRPh58ftva2otpHAe3BoBtN7SWSGqj69QIXfugOiHe7eCi8nJ3H9_ar1aMHc0jaUnTQVglYwpq-SriKh9k3PLDxc8RED0JRvj5IL0yw0-PjUnOu2ELSXD-OGZGsaUMUZi--POka_X6ZRh8fCYm6YXC6HevT1gvame5s3KNG83cfiBsndEniGPyzY7ZuUgpRI5Y2EJU98lEndO-Oa_l0CWWgxPGLYJD1UPlkT9Bl0tr2hqMmH8WpSgYPdK_2K2BAoXABLyh97qwBJIFBAgEGAGSBQQIBRgEoAYugAfH6o2SAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELeOA9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCT1odHRwczovL3F1aXouYmV0dGVybWUud29ybGQvZW4vZmlyc3QtcGFnZS1nZW5lcmF0ZWQ_Zmxvdz0xODA0gAoByAsBogwIKgYKBMOwsQK4E-QD2BMNiBQC0BUBmBYBgBcBshccChoIABIUcHViLTU3ODkxNjUxNzg3MDkxMTUYAA&sigh=utrx8kTqgVg&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWBl9Ay9hSVuEc6VCZuq-mEV8WLr5qmhgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213371854145453763581%22,%22debug_reporting%22:true,%22destination%22:%22https://betterme.world%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22767330977%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214752044040026722321%22}&andc=true

Request Chain 81

https://googleads.g.doubleclick.net/pagead/adview?ai=Cn9YVm9rXZIz7EpLwtgeD2qzwDPS-veNxt5_9044S9sKZvo0OEAEgh-PsNmCRhKCFjBigAaGV8u0CyAECqQKoPV_hbl6yPqgDAcgDyQSqBMkBT9AVZIsY0zhrRPorCVdp52Q7YOqnICUVlCzArA3CDczSEdkw3D1YKNh6g4JzDq1w8kwtLPN74r--OVyODA9IIdevZjBmBnZGeIxrkZvbnUtzqe0WwWLRisBKCfAAiiXPncBXixn_JPIwkMHzIjMH2_qPVuWzVQeDNDzGSEn5Z8BNgS9EOrsDbb_fhdlZ6MOHsNHj9Dlbo5Wt6bBWwVoUMUQAaGk0Lfo3C9OzRUmqaDGK532Rn2wYtQRQXzI8ydBBbSIuFe6g0LH5wAS8ofe6sASSBQQIBBgBkgUECAUYBKAGAoAHx-qNkgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCW9wLSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgk9aHR0cHM6Ly9xdWl6LmJldHRlcm1lLndvcmxkL2VuL2ZpcnN0LXBhZ2UtZ2VuZXJhdGVkP2Zsb3c9MTQxNoAKAcgLAaIMCCoGCgTDsLEC2BMN0BUBmBYBgBcBshccChoIABIUcHViLTU3ODkxNjUxNzg3MDkxMTUYAA&sigh=LwvmTGmPNE4&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWtdCWgMRw99SZdpVblilCdl8kLw6efBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210705005527677412047%22,%22debug_reporting%22:true,%22destination%22:%22https://betterme.world%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22767330977%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213696156114546050097%22}&andc=true

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ8TOEDsUFgMFrkzbVyLfHE&google_cver=1

Request Chain 107

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNfanTQ0T1sPUxkM8aVOWAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKUgmeGmrjliZpeuX0Dqxww&google_cver=1

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEN-keAbAT2yirG9GxfzHB2U&google_cver=1

Request Chain 109

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA1ODg5NzMwNTA4NDU4NTMzOA%3D%3D

Request Chain 110

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 123

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 128

https://googleads.g.doubleclick.net/pagead/adview?ai=C2hDsm9rXZKfEGKLLtOUP94WmuAqj2veJcM_-mc7bEb_hHhABIIfj7DZgkYSghYwYoAHPn4GfA8gBAqkCqD1f4W5esj6oAwHIA8kEqgTLAU_QrbGG3u4Vc3NK7xhsJWSaQW6Rdi9yCtR3UdyNfOiUnQHd21lwANcfhUPRsOqeJrrN8S6m8Mj-U5-zrRLhkNNKB0pSeqAq8Nhl0Hbxa51FfDVgaHmQl4NjNtolUBJEZu9d_yaO0_enMlIRebyteJBm4oQMWkPHgmNj897WNiizztHV8EwgsN1Lrxq4pdNOv5DMx274ifKCJc7QnCbLMzvaockuDF-z5KmPZ_jBgJoQBnxBYaFEiANnfX9DF0Ho4N2km9orlRpbAV4IwASRrcOXtQSgBgKAB5ng_mCoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDxuTHSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mglAaHR0cHM6Ly93d3cucHJvd2FyZW5lc3MuY29tL2ltcGxlbWVudGF0aW9uL25sL2RpcmVjdC1hYW4tZGUtc2xhZ4AKAcgLAaIMCCoGCgTDsLEC2BMD0BUBmBYBgBcBshccChoIABIUcHViLTU3ODkxNjUxNzg3MDkxMTUYAA&sigh=P6jVSKxL9hk&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWpq2_SNJiLudAX4Kq_VwCFos-8M_7JxgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215228984208494624751%22,%22debug_reporting%22:true,%22destination%22:%22https://prowareness.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22870338511%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212590625605563047777%22}&andc=true

Request Chain 135

https://googleads.g.doubleclick.net/pagead/adview?ai=CDPwfm9rXZKXEGKLLtOUP94WmuAqj2veJcI_3mc7bEb_hHhABIIfj7DZgkYSghYwYoAHPn4GfA8gBAqkCqD1f4W5esj6oAwHIA8kEqgTKAU_QBhisoxzfCJ0pkuGqDfHhhGKhtd_6NcfG0-GOGDamzZhTSakiUVJImtYJtmGBbRMK_s8sZDNDT7YWMfkHzxgxU3aUTy9Yu_sty0QcOkTNSqfBDLbHz1HsBj07wmn735tBP7JT9GEwCAPf9vni-3ZrIVG_u3nlJ03TUFuKQ_0qcmVW2IW2WZP6GKqx0RLqE1iwI2bQy-1WiIX2uxoEo_asRvIGta2Bs3gieQNeh7SixxxQ0jaJtNK9dHNxSqyM9dXi-33Ger67hpnABJGtw5e1BKAGAoAHmeD-YKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELOcNdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCUBodHRwczovL3d3dy5wcm93YXJlbmVzcy5jb20vaW1wbGVtZW50YXRpb24vbmwvZGlyZWN0LWFhbi1kZS1zbGFngAoByAsBogwIKgYKBMOwsQLYEwPQFQGYFgGAFwGyFxwKGggAEhRwdWItNTc4OTE2NTE3ODcwOTExNRgA&sigh=s3uPb1HNk_s&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWpq2_SNJiLudAX4Kq_VwCFos-8M_7JxgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215448188427560748877%22,%22debug_reporting%22:true,%22destination%22:%22https://prowareness.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22870338511%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218202726330083858689%22}&andc=true

Request Chain 138

https://a.tribalfusion.com/i.match?p=b6&u=CAESEILXrDQD1Sq34ehuj0g8ELI&google_cver=1&google_push=AXcoOmQjBrnsxpZfwkseSnNNly546CcbDrRz7y2uXNoeLncoMfgynt9v5jFWCu0NTqyerrrC-4OHBFgYJaYofQW7NH3xBQAuJqzoFA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQjBrnsxpZfwkseSnNNly546CcbDrRz7y2uXNoeLncoMfgynt9v5jFWCu0NTqyerrrC-4OHBFgYJaYofQW7NH3xBQAuJqzoFA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEILXrDQD1Sq34ehuj0g8ELI&google_cver=1&google_push=AXcoOmQjBrnsxpZfwkseSnNNly546CcbDrRz7y2uXNoeLncoMfgynt9v5jFWCu0NTqyerrrC-4OHBFgYJaYofQW7NH3xBQAuJqzoFA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQjBrnsxpZfwkseSnNNly546CcbDrRz7y2uXNoeLncoMfgynt9v5jFWCu0NTqyerrrC-4OHBFgYJaYofQW7NH3xBQAuJqzoFA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 139

https://um.simpli.fi/gp_match?google_gid=CAESEHDTwVA-aIiW9guLZpCHR24&google_cver=1&google_push=AXcoOmRaxPQMuGAGXjO49PayWWMJOXtO37pvS9pDpuhKUSH3X9ZuAj5Afux3-LsGTWpnt22ia2M7E5T7zhpd9kVom8TeMiZOa6kMaQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=319A264A673F488EB9BBD45EA377CD18&google_push=AXcoOmRaxPQMuGAGXjO49PayWWMJOXtO37pvS9pDpuhKUSH3X9ZuAj5Afux3-LsGTWpnt22ia2M7E5T7zhpd9kVom8TeMiZOa6kMaQ

Request Chain 140

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEwTIV2hFqrr-rhW_slEMYI&google_cver=1&google_push=AXcoOmTaUwkzFZlDb2ODf-bkGJBFtmjA5zoMx3xdsqHu3Vi2F4RrALs3hBsASiUpOxQdKVWkH3_eqrWV8KgWS2OvTTDi7LPL6e43 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTaUwkzFZlDb2ODf-bkGJBFtmjA5zoMx3xdsqHu3Vi2F4RrALs3hBsASiUpOxQdKVWkH3_eqrWV8KgWS2OvTTDi7LPL6e43&google_hm=iab9xOuaSImqbzF8Vyq4U3M

Request Chain 141

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmR3IUSypvlnWY4Vn4APWvgFb8MQVFbI3YoCGUjtkVeRwmlly3YKjJcDAwOPW6NQPVV1No4AGObrvPyenq4dvVQGhravvUF3_w&google_gid=CAESEGlh_PQqwKHmyGsV0UYdz3k&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCJ2136YGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BWGNvT21SM0lVU3lwdmxuV1k0Vm40QVBXdmdGYjhNUVZGYkkzWW9DR1VqdGtWZVJ3bWxseTNZS2pKY0RBd09QVzZOUVBWVjFObzRBR09icnZQeWVucTRkdlZRR2hyYXZ2VUYzX3c HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZVJ2TGU5ZTEtMG5uNGQzaHlBYkFWMUQ0RENrS2UxZ3BEd2VYOUtWUW9zaw==&google_push

Request Chain 142

https://d5p.de17a.com/cookies/google?google_gid=CAESEOswZPzawNtIwVpohmTLyJE&google_cver=1&google_push=AXcoOmQFmYG0Xtn_TNONejxBLo3VQ-qhrCQQauXJeZkWuHeqg4_d_wspBM_Lp4omuukRWSgKOT1-3lDs05Pa4QOZpD8Vz-P-Sw722w HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOswZPzawNtIwVpohmTLyJE&google_cver=1&google_push=AXcoOmQFmYG0Xtn_TNONejxBLo3VQ-qhrCQQauXJeZkWuHeqg4_d_wspBM_Lp4omuukRWSgKOT1-3lDs05Pa4QOZpD8Vz-P-Sw722w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQFmYG0Xtn_TNONejxBLo3VQ-qhrCQQauXJeZkWuHeqg4_d_wspBM_Lp4omuukRWSgKOT1-3lDs05Pa4QOZpD8Vz-P-Sw722w

Request Chain 143

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEsrZ7FQI7wkCzHXl5YLi8Q&google_cver=1&google_push=AXcoOmRL96614xgzt1W2Vd5j0BQ_Qk855Wcyol29luvh-GgwV7cF89vHFJ3yd0Hm-msH108Nfbz4qJydcMCr9ELaRu68SR_spvfN15A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRL96614xgzt1W2Vd5j0BQ_Qk855Wcyol29luvh-GgwV7cF89vHFJ3yd0Hm-msH108Nfbz4qJydcMCr9ELaRu68SR_spvfN15A HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 150

https://googleads.g.doubleclick.net/pagead/adview?ai=CKDzxnNrXZNzqKYaLtwfixKDQAszw5Z9yg46M7OYRyPX0wJUPEAEgh-PsNmCRhKCFjBigAb6G5sIpyAEJqAMByAPLBKoEyQFP0M4nhONbwPpqleTay58kzEcTox0_U3Y6QzSXmPLk5W0bxfoIz9l5aNgtkYNsKkwZ-4QTGEqy6PbL6rxgdkSjTf08PdnSBxlQ6mfVxjl5Iw2dqs4_UO4OioeQ6Pzg1tfPq6XrESAkEEMKfaUhwK4UQzHe0lpIeJnYKrwdVu5rzCr9OjhjeQKPhsbEBLptWaLB1D9dGBuqfRU_Ii9oFDuYr-N1d_KqPOfCL-woXjPJ-U29RU6gxbuCDw9jiiI7CcCXa5soOFbVx8jABIPQrKq1BJIFBAgEGAGSBQQIBRgEoAYugAf05baiBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEKE70ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJvwRodHRwczovL2F2b2NhZG9wb3N0cy5jb20vdGhlLWRhcmstc2lkZS1vZi1oaWxhcml0eS0yNS10b29uaG9sZXMtY29taWNzLXRoYXQtcmVhY2gtdGhlLWxpbWl0cy1vZi1odW1vci8_dXRtX3NvdXJjZT1nZG4mdXRtX21lZGl1bT10b2F6LmluZm8mdXRtX2NhbXBhaWduPUdPX19BX0RVUF9ZQkglMjAtJTIwV1clMjAtJTIwQVAlMjAtJTIwVEglMjBDb21pY3MlMjAtJTIwV0IlMjAtJTIwQzAyJTIwLSUyMFZWNCUyMC0lMjBNaXhlZCUyMC0lMjBUQ1BBJTIwLSUyMEFsbCUyMEhvdXJzJnV0bV9jb250ZW50PUdPX19BX0RVUF9ZQkglMjAtJTIwV1clMjAtJTIwQVAlMjAtJTIwVEglMjBDb21pY3MlMjAtJTIwV0IlMjAtJTIwQzAyJTIwLSUyMFZWNCUyMC0lMjBNaXhlZCUyMC0lMjBUQ1BBJTIwLSUyMEFsbCUyMEhvdXJzJnV0bV9hZD02Njg2OTMyMjU3NTImdXRtX3Rlcm09MTUxNzU0ODQ0MTYzJm1hdGNodHlwZT0mZGV2aWNlPWMmR2VvTG9jPTEwMTA3NTEmbmV0d29yaz1kJmNhbXBhaWduX2lkPTIwNDI1NzE3NDIyJmFkc2V0X2lkPTE1MTc1NDg0NDE2MyZhZF9pZD02Njg2OTMyMjU3NTImbGF5b3V0PWluZjMmdnR5cGU9M4AKAcgLAaIMCCoGCgTDsLEC2BMM0BUBgBcBshccChoIABIUcHViLTU3ODkxNjUxNzg3MDkxMTUYAA&sigh=DS2FGkSuZs4&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWVCQHzjiphQZwMblBQD4RDdpmATCcuAmn2wv64EANmSytcz4OYdgCV-mGoNqFGpIL0oDhcua_whgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226941403163168355947%22,%22debug_reporting%22:true,%22destination%22:%22https://avocadoposts.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211145937726%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225709069268014985649%22}&andc=true

181 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request doc-view-2 Show response
toaz.info/
Redirect Chain

https://toaz.info/docgeneratev2/?fileurl=https%3A%2F%2Fdl2.pdfcoffee.com%2Fdlapi%2Fblue-team-handbook-soc-siem-threats-hunting-use-cases-notes-from-fields-v102-by-don-murdochpdf-pdf-free.html&title...
https://toaz.info/doc-view-2

18 KB
5 KB

394ms
393ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://toaz.info/doc-view-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7e3059d78f5675e4d8d03f950ab41f1ef69f3d8e234151cda29641ac24b1b75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7f5b0de1faf5b8ee-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 12 Aug 2023 19:16:42 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0shYhE6ivCjd%2BEzPyrInjROwO4WEhyagBQQLuHTkGGMV8wy9GXVmd03%2FS7Pc8LEwrCHCPO8M8iWhs9uITUvnCvfIYAN%2F54HXeN8WAPPOYTse9RE8lKGs2X945c2%2BERYPEW2creH9ZOk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7f5b0ddf5ff7b8ee-AMS
content-type: text/html; charset=UTF-8
date: Sat, 12 Aug 2023 19:16:41 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://toaz.info/doc-view-2
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgO4KI%2BQBIPWmuXHzGegLtb8S2sD1v0T7tEZMg6fADhA2doRC8h4Mjy2MqwZqRJEkFsFLE21huHvpUfpv4yuAt28jZraDlAQvsMioW9jbKFMQKdz7mZqJV8ZfVEQhO4dyUIrTCnZoZM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 vendor.css
toaz.info/themes/toaz/assets/ 256 KB
54 KB 62ms
62ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://toaz.info/themes/toaz/assets/vendor.css
Requested by: Host: toaz.info
URL: https://toaz.info/doc-view-2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc4edc2886c6bbc0634789dbf52735a3a82ae710a31f960f01fda20d5dd3dc73

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/doc-view-2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 886568
cf-polished: status=cannot_optimize
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: W/"5f4a0fb6-3fe7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKXDjvi1vLCbVL1PnOp533Oa0QQYIvmFpehFxYtGc6bABI2lGTMIx85vmK2Ts8Zo0jytTN1jDh9fVlgnCeLgNM3Ic00l2y4Q9lQRjOugU9578f0Tyhu50%2BRkR2pTEwoVtYwPKBvPjC8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7f5b0de478de0b70-AMS
expires: Fri, 01 Sep 2023 12:55:40 GMT

GET
H3 200 style.css
toaz.info/themes/toaz/assets/ 329 KB
53 KB 89ms
88ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://toaz.info/themes/toaz/assets/style.css
Requested by: Host: toaz.info
URL: https://toaz.info/doc-view-2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d50cd822750a4ac49e955f55ca0a191d623d8725886cff1cc0fef8ee3376e14f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/doc-view-2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2048439
cf-polished: origSize=420583
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: W/"5f4a0fb6-66ae7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sP3upVRoelmYw7s39Na5oWjvb7GhRo1cWlZsDaOktUDB697jLY89rOaOwoixtqAThsTZ%2BdW%2F5WG%2BlxzRNYRMDxGFAnWf%2Fynr4rAikkIg4qITVapfZZBXphCOilXJH%2BpXJxgmvDdDgLk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7f5b0de478e10b70-AMS
expires: Sat, 19 Aug 2023 02:11:46 GMT

GET
H3 200 jquery-3.2.1.min.js Show response
toaz.info/themes/toaz/assets/ 85 KB
31 KB 113ms
113ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://toaz.info/themes/toaz/assets/jquery-3.2.1.min.js
Requested by: Host: toaz.info
URL: https://toaz.info/doc-view-2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/doc-view-2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 886462
etag: W/"5f4a0fb6-15283"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1nuTyCmf5yoILlxCBua3%2FMx4pOJamTymzb1Ok4L7vJMjjHgKwsg6%2FjtqAaQZc6HqgbBm0%2F37LznDR3x1mGCMHWff41VKqtL5HU4ClyduFBK%2Ba4wRlpP%2FXBK3oo1bTjZAH10M4Eydyuk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7f5b0de478e50b70-AMS
alt-svc: h3=":443"; ma=86400
expires: Fri, 01 Sep 2023 12:57:26 GMT

GET
H3 200 bootstrap.min.js Show response
toaz.info/themes/toaz/assets/ 48 KB
14 KB 36ms
35ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://toaz.info/themes/toaz/assets/bootstrap.min.js
Requested by: Host: toaz.info
URL: https://toaz.info/doc-view-2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/doc-view-2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 886511
etag: W/"5f4a0fb6-bf30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TO6YgMvy23TrISyvBqkkub1rcPwIRjmBtYdJKRv7JFve1ra%2FINW3Mwj4eHC%2BABsKUbvNJ9p%2B0DVOvbnYwjIZCT%2BfLj62jJ0V7nChqULI0GgXZgP82%2FXT1eLG7oVCnrsQ6nKQ5Fn%2Fj04%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7f5b0de478e60b70-AMS
alt-svc: h3=":443"; ma=86400
expires: Fri, 01 Sep 2023 12:56:37 GMT

GET
H3 200 toaz_logo.png
toaz.info/themes/toaz/assets/img/ 147 KB
148 KB 39ms
38ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/themes/toaz/assets/img/toaz_logo.png
Requested by: Host: toaz.info
URL: https://toaz.info/doc-view-2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08785857c04f6e4801fe05413126fb591c1a7ae281e0506f1a3e3d5ce19a19e8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/doc-view-2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 551498
alt-svc: h3=":443"; ma=86400
content-length: 150704
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: "5f4a0fb6-24cb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FYR8tw27%2F83V1aXWYct%2BtcfcyalPVkaUdGegV0H%2Be1i1HEtJIV%2BTczxtq%2FbI5ke0JfVPDGTWH1A0Zrk0L0eKK1MiYtyOESr%2BPq%2BlYY4%2FyCDWKBJQqhxqF7wUU5d1ALVkoM1fnj35xk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7f5b0de65cbb0b70-AMS
expires: Tue, 05 Sep 2023 10:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
50 KB 231ms
152ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: toaz.info
URL: https://toaz.info/doc-view-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69dfcba91daf8ef71789624fc06276e97604c2f9b504411f9b2bac4b9b103613

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51017
x-xss-protection: 0
server: cafe
etag: 6289853937622846063
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 19:16:42 GMT

GET
H3 200 annotations-777f9468.svg
toaz.info/themes/toaz/assets/img/ 6 KB
4 KB 34ms
32ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/themes/toaz/assets/img/annotations-777f9468.svg
Requested by: Host: toaz.info
URL: https://toaz.info/doc-view-2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec82bfb4f818c3b83eca8e52258a0e7cffde64a8adc608b7e5ef67c894ee6742

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/doc-view-2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 382396
etag: W/"5f4a0fb6-196f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fK7MGHWsec5d2R%2BSllyspgb7GOLCtItzNgjnvh9BxypZEENwXkBTGA%2Fh3gKvrEpy%2FZSWRX3RLBPjKas6xLXM6IfpH9KSOxoq5m%2BD6JvDHu6MYHqUriTmyEL5rvae2c72yQoDmpgJlFs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7f5b0de69d040b70-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Sep 2023 08:58:16 GMT

GET
H3 200 document-editor-b55363a3.svg
toaz.info/themes/toaz/assets/img/ 7 KB
5 KB 35ms
33ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/themes/toaz/assets/img/document-editor-b55363a3.svg
Requested by: Host: toaz.info
URL: https://toaz.info/doc-view-2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6045780b5f81b9962b6ef439a8473b82605b341bb70823bbac482a402d755093

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/doc-view-2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2157797
etag: W/"5f4a0fb6-1ce4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3F33v0hCT3CSmQ%2FhJmCGlkHxPe%2FqxxtiFQHTwJSOVu4xiSudB%2B6rvxRoimlcInOlmy%2FY4XKt03kFU4h5k25jRLGDUUAq1%2FuChmFE%2Bzm3LuROhMJYSirbfgFLvFLlKrmV288X%2BRNjhW4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7f5b0de69d060b70-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 17 Aug 2023 19:49:11 GMT

GET
H3 200 signatures-0b9a382d.svg
toaz.info/themes/toaz/assets/img/ 7 KB
4 KB 38ms
34ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/themes/toaz/assets/img/signatures-0b9a382d.svg
Requested by: Host: toaz.info
URL: https://toaz.info/doc-view-2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17b85bfb4c95c7d5e91a0051b26f35315c0c1c7127ded0a74968542591e1ca81

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/doc-view-2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 382395
etag: W/"5f4a0fb6-1c0f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CyKIQO8nMWLiU%2B54mGXb9P2LFUu%2BS7pIrHb9pgAlO8n2YWHcS0%2BdU7WhBdwuuJQtN3WTxg8Cr5%2FllDpiErQyUplea%2FVC5xcCyEtwP7vyAsG6J6Kdrj1sdipQFRW2MEu76hN4UjDByWI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7f5b0de69d0a0b70-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Sep 2023 08:58:17 GMT

GET
H3 200 advanced-settings-7a09cabe.svg
toaz.info/themes/toaz/assets/img/ 2 KB
1 KB 37ms
33ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/themes/toaz/assets/img/advanced-settings-7a09cabe.svg
Requested by: Host: toaz.info
URL: https://toaz.info/doc-view-2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bf3c38f8e5d1092ec5e0fd1639c1c5c4fcdede0326397b4f9d9eb45adb3b05a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/doc-view-2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1925868
etag: W/"5f4a0fb6-85e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7%2FWmWAx5uZ9Ic6qd5cCqzZesfE2OH%2BmwSvj%2BDTjrXFHK3qbXj%2Fvd5jT6GYUHiveti0Hoju62J8JU%2Bry1UvKZw%2BtFl%2BOFv5D62IG%2FM52uyd3I3c9nzNfZfeOj9bndJjVNL0h1AIuKsw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7f5b0de69d0b0b70-AMS
alt-svc: h3=":443"; ma=86400
expires: Sun, 20 Aug 2023 12:14:33 GMT

GET
H3 200 copy-and-paste-pages-ad78606d.svg
toaz.info/themes/toaz/assets/img/ 3 KB
1 KB 40ms
36ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/themes/toaz/assets/img/copy-and-paste-pages-ad78606d.svg
Requested by: Host: toaz.info
URL: https://toaz.info/doc-view-2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c29cb03f9166073879d4cde8775a2727ccae480e006c863d3d7fe428ee444412

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/doc-view-2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 886461
etag: W/"5f4a0fb6-d13"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EkNAisccGJoeAdlXjXIuSoOfOII2sHeYgWSsZxWF%2BObH%2Fkhv5FdZoJvwUCezA%2FVbA8K4SfNhlDcx9SSK8D4Mgwsz4NdGBEnZE9G9p54wi06GsmwmHyfAuk%2FvAKXS3opB%2FOzQ%2B47qENY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7f5b0de69d0c0b70-AMS
alt-svc: h3=":443"; ma=86400
expires: Fri, 01 Sep 2023 12:57:27 GMT

GET
H3 200 freeform-rotation-a1407427.svg
toaz.info/themes/toaz/assets/img/ 5 KB
3 KB 38ms
34ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/themes/toaz/assets/img/freeform-rotation-a1407427.svg
Requested by: Host: toaz.info
URL: https://toaz.info/doc-view-2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5106ec9c8b9d2a5f581b384f28ca2b89614648950b1008097e738e94f6ccb88d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/doc-view-2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 886461
etag: W/"5f4a0fb6-14a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0OeKTho5tUjdG%2Fyud%2BGTLYnmyhWT2sW%2F09D5lqU0ZtTeXfyObHr986b5efc1S9BCxMyODrRpGeZBWXt8Q7KmHaHfZ0jtFHmjhz43iLXwWx0Jh%2F%2FguWpVWb5S94KH6fRt6kLIwZyScU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7f5b0de69d0d0b70-AMS
alt-svc: h3=":443"; ma=86400
expires: Fri, 01 Sep 2023 12:57:27 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
877 B 209ms
81ms Script
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: toaz.info
URL: https://toaz.info/doc-view-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

387ea2faa60b3c1a34cd7c72f5ab83686bfb8ef8ff29016c5561fa0d4cdac95b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 557
x-xss-protection: 1; mode=block
expires: Sat, 12 Aug 2023 19:16:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 127ms
47ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-176701168-1

Requested by

Host: toaz.info
URL: https://toaz.info/doc-view-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6914a75a983643f98893dcfa8f08d3afd38b2b69f1b981ba1f9e47aaf9436d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66586
x-xss-protection: 0
last-modified: Sat, 12 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 12 Aug 2023 19:16:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 183ms
58ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:300,400,700|Open+Sans:300,400,600,700|Roboto+Mono

Requested by

Host: toaz.info
URL: https://toaz.info/themes/toaz/assets/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b954211d677d0531666da010afef885d73193be174c590ec0d65c9fb94eee64b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 12 Aug 2023 19:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 12 Aug 2023 19:13:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 12 Aug 2023 19:16:42 GMT

GET
H3 200 viewer.html Show response
toaz.info/viewer/web/ Frame FBA3 16 KB
4 KB 379ms
379ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://toaz.info/viewer/web/viewer.html?file=https%3A%2F%2Ftoaz.info%2Fdocdownloadv2-blue-team-handbook-soc-siem-threats-hunting-use-cases-notes-from-fields-v1-pr_9efcaeb7b67ba4c9e688aefa70016449%3Fdata_code%3D9be2596b9f2edadce254909b2b385133

Requested by

Host: toaz.info
URL: https://toaz.info/doc-view-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34b2bbfba5cd9d2d20c53c4706f833f907399e0e90346c693bc2c5a35a4fd4b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://toaz.info/doc-view-2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f5b0de6ad130b70-AMS
content-encoding: br
content-type: text/html
date: Sat, 12 Aug 2023 19:16:43 GMT
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r59D8huoHKFj6dlxxJem6ZkAR9vqZRUH%2Bhzi8mThtsYjCJg%2BMiTIsYutCrcBgiZMYO50eeBXuihZtNGudwO9KFNgQGWlZG8oSUob8%2Bfgp%2BPCxp595jdDagGYDtbh%2F5s5b1lj0DKkotE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 107ms
32ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:300,400,700|Open+Sans:300,400,600,700|Roboto+Mono

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://toaz.info
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:05:03 GMT
x-content-type-options: nosniff
age: 69099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 00:05:03 GMT

GET
H2 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v28/ 30 KB
31 KB 155ms
80ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:300,400,700|Open+Sans:300,400,600,700|Roboto+Mono

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://toaz.info
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 07:53:54 GMT
x-content-type-options: nosniff
age: 300168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31196
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 07:53:54 GMT

GET
H2 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ 440 KB
177 KB 116ms
35ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__nl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c512b3288ae192026114388a991a4cf43ef40822d5825b9ec8221c71984eca47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://toaz.info/
Origin: https://toaz.info
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 18:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88966
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 180927
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 12:02:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 18:33:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
76 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N8JZLZ2M4N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-176701168-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5919df95a2ae173633f4aa18e85367c772d7169be8ec7eeb767076d9d34b735f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78180
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 12 Aug 2023 19:16:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 191ms
59ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-176701168-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 12 Aug 2023 17:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5220
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 12 Aug 2023 19:49:43 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308080102/ 372 KB
126 KB 104ms
103ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308080102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5789165178709115&plah=toaz.info&bust=31076951

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1725fd23cdbc7a49c8fecad5897f855c8336d971dd114504d73bf05ebe4d050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128446
x-xss-protection: 0
server: cafe
etag: 8303384413540716950
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 19:16:42 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/ Frame 3F57 10 KB
5 KB 121ms
32ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://toaz.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 32620
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 10:13:03 GMT
etag: 12368291122986407432
expires: Sat, 26 Aug 2023 10:13:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 87ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N8JZLZ2M4N&gtm=45je3890&_p=2018095835&cid=2117704786.1691867803&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1691867803&sct=1&seg=0&dl=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&dt=Blue%20Team%20Handbook%20-%20SOC%2C%20SIEM%20Threats%20Hunting%20Use%20Cases%20Notes%20from%20Fields%20(v1.02)%20by%20Don%20Murdoch.pdf%20%7C%20TOAZ.INFO&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N8JZLZ2M4N&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://toaz.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 viewer.css
toaz.info/viewer/web/ Frame FBA3 43 KB
8 KB 33ms
33ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://toaz.info/viewer/web/viewer.css
Requested by: Host: toaz.info
URL: https://toaz.info/viewer/web/viewer.html?file=https%3A%2F%2Ftoaz.info%2Fdocdownloadv2-blue-team-handbook-soc-siem-threats-hunting-use-cases-notes-from-fields-v1-pr_9efcaeb7b67ba4c9e688aefa70016449%3Fdata_code%3D9be2596b9f2edadce254909b2b385133
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 354d3c4f21e7dbf4e0bc4f7b7da9c085c95e4a4c55b43d95fc3c761c0e5dbd1b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.html?file=https%3A%2F%2Ftoaz.info%2Fdocdownloadv2-blue-team-handbook-soc-siem-threats-hunting-use-cases-notes-from-fields-v1-pr_9efcaeb7b67ba4c9e688aefa70016449%3Fdata_code%3D9be2596b9f2edadce254909b2b385133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1472206
cf-polished: origSize=56356
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: W/"5f4a0fb6-dc24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXLzIwKhuHnqyZvglaushVXUNUTHSxmZEuaWpgOTLmplSpUqjYcsPIbtqZyCpGUfRN5nVUiXbKlTq7nwGdPvj9NwIjFWnMkdSbcfM7nAEwymJhksiuore%2FPPIBesFYp7g6y5LTDz0Ho%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7f5b0de908760b70-AMS
expires: Fri, 25 Aug 2023 18:15:21 GMT

GET
H3 200 pdf.js Show response
toaz.info/viewer/build/ Frame FBA3 614 KB
129 KB 51ms
50ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://toaz.info/viewer/build/pdf.js
Requested by: Host: toaz.info
URL: https://toaz.info/viewer/web/viewer.html?file=https%3A%2F%2Ftoaz.info%2Fdocdownloadv2-blue-team-handbook-soc-siem-threats-hunting-use-cases-notes-from-fields-v1-pr_9efcaeb7b67ba4c9e688aefa70016449%3Fdata_code%3D9be2596b9f2edadce254909b2b385133
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeb0fe0480fd3142c27c58ca0bff5c5bd26cbee01fbbc2392fb526abe3250c20

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.html?file=https%3A%2F%2Ftoaz.info%2Fdocdownloadv2-blue-team-handbook-soc-siem-threats-hunting-use-cases-notes-from-fields-v1-pr_9efcaeb7b67ba4c9e688aefa70016449%3Fdata_code%3D9be2596b9f2edadce254909b2b385133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 463591
cf-polished: origSize=807204
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: W/"5f4a0fb6-c5124"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3P8VXDl1HSOfAcbM%2FgyqT39yUjCZvxZa2WbdnrQD7aDj8c1xQ1unFnN1tT%2BItsqjHHJfpSFDMnlSZdopySN8JkN1AweNbl7%2BA4fnaG0Fd%2Bz14kks6vazJxI9sEs8zSV%2FTwy2Xwqe1c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7f5b0de908780b70-AMS
expires: Wed, 06 Sep 2023 10:25:04 GMT

GET
H3 200 viewer.js Show response
toaz.info/viewer/web/ Frame FBA3 369 KB
76 KB 40ms
39ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://toaz.info/viewer/web/viewer.js
Requested by: Host: toaz.info
URL: https://toaz.info/viewer/web/viewer.html?file=https%3A%2F%2Ftoaz.info%2Fdocdownloadv2-blue-team-handbook-soc-siem-threats-hunting-use-cases-notes-from-fields-v1-pr_9efcaeb7b67ba4c9e688aefa70016449%3Fdata_code%3D9be2596b9f2edadce254909b2b385133
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c53ac195214b4697a710c3a485d17b80d2ac6feada6cd20acdf971996105f5b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.html?file=https%3A%2F%2Ftoaz.info%2Fdocdownloadv2-blue-team-handbook-soc-siem-threats-hunting-use-cases-notes-from-fields-v1-pr_9efcaeb7b67ba4c9e688aefa70016449%3Fdata_code%3D9be2596b9f2edadce254909b2b385133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1331746
cf-polished: origSize=506661
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: W/"5f4a0fb6-7bb25"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BdnxqqCdcGnF18ZHhjCMkLBU0uFeKr1bwPAW0KZS5I0u%2BpU32wJxbsjdsF%2BI85J3IAe6Ip28eyQMjMuNtn4zYMhDYjlHur6kL1r5DGpnkeRQSu%2FKbSbEwW6fL6IRZrdpSluMiNI%2FUk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7f5b0de9087a0b70-AMS
expires: Sun, 27 Aug 2023 09:16:17 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
201 B 39ms
38ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2018095835&t=pageview&_s=1&dl=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&ul=en-us&de=UTF-8&dt=Blue%20Team%20Handbook%20-%20SOC%2C%20SIEM%20Threats%20Hunting%20Use%20Cases%20Notes%20from%20Fields%20(v1.02)%20by%20Don%20Murdoch.pdf%20%7C%20TOAZ.INFO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1327693164&gjid=776192961&cid=2117704786.1691867803&tid=UA-176701168-1&_gid=152285506.1691867803&_r=1&gtm=457e3890&jsscut=1&z=260458300

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://toaz.info/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://toaz.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 texture.png
toaz.info/viewer/web/images/ Frame FBA3 2 KB
3 KB 36ms
35ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/viewer/web/images/texture.png
Requested by: Host: toaz.info
URL: https://toaz.info/viewer/web/viewer.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 161fb247ede7ecb867d864863b8e3de3a93daae6286fce1ab7c3700f55112c9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 550570
alt-svc: h3=":443"; ma=86400
content-length: 2417
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: "5f4a0fb6-971"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQJxA62be%2FKbpMNnh6vkFpnQC7f3EC%2FG2K8r6iHFjB1uJ1j0OQxn1V6Msn7WZowDUxQxDZVashGE1T5f0bpDoBcm%2BRAkBI3A2GJZH%2BF39Mo4kIo0EFiWZm0yCckc2YfORrS1uUiin3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7f5b0de9d9810b70-AMS
expires: Tue, 05 Sep 2023 10:15:29 GMT

GET
H3 200 toolbarButton-viewThumbnail.png
toaz.info/viewer/web/images/ Frame FBA3 185 B
702 B 34ms
33ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/viewer/web/images/toolbarButton-viewThumbnail.png
Requested by: Host: toaz.info
URL: https://toaz.info/viewer/web/viewer.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32170f852e6761cbbcfbb87175bfd6d84ed73823def767b1a7bdd058c6a3030a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 869581
alt-svc: h3=":443"; ma=86400
content-length: 185
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: "5f4a0fb6-b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4WEXaWQVGuHj6EgZiKd4uDe95GDx25bFmiM3EVtZmZGtLEQ4t6QuiuQmZiDp%2BUaps7KktFcbOeegJwjzo9QQVJVdlW8Srtrkg9rg%2BytouBGtjmCoY4WpfpA9D6mrd0rIEAxOUiBPDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7f5b0de9d9830b70-AMS
expires: Fri, 01 Sep 2023 17:38:48 GMT

GET
H3 200 toolbarButton-viewOutline.png
toaz.info/viewer/web/images/ Frame FBA3 178 B
703 B 32ms
32ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/viewer/web/images/toolbarButton-viewOutline.png
Requested by: Host: toaz.info
URL: https://toaz.info/viewer/web/viewer.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4bf8e4b3ddd92edaa4f3d39da434aa55ca52f487964cfe139242a29cfb596bf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2047331
alt-svc: h3=":443"; ma=86400
content-length: 178
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: "5f4a0fb6-b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8zOzC8uLk998X9qYNqZUSUDnzPWWaIXh%2F81QzDbfN%2BRKx%2F%2BgICIdyUo4M1dr0BhNSG3wMwJouJMArtbmyjJIX3v3vND3F9p2bAlngzPgEoF7OjC3yKLUjpZ7Z3D5%2FoEaVsedYwWY6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7f5b0de9d9840b70-AMS
expires: Sat, 19 Aug 2023 02:30:16 GMT

GET
H3 200 toolbarButton-viewAttachments.png
toaz.info/viewer/web/images/ Frame FBA3 384 B
906 B 34ms
34ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/viewer/web/images/toolbarButton-viewAttachments.png
Requested by: Host: toaz.info
URL: https://toaz.info/viewer/web/viewer.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bce5882a5b8caabd453fcc98c3d017f5663c845f50a00dcc78df854248b7d20

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 346168
alt-svc: h3=":443"; ma=86400
content-length: 384
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: "5f4a0fb6-180"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSFQQz6kGeFGWDEPmpJXgDPEknWMXM%2BR7M90u3VL0OAZBB2eqjnW5%2BHWSGtPDZjsz6U04sflu9SuyzA0Ja0UZs9CRr59CjsPJBArX5MpWnTndcMABNiKC8QKB8BdyDNWP7Raig%2FkjXM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7f5b0de9d9860b70-AMS
expires: Thu, 07 Sep 2023 19:02:03 GMT

GET
H3 200 toolbarButton-sidebarToggle.png
toaz.info/viewer/web/images/ Frame FBA3 225 B
750 B 42ms
42ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/viewer/web/images/toolbarButton-sidebarToggle.png
Requested by: Host: toaz.info
URL: https://toaz.info/viewer/web/viewer.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b97006dda25f0b3908ce7604108261ff8ab1e1984118f3dac296428bcf34b1a3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1764778
alt-svc: h3=":443"; ma=86400
content-length: 225
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: "5f4a0fb6-e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlzYdjYSunVRQLOnz0uzor%2BxKCJT6eMUMUZoOIG70%2F5IU1PSe4wxVKSiRKgBh%2BumSj%2BpUKfNRn1VivxrbOyyNpn1FZ3Y0bGNeIMAwiRZKt4Ghy1yXPGS4xHB%2ByBAkFrGmSFGcMb6wlI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7f5b0de9d9880b70-AMS
expires: Tue, 22 Aug 2023 08:59:19 GMT

GET
H3 200 toolbarButton-search.png
toaz.info/viewer/web/images/ Frame FBA3 309 B
828 B 34ms
34ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/viewer/web/images/toolbarButton-search.png
Requested by: Host: toaz.info
URL: https://toaz.info/viewer/web/viewer.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a0c8700265901b93feb0814d2db720d0e4f0b66ebfa98f717d1dc4e28e36646

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1368086
alt-svc: h3=":443"; ma=86400
content-length: 309
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: "5f4a0fb6-135"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AL1gc0LlOLXl5ZbjDeKxRZWDj1sEbTb8zUicTXeeEzqjMvLto10xrqUEPUTKuaflTq70M1n1mtHoZZSTqLSEsI129KAwX4CgOZ1lc5d%2F1HrMcKNoclp%2FEjCwAc8Khx9Bj0XFPBjaQNE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7f5b0de9d98c0b70-AMS
expires: Sat, 26 Aug 2023 23:10:38 GMT

GET
H3 200 toolbarButton-pageUp.png
toaz.info/viewer/web/images/ Frame FBA3 246 B
771 B 43ms
43ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/viewer/web/images/toolbarButton-pageUp.png
Requested by: Host: toaz.info
URL: https://toaz.info/viewer/web/viewer.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8722c44457c51f5090545306b32627b6907ace334e615bb5eba264e7aeba1b18

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 243027
alt-svc: h3=":443"; ma=86400
content-length: 246
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: "5f4a0fb6-f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shCw%2B7ZiPOHr4eB%2Fpyg8XldiMwNzc3pE3KclOie3LjBwtbIA78EvzwVUjjHNYaZPZgtMMJbzZGkSL%2FleUAdEyocwTo%2BAlLEFTc5vmMhE0bwO5VfXme%2FOGmd4Dw4s3k3%2Bl88De3SMUIk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7f5b0de9d98d0b70-AMS
expires: Fri, 08 Sep 2023 23:41:01 GMT

GET
H3 200 toolbarButton-pageDown.png
toaz.info/viewer/web/images/ Frame FBA3 238 B
759 B 42ms
42ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/viewer/web/images/toolbarButton-pageDown.png
Requested by: Host: toaz.info
URL: https://toaz.info/viewer/web/viewer.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e1aa1df58b9ba316c01f4e6ce1099e0fc56948836433b9fb34939de5a5e0e98

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 266052
alt-svc: h3=":443"; ma=86400
content-length: 238
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: "5f4a0fb6-ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7DuG7EVOCfSVKDylJUQHEl2FlFrAN%2FSdcglDMQZRLhR%2BUlrDGL7g2GBh40XUvng%2F0aJ3hCcpA0YUfpYJUzxAJcxi01syKcFJXI8UJ8JdE1hH11ULYEE0JvmoQE7uTMGwxKYzQqcrhE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7f5b0de9d98e0b70-AMS
expires: Fri, 08 Sep 2023 17:17:17 GMT

GET
H3 200 toolbarButton-print.png
toaz.info/viewer/web/images/ Frame FBA3 257 B
775 B 35ms
34ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/viewer/web/images/toolbarButton-print.png
Requested by: Host: toaz.info
URL: https://toaz.info/viewer/web/viewer.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f09068d019819fca961f6f1fbe02a267a83186e8a503857291b75c9360c63433

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1235313
alt-svc: h3=":443"; ma=86400
content-length: 257
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: "5f4a0fb6-101"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jeuAZ%2FQ7Lbk5SPqwQmEYBc4C0nmMgUVjgkMU7W1VeGjBA2lAQA92xOQpNk7YneQjUEisZBlIcziMEqT3YL1Zv1N0RkpvkkBtIg2zxG1daFATuPFs5Iu6l8cpvGaaUGGBIF2Qy4i%2BypA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7f5b0de9d9930b70-AMS
expires: Mon, 28 Aug 2023 12:03:27 GMT

GET
H3 200 toolbarButton-download.png
toaz.info/viewer/web/images/ Frame FBA3 259 B
782 B 39ms
38ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/viewer/web/images/toolbarButton-download.png
Requested by: Host: toaz.info
URL: https://toaz.info/viewer/web/viewer.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f44f96517c6ced760ede55714c5e7e1e259783974fcba750f53880a932ecd50

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1432093
alt-svc: h3=":443"; ma=86400
content-length: 259
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: "5f4a0fb6-103"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8URdqB0GLcutxE0B6xKUoVPC4YD%2BA5E9Qm9O4jtfNoFvY3rolYOpH8%2FJ6AMcOKt2oPVg2wBJyMLrwLiuIoEdbA%2BDrQgaU%2FSBnU7F6PBm7PsSRNDBtM%2BpTbga5YC8A%2Fi1zK4tIJaiTIY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7f5b0de9d9950b70-AMS
expires: Sat, 26 Aug 2023 05:23:53 GMT

GET
H3 200 toolbarButton-bookmark.png
toaz.info/viewer/web/images/ Frame FBA3 174 B
694 B 34ms
33ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/viewer/web/images/toolbarButton-bookmark.png
Requested by: Host: toaz.info
URL: https://toaz.info/viewer/web/viewer.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a281d912535dfd0a663182d7e9db5e6bcd9ca699aaefb489ce0e313f990d666

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1368086
alt-svc: h3=":443"; ma=86400
content-length: 174
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: "5f4a0fb6-ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HygIePwJRMybVaqVEBAlxZPMqVPDBw9jAO3lzw3HunyvBf8dgGH6eyJ7ZIa%2BoLe4zV04Cuq9g3%2BhLfi9rt742bpsvu0YDbunIa7Ez7Uaeq0npfKweU7qAnaYpZyIZH%2FISWT4xkUUyOk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7f5b0de9d9960b70-AMS
expires: Sat, 26 Aug 2023 23:10:38 GMT

GET
H3 200 toolbarButton-secondaryToolbarToggle.png
toaz.info/viewer/web/images/ Frame FBA3 243 B
766 B 44ms
44ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/viewer/web/images/toolbarButton-secondaryToolbarToggle.png
Requested by: Host: toaz.info
URL: https://toaz.info/viewer/web/viewer.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c41dd1f67d354720df07f64acaa46716d50ac22e10efe15e92fe6033dea8ff68

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 974112
alt-svc: h3=":443"; ma=86400
content-length: 243
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: "5f4a0fb6-f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0dWcmOF93F14xlHoZimf%2F8zO%2BdKuZSjRTSH%2BLFkCp7vXJjg9yNhlLUOXc0BEtQf1vctTXFo6toFIsLLyfw3AgFWRFd%2FbJYvbY4t1dEKgIzl%2FbIcEnXGSiiPNNt3VMjLzGo4ZJrpErfw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7f5b0de9e9ac0b70-AMS
expires: Thu, 31 Aug 2023 12:36:40 GMT

GET
H3 200 toolbarButton-zoomOut.png
toaz.info/viewer/web/images/ Frame FBA3 88 B
609 B 39ms
38ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/viewer/web/images/toolbarButton-zoomOut.png
Requested by: Host: toaz.info
URL: https://toaz.info/viewer/web/viewer.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bea530f1ac565fe3b95be3d4599508b9947fa6ef50114bc33216802342ff5187

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1318788
alt-svc: h3=":443"; ma=86400
content-length: 88
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: "5f4a0fb6-58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAk5eahA1h7V4EXieyrT3uC2wbC6WCo8B4djwKWLBBuxPOLrTjnUAdYqRYHSolhC6plNM5wZ%2F6%2F4vnwyPPgTVBl4zRa6W11q0DASx6DphTCMhsOQrQg%2BSDm%2F0xbftm51Z0WZ7ilZDCU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7f5b0de9e9ad0b70-AMS
expires: Sun, 27 Aug 2023 12:52:14 GMT

GET
H3 200 toolbarButton-zoomIn.png
toaz.info/viewer/web/images/ Frame FBA3 136 B
658 B 41ms
40ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/viewer/web/images/toolbarButton-zoomIn.png
Requested by: Host: toaz.info
URL: https://toaz.info/viewer/web/viewer.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f18129857ba039238716c12d5dab4e23e30ff73e3e4d217cf7b65bc058fb22c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 880792
alt-svc: h3=":443"; ma=86400
content-length: 136
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: "5f4a0fb6-88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsvASVDDdz%2F2zgCz8DoIxBvc6MT6Zt0glTJy%2FSkoxgfR3zBAd6z4PUjSsQEi1s3xfX9yw4UWdUWpy4oQI3Hyi2PVNGBUoof73uJBdbYxSdeFD%2BrkT6ZpSW4Xq%2FOS4P1BuwEDasSYnzM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7f5b0de9e9ae0b70-AMS
expires: Fri, 01 Sep 2023 14:31:57 GMT

GET
H3 200 toolbarButton-menuArrows.png
toaz.info/viewer/web/images/ Frame FBA3 107 B
623 B 39ms
38ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/viewer/web/images/toolbarButton-menuArrows.png
Requested by: Host: toaz.info
URL: https://toaz.info/viewer/web/viewer.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59280ac4ec15b3176cd6948fa4d2319698d484c971f432eb8454dd851416e5dd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1326540
alt-svc: h3=":443"; ma=86400
content-length: 107
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: "5f4a0fb6-6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lYDLE8J8cNoFA5MyrzghlY8vJQYLdFx48SZo9nWiz0YNxjsgYNQaOFlQPuY1%2Bf4VaotuMQpadWFUz1CBPDnwAWgaKdmbsDAAfZn3ZBPVqTi4HhfKXe9Bd6UKpWiIOh0QgLmgY2BmOA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7f5b0de9e9b00b70-AMS
expires: Sun, 27 Aug 2023 10:43:02 GMT

GET
H3 200 locale.properties Show response
toaz.info/viewer/web/locale/ Frame FBA3 4 KB
5 KB 122ms
121ms XHR
application/octet-stream 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://toaz.info/viewer/web/locale/locale.properties

Requested by

Host: toaz.info
URL: https://toaz.info/viewer/web/viewer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf3740ed3cd6e08d828fbff72f5bc6952ecec60e9e1534bceb3ac9fd0f34260e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.html?file=https%3A%2F%2Ftoaz.info%2Fdocdownloadv2-blue-team-handbook-soc-siem-threats-hunting-use-cases-notes-from-fields-v1-pr_9efcaeb7b67ba4c9e688aefa70016449%3Fdata_code%3D9be2596b9f2edadce254909b2b385133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:43 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f4a0fb6-10b2"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6nhmo6N15WPV3NME6HLvgKPLuJ2icZ5jNV5XqyUGFvXwfuoMatOCd%2FRYL1Ype%2Bk9XpwrZEs4%2Fbyo1Tzn0bWq8SrhNZrjR4KeaNV2wbW3AS6OUuTQ63lJwVInMLtlB7JcUNebVPGakM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 7f5b0de9e9b30b70-AMS
alt-svc: h3=":443"; ma=86400
content-length: 4274
x-xss-protection: 1; mode=block

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
601 B 153ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=toaz.info&callback=_gfp_s_&client=ca-pub-5789165178709115

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308080102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5789165178709115&plah=toaz.info&bust=31076951

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0a720df13097117c68be5f6137edfc51ca7efb012bbb85c3e62cc56c4225e30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1542 103 KB
36 KB 1046ms
1045ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5789165178709115&output=html&h=280&slotname=7058684672&adk=3012457269&adf=4134371643&pi=t.ma~as.7058684672&w=730&fwrn=4&fwrnh=100&lmt=1691860603&rafmt=1&format=730x280&url=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691867802934&bpp=5&bdt=638&idt=256&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&correlator=6391662765563&frm=20&pv=2&ga_vid=2117704786.1691867803&ga_sid=1691867803&ga_hid=2018095835&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=99&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759875%2C44759926%2C44759837%2C31076875%2C31076924%2C31077016%2C44795921%2C31076951&oid=2&pvsid=92126982325076&tmod=1453618474&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PkmkeLL1Ts&p=https%3A//toaz.info&dtd=288

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3916101560bb73952b11ffba1cbcbd98495c3c4b490850e963af5bf5a282099

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://toaz.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37001
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 19:16:44 GMT
expires: Sat, 12 Aug 2023 19:16:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 00D5 89 KB
35 KB 1156ms
1155ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5789165178709115&output=html&h=280&slotname=7058684672&adk=166103319&adf=2931138512&pi=t.ma~as.7058684672&w=350&fwrn=4&fwrnh=100&lmt=1691860603&rafmt=1&format=350x280&url=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691867802939&bpp=1&bdt=643&idt=301&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=6391662765563&frm=20&pv=1&ga_vid=2117704786.1691867803&ga_sid=1691867803&ga_hid=2018095835&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=426&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759875%2C44759926%2C44759837%2C31076875%2C31076924%2C31077016%2C44795921%2C31076951&oid=2&pvsid=92126982325076&tmod=1453618474&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bfWm7I27sh&p=https%3A//toaz.info&dtd=308

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d2109e59ec2a0d30822c964e498faaeb4a58d3a683fc45a7e0ed81ce9971f34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://toaz.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35553
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 19:16:44 GMT
expires: Sat, 12 Aug 2023 19:16:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0B19 278 KB
65 KB 1226ms
1225ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5789165178709115&output=html&adk=1812271804&adf=3025194257&lmt=1691860603&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691867802966&bpp=2&bdt=670&idt=291&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C350x280&nras=1&correlator=6391662765563&frm=20&pv=1&ga_vid=2117704786.1691867803&ga_sid=1691867803&ga_hid=2018095835&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759875%2C44759926%2C44759837%2C31076875%2C31076924%2C31077016%2C44795921%2C31076951&oid=2&pvsid=92126982325076&tmod=1453618474&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=311

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07f348de2eacaf6d7a7069323e55b0157dee2be983d44c9657c6dafe6354e8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://toaz.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 66388
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 19:16:44 GMT
expires: Sat, 12 Aug 2023 19:16:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 viewer.properties Show response
toaz.info/viewer/web/locale/en-US/ Frame FBA3 11 KB
11 KB 369ms
368ms XHR
application/octet-stream 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://toaz.info/viewer/web/locale/en-US/viewer.properties

Requested by

Host: toaz.info
URL: https://toaz.info/viewer/web/viewer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77f4397dc9c1c6870f6b1cae9eddbc8b31a478ca93bfdbfeae2cdd07316f2e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.html?file=https%3A%2F%2Ftoaz.info%2Fdocdownloadv2-blue-team-handbook-soc-siem-threats-hunting-use-cases-notes-from-fields-v1-pr_9efcaeb7b67ba4c9e688aefa70016449%3Fdata_code%3D9be2596b9f2edadce254909b2b385133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:43 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f4a0fb6-2aa4"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6uaNOhrnB1iGWlO0JzADiY31P3NFAjPrMqlCGBn%2FLiysJFA0Qqi%2BWqcakx3JeGWmCnv0jfEfFJ9gOiyMLrS7cZMrX58XkrdO7OKtPetfHpCsMxMrA9d3D1A4gqQUJbdTp6SbTA9meG8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 7f5b0deacaba0b70-AMS
alt-svc: h3=":443"; ma=86400
content-length: 10916
x-xss-protection: 1; mode=block

GET
H3 200 pdf.worker.js
toaz.info/viewer/build/ Frame FBA3 1 MB
287 KB 43ms
43ms Other
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://toaz.info/viewer/build/pdf.worker.js
Requested by: Host: toaz.info
URL: https://toaz.info/doc-view-2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 117785ee66927008b57b9cc8b4b99ccd8a1f4f5c562a8e52bd12908706aab1e3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.html?file=https%3A%2F%2Ftoaz.info%2Fdocdownloadv2-blue-team-handbook-soc-siem-threats-hunting-use-cases-notes-from-fields-v1-pr_9efcaeb7b67ba4c9e688aefa70016449%3Fdata_code%3D9be2596b9f2edadce254909b2b385133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 885945
cf-polished: origSize=1742287
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: W/"5f4a0fb6-1a95cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0p8Fc3VAWrlI6MbtXCyl9LmlNaQQKg%2Fmxn%2Bz9Qv%2B3pl4aDsDSQ58LDmIvgUr2XBQmlJdloaL7VuYYNGLP0%2FNarj2ULV97%2Fjabrs32j6LRQjta2DlKAruGUxhJyL5CGoqokM4pbz7%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7f5b0ded2df20b70-AMS
expires: Fri, 01 Sep 2023 13:06:04 GMT

GET
H3 200 docdownloadv2-blue-team-handbook-soc-siem-threats-hunting-use-cases-notes-from-fields-v1-pr_9efcaeb7b67ba4c9e688aefa70016449
toaz.info/ Frame FBA3 22 MB
0 233ms
233ms Fetch
application/pdf 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://toaz.info/docdownloadv2-blue-team-handbook-soc-siem-threats-hunting-use-cases-notes-from-fields-v1-pr_9efcaeb7b67ba4c9e688aefa70016449?data_code=9be2596b9f2edadce254909b2b385133

Requested by

Host: toaz.info
URL: https://toaz.info/viewer/build/pdf.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.html?file=https%3A%2F%2Ftoaz.info%2Fdocdownloadv2-blue-team-handbook-soc-siem-threats-hunting-use-cases-notes-from-fields-v1-pr_9efcaeb7b67ba4c9e688aefa70016449%3Fdata_code%3D9be2596b9f2edadce254909b2b385133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:44 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: attachment; filename="toaz.info-blue-team-handbook-soc-siem-threats-hunting-use-cases-notes-from-fields-v1-pr_9efcaeb7b67ba4c9e688aefa70016449.pdf"
alt-svc: h3=":443"; ma=86400
content-length: 23344293
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PfCZ5BGDJTYIY173xnpbwVGg%2Fu9WCEproG0GNMH5XtoiMmpn%2FkQHrxmKIOxHUc27eT9u4aZXSkzRc8fn2IHUsCIx0JciAIkQzF31P0pMeLHND89qoLHrWTQjl6BaU3uSfA%2FkhbN9eCs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/pdf
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7f5b0dee1f320b70-AMS
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1542 4 KB
751 B 43ms
41ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5789165178709115&output=html&h=280&slotname=7058684672&adk=3012457269&adf=4134371643&pi=t.ma~as.7058684672&w=730&fwrn=4&fwrnh=100&lmt=1691860603&rafmt=1&format=730x280&url=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691867802934&bpp=5&bdt=638&idt=256&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&correlator=6391662765563&frm=20&pv=2&ga_vid=2117704786.1691867803&ga_sid=1691867803&ga_hid=2018095835&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=99&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759875%2C44759926%2C44759837%2C31076875%2C31076924%2C31077016%2C44795921%2C31076951&oid=2&pvsid=92126982325076&tmod=1453618474&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PkmkeLL1Ts&p=https%3A//toaz.info&dtd=288

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 12 Aug 2023 19:16:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 12 Aug 2023 17:36:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 12 Aug 2023 19:16:44 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 1542 2 KB
973 B 111ms
36ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:41:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48907
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 05:41:37 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 1542 23 KB
9 KB 109ms
37ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 05:41:38 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 1542 3 KB
1 KB 114ms
43ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 17:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 17:20:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 1542 20 KB
8 KB 103ms
32ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 07:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 07:29:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1542 179 KB
57 KB 185ms
58ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Aug 2023 19:16:44 GMT

GET
H3 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame 1542 33 KB
14 KB 96ms
32ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:16:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 06 Nov 2023 07:16:49 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4116391593695819843/ Frame 1542 27 KB
27 KB 126ms
63ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4116391593695819843/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1591f8a548aff64a8e0208e51b9d62437a109ca790f048bbac7434f6ece77f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 19:43:12 GMT
x-content-type-options: nosniff
age: 84812
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27591
x-xss-protection: 0
last-modified: Thu, 04 May 2023 09:43:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 10 Aug 2024 19:43:12 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/7326737923541744954/ Frame 1542 1 KB
1 KB 125ms
62ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7326737923541744954/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1355979597393d599793ded2685ed48992935bc832f1c377354749c74554368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:07:17 GMT
x-content-type-options: nosniff
age: 14967
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1121
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 14:30:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 11 Aug 2024 15:07:17 GMT

GET
H2 200 6316500201914770535
tpc.googlesyndication.com/simgad/ Frame 00D5 35 KB
36 KB 47ms
46ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6316500201914770535?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlW2TG6Ddk40T8sSITALX_Qwsmteg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5789165178709115&output=html&h=280&slotname=7058684672&adk=166103319&adf=2931138512&pi=t.ma~as.7058684672&w=350&fwrn=4&fwrnh=100&lmt=1691860603&rafmt=1&format=350x280&url=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691867802939&bpp=1&bdt=643&idt=301&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=6391662765563&frm=20&pv=1&ga_vid=2117704786.1691867803&ga_sid=1691867803&ga_hid=2018095835&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=426&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759875%2C44759926%2C44759837%2C31076875%2C31076924%2C31077016%2C44795921%2C31076951&oid=2&pvsid=92126982325076&tmod=1453618474&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bfWm7I27sh&p=https%3A//toaz.info&dtd=308

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2029cbb9234a8189fbe2046a354545b542d480b033ed3ab0920bfccd9319a50c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:50:19 GMT
x-content-type-options: nosniff
age: 69985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36254
x-xss-protection: 0
last-modified: Sun, 04 Jun 2023 06:54:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 10 Aug 2024 23:50:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 00D5 23 KB
9 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5789165178709115&output=html&h=280&slotname=7058684672&adk=166103319&adf=2931138512&pi=t.ma~as.7058684672&w=350&fwrn=4&fwrnh=100&lmt=1691860603&rafmt=1&format=350x280&url=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691867802939&bpp=1&bdt=643&idt=301&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=6391662765563&frm=20&pv=1&ga_vid=2117704786.1691867803&ga_sid=1691867803&ga_hid=2018095835&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=426&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759875%2C44759926%2C44759837%2C31076875%2C31076924%2C31077016%2C44795921%2C31076951&oid=2&pvsid=92126982325076&tmod=1453618474&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bfWm7I27sh&p=https%3A//toaz.info&dtd=308

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 05:41:38 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1E3F 143 B
166 B 33ms
32ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5789165178709115&output=html&h=280&slotname=7058684672&adk=166103319&adf=2931138512&pi=t.ma~as.7058684672&w=350&fwrn=4&fwrnh=100&lmt=1691860603&rafmt=1&format=350x280&url=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691867802939&bpp=1&bdt=643&idt=301&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=6391662765563&frm=20&pv=1&ga_vid=2117704786.1691867803&ga_sid=1691867803&ga_hid=2018095835&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=426&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759875%2C44759926%2C44759837%2C31076875%2C31076924%2C31077016%2C44795921%2C31076951&oid=2&pvsid=92126982325076&tmod=1453618474&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bfWm7I27sh&p=https%3A//toaz.info&dtd=308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5789165178709115&output=html&h=280&slotname=7058684672&adk=166103319&adf=2931138512&pi=t.ma~as.7058684672&w=350&fwrn=4&fwrnh=100&lmt=1691860603&rafmt=1&format=350x280&url=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691867802939&bpp=1&bdt=643&idt=301&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=6391662765563&frm=20&pv=1&ga_vid=2117704786.1691867803&ga_sid=1691867803&ga_hid=2018095835&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=426&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759875%2C44759926%2C44759837%2C31076875%2C31076924%2C31077016%2C44795921%2C31076951&oid=2&pvsid=92126982325076&tmod=1453618474&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bfWm7I27sh&p=https%3A//toaz.info&dtd=308
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 3181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 18:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-aixpdfvhgiooi-mqhd7qniycdkq27g-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame ECD2 247 B
866 B 151ms
46ms Document
text/html 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-aixpdfvhgiooi-mqhd7qniycdkq27g-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5789165178709115&output=html&h=280&slotname=7058684672&adk=166103319&adf=2931138512&pi=t.ma~as.7058684672&w=350&fwrn=4&fwrnh=100&lmt=1691860603&rafmt=1&format=350x280&url=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691867802939&bpp=1&bdt=643&idt=301&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=6391662765563&frm=20&pv=1&ga_vid=2117704786.1691867803&ga_sid=1691867803&ga_hid=2018095835&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=426&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759875%2C44759926%2C44759837%2C31076875%2C31076924%2C31077016%2C44795921%2C31076951&oid=2&pvsid=92126982325076&tmod=1453618474&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bfWm7I27sh&p=https%3A//toaz.info&dtd=308

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

91e0d6c6a394664bc1340bb8be605388f0d02282f1f16bdf402c6f19634d8cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 202
content-security-policy-report-only: script-src 'nonce-m4tLde0g4z-DhAvr4xD5FA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 19:16:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 00D5 3 KB
1 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5789165178709115&output=html&h=280&slotname=7058684672&adk=166103319&adf=2931138512&pi=t.ma~as.7058684672&w=350&fwrn=4&fwrnh=100&lmt=1691860603&rafmt=1&format=350x280&url=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691867802939&bpp=1&bdt=643&idt=301&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=6391662765563&frm=20&pv=1&ga_vid=2117704786.1691867803&ga_sid=1691867803&ga_hid=2018095835&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=426&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759875%2C44759926%2C44759837%2C31076875%2C31076924%2C31077016%2C44795921%2C31076951&oid=2&pvsid=92126982325076&tmod=1453618474&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bfWm7I27sh&p=https%3A//toaz.info&dtd=308

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 17:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 17:20:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 00D5 20 KB
8 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5789165178709115&output=html&h=280&slotname=7058684672&adk=166103319&adf=2931138512&pi=t.ma~as.7058684672&w=350&fwrn=4&fwrnh=100&lmt=1691860603&rafmt=1&format=350x280&url=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691867802939&bpp=1&bdt=643&idt=301&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=6391662765563&frm=20&pv=1&ga_vid=2117704786.1691867803&ga_sid=1691867803&ga_hid=2018095835&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=426&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759875%2C44759926%2C44759837%2C31076875%2C31076924%2C31077016%2C44795921%2C31076951&oid=2&pvsid=92126982325076&tmod=1453618474&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bfWm7I27sh&p=https%3A//toaz.info&dtd=308

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 07:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 07:29:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 00D5 179 KB
56 KB 116ms
110ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5789165178709115&output=html&h=280&slotname=7058684672&adk=166103319&adf=2931138512&pi=t.ma~as.7058684672&w=350&fwrn=4&fwrnh=100&lmt=1691860603&rafmt=1&format=350x280&url=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691867802939&bpp=1&bdt=643&idt=301&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=6391662765563&frm=20&pv=1&ga_vid=2117704786.1691867803&ga_sid=1691867803&ga_hid=2018095835&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=426&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759875%2C44759926%2C44759837%2C31076875%2C31076924%2C31077016%2C44795921%2C31076951&oid=2&pvsid=92126982325076&tmod=1453618474&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bfWm7I27sh&p=https%3A//toaz.info&dtd=308

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Aug 2023 19:16:44 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 00D5 35 KB
14 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5789165178709115&output=html&h=280&slotname=7058684672&adk=166103319&adf=2931138512&pi=t.ma~as.7058684672&w=350&fwrn=4&fwrnh=100&lmt=1691860603&rafmt=1&format=350x280&url=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691867802939&bpp=1&bdt=643&idt=301&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=6391662765563&frm=20&pv=1&ga_vid=2117704786.1691867803&ga_sid=1691867803&ga_hid=2018095835&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=426&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759875%2C44759926%2C44759837%2C31076875%2C31076924%2C31077016%2C44795921%2C31076951&oid=2&pvsid=92126982325076&tmod=1453618474&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bfWm7I27sh&p=https%3A//toaz.info&dtd=308

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e90f6b678b2f030caab438c18a9682c81b824f5b829cf9e436065c11bf293193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:58:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14283
x-xss-protection: 0
server: cafe
etag: 10830060499921058150
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Aug 2023 23:58:57 GMT

GET
DATA 200
OK truncated
/ Frame 1542 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 962786598adec122818e023c48f4dbdf8c0d732b7da50257328ee23d75f62ac6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1E3F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

43ms
43ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5789165178709115&output=html&h=280&slotname=7058684672&adk=166103319&adf=2931138512&pi=t.ma~as.7058684672&w=350&fwrn=4&fwrnh=100&lmt=1691860603&rafmt=1&format=350x280&url=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691867802939&bpp=1&bdt=643&idt=301&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=6391662765563&frm=20&pv=1&ga_vid=2117704786.1691867803&ga_sid=1691867803&ga_hid=2018095835&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=426&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759875%2C44759926%2C44759837%2C31076875%2C31076924%2C31077016%2C44795921%2C31076951&oid=2&pvsid=92126982325076&tmod=1453618474&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bfWm7I27sh&p=https%3A//toaz.info&dtd=308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 19:16:44 GMT
expires: Sat, 12 Aug 2023 19:16:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 19:16:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 00D5 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 867608a237db2dd7aa28e94525b2c033713f5bb98e575a4d5dd8e2765d18f188

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308080102/ 154 KB
52 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308080102/reactive_library_fy2021.js?bust=31076951

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

785b5bfe7c5dddc3c99a3307eae5e61646b8ca5fb63400977dd1f8bb76c6887c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53699
x-xss-protection: 0
server: cafe
etag: 7466747269379439600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 19:16:44 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FCB6 124 KB
41 KB 508ms
507ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5789165178709115&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.3543130935~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691860604&rafmt=1&to=qs&pwprc=5119181533&format=1200x280&url=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691867804631&bpp=1&bdt=2334&idt=1&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da5c0223486353a14-22049ca64ede00a4%3AT%3D1691867803%3ART%3D1691867803%3AS%3DALNI_MZLGvs0K255rxfIRZcTZiyUgkP-bA&gpic=UID%3D00000c5fa3b1b0ca%3AT%3D1691867803%3ART%3D1691867803%3AS%3DALNI_MabRu89dtZleSZqeWDjsZmpP7zI1g&prev_fmts=730x280%2C350x280%2C0x0&nras=2&correlator=6391662765563&frm=20&pv=1&ga_vid=2117704786.1691867803&ga_sid=1691867803&ga_hid=2018095835&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3240&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759875%2C44759926%2C44759837%2C31076875%2C31076924%2C31077016%2C44795921%2C31076951&oid=2&psts=AOrYGskmkOhcm1t5osMhZfaLTkrs2X6y6qU8-PTwMugq8sWLrtj72Zi9zzfnhojsVE4xZ7bFo_uejnN3bYHDujZbJ-r6iuk%2CAOrYGslTmj5BVLFcwa6yMN2XKhezMCrIEhFCokSqsGB7czCSfds70u97Kox-7bKgrhvhXrpY6jQ0dWAfCeXYM8Kg1lh4PaKY&pvsid=92126982325076&tmod=1453618474&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=wwdMWBfORI&p=https%3A//toaz.info&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7ed7d6edeb2e1c064418471051c944e22f958d53c5be36b676a4452b42f76fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://toaz.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42085
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 19:16:45 GMT
expires: Sat, 12 Aug 2023 19:16:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe.html Show response
p4-aixpdfvhgiooi-mqhd7qniycdkq27g-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame ECD2 5 KB
2 KB 42ms
41ms Document
text/html 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-aixpdfvhgiooi-mqhd7qniycdkq27g-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-aixpdfvhgiooi-mqhd7qniycdkq27g-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-aixpdfvhgiooi-mqhd7qniycdkq27g-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

2cd3ce564969b6ac22ec5ecc25d5fa806a8372820bff66a57e228e8379f78a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-aixpdfvhgiooi-mqhd7qniycdkq27g-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1985
content-security-policy-report-only: script-src 'nonce-otkgpzSuUYNoLqmWINOwsA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 19:16:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 22:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1542 16 KB
16 KB 32ms
32ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 352230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Aug 2024 17:26:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1542 15 KB
15 KB 34ms
34ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 248908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 22:08:16 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/ Frame 63DA 10 KB
4 KB 32ms
32ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://toaz.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 32402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 10:16:42 GMT
etag: 12368291122986407432
expires: Sat, 26 Aug 2023 10:16:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/ Frame DC3D 10 KB
4 KB 32ms
31ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://toaz.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 32402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 10:16:42 GMT
etag: 12368291122986407432
expires: Sat, 26 Aug 2023 10:16:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/ Frame 3656 10 KB
4 KB 33ms
32ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://toaz.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 32402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 10:16:42 GMT
etag: 12368291122986407432
expires: Sat, 26 Aug 2023 10:16:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1542
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C8H1dm9rXZLrQEIGMtwepzb6oCfS-veNxp6H9044S9sKZvo0OEAEgh-PsNmCRhKCFjBigAaGV8u0CyAEJqQKoPV_hbl6yPqgDAcgDywSqBMUBT9BlzJsRPh58ftva2otpHAe3BoBtN7SWSGq...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213371854145453763581%22,%22debug_reporting%22:true,%22destination%22:%22https://betterme.world%22,%22event_report_window%2...

0
0

231ms
104ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213371854145453763581%22,%22debug_reporting%22:true,%22destination%22:%22https://betterme.world%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22767330977%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214752044040026722321%22}&andc=true

Requested by

Host: toaz.info
URL: https://toaz.info/doc-view-2

Protocol

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:45 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13371854145453763581","debug_reporting":true,"destination":"https://betterme.world","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["767330977"],"4":["08-12"],"6":["true"]},"priority":"500","source_event_id":"14752044040026722321"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 12 Aug 2023 19:16:45 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 12 Aug 2023 19:16:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13371854145453763581","debug_reporting":true,"destination":"https://betterme.world","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["767330977"],"4":["08-12"],"6":["true"]},"priority":"500","source_event_id":"14752044040026722321"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js Show response
pagead2.googlesyndication.com/bg/ Frame 8021 37 KB
14 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 06:15:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14662
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Aug 2024 06:15:21 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 00D5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cn9YVm9rXZIz7EpLwtgeD2qzwDPS-veNxt5_9044S9sKZvo0OEAEgh-PsNmCRhKCFjBigAaGV8u0CyAECqQKoPV_hbl6yPqgDAcgDyQSqBMkBT9AVZIsY0zhrRPorCVdp52Q7YOqnICUVlCz...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210705005527677412047%22,%22debug_reporting%22:true,%22destination%22:%22https://betterme.world%22,%22event_report_window%2...

0
0

229ms
103ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210705005527677412047%22,%22debug_reporting%22:true,%22destination%22:%22https://betterme.world%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22767330977%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213696156114546050097%22}&andc=true

Requested by

Host: toaz.info
URL: https://toaz.info/doc-view-2

Protocol

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:45 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10705005527677412047","debug_reporting":true,"destination":"https://betterme.world","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["767330977"],"4":["08-12"],"6":["true"]},"priority":"500","source_event_id":"13696156114546050097"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 12 Aug 2023 19:16:45 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 12 Aug 2023 19:16:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10705005527677412047","debug_reporting":true,"destination":"https://betterme.world","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["767330977"],"4":["08-12"],"6":["true"]},"priority":"500","source_event_id":"13696156114546050097"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 63DA 23 KB
9 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 05:41:38 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ECCE 143 B
166 B 35ms
33ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 3181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 18:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 63DA 3 KB
1 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 17:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 17:20:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 63DA 20 KB
8 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 07:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 07:29:28 GMT

GET
H3 200 6849913469490643563
tpc.googlesyndication.com/simgad/ Frame 63DA 28 KB
28 KB 38ms
37ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6849913469490643563?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlc9lPWGsCV0X4PntlhoM1AGBtueg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3af012a7c7f3c9b0a46d15558764e1128338f3f1faa1014918cdb2991682ac80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 13:53:37 GMT
x-content-type-options: nosniff
age: 364987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28706
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 11:32:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Aug 2024 13:53:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 63DA 179 KB
56 KB 76ms
73ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Aug 2023 19:16:44 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 63DA 35 KB
14 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e90f6b678b2f030caab438c18a9682c81b824f5b829cf9e436065c11bf293193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:58:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14283
x-xss-protection: 0
server: cafe
etag: 10830060499921058150
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Aug 2023 23:58:57 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8277 624 B
242 B 73ms
72ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMu2VBCU-GcYxc_05QEwAQ&v=APEucNU1z6Z8UozagbmYi-kOrGqmwHO8uhPdnEKz8DXjTvuibEwJTmIff1ffeu9wC8gxD5Gs1fPkzssxbUoQrq7WfsYCRFmKIDfPac83gzvlz2jee7qkwELPA5QmYdv9orlijOPjpHePujjZRFDFGODa7Z8PquRAg3LPWwHdGkyVpY9YZdpi6xU

Requested by

Host: toaz.info
URL: https://toaz.info/doc-view-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 19:16:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D30C 86 KB
29 KB 104ms
102ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: toaz.info
URL: https://toaz.info/doc-view-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 19:16:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame D30C 3 KB
1 KB 103ms
101ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: toaz.info
URL: https://toaz.info/doc-view-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 17:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 17:20:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame D30C 20 KB
8 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: toaz.info
URL: https://toaz.info/doc-view-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 07:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 07:29:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D30C 179 KB
56 KB 71ms
69ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: toaz.info
URL: https://toaz.info/doc-view-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Aug 2023 19:16:44 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D30C 42 B
63 B 133ms
132ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AkXcs0FbwHq7CxuGvzhybVAInRre34OdfMLId1AEgxSYQXAuQyJNJjipylG_AhM7pGzBNWS2eXjU67lsClYcREinSaLOxrPJFdKEIE6wXtCB3ir5g

Requested by

Host: toaz.info
URL: https://toaz.info/doc-view-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D30C 0
20 B 134ms
133ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8445153921738186759&x=1&ct=76

Requested by

Host: toaz.info
URL: https://toaz.info/doc-view-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js Show response
pagead2.googlesyndication.com/bg/ Frame 1031 37 KB
14 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5789165178709115&output=html&h=280&slotname=7058684672&adk=166103319&adf=2931138512&pi=t.ma~as.7058684672&w=350&fwrn=4&fwrnh=100&lmt=1691860603&rafmt=1&format=350x280&url=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691867802939&bpp=1&bdt=643&idt=301&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=6391662765563&frm=20&pv=1&ga_vid=2117704786.1691867803&ga_sid=1691867803&ga_hid=2018095835&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=426&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759875%2C44759926%2C44759837%2C31076875%2C31076924%2C31077016%2C44795921%2C31076951&oid=2&pvsid=92126982325076&tmod=1453618474&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bfWm7I27sh&p=https%3A//toaz.info&dtd=308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 06:15:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14662
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Aug 2024 06:15:21 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 185ms
67ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 12 Aug 2023 19:16:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 3656 23 KB
9 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 05:41:38 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D850 143 B
166 B 45ms
39ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 3181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 18:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 3656 3 KB
1 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 17:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 17:20:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 3656 20 KB
8 KB 38ms
34ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 07:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 07:29:28 GMT

GET
H3 200 2249365435443319251
tpc.googlesyndication.com/simgad/ Frame 3656 13 KB
13 KB 42ms
37ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2249365435443319251?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlyQOAafN7DhIk8_W3fW9Oq4xLJyA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01e68a8eecc8f654a8409eb169abdd895a5c6523126fae7d12c650c917cd1de9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 13:53:37 GMT
x-content-type-options: nosniff
age: 364987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12879
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 11:32:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Aug 2024 13:53:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3656 179 KB
56 KB 83ms
65ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Aug 2023 19:16:44 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 3656 35 KB
14 KB 39ms
35ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e90f6b678b2f030caab438c18a9682c81b824f5b829cf9e436065c11bf293193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:58:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14283
x-xss-protection: 0
server: cafe
etag: 10830060499921058150
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Aug 2023 23:58:57 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 143ms
68ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 12 Aug 2023 19:16:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8277
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ8TOEDsUFgMFrkzbVyLfHE&google_cver=1

43 B
766 B

33ms
32ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ8TOEDsUFgMFrkzbVyLfHE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMu2VBCU-GcYxc_05QEwAQ&v=APEucNU1z6Z8UozagbmYi-kOrGqmwHO8uhPdnEKz8DXjTvuibEwJTmIff1ffeu9wC8gxD5Gs1fPkzssxbUoQrq7WfsYCRFmKIDfPac83gzvlz2jee7qkwELPA5QmYdv9orlijOPjpHePujjZRFDFGODa7Z8PquRAg3LPWwHdGkyVpY9YZdpi6xU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Aug 2023 19:16:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ8TOEDsUFgMFrkzbVyLfHE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8277
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNfanTQ0T1sPUxkM8aVOWAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKUgmeGmrjliZpeuX0Dqxww&google_cver=1

43 B
766 B

33ms
33ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKUgmeGmrjliZpeuX0Dqxww&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMu2VBCU-GcYxc_05QEwAQ&v=APEucNU1z6Z8UozagbmYi-kOrGqmwHO8uhPdnEKz8DXjTvuibEwJTmIff1ffeu9wC8gxD5Gs1fPkzssxbUoQrq7WfsYCRFmKIDfPac83gzvlz2jee7qkwELPA5QmYdv9orlijOPjpHePujjZRFDFGODa7Z8PquRAg3LPWwHdGkyVpY9YZdpi6xU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Aug 2023 19:16:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKUgmeGmrjliZpeuX0Dqxww&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 8277
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEN-keAbAT2yirG9GxfzHB2U&google_cver=1

43 B
842 B

26ms
26ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEN-keAbAT2yirG9GxfzHB2U&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMu2VBCU-GcYxc_05QEwAQ&v=APEucNU1z6Z8UozagbmYi-kOrGqmwHO8uhPdnEKz8DXjTvuibEwJTmIff1ffeu9wC8gxD5Gs1fPkzssxbUoQrq7WfsYCRFmKIDfPac83gzvlz2jee7qkwELPA5QmYdv9orlijOPjpHePujjZRFDFGODa7Z8PquRAg3LPWwHdGkyVpY9YZdpi6xU

Protocol

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:45 GMT
an-x-request-uuid: aa74e3e5-ac63-4644-ada5-3394d36d548e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.150.115; 31.204.150.115; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEN-keAbAT2yirG9GxfzHB2U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8277
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA1ODg5NzMwNTA4NDU4NTMzOA%3D%3D

170 B
243 B

44ms
43ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA1ODg5NzMwNTA4NDU4NTMzOA%3D%3D

Requested by

Protocol

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:45 GMT
an-x-request-uuid: 6a9f4375-5fbd-45be-833b-03cf846c66cd
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA1ODg5NzMwNTA4NDU4NTMzOA%3D%3D
x-proxy-origin: 31.204.150.115; 31.204.150.115; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ECCE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

50ms
46ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 19:16:45 GMT
expires: Sat, 12 Aug 2023 19:16:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 19:16:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D30C 0
20 B 133ms
133ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9879523369195&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D30C 0
20 B 131ms
131ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9879523369195&version=m202307240101&ct=76&x=1&cor=8445153921738187000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D30C 88 KB
36 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cpr2m3HLgt92JkHLir9sHUavF241raAPWBQSU-gj-_aSFBBjw1YwAaE0AMCI1j7ajXw6_25wVqnAsas-Yq7wkcVWwCqg&cry=1&dbm_d=AKAmf-BD_Q2oeukvKOGfos6N00rjNIQUDwA2oesJVqOLzB8HNukffCKmAKPLicr4BQqkBUFpjOAdeA_5RverQeAzPRXuHC1h9YJIhoLIr58h8y_h1gExancMb2JJiQGqsJpJP5P5Noqtt3Jou6xR8M2S9EVsygnkfFrz8SKYn9sv3ZYk2DdLGmZmgQVIA327mACbYxzIpuXGTlxtimN_80vUg9mNWZIXvBcb-evrLr8y8H28EtOPbLVCe9Rm-lE7i5PLylEL4qmpjIrqRA70Xhls2EcC1dzB61bi7adJyJ7zzhM7J1rqVVETKJw_qp33PoI4NjwT8rUFR7P_7qmCQJkakFgnsC9G4dDdMl_G__peZLJty6dpNdTeXrAa8xMAdDYLHAi6D7cORsuY6fYCgNkqr6qpHDBFiMWidxlwpJ1gak-GNnAZXJd2hkcKMxOdJlWCFWQGmdNs-AhCnsR2mGUcPedTv6PgN_s2ViY3lras6p3e7vnCMms_hX6NzDtDTinkmUxPv1NBRQc67Q8QxA1FPewd-30tutih0sEzB5SqpnmSY7dRGBEmbmUe2-u8NlmDj0BXFIIx9oFRCldLmtQ4oY8qgu8ZiOGtxBFQVMh6v7iNa8WSJaRBXXJ76JLdnzL-89-gRlmcBjus_4bvujV8dO8MU21PXpTPJ53TFIUfrwkmGXsNKsCyqRaW5fdRWKh0lfZWwwiQdVMO1SIMXYwrJEsEyQ_GD_H2dG34B7weySdsZUnkLvHDmA4oOJLdWqLyLrZUE_szViE7G6Knvlr828-ge9C08gTmoE5c1OqjgpV_c_xIcHOEAXu9qUiN7PHa7le4xWQr3glzqM3kG60cpNDUEsBetDJtBzG8t7HXjesUdiJ6bQMBn6rQDYVMqWS6l-ImMOEfZxygfjoFo4JViTK6ReFq5pifnjF7AqI8XQbYUFzFhvOQ5NQmnvUlOr_Mv4oOE7xY_oiyxhKtfl1Uylu-_l0mnVT-OZ8fpwwx8mzG5T-in-kihunpJeoQ_sWJ6mk6xiuLxtA4J8ggJZ3YCKQvSp0tNlvCuYFEg6coShQKVw_I-SZ9qVNfbrl-nZTGeIREYfAxD_m69DqhldLSWD3i70FUbrGbAvDYTgAPK8wK_-lOqycLEe88RqWUiVsxpt--o3qGiZIxG_plQuqXWOQNHFR2vAPQLL5ccyI88I_HJ8BjrQhGR2RoTMa84kdfruvj1MZRa_wIUY3Sxb82uba59uajCLBe8RbDUCr6HEcSPhHRy2gTk-OrHHng9U59Eo5ZfjTTUmmS33ZuNKQ9S3xfX14UcLEqlikr3bRFQFVGzQLoNgocEUcFM6lUrFcgcrbJlLH6lKmmXVKSDszBH937mUkvsmGwfGJUXkI7oAMmHidnkz1Jw7P3hEHmT6Y2HeLvM6_YrXd11MOdTuhGitSqYADGTp6MYIY0gHLG5K9KGcaOHot5gcmbuKJv75SDbgoZHzxujN7jkH8xo-nuJ23ClXMGptCRYkpdr5zGC-w3OTMtofcFPaxRxo2xYecq2As24HcdJrkOcSrUynKit1wK9DCncEiMjIKPfNdWMu0cvImG-BIXgM9qkaFx0tWAVQAKT3cIx3uXVdScyX_nbqf4OF5o5ouD2jyAldMwHBQ7NTwVQjiZIouQVi3QUys__IR_Ei-zM-Jw_fKTQwha3LKu2nHI_lwaci7kzPH1nUdlKxHvpWOHFKveOL8Pmzw27iOCyn8Cw1WeI54_f8ie5qS8Q5xmAw_KtWK2XZE4stZ6Zaid1kiZfZOAr0M2UUlhUb6A4QcBl0kZIO5mbiwbZC5NpR45MHMItd-Ii46QOQC2joK0F1a8IekRrc8znk54OARDQcsz6j8YJdYZFhbYlhN9lrRom73J5ilrTM5t4N0YVQRc6-YTqvfuTKH5QsaXbRd1trRHQTQTTaUqOfMI0nQOiqnNY8Sqj6ZYNjXxkcztSoxh4C_c7XNfhc2V8Pv7whfc6-8N_0KXrKFf194yD3P6zWgrGBvruV5AeAdTU6aqyyBRK7Rlt41H1JfXn1IsSxrfmh-9nVGFfOx1y26Z0wppd3v_3IfoZhZQ9RFpmEZfaIKGdomP_qCg4q947UYkvq5InpCmSkPm43a8LHM4GnTBqRRaujB4Q160gxWP3vU3RC2rrW3nJOJzz9yps7Oe7LuKif1nj9yPIT0nCGCTfXlWilqO5HDa6t57a2lZfVi2wmd7gE6zVh7x-wZYb9qgHkgBgjbv5V6HimKUXu_y8AFLRR3F7An_CJhrHOnP7fbzY5i5_jaR0Yr7uOjPBVcd8JBcaLyYjMPoupasyzDP0La7FUUROHqPkdnNXwDzshUHI5t3-ql2MSQn_J5uuLdPgQMYkbPKFJ9gG9pbSjcL4jXQFnOw0EFBKk__-6T88VZdpnawqqBEMFwNxTzStY2FsZPuQIbT32jqKssNIUWRXYWtSHm80nXB0l_iVlYJTQ8Txl_vLEP77HlWelblqzFWYC55tS-jfxHbY_DcMiVTrg3tvoQ9QSTKps25MIJzhyWHEBRrQJGr-v19bz-J8gfV_NtRwL0fQfjdUbK0eU2iZDXkD9kKQt4UPVsZvkYrZ_i7zkOnurS7srw-Zm2urT6dhGMVx6VX3hssU3jwvCtXse1ZGYstDeKdGwT7dr702cAR-et4Dn69PzHMSrL_J2aeHNB0yu3JdlY5qP-xXDFQ9gPF1ajgxOgBZXbjqyroZQOR-YyDoLbIpO-9c__zXG_Rry2pI_9endx4c60T6YThY4rmIcayyAbUGk-GRwYALVcwHMnPWRG8pxIn2RSyPq5pbRJ-WPPp-Ph25i-JdhWVxMFQdSH1ZodjKhy-c-C3EMQIrYhShgz6ECfMMa6GHEjUJGITfmJun3LOkyazGz-LO-QV4j3hHLDlnEOkvKPfhIUTlMdATAzWqJ7KNIjQNYz0BAOKpDKCh4ulpBTQce0t6egjUR8nqKYRCDVzjsme9GEzx6kH7PxZdpSVzSA9GeWNd6Yhl5U4IrwG0Smy8WgBf58x-3jdbxY42dopDB8j3VdOq6mVABGq8yYnSjS_TjYGu-tmqm4oJ7wP0SdI_DtT3RoWupQgtJW6wwnS8_vtSKYjiBHSZgfUkjHg0H-2QrxrnLwzK-RCVckT17s-NitL28re8u3z8zng7pxmU-G12EdO3irkJiK-1gdE1uS4LpbDvvMVZIntbFuMKu4xMRhmq5yml63jvHp_jqakFuy5_9pai4eD75Y&cid=CAQSGwBpAlJWpq2_SNJiLudAX4Kq_VwCFos-8M_7JxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Ftoaz.info%2F&ds=l&xdt=1&iif=1&cor=8445153921738187000&adk=1877897943&idt=106&cac=0&dtd=15

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d92426839e81addbe0f3a924f601a978c28d4555941b82b93add098e6f211e6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37185
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3656 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cb6b8ca836c7741cfd429636db9e9d6949488e4403b12e8a7513d4824251381

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame FCB6 14 KB
1 KB 62ms
61ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5789165178709115&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.3543130935~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691860604&rafmt=1&to=qs&pwprc=5119181533&format=1200x280&url=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691867804631&bpp=1&bdt=2334&idt=1&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da5c0223486353a14-22049ca64ede00a4%3AT%3D1691867803%3ART%3D1691867803%3AS%3DALNI_MZLGvs0K255rxfIRZcTZiyUgkP-bA&gpic=UID%3D00000c5fa3b1b0ca%3AT%3D1691867803%3ART%3D1691867803%3AS%3DALNI_MabRu89dtZleSZqeWDjsZmpP7zI1g&prev_fmts=730x280%2C350x280%2C0x0&nras=2&correlator=6391662765563&frm=20&pv=1&ga_vid=2117704786.1691867803&ga_sid=1691867803&ga_hid=2018095835&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3240&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759875%2C44759926%2C44759837%2C31076875%2C31076924%2C31077016%2C44795921%2C31076951&oid=2&psts=AOrYGskmkOhcm1t5osMhZfaLTkrs2X6y6qU8-PTwMugq8sWLrtj72Zi9zzfnhojsVE4xZ7bFo_uejnN3bYHDujZbJ-r6iuk%2CAOrYGslTmj5BVLFcwa6yMN2XKhezMCrIEhFCokSqsGB7czCSfds70u97Kox-7bKgrhvhXrpY6jQ0dWAfCeXYM8Kg1lh4PaKY&pvsid=92126982325076&tmod=1453618474&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=wwdMWBfORI&p=https%3A//toaz.info&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 12 Aug 2023 19:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 12 Aug 2023 17:38:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 12 Aug 2023 19:16:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame FCB6 2 KB
892 B 32ms
31ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:41:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 05:41:37 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame FCB6 23 KB
9 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48907
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 05:41:38 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame FCB6 3 KB
1 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 17:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6979
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 17:20:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame FCB6 20 KB
8 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 07:29:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42437
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 07:29:28 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FCB6 0
0 41ms
40ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQB2ZoFgRrIDgwjBnnvUCfX6E3G0SkVe7Oed-aQfIKBdp0TgTp2xofTGko7sEjgtZ-Vt90QfQ0e0pf-5iOsqOfOwsB2sg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5789165178709115&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.3543130935~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691860604&rafmt=1&to=qs&pwprc=5119181533&format=1200x280&url=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691867804631&bpp=1&bdt=2334&idt=1&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da5c0223486353a14-22049ca64ede00a4%3AT%3D1691867803%3ART%3D1691867803%3AS%3DALNI_MZLGvs0K255rxfIRZcTZiyUgkP-bA&gpic=UID%3D00000c5fa3b1b0ca%3AT%3D1691867803%3ART%3D1691867803%3AS%3DALNI_MabRu89dtZleSZqeWDjsZmpP7zI1g&prev_fmts=730x280%2C350x280%2C0x0&nras=2&correlator=6391662765563&frm=20&pv=1&ga_vid=2117704786.1691867803&ga_sid=1691867803&ga_hid=2018095835&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3240&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759875%2C44759926%2C44759837%2C31076875%2C31076924%2C31077016%2C44795921%2C31076951&oid=2&psts=AOrYGskmkOhcm1t5osMhZfaLTkrs2X6y6qU8-PTwMugq8sWLrtj72Zi9zzfnhojsVE4xZ7bFo_uejnN3bYHDujZbJ-r6iuk%2CAOrYGslTmj5BVLFcwa6yMN2XKhezMCrIEhFCokSqsGB7czCSfds70u97Kox-7bKgrhvhXrpY6jQ0dWAfCeXYM8Kg1lh4PaKY&pvsid=92126982325076&tmod=1453618474&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=wwdMWBfORI&p=https%3A//toaz.info&dtd=7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FCB6 179 KB
56 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Aug 2023 19:16:45 GMT

GET
H3 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame FCB6 33 KB
14 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:16:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 06 Nov 2023 07:16:49 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D850
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

44ms
43ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 19:16:45 GMT
expires: Sat, 12 Aug 2023 19:16:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 19:16:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 857D 1 KB
643 B 33ms
32ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 36715
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 09:04:50 GMT
etag: 48472445140208031
expires: Sun, 13 Aug 2023 09:04:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6895086290800182946/ Frame FCB6 43 KB
43 KB 34ms
33ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6895086290800182946/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdd1c42ec1c07eb92ea891a722e4d5db7277f9d3ec121684ab1c2b0414b46594

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:08:45 GMT
x-content-type-options: nosniff
age: 349680
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44461
x-xss-protection: 0
last-modified: Thu, 18 May 2023 12:05:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Aug 2024 18:08:45 GMT

GET
DATA 200
OK truncated
/ Frame FCB6 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FCB6 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 3656
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C2hDsm9rXZKfEGKLLtOUP94WmuAqj2veJcM_-mc7bEb_hHhABIIfj7DZgkYSghYwYoAHPn4GfA8gBAqkCqD1f4W5esj6oAwHIA8kEqgTLAU_QrbGG3u4Vc3NK7xhsJWSaQW6Rdi9yCtR3Udy...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215228984208494624751%22,%22debug_reporting%22:true,%22destination%22:%22https://prowareness.com%22,%22event_report_window%...

0
0

98ms
94ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215228984208494624751%22,%22debug_reporting%22:true,%22destination%22:%22https://prowareness.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22870338511%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212590625605563047777%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:45 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"15228984208494624751","debug_reporting":true,"destination":"https://prowareness.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["870338511"],"4":["08-12"],"6":["true"]},"priority":"500","source_event_id":"12590625605563047777"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 12 Aug 2023 19:16:45 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 12 Aug 2023 19:16:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15228984208494624751","debug_reporting":true,"destination":"https://prowareness.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["870338511"],"4":["08-12"],"6":["true"]},"priority":"500","source_event_id":"12590625605563047777"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame D30C 111 KB
39 KB 132ms
31ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: toaz.info
URL: https://toaz.info/doc-view-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 04:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51913
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 13 Aug 2023 04:51:32 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/ Frame D30C 11 KB
4 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cpr2m3HLgt92JkHLir9sHUavF241raAPWBQSU-gj-_aSFBBjw1YwAaE0AMCI1j7ajXw6_25wVqnAsas-Yq7wkcVWwCqg&cry=1&dbm_d=AKAmf-BD_Q2oeukvKOGfos6N00rjNIQUDwA2oesJVqOLzB8HNukffCKmAKPLicr4BQqkBUFpjOAdeA_5RverQeAzPRXuHC1h9YJIhoLIr58h8y_h1gExancMb2JJiQGqsJpJP5P5Noqtt3Jou6xR8M2S9EVsygnkfFrz8SKYn9sv3ZYk2DdLGmZmgQVIA327mACbYxzIpuXGTlxtimN_80vUg9mNWZIXvBcb-evrLr8y8H28EtOPbLVCe9Rm-lE7i5PLylEL4qmpjIrqRA70Xhls2EcC1dzB61bi7adJyJ7zzhM7J1rqVVETKJw_qp33PoI4NjwT8rUFR7P_7qmCQJkakFgnsC9G4dDdMl_G__peZLJty6dpNdTeXrAa8xMAdDYLHAi6D7cORsuY6fYCgNkqr6qpHDBFiMWidxlwpJ1gak-GNnAZXJd2hkcKMxOdJlWCFWQGmdNs-AhCnsR2mGUcPedTv6PgN_s2ViY3lras6p3e7vnCMms_hX6NzDtDTinkmUxPv1NBRQc67Q8QxA1FPewd-30tutih0sEzB5SqpnmSY7dRGBEmbmUe2-u8NlmDj0BXFIIx9oFRCldLmtQ4oY8qgu8ZiOGtxBFQVMh6v7iNa8WSJaRBXXJ76JLdnzL-89-gRlmcBjus_4bvujV8dO8MU21PXpTPJ53TFIUfrwkmGXsNKsCyqRaW5fdRWKh0lfZWwwiQdVMO1SIMXYwrJEsEyQ_GD_H2dG34B7weySdsZUnkLvHDmA4oOJLdWqLyLrZUE_szViE7G6Knvlr828-ge9C08gTmoE5c1OqjgpV_c_xIcHOEAXu9qUiN7PHa7le4xWQr3glzqM3kG60cpNDUEsBetDJtBzG8t7HXjesUdiJ6bQMBn6rQDYVMqWS6l-ImMOEfZxygfjoFo4JViTK6ReFq5pifnjF7AqI8XQbYUFzFhvOQ5NQmnvUlOr_Mv4oOE7xY_oiyxhKtfl1Uylu-_l0mnVT-OZ8fpwwx8mzG5T-in-kihunpJeoQ_sWJ6mk6xiuLxtA4J8ggJZ3YCKQvSp0tNlvCuYFEg6coShQKVw_I-SZ9qVNfbrl-nZTGeIREYfAxD_m69DqhldLSWD3i70FUbrGbAvDYTgAPK8wK_-lOqycLEe88RqWUiVsxpt--o3qGiZIxG_plQuqXWOQNHFR2vAPQLL5ccyI88I_HJ8BjrQhGR2RoTMa84kdfruvj1MZRa_wIUY3Sxb82uba59uajCLBe8RbDUCr6HEcSPhHRy2gTk-OrHHng9U59Eo5ZfjTTUmmS33ZuNKQ9S3xfX14UcLEqlikr3bRFQFVGzQLoNgocEUcFM6lUrFcgcrbJlLH6lKmmXVKSDszBH937mUkvsmGwfGJUXkI7oAMmHidnkz1Jw7P3hEHmT6Y2HeLvM6_YrXd11MOdTuhGitSqYADGTp6MYIY0gHLG5K9KGcaOHot5gcmbuKJv75SDbgoZHzxujN7jkH8xo-nuJ23ClXMGptCRYkpdr5zGC-w3OTMtofcFPaxRxo2xYecq2As24HcdJrkOcSrUynKit1wK9DCncEiMjIKPfNdWMu0cvImG-BIXgM9qkaFx0tWAVQAKT3cIx3uXVdScyX_nbqf4OF5o5ouD2jyAldMwHBQ7NTwVQjiZIouQVi3QUys__IR_Ei-zM-Jw_fKTQwha3LKu2nHI_lwaci7kzPH1nUdlKxHvpWOHFKveOL8Pmzw27iOCyn8Cw1WeI54_f8ie5qS8Q5xmAw_KtWK2XZE4stZ6Zaid1kiZfZOAr0M2UUlhUb6A4QcBl0kZIO5mbiwbZC5NpR45MHMItd-Ii46QOQC2joK0F1a8IekRrc8znk54OARDQcsz6j8YJdYZFhbYlhN9lrRom73J5ilrTM5t4N0YVQRc6-YTqvfuTKH5QsaXbRd1trRHQTQTTaUqOfMI0nQOiqnNY8Sqj6ZYNjXxkcztSoxh4C_c7XNfhc2V8Pv7whfc6-8N_0KXrKFf194yD3P6zWgrGBvruV5AeAdTU6aqyyBRK7Rlt41H1JfXn1IsSxrfmh-9nVGFfOx1y26Z0wppd3v_3IfoZhZQ9RFpmEZfaIKGdomP_qCg4q947UYkvq5InpCmSkPm43a8LHM4GnTBqRRaujB4Q160gxWP3vU3RC2rrW3nJOJzz9yps7Oe7LuKif1nj9yPIT0nCGCTfXlWilqO5HDa6t57a2lZfVi2wmd7gE6zVh7x-wZYb9qgHkgBgjbv5V6HimKUXu_y8AFLRR3F7An_CJhrHOnP7fbzY5i5_jaR0Yr7uOjPBVcd8JBcaLyYjMPoupasyzDP0La7FUUROHqPkdnNXwDzshUHI5t3-ql2MSQn_J5uuLdPgQMYkbPKFJ9gG9pbSjcL4jXQFnOw0EFBKk__-6T88VZdpnawqqBEMFwNxTzStY2FsZPuQIbT32jqKssNIUWRXYWtSHm80nXB0l_iVlYJTQ8Txl_vLEP77HlWelblqzFWYC55tS-jfxHbY_DcMiVTrg3tvoQ9QSTKps25MIJzhyWHEBRrQJGr-v19bz-J8gfV_NtRwL0fQfjdUbK0eU2iZDXkD9kKQt4UPVsZvkYrZ_i7zkOnurS7srw-Zm2urT6dhGMVx6VX3hssU3jwvCtXse1ZGYstDeKdGwT7dr702cAR-et4Dn69PzHMSrL_J2aeHNB0yu3JdlY5qP-xXDFQ9gPF1ajgxOgBZXbjqyroZQOR-YyDoLbIpO-9c__zXG_Rry2pI_9endx4c60T6YThY4rmIcayyAbUGk-GRwYALVcwHMnPWRG8pxIn2RSyPq5pbRJ-WPPp-Ph25i-JdhWVxMFQdSH1ZodjKhy-c-C3EMQIrYhShgz6ECfMMa6GHEjUJGITfmJun3LOkyazGz-LO-QV4j3hHLDlnEOkvKPfhIUTlMdATAzWqJ7KNIjQNYz0BAOKpDKCh4ulpBTQce0t6egjUR8nqKYRCDVzjsme9GEzx6kH7PxZdpSVzSA9GeWNd6Yhl5U4IrwG0Smy8WgBf58x-3jdbxY42dopDB8j3VdOq6mVABGq8yYnSjS_TjYGu-tmqm4oJ7wP0SdI_DtT3RoWupQgtJW6wwnS8_vtSKYjiBHSZgfUkjHg0H-2QrxrnLwzK-RCVckT17s-NitL28re8u3z8zng7pxmU-G12EdO3irkJiK-1gdE1uS4LpbDvvMVZIntbFuMKu4xMRhmq5yml63jvHp_jqakFuy5_9pai4eD75Y&cid=CAQSGwBpAlJWpq2_SNJiLudAX4Kq_VwCFos-8M_7JxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Ftoaz.info%2F&ds=l&xdt=1&iif=1&cor=8445153921738187000&adk=1877897943&idt=106&cac=0&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 05:41:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame D30C 30 KB
11 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d44eef42468aa9860e7e4d534a143260ab1d102607635a2f30483d0c039686f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11540
x-xss-protection: 0
server: cafe
etag: 10407724091878522853
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 05:41:44 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D30C 41 KB
13 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: toaz.info
URL: https://toaz.info/doc-view-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 06:04:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 393143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Aug 2024 06:04:22 GMT

GET
DATA 200
OK truncated
/ Frame 63DA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07de6a470e6b9ac020aa09bda6e078294a54c355467e1d0d4e6885875e9bb101

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js Show response
pagead2.googlesyndication.com/bg/ Frame 804B 37 KB
14 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 06:15:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14662
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Aug 2024 06:15:21 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 63DA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CDPwfm9rXZKXEGKLLtOUP94WmuAqj2veJcI_3mc7bEb_hHhABIIfj7DZgkYSghYwYoAHPn4GfA8gBAqkCqD1f4W5esj6oAwHIA8kEqgTKAU_QBhisoxzfCJ0pkuGqDfHhhGKhtd_6NcfG0-G...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215448188427560748877%22,%22debug_reporting%22:true,%22destination%22:%22https://prowareness.com%22,%22event_report_window%...

0
0

94ms
94ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215448188427560748877%22,%22debug_reporting%22:true,%22destination%22:%22https://prowareness.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22870338511%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218202726330083858689%22}&andc=true

Requested by

Host: toaz.info
URL: https://toaz.info/doc-view-2

Protocol

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:45 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"15448188427560748877","debug_reporting":true,"destination":"https://prowareness.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["870338511"],"4":["08-12"],"6":["true"]},"priority":"500","source_event_id":"18202726330083858689"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 12 Aug 2023 19:16:45 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 12 Aug 2023 19:16:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15448188427560748877","debug_reporting":true,"destination":"https://prowareness.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["870338511"],"4":["08-12"],"6":["true"]},"priority":"500","source_event_id":"18202726330083858689"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FCB6 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd3d1c40f49eb53c68989b1fc9b6de0b9c0f0ac594c27b6890a1cec49f2f7396

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 857D 0
104 B 147ms
49ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEty1AuFw41wqWDjPy3kzys&google_cver=1&google_push=AXcoOmSkOKGA6H0CoeQdEBb0n7fGA1NBnAaT_iHmWP52LjkJI9CNjujPK52WuZIhmnUSRLNcnpgyjH6IybtUDF0s_X2uM4P6hVY3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5789165178709115&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.3543130935~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691860604&rafmt=1&to=qs&pwprc=5119181533&format=1200x280&url=https%3A%2F%2Ftoaz.info%2Fdoc-view-2&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691867804631&bpp=1&bdt=2334&idt=1&shv=r20230809&mjsv=m202308080102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da5c0223486353a14-22049ca64ede00a4%3AT%3D1691867803%3ART%3D1691867803%3AS%3DALNI_MZLGvs0K255rxfIRZcTZiyUgkP-bA&gpic=UID%3D00000c5fa3b1b0ca%3AT%3D1691867803%3ART%3D1691867803%3AS%3DALNI_MabRu89dtZleSZqeWDjsZmpP7zI1g&prev_fmts=730x280%2C350x280%2C0x0&nras=2&correlator=6391662765563&frm=20&pv=1&ga_vid=2117704786.1691867803&ga_sid=1691867803&ga_hid=2018095835&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3240&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076468%2C44759875%2C44759926%2C44759837%2C31076875%2C31076924%2C31077016%2C44795921%2C31076951&oid=2&psts=AOrYGskmkOhcm1t5osMhZfaLTkrs2X6y6qU8-PTwMugq8sWLrtj72Zi9zzfnhojsVE4xZ7bFo_uejnN3bYHDujZbJ-r6iuk%2CAOrYGslTmj5BVLFcwa6yMN2XKhezMCrIEhFCokSqsGB7czCSfds70u97Kox-7bKgrhvhXrpY6jQ0dWAfCeXYM8Kg1lh4PaKY&pvsid=92126982325076&tmod=1453618474&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=wwdMWBfORI&p=https%3A//toaz.info&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:45 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 857D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEILXrDQD1Sq34ehuj0g8ELI&google_cver=1&google_push=AXcoOmQjBrnsxpZfwkseSnNNly546CcbDrRz7y2uXNoeLncoMfgynt9v5jFWCu0NTqyerrrC-4OHBFgYJaYofQW7NH3xBQAuJqzoF...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEILXrDQD1Sq34ehuj0g8ELI&google_cver=1&google_push=AXcoOmQjBrnsxpZfwkseSnNNly546CcbDrRz7y2uXNoeLncoMfgynt9v5jFWCu0NTqyerrrC-4OHBFgYJaYofQW7NH3xBQAuJqz...

43 B
420 B

192ms
191ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEILXrDQD1Sq34ehuj0g8ELI&google_cver=1&google_push=AXcoOmQjBrnsxpZfwkseSnNNly546CcbDrRz7y2uXNoeLncoMfgynt9v5jFWCu0NTqyerrrC-4OHBFgYJaYofQW7NH3xBQAuJqzoFA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQjBrnsxpZfwkseSnNNly546CcbDrRz7y2uXNoeLncoMfgynt9v5jFWCu0NTqyerrrC-4OHBFgYJaYofQW7NH3xBQAuJqzoFA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: toaz.info
URL: https://toaz.info/doc-view-2
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:45 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7f5b0df90a730c33-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:45 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 2230
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEILXrDQD1Sq34ehuj0g8ELI&google_cver=1&google_push=AXcoOmQjBrnsxpZfwkseSnNNly546CcbDrRz7y2uXNoeLncoMfgynt9v5jFWCu0NTqyerrrC-4OHBFgYJaYofQW7NH3xBQAuJqzoFA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQjBrnsxpZfwkseSnNNly546CcbDrRz7y2uXNoeLncoMfgynt9v5jFWCu0NTqyerrrC-4OHBFgYJaYofQW7NH3xBQAuJqzoFA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7f5b0df7d9260c33-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 857D
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEHDTwVA-aIiW9guLZpCHR24&google_cver=1&google_push=AXcoOmRaxPQMuGAGXjO49PayWWMJOXtO37pvS9pDpuhKUSH3X9ZuAj5Afux3-LsGTWpnt22ia2M7E5T7zhpd9kVom8TeMiZOa6kMaQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=319A264A673F488EB9BBD45EA377CD18&google_push=AXcoOmRaxPQMuGAGXjO49PayWWMJOXtO37pvS9pDpuhKUSH3X9ZuAj5Afux3-LsGTWpnt22ia2M7E5T7zhpd9kV...

170 B
188 B

44ms
43ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=319A264A673F488EB9BBD45EA377CD18&google_push=AXcoOmRaxPQMuGAGXjO49PayWWMJOXtO37pvS9pDpuhKUSH3X9ZuAj5Afux3-LsGTWpnt22ia2M7E5T7zhpd9kVom8TeMiZOa6kMaQ

Requested by

Host: toaz.info
URL: https://toaz.info/doc-view-2

Protocol

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 12 Aug 2023 19:16:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=319A264A673F488EB9BBD45EA377CD18&google_push=AXcoOmRaxPQMuGAGXjO49PayWWMJOXtO37pvS9pDpuhKUSH3X9ZuAj5Afux3-LsGTWpnt22ia2M7E5T7zhpd9kVom8TeMiZOa6kMaQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 11 Aug 2023 19:16:45 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 857D
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEwTIV2hFqrr-rhW_slEMYI&google_cver=1&google_push=AXcoOmTaUwkzFZlDb2ODf-bkGJBFtmjA5zoMx3xdsqHu3Vi2F4RrALs3hBsASiUpOxQdKVWkH3_eqrWV8Kg...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTaUwkzFZlDb2ODf-bkGJBFtmjA5zoMx3xdsqHu3Vi2F4RrALs3hBsASiUpOxQdKVWkH3_eqrWV8KgWS2OvTTDi7LPL6e43&google_hm=iab9xOuaSImqbzF8Vyq4U3M

170 B
188 B

43ms
43ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTaUwkzFZlDb2ODf-bkGJBFtmjA5zoMx3xdsqHu3Vi2F4RrALs3hBsASiUpOxQdKVWkH3_eqrWV8KgWS2OvTTDi7LPL6e43&google_hm=iab9xOuaSImqbzF8Vyq4U3M

Requested by

Host: toaz.info
URL: https://toaz.info/doc-view-2

Protocol

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:44 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTaUwkzFZlDb2ODf-bkGJBFtmjA5zoMx3xdsqHu3Vi2F4RrALs3hBsASiUpOxQdKVWkH3_eqrWV8KgWS2OvTTDi7LPL6e43&google_hm=iab9xOuaSImqbzF8Vyq4U3M
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 857D
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmR3IUSypvlnWY4Vn4APWvgFb8MQVFbI3YoCGUjtkVeRwmlly3YKjJcDAwOPW6NQPVV1No4AGObrvPyenq4dvVQGhravvUF3_w&google_gid=CAESEGlh_PQqwKHmyGsV0UYdz3k&g...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCJ2136YGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BWGNvT21SM0lVU3lwdmxuV1k0Vm40QVBXdmdGYjhNUVZGYkkzWW9DR1VqdGtWZVJ3bWxseTNZS2pKY0RBd09QVzZOUVBWVjFObzRBR09icnZQeWVucT...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZVJ2TGU5ZTEtMG5uNGQzaHlBYkFWMUQ0RENrS2UxZ3BEd2VYOUtWUW9zaw==&google_push

170 B
188 B

43ms
42ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZVJ2TGU5ZTEtMG5uNGQzaHlBYkFWMUQ0RENrS2UxZ3BEd2VYOUtWUW9zaw==&google_push

Requested by

Host: toaz.info
URL: https://toaz.info/doc-view-2

Protocol

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 12 Aug 2023 19:16:45 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZVJ2TGU5ZTEtMG5uNGQzaHlBYkFWMUQ0RENrS2UxZ3BEd2VYOUtWUW9zaw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 857D
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEOswZPzawNtIwVpohmTLyJE&google_cver=1&google_push=AXcoOmQFmYG0Xtn_TNONejxBLo3VQ-qhrCQQauXJeZkWuHeqg4_d_wspBM_Lp4omuukRWSgKOT1-3lDs05Pa4QOZpD8Vz-P...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOswZPzawNtIwVpohmTLyJE&google_cver=1&google_push=AXcoOmQFmYG0Xtn_TNONejxBLo3VQ-qhrCQQauXJeZkWuHeqg4_d_wspBM_Lp4omuukRWSgKOT1-3lDs05Pa4QOZpD8Vz...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQFmYG0Xtn_TNONejxBLo3VQ-qhrCQQauXJeZkWuHeqg4_d_wspBM_Lp4omuukRWSgKOT1-3lDs05Pa4QOZpD8Vz-P-Sw722w

170 B
188 B

44ms
43ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQFmYG0Xtn_TNONejxBLo3VQ-qhrCQQauXJeZkWuHeqg4_d_wspBM_Lp4omuukRWSgKOT1-3lDs05Pa4QOZpD8Vz-P-Sw722w

Requested by

Host: toaz.info
URL: https://toaz.info/doc-view-2

Protocol

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQFmYG0Xtn_TNONejxBLo3VQ-qhrCQQauXJeZkWuHeqg4_d_wspBM_Lp4omuukRWSgKOT1-3lDs05Pa4QOZpD8Vz-P-Sw722w
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

report
sync.teads.tv/um/ Frame 857D
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEsrZ7FQI7wk...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRL96614xgzt1W2Vd5j0BQ_Qk855Wcyol29luvh-GgwV7cF89vHFJ3yd0Hm-msH108Nfbz4qJydcMCr9ELaRu68SR_spvfN15A
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

54ms
54ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Sat, 12 Aug 2023 19:16:46 GMT
pragma: no-cache
date: Sat, 12 Aug 2023 19:16:46 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 857D 0
50 B 45ms
42ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KEIGJ6qauepCqFYNLG8gkJG_L0rMiv_1GNo-8U8K8Qv4ChckLOPWLUmU-V7MrWhDGp10ZF_w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 67ms
64ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 12 Aug 2023 19:16:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame FCB6 33 KB
33 KB 32ms
32ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 07:13:42 GMT
x-content-type-options: nosniff
age: 302583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 07:13:42 GMT

GET
H3 200 jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js Show response
pagead2.googlesyndication.com/bg/ Frame 5625 37 KB
14 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 06:15:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14662
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Aug 2024 06:15:21 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BF04 22 KB
8 KB 33ms
32ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 384645
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 08:26:00 GMT
expires: Wed, 07 Aug 2024 08:26:00 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 65ms
64ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 12 Aug 2023 19:16:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame FCB6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CKDzxnNrXZNzqKYaLtwfixKDQAszw5Z9yg46M7OYRyPX0wJUPEAEgh-PsNmCRhKCFjBigAb6G5sIpyAEJqAMByAPLBKoEyQFP0M4nhONbwPpqleTay58kzEcTox0_U3Y6QzSXmPLk5W0bxfo...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226941403163168355947%22,%22debug_reporting%22:true,%22destination%22:%22https://avocadoposts.com%22,%22event_report_window%...

0
0

95ms
94ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226941403163168355947%22,%22debug_reporting%22:true,%22destination%22:%22https://avocadoposts.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211145937726%22],%224%22:[%2208-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225709069268014985649%22}&andc=true

Requested by

Host: toaz.info
URL: https://toaz.info/doc-view-2

Protocol

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:45 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"6941403163168355947","debug_reporting":true,"destination":"https://avocadoposts.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11145937726"],"4":["08-12"],"6":["true"]},"priority":"500","source_event_id":"5709069268014985649"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 12 Aug 2023 19:16:45 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 12 Aug 2023 19:16:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6941403163168355947","debug_reporting":true,"destination":"https://avocadoposts.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11145937726"],"4":["08-12"],"6":["true"]},"priority":"500","source_event_id":"5709069268014985649"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js Show response
pagead2.googlesyndication.com/bg/ Frame D9A1 37 KB
14 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 06:15:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14662
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Aug 2024 06:15:21 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D30C 0
0 430ms
81ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsux8G-bqpJe8VPVivXj1BRfoagStPsdiMdDulgOKW5UjzM0hzDWu-VUawX7J6woUZUbwlahUXdgFqY0hC0i8Zuo8txRsRoR4i0A2UeTS6JsZe1fOJBX8TfsnolxGNsY9VZSL7-ERJ9nA9WZGW5pyNil1IqeXhRG7VNP_R7WrwEEmJOYC1ivLrVEpZhusevx2z8uO6rxZ7RyquO2cB8tIQ3KA38TgdpAbvTuGo0FiY-Ar0QuRy9IAEer4EX_sXmtWlN4blhL7dWUGlflWAM2KRTLkSZKYnuV0AVFokntET-D-HvB6RmIW222_IS70b-JTQGOGMA6dfnEfXTUqcYnSfp5Q-k8tQtwP1DjkAEUhuAKFUP7pUqlXEQik1xoHOyZTh4l_BmD9ElLGkxscs-uwts4IGteVlonS2FkWhj8qejRSlE_EiZwH0h3aGojzyvw7wUEWicFfmyRkZgILIBRCK27PWeE7rGX3Jdsqgp3WN3VFx9sb8ntRlKR9frpeJ6-dyrnoDN5DQ-3m_Wc9ZcuiAbC0lXt9bf9sNivS2syUGdFDBjK9UzTySAMo-KTbzb-0AKuCi-y7YbJwWGlIMKbzmBHjla5IWLCD9Aly1ZgkaksmrvjKH0ImWd7l-kDsuavD5W_0t3H_bY2mFd1cFFwNvgizrU9k-KYqirvB1uoR8wC2hwWzXRt45iQKwqnWShL1L5R_iK_pDi39MlfTtKB5z92jSf_sAPeKDIWSQSFjyaOCN5bHiC49aBZjfshI8OnLiaLdo41-86PLCOp5acY_sVNNiRIbf09-_WTX6LgqDzX1hfG9yAMkiNI0emOicOLG6jzNkYBUYJoOaeN1F59wTZcJcRLxA6yTILbAuLTkWFQaL8qpABQfI_h4vEa0sTIqmVDL9nDlLtntI_9KJI5K3NbsY5ErfWh8U3Sq7oN9rnjjm34EX6UEk6QgZKTTAe1Vxy-mksV_--kjDa4YdnGrhjO10n7YtMLsObOA3elFBhfGuMsDHm2VO_ihneYoUWOXhIg927PYk62v_YRm7Lv8bztK-1DFdn2JsxnAryXb2-fY_CJM9rtolvX0FCKF80OgA2dDJbPuxP8skNUX-ue9OskrSmvMRoGT2kkc9kOlFVQYdGExLWbJVO7yLWfsjwE9SoQqsc0T8nAdnAETgDNRhElKJgJNeUR39U1Ohugem-U9ZumorZ-_nfwL45eyxWyFbH7K1gmTWY&sai=AMfl-YQtc3gWczZY1boHyAcDp8m4LWjsLQv9Yo3QoldBDw0ftFREXBYaxXvOpaHVRLNr8VrtfHEGf6JR6m65k7lFMzLJWA99T8F8Om1C5jSetQCeTb6-AZ-VnGL-YzfGoR4RBXN9yLEdMMK6IVAZdbbOY75zzk8nHpMWK2tBwO_1tAN1squ7k4w&sig=Cg0ArKJSzCJO4ZsFETWeEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=222&cbvp=1&cisv=r20230809.51905&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: toaz.info
URL: https://toaz.info/doc-view-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 12 Aug 2023 19:16:45 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 12 Aug 2023 19:16:45 GMT

GET
H3 200 9904799835552440819
s0.2mdn.net/simgad/ Frame D30C 14 KB
14 KB 151ms
33ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9904799835552440819

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94c2769bb72cec8461c615a48c1c17deb363865ee9d2dd5c2f6100e9fcd552fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 12:00:02 GMT
x-content-type-options: nosniff
age: 26203
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14256
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 07:56:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Aug 2024 12:00:02 GMT

GET
H3 200 jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js Show response
pagead2.googlesyndication.com/bg/ Frame BF04 37 KB
14 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 06:15:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14662
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Aug 2024 06:15:21 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 148ms
81ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230809&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce9a8d8b84fc9094f8eadc5993a4e6de579aafbc9901ce6e09b8e3c5bcbfaef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11764
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D30C 0
0 236ms
69ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsux8G-bqpJe8VPVivXj1BRfoagStPsdiMdDulgOKW5UjzM0hzDWu-VUawX7J6woUZUbwlahUXdgFqY0hC0i8Zuo8txRsRoR4i0A2UeTS6JsZe1fOJBX8TfsnolxGNsY9VZSL7-ERJ9nA9WZGW5pyNil1IqeXhRG7VNP_R7WrwEEmJOYC1ivLrVEpZhusevx2z8uO6rxZ7RyquO2cB8tIQ3KA38TgdpAbvTuGo0FiY-Ar0QuRy9IAEer4EX_sXmtWlN4blhL7dWUGlflWAM2KRTLkSZKYnuV0AVFokntET-D-HvB6RmIW222_IS70b-JTQGOGMA6dfnEfXTUqcYnSfp5Q-k8tQtwP1DjkAEUhuAKFUP7pUqlXEQik1xoHOyZTh4l_BmD9ElLGkxscs-uwts4IGteVlonS2FkWhj8qejRSlE_EiZwH0h3aGojzyvw7wUEWicFfmyRkZgILIBRCK27PWeE7rGX3Jdsqgp3WN3VFx9sb8ntRlKR9frpeJ6-dyrnoDN5DQ-3m_Wc9ZcuiAbC0lXt9bf9sNivS2syUGdFDBjK9UzTySAMo-KTbzb-0AKuCi-y7YbJwWGlIMKbzmBHjla5IWLCD9Aly1ZgkaksmrvjKH0ImWd7l-kDsuavD5W_0t3H_bY2mFd1cFFwNvgizrU9k-KYqirvB1uoR8wC2hwWzXRt45iQKwqnWShL1L5R_iK_pDi39MlfTtKB5z92jSf_sAPeKDIWSQSFjyaOCN5bHiC49aBZjfshI8OnLiaLdo41-86PLCOp5acY_sVNNiRIbf09-_WTX6LgqDzX1hfG9yAMkiNI0emOicOLG6jzNkYBUYJoOaeN1F59wTZcJcRLxA6yTILbAuLTkWFQaL8qpABQfI_h4vEa0sTIqmVDL9nDlLtntI_9KJI5K3NbsY5ErfWh8U3Sq7oN9rnjjm34EX6UEk6QgZKTTAe1Vxy-mksV_--kjDa4YdnGrhjO10n7YtMLsObOA3elFBhfGuMsDHm2VO_ihneYoUWOXhIg927PYk62v_YRm7Lv8bztK-1DFdn2JsxnAryXb2-fY_CJM9rtolvX0FCKF80OgA2dDJbPuxP8skNUX-ue9OskrSmvMRoGT2kkc9kOlFVQYdGExLWbJVO7yLWfsjwE9SoQqsc0T8nAdnAETgDNRhElKJgJNeUR39U1Ohugem-U9ZumorZ-_nfwL45eyxWyFbH7K1gmTWY&sai=AMfl-YQtc3gWczZY1boHyAcDp8m4LWjsLQv9Yo3QoldBDw0ftFREXBYaxXvOpaHVRLNr8VrtfHEGf6JR6m65k7lFMzLJWA99T8F8Om1C5jSetQCeTb6-AZ-VnGL-YzfGoR4RBXN9yLEdMMK6IVAZdbbOY75zzk8nHpMWK2tBwO_1tAN1squ7k4w&sig=Cg0ArKJSzCJO4ZsFETWeEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=405&vt=11&dtpt=183&dett=3&cstd=399&cisv=r20230809.51905&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: toaz.info
URL: https://toaz.info/doc-view-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 12 Aug 2023 19:16:45 GMT

GET
H3 200 Energie2023-Prospecting-Display-Energievastecontracten-160x600-638162781635625259-498b0c1d-143a-4001-a7a7-50a42d55846d.html Show response
s0.2mdn.net/sadbundle/4956559708212166656/ Frame 47EC 4 KB
1 KB 37ms
32ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4956559708212166656/Energie2023-Prospecting-Display-Energievastecontracten-160x600-638162781635625259-498b0c1d-143a-4001-a7a7-50a42d55846d.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60b477a25706077f00680a80295d67e8a171843847d7ebdd1ca077b33058d077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 567134
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1419
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 05:44:31 GMT
expires: Mon, 05 Aug 2024 05:44:31 GMT
last-modified: Wed, 05 Apr 2023 07:56:24 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D30C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef23d027c98a2fbe16c9b5d82672cd45371feb297a306c3d0c04156d3195780

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 00D5 42 B
64 B 161ms
137ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvX_Xzw1ubDPR5KiDWCfWNWB3b7qOGGsR0QHotijEzvxe-oHG67xcsLGYY2T_j-uY1M25ogIyP8-O6cMh5xZioPUd6bx-iT_pqlECHHWZyNFVif4gJJY0__KwxIwJkdZR_y9NmzNMAuy41P&sai=AMfl-YTKCjtaCj5t7wbh3gatm7LmHjOglwcJUWXfZqj2XRSFUeT-2325efil5IpTwH_zLX1oTdiZ0DYhxck2&sig=Cg0ArKJSzMmcgZHs5YfaEAE&cid=CAQSGwBpAlJWtdCWgMRw99SZdpVblilCdl8kLw6efBgB&id=lidar2&mcvt=1000&p=0,7,280,343&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=166103319&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691867803248&rpt=1421&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1542 42 B
64 B 138ms
137ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujKQTw2-ZBrM81wrG_6gJQDPz5b-cz5jU5LKzzNppK3dMNx-Do1Ow_eqMjDJ-gtibEJPQfKLC7VxmyfuhIdG-P6jBOIhJqYCyY7beEg3qRrKqiX0RlHaSVPJgOF5YmDcA4eQhIPafzUl-a&sai=AMfl-YQWN84D1Qhj_0ZB58tW9OnRS6LUs9KrGDgxKwopGujslUwi07eafFgqUNaJeTB3k_tegZxVcGl-2ARr&sig=Cg0ArKJSzDNxMpiGAVnHEAE&cid=CAQSGwBpAlJWBl9Ay9hSVuEc6VCZuq-mEV8WLr5qmhgB&id=lidar2&mcvt=1000&p=0,0,280,730&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3012457269&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691867803226&rpt=1544&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 92ms
92ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 12 Aug 2023 19:16:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 12 Aug 2023 19:16:45 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C26B 13 KB
5 KB 33ms
31ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://toaz.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 6951
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 17:20:54 GMT
expires: Sun, 11 Aug 2024 17:20:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B092 831 B
555 B 42ms
41ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d105d51818e6422d1fa76140345a06e5932a68af33df59a257e177d1763a17fb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_tOpS9kCHPuLtLZwHISR6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://toaz.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 533
content-security-policy: script-src 'report-sample' 'nonce-_tOpS9kCHPuLtLZwHISR6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 19:16:45 GMT
expires: Sat, 12 Aug 2023 19:16:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 642d25b8f12a018346c6e721 Show response
c.bannerflow.net/a/ Frame 47EC 69 KB
23 KB 124ms
43ms Script
application/javascript 2606:4700::6812:ad65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/642d25b8f12a018346c6e721?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss2_tKgd3nbys1qYrY106Cp_ft7-Caanq0M_U55wnlfngaZuxxZhFFU8WR7dabksbhVVUAyufKEC4YCZ1v5YghI8hun3_skP01dAAtiXTB9YGh4RQoJvnzljzeonR2odsrSBJc2iFRsTNYWy2QRlypbr6192KUrrGPeIULiMnGQ8ahmlPt42E_NCjBVZKMRR69E8u0-OwHxR8Zt0n0fG8cKCqTivTS7S0T5g4km2lGBfAXl4R6hIxtP6DBtMg9hiKFFUxKtq_IfCOoULgmssD_k1qP7l8ao8LJga6CqTNMwHkPIjN7D3-VxpaWEhwHG8kEgsZGK0xmtCO-UcitfIR_BkvfskseRHk-t0FegdjcF2bpUPjsHN6oMFCrYnVOjslpmlvIGGaUiRLtovO6u2mlY8o4dI87a4sQ0UxgPSnISE4kFWnG_MKvjdpb16y1yaSk6WwhO8BjJmkPijFv59uJlWAuqz7YpZCcZd-6ZXesEnbmt9MJqFnvPJUpuHcNuvdjZGEO3GpX7lX5lfaDJvwDoPwPwPdsvu_8r3SdMQHlvhM9jVlXY63_YoDXJUEWfT-VZTL4gGy7Fx3upoZoDKGb7wWHXmMwCFjav2fkSP4zJEzIcXT6-R4N_W-p6m_jh0Nb6HEaSDrlBUNJzKty2TycEDxObjTBUc1q4Lxojlg94gpytWKi33i96Z6mIfTwtPuNDuQv_lGi5ATfb_KYZxCMBVkp0jrgQGf6pLbm2uY291ZY3JuwGAv9fFTh_3TfJ3L-kDjpHEsuj6b1VqVjru4DtOl6HqCbz7pIkJ674vv7cvgA8-NjsVswNI7b9BasIBU2NmGMCe4ALStkhwg3zHkDoqyq9NGFqyuvBRfSVAcPbhnhYAFdAzEGdnw_DzzXve37xpH_qlb47nSp4CuU7dfgNu_p1nM7f6y9uL8pBd_l0RevhLgAGajXu6lrMLqebULQ5TXfIsbboGlH8wYf2np3c1JukatrEBcMMjfa_pZbBz3d9esq4WTd91iPHcHPE9qOa5PF6twQRJmmxK5lzAB7_BJG13OqFHRiAhbA_HXCYMbmZ0ovybMEN8MF7uY593naRyyfyYLUgujHPOeAyFHT6YJSZUz-K9Cbs8S6l5GUPtU5s0lR6sv5G3qYbBGpeQA0abt2cOkCbfx13vdtEdMakMiipbdTr_PlSljnkXDA_z7y9OcNl1SsuAH-vS8o4sOS2rPUWchP16KJgP5XPRutrm1ainfXbQHBm9qOFywmpMK7sT5Xdkw4sVzI%26sai%3DAMfl-YR7OuG08HEarSyt-YrmmhP5ZuwUMh6PsE9Q9UWOdzNSF38HcejPIFNjOACzNwJakUjUyNl87g9wfexnyJpi1vuNvDSjtWcOmcYjc7253vhHJJO_TwamU3tp53Ya5aRtqF0pZPHSs97vIgcMYYgNn_3ISDPhcqbgeBTTc0MIQTKB2k-ZLkMunGOief0T_Q%26sig%3DCg0ArKJSzORNKHU1BtnMEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D4360717%26adurl%3Dhttps%253A%252F%252Fwww.independer.nl%252Fenergie%252Fintro.aspx%253Frefer%253Ddvprogrammatic-ron-prospecting-display-energie-vaste-contracten%2526utm_source%253Ddv-programmatic%2526utm_medium%253Dron%2526utm_campaign%253Denergie-prospecting%2526utm_content%253Dbanner-vaste-contracten%2526dclid%253D%2525edclid!
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4956559708212166656/Energie2023-Prospecting-Display-Energievastecontracten-160x600-638162781635625259-498b0c1d-143a-4001-a7a7-50a42d55846d.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03ce89bc3d1b4acd68caff0b1c7fff25fc77909590d2428610556c4c896cf74d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 12 Aug 2023 19:16:46 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, s-maxage=10
cf-ray: 7f5b0dff99f10e2e-AMS
request-context: appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3656 42 B
64 B 139ms
137ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsslh6F5AtRuCYiKG5OIUx6rO7mzT1ikmVrlco8olydYllfKKYHxkbcc7BrwlrUOJbaEqjQaMEMox67zsmaTRBZ_kJza_oIdse0sN34vGN6VZ6Okmsvp7y-0qytUpXQ6nVw-6qF0d163Gb2ZDBytv-fROyQNsSGPOv4wANhYJ9-EoMunUQs04vcYqPwZMDmsa1fP8J2BFzBoJ_B1LtQj2TfbXQgHlIwljM372l4WIm4sXaz99FMANuBzDjdXIMJjjYf7Tde-PAn2Qba69XsYTkXNROYNy9FGB54IAfelJXnHIRLwYlzbIYAip0nsOn917oTHAxHPVP9nB5U1IRdkP2R0vTYoIQ5OkoobRYWAbVQUhAiQFIZCNndzbukDNg4Ss3Tb-VBiddS3a2P7FXn6Rwxwn7SNWmYCIRJ1N3e-1ekjduEfzZw7RrQ5W04ni06Y8aI0L0VkBSBhxD5HIiF1YTc85QR729ZsAPm3JN76_-Oabf5C2vgN_lqMyu-MfLYQHVA88wBniLUO1WNKSgPEZJ4CLee_QQLjtReopZS_kd4F-Zj19Q916nUA91lLP-bJRjjHbbTdxBR-k197p_8AIybXy2Ey8JkWAlGspgw4x5iWn_fJ4yJKvGwBKGmqD5tYMghLbgo2hRYGEtntZGmmehyVEMB_sQ3qcZdcafLaSj8hb0BMlgFfULrxiSji88tY8pAgR-hZUDDYyF91MiN9a-8KC9qEv4T99ST2k5eZa7M48qeQFpIdv-my2rVAlZGTiabj6n4ZuW3pa71BjzKWTOKpdbQlYxxD5uiRpyPDePAegGmXOdMVAMci1F2XIlfy08eaHpTcFUPXYE-aNKWK5FHldMonIsgR2cQ7jvmzKfGDo-BsDzW2wq2x7ok1OkvFqa26RD6NwlS5pvXx8sOEKF1nF3cdbHQ9Vojm3wElk_Xu6w8E7gJA5DANueahJv7nkrhvDJY8cSUZYS3TID1i4mhsdGnKytnrt0nmrClRZWerH758z010a1H4wJs3cj6DhxxJ57cxCpBZu9ibn4_0FhU5uSQjgrSs6R_aBXipWU1_LzojO31w4NWMsyPZ1qH3r_KHcPQNx8QaKNKc8l33SdnfwQ&sai=AMfl-YTwSrFvrfMIsciD2CDy0WngO76Q2XM9HB6du7sHWfTrA2LtshNxwfx5MIA9-PE652VAlBbx6ahex9XkTR2yTQYTGUNLLYrU0Q&sig=Cg0ArKJSzKNki6SHMP8-EAE&cid=CAQSGwBpAlJWpq2_SNJiLudAX4Kq_VwCFos-8M_7JxgB&id=lidar2&mcvt=1354&p=0,0,124,1005&mtos=0,1186,1354,1354,1354&tos=0,1186,168,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=0.75&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691867804732&rpt=447&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 63DA 42 B
64 B 138ms
138ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuoyYWH_Vsd4VUN1oEULCcOmZdK4PuJEFu8dP9uoiGtY27KTc8KiDPZL86zY8sKqJOuw3tmtU6GFcqJTBWxWBWG61FDjWn9cACSKqCpX9alQGJPVMWpXSmH5Zj-MIJLfivDww-cAsE-sy5WzirZXUG9IiVrpWsqHlODDOiVbCzv6n-GOhVEQ95p21WrFoX_BkcERaQ3sswbGTxT-LAXlFiiid0EQISVC5Flv7ND_WkrEyF1EKZ5lZSOFoLu5zAEKhPZUpIvW45gp4ZuKC_19oQhGxj_3cwugmygSI5i6Ol0hNqXVzATkBF0Iaj3oIWZfQ93NXJsjpueYcUvrZscTYcj8PrG9fRo51ltjPkzDmMpyuudZmmm97fTPbzUYZpsQ6YzKg0g5Gtbi-rQYIkI3XEhhr5PmZTN3mBzH5tlCmlkzIgnx3zyZoEvrfhU2vs9sP4RH4MrnYesPqTEzzjTrfkgseOMhn5so3RkdvonD-kcxIj1q9c0c8LZVbJCM8nS4m2uSxO_opREV7X5bXchhTpvOgg9NkPoDkNwp4wg-T_7r_4uxGYaGsUAId_fBZPRHw8UUmMjSRPX3JarfydA68CQddR1C-f7Aaf5hizqApZdr1DjBn0DNbHURpNqejzbw7qDrNLTPlETSl3BgI8G8VBe4QbFZa_QfgGIUp3RZZqviwgTTw6lLndkWeTERgdO8xQp1IJCbJMFKPgpTUqGwDD3YLg6SwTtdeLNyvLsrKVhN_yET6e0HDadBjkG448Za7jE9YxsGpWbsBTzfgsjycPX6JTOQoI3-MXFGdIiEslZuEKddnD2dNar2Fk7ZA96btYfMSiXm_sD6ron17K_M-WR_tUKEmD83_7DaZamg28qjJz8EPRHcWits7ULIDEvJpaBbGLWer8R_9hKI-XXlvjfTkklElRHP3BxvnUHVeyRwIE1Ax8ZRWTJmt2TbMy22q1Hk5Th8CAR_VlfueOw77Bmk1GhCq5E4vvkjuNyzry7kxBtHTusjy5o3hpejMf3gOfDG3C0fcoIa6LslGNL_g0bLQLYSolkGdXyktu2RTatTL8D4tNSe67i1jcHad5_7dIa2LLIYQ0XP6ccBI7GwgF5&sai=AMfl-YQYaGNuJ0T61pQn2__46IMSzdcKEm1SPWyLsGk5sQOYW6-tl1HI41EJZetO2uxhyAHbB8sFUYd6Gb26boR6fGp12vda-c_GQg&sig=Cg0ArKJSzE6SRa7bNywIEAE&cid=CAQSGwBpAlJWpq2_SNJiLudAX4Kq_VwCFos-8M_7JxgB&id=lidar2&mcvt=1238&p=0,0,600,160&mtos=1238,1238,1238,1238,1238&tos=1238,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691867804726&rpt=418&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js Show response
pagead2.googlesyndication.com/bg/ Frame C26B 37 KB
14 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 06:15:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14662
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Aug 2024 06:15:21 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B092 0
0 137ms
137ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230809&jk=92126982325076&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF04 0
20 B 138ms
137ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHT9bndrXZLyuCaaOjuwPjtys0AcAAAAAOAHgBAI&bg=!lpWllcHNAAaiGN5Pghg7ADkAdvg8Wj4XyB22xbl1nq3qtYolNyCAMUfxfGSPiU2-gTo6G5sOFB1VmvfR1l2E1DnrmFMuwtLYNQoCAAAC61IAAAAJaAEHmQMTg3V387PdXhp524HPwSbJ1eJRu-mTJmXGubmeAxTbeJWhrcdDnfDBXM-I_UxfsqC5AbjxiOVgWzewI5o-mnePwRoFbaLnHLuRFLQ7LqB1Iv2NDowQYgOWMI1BGML1kpW-kKKidyfjjglOfbBvlWCq91hizzmzCJZ0ypwwUk3yGK0ypCFp6sgDD1u6nOgxeU6S7FsJ1FbUARhZ1MtbSTTKY3D6Bfq-bMFueizizRJtWzB-_lhoOsZYgH-aZlP2YgTgJqi27uPRIQPhnD20DCbYKklnrVsatm960k17TygaHDiyH1x9Yy8PXD5tGCHou--FNCCTmMRy5m4uVdpebxPOtFFrn47OSpB5-acbHlaMtTBVzZpijJNVhZec8HbApEjUr_Mf0HiRRqHCnCLyn5KfInOYZ79PhLxA0yjJIs3p_KTjTfB9IEo_6pqibT_aZyd4teNoKDaIA2pHjgiPXTluXdNmqS2FQJ3uKEVFBTjEQUXvRuQ30GbWmmchlOa7WvXIJv15ojsdUI4ve2bHlqK2mOlsIdU8HssINN0s28IihGngGmsOa8bpmkn1UqdpB6H5q_P0qCBOZni4vBUNlbjnzSlQLvmjNz196_m2ptCEubnM_06vtPFQtP4R0kv0ZMRJFZjIh-yQZAWH-u2BdbBXWPT7lcwe0eNyp1_IoWla7CFb2wnt1LaFilROdCejCTFZLNy4I-3mDPor57ctyEuRodV9Ht3Za_o65JXTUzeqHcFLSBz88gNzgND5Rnn5rUqR1tqFJmuXRUNEZ9vCkPAC51-sSWy894wWAazj0YHLcymFrOgjPNwv-eUaEw2GxtgcAoXOYWsTJkR5_sC5e5lmkb-etHC0mcreBPjV12fUta5M66FT-s3THeToK6MU4JwOFCmklETzfDWG_MajvSsv8FEEtts940B8_H1rx8Z72c1pzFpngj_pcScNvf5823yRFjxE6wLssxMiwlM08GGxGUpsUrpAtSH8quBddPGq8U2lxor8CMfhrryfhLk6M3r88TEGMJEsobtns4dXL4w-y3uLSw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D30C 0
20 B 140ms
138ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9879523369195&version=m202307240101&ct=76&x=1&cor=8445153921738187000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D30C 42 B
64 B 138ms
138ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEmHB0eKy_ZFNTBGT7iaNe9yBACUCEho-GmamzwPCm1v5duGh_Kul63-QlILaTuWDWfUKCSy1SeGj2Tg2-keK-m2RVKRgGRqXWJW6795I-JJ2MeFwIZyXzaLndIR6I1COqeA6U3h5wIaBP&sai=AMfl-YQ4d3Z8yZR6867cZUpYCNHjW3vgPH4Dz-D5zGVHdGk3UoRdYpUk1Tz5g5FieXlLm_R_H1dKDAeHVXG8&sig=Cg0ArKJSzCDrNp1YJrhlEAE&cid=CAQSGwBpAlJWpq2_SNJiLudAX4Kq_VwCFos-8M_7JxgB&id=lidar2&mcvt=1012&p=0,0,600,160&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691867804847&rpt=613&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 19:16:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget.8410d21839679336b455.js Show response
c.bannerflow.net/scripts/ Frame 47EC 20 KB
8 KB 33ms
33ms Script
application/javascript 2606:4700::6812:ad65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/widget.8410d21839679336b455.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/642d25b8f12a018346c6e721?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss2_tKgd3nbys1qYrY106Cp_ft7-Caanq0M_U55wnlfngaZuxxZhFFU8WR7dabksbhVVUAyufKEC4YCZ1v5YghI8hun3_skP01dAAtiXTB9YGh4RQoJvnzljzeonR2odsrSBJc2iFRsTNYWy2QRlypbr6192KUrrGPeIULiMnGQ8ahmlPt42E_NCjBVZKMRR69E8u0-OwHxR8Zt0n0fG8cKCqTivTS7S0T5g4km2lGBfAXl4R6hIxtP6DBtMg9hiKFFUxKtq_IfCOoULgmssD_k1qP7l8ao8LJga6CqTNMwHkPIjN7D3-VxpaWEhwHG8kEgsZGK0xmtCO-UcitfIR_BkvfskseRHk-t0FegdjcF2bpUPjsHN6oMFCrYnVOjslpmlvIGGaUiRLtovO6u2mlY8o4dI87a4sQ0UxgPSnISE4kFWnG_MKvjdpb16y1yaSk6WwhO8BjJmkPijFv59uJlWAuqz7YpZCcZd-6ZXesEnbmt9MJqFnvPJUpuHcNuvdjZGEO3GpX7lX5lfaDJvwDoPwPwPdsvu_8r3SdMQHlvhM9jVlXY63_YoDXJUEWfT-VZTL4gGy7Fx3upoZoDKGb7wWHXmMwCFjav2fkSP4zJEzIcXT6-R4N_W-p6m_jh0Nb6HEaSDrlBUNJzKty2TycEDxObjTBUc1q4Lxojlg94gpytWKi33i96Z6mIfTwtPuNDuQv_lGi5ATfb_KYZxCMBVkp0jrgQGf6pLbm2uY291ZY3JuwGAv9fFTh_3TfJ3L-kDjpHEsuj6b1VqVjru4DtOl6HqCbz7pIkJ674vv7cvgA8-NjsVswNI7b9BasIBU2NmGMCe4ALStkhwg3zHkDoqyq9NGFqyuvBRfSVAcPbhnhYAFdAzEGdnw_DzzXve37xpH_qlb47nSp4CuU7dfgNu_p1nM7f6y9uL8pBd_l0RevhLgAGajXu6lrMLqebULQ5TXfIsbboGlH8wYf2np3c1JukatrEBcMMjfa_pZbBz3d9esq4WTd91iPHcHPE9qOa5PF6twQRJmmxK5lzAB7_BJG13OqFHRiAhbA_HXCYMbmZ0ovybMEN8MF7uY593naRyyfyYLUgujHPOeAyFHT6YJSZUz-K9Cbs8S6l5GUPtU5s0lR6sv5G3qYbBGpeQA0abt2cOkCbfx13vdtEdMakMiipbdTr_PlSljnkXDA_z7y9OcNl1SsuAH-vS8o4sOS2rPUWchP16KJgP5XPRutrm1ainfXbQHBm9qOFywmpMK7sT5Xdkw4sVzI%26sai%3DAMfl-YR7OuG08HEarSyt-YrmmhP5ZuwUMh6PsE9Q9UWOdzNSF38HcejPIFNjOACzNwJakUjUyNl87g9wfexnyJpi1vuNvDSjtWcOmcYjc7253vhHJJO_TwamU3tp53Ya5aRtqF0pZPHSs97vIgcMYYgNn_3ISDPhcqbgeBTTc0MIQTKB2k-ZLkMunGOief0T_Q%26sig%3DCg0ArKJSzORNKHU1BtnMEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D4360717%26adurl%3Dhttps%253A%252F%252Fwww.independer.nl%252Fenergie%252Fintro.aspx%253Frefer%253Ddvprogrammatic-ron-prospecting-display-energie-vaste-contracten%2526utm_source%253Ddv-programmatic%2526utm_medium%253Dron%2526utm_campaign%253Denergie-prospecting%2526utm_content%253Dbanner-vaste-contracten%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f718822a28bedab946f14f5203ffa9252f02f7a70940c056b2562789aa49fb31

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 12 Aug 2023 19:16:46 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: zHKR/c/nEDyB3zYT/6qc+Q==
age: 11346766
cf-polished: origSize=20123
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Mon, 03 Apr 2023 10:36:15 GMT
server: cloudflare
etag: W/"0x8DB342F40546F4F"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d88fba18-801e-0098-4f1e-66cd47000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7f5b0dfffa770e2e-AMS

GET
H2 200 document.000000C70A10EE.js Show response
c.bannerflow.net/accounts/independer/58b00b62657197058cc7e813/published/4315363/5133028/ Frame 47EC 89 KB
24 KB 41ms
41ms Script
application/javascript 2606:4700::6812:ad65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/independer/58b00b62657197058cc7e813/published/4315363/5133028/document.000000C70A10EE.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/642d25b8f12a018346c6e721?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss2_tKgd3nbys1qYrY106Cp_ft7-Caanq0M_U55wnlfngaZuxxZhFFU8WR7dabksbhVVUAyufKEC4YCZ1v5YghI8hun3_skP01dAAtiXTB9YGh4RQoJvnzljzeonR2odsrSBJc2iFRsTNYWy2QRlypbr6192KUrrGPeIULiMnGQ8ahmlPt42E_NCjBVZKMRR69E8u0-OwHxR8Zt0n0fG8cKCqTivTS7S0T5g4km2lGBfAXl4R6hIxtP6DBtMg9hiKFFUxKtq_IfCOoULgmssD_k1qP7l8ao8LJga6CqTNMwHkPIjN7D3-VxpaWEhwHG8kEgsZGK0xmtCO-UcitfIR_BkvfskseRHk-t0FegdjcF2bpUPjsHN6oMFCrYnVOjslpmlvIGGaUiRLtovO6u2mlY8o4dI87a4sQ0UxgPSnISE4kFWnG_MKvjdpb16y1yaSk6WwhO8BjJmkPijFv59uJlWAuqz7YpZCcZd-6ZXesEnbmt9MJqFnvPJUpuHcNuvdjZGEO3GpX7lX5lfaDJvwDoPwPwPdsvu_8r3SdMQHlvhM9jVlXY63_YoDXJUEWfT-VZTL4gGy7Fx3upoZoDKGb7wWHXmMwCFjav2fkSP4zJEzIcXT6-R4N_W-p6m_jh0Nb6HEaSDrlBUNJzKty2TycEDxObjTBUc1q4Lxojlg94gpytWKi33i96Z6mIfTwtPuNDuQv_lGi5ATfb_KYZxCMBVkp0jrgQGf6pLbm2uY291ZY3JuwGAv9fFTh_3TfJ3L-kDjpHEsuj6b1VqVjru4DtOl6HqCbz7pIkJ674vv7cvgA8-NjsVswNI7b9BasIBU2NmGMCe4ALStkhwg3zHkDoqyq9NGFqyuvBRfSVAcPbhnhYAFdAzEGdnw_DzzXve37xpH_qlb47nSp4CuU7dfgNu_p1nM7f6y9uL8pBd_l0RevhLgAGajXu6lrMLqebULQ5TXfIsbboGlH8wYf2np3c1JukatrEBcMMjfa_pZbBz3d9esq4WTd91iPHcHPE9qOa5PF6twQRJmmxK5lzAB7_BJG13OqFHRiAhbA_HXCYMbmZ0ovybMEN8MF7uY593naRyyfyYLUgujHPOeAyFHT6YJSZUz-K9Cbs8S6l5GUPtU5s0lR6sv5G3qYbBGpeQA0abt2cOkCbfx13vdtEdMakMiipbdTr_PlSljnkXDA_z7y9OcNl1SsuAH-vS8o4sOS2rPUWchP16KJgP5XPRutrm1ainfXbQHBm9qOFywmpMK7sT5Xdkw4sVzI%26sai%3DAMfl-YR7OuG08HEarSyt-YrmmhP5ZuwUMh6PsE9Q9UWOdzNSF38HcejPIFNjOACzNwJakUjUyNl87g9wfexnyJpi1vuNvDSjtWcOmcYjc7253vhHJJO_TwamU3tp53Ya5aRtqF0pZPHSs97vIgcMYYgNn_3ISDPhcqbgeBTTc0MIQTKB2k-ZLkMunGOief0T_Q%26sig%3DCg0ArKJSzORNKHU1BtnMEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D4360717%26adurl%3Dhttps%253A%252F%252Fwww.independer.nl%252Fenergie%252Fintro.aspx%253Frefer%253Ddvprogrammatic-ron-prospecting-display-energie-vaste-contracten%2526utm_source%253Ddv-programmatic%2526utm_medium%253Dron%2526utm_campaign%253Denergie-prospecting%2526utm_content%253Dbanner-vaste-contracten%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ab794027111766c814fbc8994b3bcc611bd2881f35ef06d6ed6a467aa2c4d40

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 12 Aug 2023 19:16:46 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: KmSZpHntpb8X/PRQ76sEsw==
age: 10995848
cf-polished: origSize=92939
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 05 Apr 2023 07:40:08 GMT
server: cloudflare
etag: W/"0x8DB35A8FAF526D6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d4bff011-701e-0025-4b4f-69445a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7f5b0dfffa780e2e-AMS

GET
H2 200 animated-creative.660b78329c578e26e409.js Show response
c.bannerflow.net/scripts/ Frame 47EC 156 KB
53 KB 42ms
42ms Script
application/javascript 2606:4700::6812:ad65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.660b78329c578e26e409.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/642d25b8f12a018346c6e721?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss2_tKgd3nbys1qYrY106Cp_ft7-Caanq0M_U55wnlfngaZuxxZhFFU8WR7dabksbhVVUAyufKEC4YCZ1v5YghI8hun3_skP01dAAtiXTB9YGh4RQoJvnzljzeonR2odsrSBJc2iFRsTNYWy2QRlypbr6192KUrrGPeIULiMnGQ8ahmlPt42E_NCjBVZKMRR69E8u0-OwHxR8Zt0n0fG8cKCqTivTS7S0T5g4km2lGBfAXl4R6hIxtP6DBtMg9hiKFFUxKtq_IfCOoULgmssD_k1qP7l8ao8LJga6CqTNMwHkPIjN7D3-VxpaWEhwHG8kEgsZGK0xmtCO-UcitfIR_BkvfskseRHk-t0FegdjcF2bpUPjsHN6oMFCrYnVOjslpmlvIGGaUiRLtovO6u2mlY8o4dI87a4sQ0UxgPSnISE4kFWnG_MKvjdpb16y1yaSk6WwhO8BjJmkPijFv59uJlWAuqz7YpZCcZd-6ZXesEnbmt9MJqFnvPJUpuHcNuvdjZGEO3GpX7lX5lfaDJvwDoPwPwPdsvu_8r3SdMQHlvhM9jVlXY63_YoDXJUEWfT-VZTL4gGy7Fx3upoZoDKGb7wWHXmMwCFjav2fkSP4zJEzIcXT6-R4N_W-p6m_jh0Nb6HEaSDrlBUNJzKty2TycEDxObjTBUc1q4Lxojlg94gpytWKi33i96Z6mIfTwtPuNDuQv_lGi5ATfb_KYZxCMBVkp0jrgQGf6pLbm2uY291ZY3JuwGAv9fFTh_3TfJ3L-kDjpHEsuj6b1VqVjru4DtOl6HqCbz7pIkJ674vv7cvgA8-NjsVswNI7b9BasIBU2NmGMCe4ALStkhwg3zHkDoqyq9NGFqyuvBRfSVAcPbhnhYAFdAzEGdnw_DzzXve37xpH_qlb47nSp4CuU7dfgNu_p1nM7f6y9uL8pBd_l0RevhLgAGajXu6lrMLqebULQ5TXfIsbboGlH8wYf2np3c1JukatrEBcMMjfa_pZbBz3d9esq4WTd91iPHcHPE9qOa5PF6twQRJmmxK5lzAB7_BJG13OqFHRiAhbA_HXCYMbmZ0ovybMEN8MF7uY593naRyyfyYLUgujHPOeAyFHT6YJSZUz-K9Cbs8S6l5GUPtU5s0lR6sv5G3qYbBGpeQA0abt2cOkCbfx13vdtEdMakMiipbdTr_PlSljnkXDA_z7y9OcNl1SsuAH-vS8o4sOS2rPUWchP16KJgP5XPRutrm1ainfXbQHBm9qOFywmpMK7sT5Xdkw4sVzI%26sai%3DAMfl-YR7OuG08HEarSyt-YrmmhP5ZuwUMh6PsE9Q9UWOdzNSF38HcejPIFNjOACzNwJakUjUyNl87g9wfexnyJpi1vuNvDSjtWcOmcYjc7253vhHJJO_TwamU3tp53Ya5aRtqF0pZPHSs97vIgcMYYgNn_3ISDPhcqbgeBTTc0MIQTKB2k-ZLkMunGOief0T_Q%26sig%3DCg0ArKJSzORNKHU1BtnMEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D4360717%26adurl%3Dhttps%253A%252F%252Fwww.independer.nl%252Fenergie%252Fintro.aspx%253Frefer%253Ddvprogrammatic-ron-prospecting-display-energie-vaste-contracten%2526utm_source%253Ddv-programmatic%2526utm_medium%253Dron%2526utm_campaign%253Denergie-prospecting%2526utm_content%253Dbanner-vaste-contracten%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 337beda7d8032400f390009839fb8bd1ac42abe7053436d2b1187940b3942238

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 12 Aug 2023 19:16:46 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: +8p5tNxkfqrzwAGyJFjKoQ==
age: 11346767
cf-polished: origSize=159455
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Mon, 03 Apr 2023 10:36:14 GMT
server: cloudflare
etag: W/"0x8DB342F4014FAB2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 25034761-601e-0080-221e-661220000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7f5b0dfffa790e2e-AMS

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C26B 0
12 B 91ms
89ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KcCZpQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ Frame 47EC 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK f8312f09-283f-4a80-a157-797df6456adc Show response
https://s0.2mdn.net/ Frame E2D2 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://s0.2mdn.net/f8312f09-283f-4a80-a157-797df6456adc
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.660b78329c578e26e409.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length: 668
Content-Type

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 47EC 3 KB
3 KB 86ms
32ms Font
font/woff 2606:4700::6812:ad65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F550abe329445702310657a53%2F58b00b62657197058cc7e813%2F91d4dc52-df14-4072-ac45-aa024d96bf3a.woff&t=%20Baenprsu
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4956559708212166656/Energie2023-Prospecting-Display-Energievastecontracten-160x600-638162781635625259-498b0c1d-143a-4001-a7a7-50a42d55846d.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba60555125181729f45f8e3c8e002c452ba479af34a5f12c67ac044a055f3951

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:47 GMT
cf-cache-status: HIT
last-modified: Fri, 07 Apr 2023 12:52:00 GMT
server: cloudflare
age: 10995887
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=91d4dc52-df14-4072-ac45-aa024d96bf3a-subset.woff
cf-ray: 7f5b0e01fff60a55-AMS
expires: Sat, 06 Apr 2024 12:52:00 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 47EC 10 KB
10 KB 32ms
32ms Font
font/woff 2606:4700::6812:ad65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F58b00a5ccc269b0e807d983b%2F08da8463-920b-4bab-a0c2-a0c0ed8554c2.woff&t=%0A%20%21-Dacegijnorstuvz
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4956559708212166656/Energie2023-Prospecting-Display-Energievastecontracten-160x600-638162781635625259-498b0c1d-143a-4001-a7a7-50a42d55846d.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fe997bd3ac737a091f6cc64fe6001c378b0548d91c73935735c4cbb2bc3497b

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:47 GMT
cf-cache-status: HIT
last-modified: Fri, 07 Apr 2023 12:52:00 GMT
server: cloudflare
age: 10995887
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=08da8463-920b-4bab-a0c2-a0c0ed8554c2-subset.woff
cf-ray: 7f5b0e0228690a55-AMS
expires: Sat, 06 Apr 2024 12:52:00 GMT

GET
H3 200 shadow.png
toaz.info/viewer/web/images/ Frame FBA3 290 B
810 B 35ms
34ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/viewer/web/images/shadow.png
Requested by: Host: toaz.info
URL: https://toaz.info/viewer/web/viewer.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9c6fb05ccd9fea5e3aaea84933b182ceca88fc66142544fd0476b387a39f722

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1470834
alt-svc: h3=":443"; ma=86400
content-length: 290
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: "5f4a0fb6-122"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxQvFsIIO4JgYXHwX5JTLCus0rrB98jpK%2BfqLLgNthPBWDta2hN03Sfe5iL4toxoLxpEf%2BOwCEUOBWE0Sp%2FQRjG6ThqPkwlx1ZBHg72M6XrYAuFcHCjHNQyRKv23mqAG465NBeQ47l0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7f5b0e024ddb0b70-AMS
expires: Fri, 25 Aug 2023 18:38:17 GMT

GET
H3 200 loading-icon.gif
toaz.info/viewer/web/images/ Frame FBA3 2 KB
3 KB 37ms
36ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/viewer/web/images/loading-icon.gif
Requested by: Host: toaz.info
URL: https://toaz.info/viewer/web/viewer.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 483c4a0396691993a641ec409c44b8b7e1daab0ae7e2b2944c4bc59520bb7655

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1477071
alt-svc: h3=":443"; ma=86400
content-length: 2545
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: "5f4a0fb6-9f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13uPN6YjAU5feHoTOjozV%2BANLQdUK8L%2FIGFbBfbOz40WdjMUyWM27axDNK5DhZwL%2FWYBfjz8OkM9m8m53kUpmbtc57iJkCY3lAHTAYdiVVsaOc9I9nsiKE7d4zWAI9ofSZxkPAd7DGk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7f5b0e024dde0b70-AMS
expires: Fri, 25 Aug 2023 16:54:21 GMT

GET
H3 200 loading-small.png
toaz.info/viewer/web/images/ Frame FBA3 7 KB
8 KB 32ms
32ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toaz.info/viewer/web/images/loading-small.png
Requested by: Host: toaz.info
URL: https://toaz.info/viewer/web/viewer.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 826d7d78fc6fb07d0546261d93f82e109225ab81ba612b7eeefec942da66f7e9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/viewer/web/viewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 19:16:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1470264
alt-svc: h3=":443"; ma=86400
content-length: 7402
last-modified: Sat, 29 Aug 2020 08:20:06 GMT
server: cloudflare
etag: "5f4a0fb6-1cea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aIm0hHKRfdL1Wd9fic2It3cOtl1pyT5WX6QIKZUIZ9z4wXxOgrqPIUdogdlaxt79pcMPTYFLCb7ZoirgADVtscBdJwynhdXVbA%2Bav77begOP9aSAq0dsk6wtW6gWMQ6YdxmpEus7K40%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7f5b0e027e180b70-AMS
expires: Fri, 25 Aug 2023 18:47:48 GMT

GET
H2 200 5d0d963f-f16a-4763-a782-9e6fa301a1f1.svg
c.bannerflow.net/accounts/independer/58b00b62657197058cc7e813/images/ Frame F3C5 248 B
361 B 34ms
34ms Image
image/svg+xml 2606:4700::6812:ad65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/independer/58b00b62657197058cc7e813/images/5d0d963f-f16a-4763-a782-9e6fa301a1f1.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9132d829bdc5601750177f6c4b039fb24a2c405a196d31857fcb4d7b0000e9f3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 12 Aug 2023 19:16:47 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: LKOPWTrEXxEXmsxJgI8Aww==
age: 1624
x-ms-lease-status: unlocked
last-modified: Wed, 01 Dec 2021 13:24:31 GMT
server: cloudflare
etag: W/"0x8D9B4CDE8E7757C"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 6c373d72-a01e-00a0-38f6-b66987000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7f5b0e02add90e2e-AMS

GET
H2 200 a86bf905-1d57-4510-a0b2-249598424665.svg
c.bannerflow.net/accounts/independer/58b00b62657197058cc7e813/images/ Frame F3C5 8 KB
3 KB 33ms
32ms Image
image/svg+xml 2606:4700::6812:ad65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/independer/58b00b62657197058cc7e813/images/a86bf905-1d57-4510-a0b2-249598424665.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68cabacb7b77c7b360cbf8367d3260e238278020da37c94ddf0387d3e4a4b69c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 12 Aug 2023 19:16:47 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 8urcD2CKISvRgGCJ1Ya9Eg==
age: 1427
x-ms-lease-status: unlocked
last-modified: Wed, 01 Dec 2021 13:24:32 GMT
server: cloudflare
etag: W/"0x8D9B4CDE9002B7A"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: f4cbd398-101e-0041-5d8d-cab5c2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2011-08-18
cf-ray: 7f5b0e02adda0e2e-AMS

GET
H2 206 IND_BANNER_CONTRACT_01-c428669b50744e39890568b947d13e2c.mp4
c.bannerflow.net/bf-videos/58b00a5ccc269b0e807d983b/ Frame 6AB0 432 KB
433 KB 41ms
41ms Media
video/mp4 2606:4700::6812:ad65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/bf-videos/58b00a5ccc269b0e807d983b/IND_BANNER_CONTRACT_01-c428669b50744e39890568b947d13e2c.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c84b35f0b2fb9754fd415498c63d088a723f9378d4329a6318320574761a5ff

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 12 Aug 2023 19:16:47 GMT
cf-cache-status: HIT
content-md5: VhMVcVu6SqpY0WM5h/98Tw==
age: 1164
x-ms-server-encrypted: true
Content-Range: bytes 0-442260/442261
Content-Length: 442261
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Mon, 13 Mar 2023 09:17:01 GMT
last-modified: Mon, 13 Mar 2023 09:17:01 GMT
server: cloudflare
etag: "0x8DB23A3B41093C8"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
x-ms-request-id: 494c270e-501e-003f-2d4f-6989f4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-creation-time,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2020-06-12
cf-ray: 7f5b0e02fe4a0e2e-AMS

POST
H2 200 /
c.bannerflow.net/tr/v2/pixel/ Frame 47EC 0
91 B 37ms
37ms Ping
text/plain 2606:4700::6812:ad65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel/
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/642d25b8f12a018346c6e721?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss2_tKgd3nbys1qYrY106Cp_ft7-Caanq0M_U55wnlfngaZuxxZhFFU8WR7dabksbhVVUAyufKEC4YCZ1v5YghI8hun3_skP01dAAtiXTB9YGh4RQoJvnzljzeonR2odsrSBJc2iFRsTNYWy2QRlypbr6192KUrrGPeIULiMnGQ8ahmlPt42E_NCjBVZKMRR69E8u0-OwHxR8Zt0n0fG8cKCqTivTS7S0T5g4km2lGBfAXl4R6hIxtP6DBtMg9hiKFFUxKtq_IfCOoULgmssD_k1qP7l8ao8LJga6CqTNMwHkPIjN7D3-VxpaWEhwHG8kEgsZGK0xmtCO-UcitfIR_BkvfskseRHk-t0FegdjcF2bpUPjsHN6oMFCrYnVOjslpmlvIGGaUiRLtovO6u2mlY8o4dI87a4sQ0UxgPSnISE4kFWnG_MKvjdpb16y1yaSk6WwhO8BjJmkPijFv59uJlWAuqz7YpZCcZd-6ZXesEnbmt9MJqFnvPJUpuHcNuvdjZGEO3GpX7lX5lfaDJvwDoPwPwPdsvu_8r3SdMQHlvhM9jVlXY63_YoDXJUEWfT-VZTL4gGy7Fx3upoZoDKGb7wWHXmMwCFjav2fkSP4zJEzIcXT6-R4N_W-p6m_jh0Nb6HEaSDrlBUNJzKty2TycEDxObjTBUc1q4Lxojlg94gpytWKi33i96Z6mIfTwtPuNDuQv_lGi5ATfb_KYZxCMBVkp0jrgQGf6pLbm2uY291ZY3JuwGAv9fFTh_3TfJ3L-kDjpHEsuj6b1VqVjru4DtOl6HqCbz7pIkJ674vv7cvgA8-NjsVswNI7b9BasIBU2NmGMCe4ALStkhwg3zHkDoqyq9NGFqyuvBRfSVAcPbhnhYAFdAzEGdnw_DzzXve37xpH_qlb47nSp4CuU7dfgNu_p1nM7f6y9uL8pBd_l0RevhLgAGajXu6lrMLqebULQ5TXfIsbboGlH8wYf2np3c1JukatrEBcMMjfa_pZbBz3d9esq4WTd91iPHcHPE9qOa5PF6twQRJmmxK5lzAB7_BJG13OqFHRiAhbA_HXCYMbmZ0ovybMEN8MF7uY593naRyyfyYLUgujHPOeAyFHT6YJSZUz-K9Cbs8S6l5GUPtU5s0lR6sv5G3qYbBGpeQA0abt2cOkCbfx13vdtEdMakMiipbdTr_PlSljnkXDA_z7y9OcNl1SsuAH-vS8o4sOS2rPUWchP16KJgP5XPRutrm1ainfXbQHBm9qOFywmpMK7sT5Xdkw4sVzI%26sai%3DAMfl-YR7OuG08HEarSyt-YrmmhP5ZuwUMh6PsE9Q9UWOdzNSF38HcejPIFNjOACzNwJakUjUyNl87g9wfexnyJpi1vuNvDSjtWcOmcYjc7253vhHJJO_TwamU3tp53Ya5aRtqF0pZPHSs97vIgcMYYgNn_3ISDPhcqbgeBTTc0MIQTKB2k-ZLkMunGOief0T_Q%26sig%3DCg0ArKJSzORNKHU1BtnMEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D4360717%26adurl%3Dhttps%253A%252F%252Fwww.independer.nl%252Fenergie%252Fintro.aspx%253Frefer%253Ddvprogrammatic-ron-prospecting-display-energie-vaste-contracten%2526utm_source%253Ddv-programmatic%2526utm_medium%253Dron%2526utm_campaign%253Denergie-prospecting%2526utm_content%253Dbanner-vaste-contracten%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s0.2mdn.net/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 12 Aug 2023 19:16:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7f5b0e036eee0e2e-AMS
content-length: 0
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 137ms
137ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230809&jk=92126982325076&bg=!lZallsLNAAaiGN5Pghg7ADkAdvg8WntUhXsGqSn1JnxPTL3MQIY63SZSixz3elAygz7-pDVd2Q3oWdsK4CX2FAuETkjW8tE2dr8CAAAAwVIAAAAIaAEHCgCn55kxDsw41thN0jcWu_FMeTULLiN7kSOk1ryksoAAJwdoumwyvME5fQOgr_lfqST0A5SE4fVoCStEaTLhpCxJsaC67QSF1SPMtqFnXQEX_uaFc7OILfcvhrM7YxGD1ytT2DDauZGjnCuEMGGUcQUj3_OpbsdqfTsfk4Xq8iPskbSpQrEBQhzGoWiw-bpYf-hG5d_5LQ7ZfqlnSWSi4BJQ2V6PT7jI-3aZAs9uplwasd9wml_JPzNTW8RpdnuUOHJnc9t7qweavKLsEns-SOBkP85iHJAdtWTw1ZlMf_vN2Lae1f_ei056vkPFFcPXpiIgvYP4GiRqSyL70qhSRPrzv5Jo3KGEkfs4S9knpKGgj2l9R2yNdMIo_gEvJ6S0fSRO4srgQONB0Y8Cpe6qwhfvFfcY4PKdC4gVZ8Y_aUrHnBbRXuNAx9MP_la1v8F268XtQsczEhCjQ2QUTD9xqxo3d4YPpd9j4iZCVO6xkI0_BfLlLp9D7tc6SJsVtcFdKkKrK-vLCId1pTtB__LZtmnOy-cP9xvjk2SB03ZBqLay4-psQRpHJg5V9xDa9KJf2ttPY6MUB231Pr3KaCLtK5sBm0elSm9ZKuburrtnphfxtNb3fqooMjjiBa1TkVDPaOqBEQOwshVktiXsCkizNCQHTV4OKGvcgGd8pGBhtPkG5FTOHtpmOQIPdMumcYItuWWNBDElqICkukEBrsPdZMXN3xxdqCi1et7JDdHDyU0fvA7P5krnlu1M_ChV2igJdJwrTxIdpLryCxk-GQByMR1BZu8zXN823T1SwEDUyOaiccOptIkKc8R5VWi8QOFINVI8_AKxzAiWtD9I_pY8jGS52T0ZQ3tqpzygTj0bXbyNAS9t7z0-ESH0ICdmRnsGfhmrM0axSkXOOeA11kfjeHzcNXqjWuHs_b1CVv1Ob6C3MviehCoLGZrqQ78DhoRedvDXAMNPe8JXtW4jtI8geWpjUsM3i9EZ-M-rGHgrfw7s6Xl-M65iQIIxX-gdsc7zbhhe_Afmn6SLj-Cg69WTUNj8pdfTzm_Gzc6LUdObsnkilN-tCZXws_vS4YPDtAKKjzvAkKIuWis5noxkFM-u9guTpBblpLLG4NZRmaXk0vnMz6Qvqc0R6kNoHWMeCM0WR2TAJlA2uWqu5_9lfvIR1APXkhAyIFPJW_GUVQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://toaz.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
toaz.info/	1970-01-20 13:57:55	Name: ci_session Value: rqvdebp489ertk6vq1pk5h46uhinejs0
.toaz.info/	1970-01-20 23:33:47	Name: _ga_N8JZLZ2M4N Value: GS1.1.1691867803.1.0.1691867803.0.0.0
.toaz.info/	1970-01-20 23:33:47	Name: _ga Value: GA1.2.2117704786.1691867803
.toaz.info/	1970-01-20 13:59:14	Name: _gid Value: GA1.2.152285506.1691867803
.toaz.info/	1970-01-20 13:57:47	Name: _gat_gtag_UA_176701168_1 Value: 1
.toaz.info/	1970-01-20 23:19:23	Name: __gads Value: ID=a5c0223486353a14-22049ca64ede00a4:T=1691867803:RT=1691867803:S=ALNI_MZLGvs0K255rxfIRZcTZiyUgkP-bA
.toaz.info/	1970-01-20 23:19:23	Name: __gpi Value: UID=00000c5fa3b1b0ca:T=1691867803:RT=1691867803:S=ALNI_MabRu89dtZleSZqeWDjsZmpP7zI1g
.doubleclick.net/	1970-01-20 13:57:51	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 23:19:23	Name: IDE Value: AHWqTUnT3BcXdQ5uIqHy4ys6dSYokN20IW4Sm003D_dN5ZfkJQZ3fTGCpcgvVRkhOzY
.casalemedia.com/	1970-01-20 22:43:23	Name: CMID Value: ZNfanTQ0T1sPUxkM8aVOWAAA
.casalemedia.com/	1970-01-20 16:07:23	Name: CMPS Value: 5210
.casalemedia.com/	1970-01-20 16:07:23	Name: CMPRO Value: 5210
.adnxs.com/	1970-01-20 16:07:23	Name: uuid2 Value: 8058897305084585338
.doubleclick.net/	1970-01-20 18:16:59	Name: APC Value: AfxxVi49syf688vdplhucdu0GCCPBjSSoB8XDk-temBV_XSgl62zKA
.adnxs.com/	1970-01-20 16:07:23	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVRja<DT!]tbPl1M>e)ZlrFUfJ+tGXxp6HOe%nT'3?JEW1*>Z3g]:U'yU$[815ouUw0Z3If)y3KL9D3I?+W0q1fE
.googleadservices.com/	1970-01-20 16:07:23	Name: ar_debug Value: 1
.rlcdn.com/	1970-01-20 22:43:23	Name: rlas3 Value: 5oBBJS6s95uqOK0R3aUFZpL+N8A2OqM7PHgnZXqzyNA=
.ctnsnet.com/	1970-01-20 22:43:23	Name: cid_89a6fdc4eb9a4889aa6f317c572ab853 Value: 1
.ctnsnet.com/	1970-01-20 22:43:23	Name: gid_CAESEEwTIV2hFqrr-rhW_slEMYI Value: 1
.simpli.fi/	1970-01-20 22:44:50	Name: suid Value: 319A264A673F488EB9BBD45EA377CD18
.de17a.com/	1970-01-20 22:36:11	Name: guid Value: 1.8085818188211302713
.rlcdn.com/	1970-01-20 15:24:11	Name: pxrc Value: CJ2136YGEgUI6AcQABIGCOndKhAA
.tribalfusion.com/	1970-01-20 16:07:23	Name: ANON_ID Value: aWntuJujieEo7YxU2mxDpvshIiYFjxCj6ocZdQlOc77WWTh3IK0VUGThb32N7RZbSDHTS5tjZaM5oRVMEuEoLwVHW0M

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
c.bannerflow.net
cm.g.doubleclick.net
d5p.de17a.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
p4-aixpdfvhgiooi-mqhd7qniycdkq27g-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
s.tribalfusion.com
s0.2mdn.net
sync.teads.tv
toaz.info
tpc.googlesyndication.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.184.227
142.250.185.194
142.250.185.66
142.250.185.98
185.80.39.216
185.89.210.212
2.16.97.41
2001:4860:4802:32::36
213.155.156.180
2606:4700::6812:19ad
2606:4700::6812:ad65
2a00:1450:4001:803::2008
2a00:1450:4001:806::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2006
2a00:1450:4001:830::2003
2a02:fa8:8806:12::1370
2a06:98c1:3120::3
35.186.193.173
35.204.158.49
35.244.174.68
01e68a8eecc8f654a8409eb169abdd895a5c6523126fae7d12c650c917cd1de9
03ce89bc3d1b4acd68caff0b1c7fff25fc77909590d2428610556c4c896cf74d
07de6a470e6b9ac020aa09bda6e078294a54c355467e1d0d4e6885875e9bb101
07f348de2eacaf6d7a7069323e55b0157dee2be983d44c9657c6dafe6354e8eb
08785857c04f6e4801fe05413126fb591c1a7ae281e0506f1a3e3d5ce19a19e8
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0a0c8700265901b93feb0814d2db720d0e4f0b66ebfa98f717d1dc4e28e36646
0a281d912535dfd0a663182d7e9db5e6bcd9ca699aaefb489ce0e313f990d666
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bce5882a5b8caabd453fcc98c3d017f5663c845f50a00dcc78df854248b7d20
117785ee66927008b57b9cc8b4b99ccd8a1f4f5c562a8e52bd12908706aab1e3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
161fb247ede7ecb867d864863b8e3de3a93daae6286fce1ab7c3700f55112c9e
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17b85bfb4c95c7d5e91a0051b26f35315c0c1c7127ded0a74968542591e1ca81
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1c84b35f0b2fb9754fd415498c63d088a723f9378d4329a6318320574761a5ff
1d2109e59ec2a0d30822c964e498faaeb4a58d3a683fc45a7e0ed81ce9971f34
1f18129857ba039238716c12d5dab4e23e30ff73e3e4d217cf7b65bc058fb22c
1fe997bd3ac737a091f6cc64fe6001c378b0548d91c73935735c4cbb2bc3497b
2029cbb9234a8189fbe2046a354545b542d480b033ed3ab0920bfccd9319a50c
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
2c53ac195214b4697a710c3a485d17b80d2ac6feada6cd20acdf971996105f5b
2cd3ce564969b6ac22ec5ecc25d5fa806a8372820bff66a57e228e8379f78a72
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32170f852e6761cbbcfbb87175bfd6d84ed73823def767b1a7bdd058c6a3030a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
337beda7d8032400f390009839fb8bd1ac42abe7053436d2b1187940b3942238
34b2bbfba5cd9d2d20c53c4706f833f907399e0e90346c693bc2c5a35a4fd4b9
354d3c4f21e7dbf4e0bc4f7b7da9c085c95e4a4c55b43d95fc3c761c0e5dbd1b
387ea2faa60b3c1a34cd7c72f5ab83686bfb8ef8ff29016c5561fa0d4cdac95b
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3af012a7c7f3c9b0a46d15558764e1128338f3f1faa1014918cdb2991682ac80
3e1aa1df58b9ba316c01f4e6ce1099e0fc56948836433b9fb34939de5a5e0e98
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
483c4a0396691993a641ec409c44b8b7e1daab0ae7e2b2944c4bc59520bb7655
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4d44eef42468aa9860e7e4d534a143260ab1d102607635a2f30483d0c039686f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5106ec9c8b9d2a5f581b384f28ca2b89614648950b1008097e738e94f6ccb88d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5919df95a2ae173633f4aa18e85367c772d7169be8ec7eeb767076d9d34b735f
59280ac4ec15b3176cd6948fa4d2319698d484c971f432eb8454dd851416e5dd
6045780b5f81b9962b6ef439a8473b82605b341bb70823bbac482a402d755093
60b477a25706077f00680a80295d67e8a171843847d7ebdd1ca077b33058d077
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
68cabacb7b77c7b360cbf8367d3260e238278020da37c94ddf0387d3e4a4b69c
69dfcba91daf8ef71789624fc06276e97604c2f9b504411f9b2bac4b9b103613
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f44f96517c6ced760ede55714c5e7e1e259783974fcba750f53880a932ecd50
77f4397dc9c1c6870f6b1cae9eddbc8b31a478ca93bfdbfeae2cdd07316f2e1d
785b5bfe7c5dddc3c99a3307eae5e61646b8ca5fb63400977dd1f8bb76c6887c
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7cb6b8ca836c7741cfd429636db9e9d6949488e4403b12e8a7513d4824251381
826d7d78fc6fb07d0546261d93f82e109225ab81ba612b7eeefec942da66f7e9
867608a237db2dd7aa28e94525b2c033713f5bb98e575a4d5dd8e2765d18f188
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8722c44457c51f5090545306b32627b6907ace334e615bb5eba264e7aeba1b18
8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca
9132d829bdc5601750177f6c4b039fb24a2c405a196d31857fcb4d7b0000e9f3
91e0d6c6a394664bc1340bb8be605388f0d02282f1f16bdf402c6f19634d8cbc
94c2769bb72cec8461c615a48c1c17deb363865ee9d2dd5c2f6100e9fcd552fd
962786598adec122818e023c48f4dbdf8c0d732b7da50257328ee23d75f62ac6
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab794027111766c814fbc8994b3bcc611bd2881f35ef06d6ed6a467aa2c4d40
9bf3c38f8e5d1092ec5e0fd1639c1c5c4fcdede0326397b4f9d9eb45adb3b05a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1355979597393d599793ded2685ed48992935bc832f1c377354749c74554368
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
a7ed7d6edeb2e1c064418471051c944e22f958d53c5be36b676a4452b42f76fa
a9c6fb05ccd9fea5e3aaea84933b182ceca88fc66142544fd0476b387a39f722
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aeb0fe0480fd3142c27c58ca0bff5c5bd26cbee01fbbc2392fb526abe3250c20
aef23d027c98a2fbe16c9b5d82672cd45371feb297a306c3d0c04156d3195780
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1591f8a548aff64a8e0208e51b9d62437a109ca790f048bbac7434f6ece77f8
b1725fd23cdbc7a49c8fecad5897f855c8336d971dd114504d73bf05ebe4d050
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b7e3059d78f5675e4d8d03f950ab41f1ef69f3d8e234151cda29641ac24b1b75
b954211d677d0531666da010afef885d73193be174c590ec0d65c9fb94eee64b
b97006dda25f0b3908ce7604108261ff8ab1e1984118f3dac296428bcf34b1a3
ba60555125181729f45f8e3c8e002c452ba479af34a5f12c67ac044a055f3951
bea530f1ac565fe3b95be3d4599508b9947fa6ef50114bc33216802342ff5187
bf3740ed3cd6e08d828fbff72f5bc6952ecec60e9e1534bceb3ac9fd0f34260e
c0a720df13097117c68be5f6137edfc51ca7efb012bbb85c3e62cc56c4225e30
c29cb03f9166073879d4cde8775a2727ccae480e006c863d3d7fe428ee444412
c41dd1f67d354720df07f64acaa46716d50ac22e10efe15e92fe6033dea8ff68
c512b3288ae192026114388a991a4cf43ef40822d5825b9ec8221c71984eca47
cc4edc2886c6bbc0634789dbf52735a3a82ae710a31f960f01fda20d5dd3dc73
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
ce9a8d8b84fc9094f8eadc5993a4e6de579aafbc9901ce6e09b8e3c5bcbfaef9
d105d51818e6422d1fa76140345a06e5932a68af33df59a257e177d1763a17fb
d50cd822750a4ac49e955f55ca0a191d623d8725886cff1cc0fef8ee3376e14f
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d92426839e81addbe0f3a924f601a978c28d4555941b82b93add098e6f211e6a
dd3d1c40f49eb53c68989b1fc9b6de0b9c0f0ac594c27b6890a1cec49f2f7396
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e90f6b678b2f030caab438c18a9682c81b824f5b829cf9e436065c11bf293193
ec82bfb4f818c3b83eca8e52258a0e7cffde64a8adc608b7e5ef67c894ee6742
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09068d019819fca961f6f1fbe02a267a83186e8a503857291b75c9360c63433
f3916101560bb73952b11ffba1cbcbd98495c3c4b490850e963af5bf5a282099
f4bf8e4b3ddd92edaa4f3d39da434aa55ca52f487964cfe139242a29cfb596bf
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6914a75a983643f98893dcfa8f08d3afd38b2b69f1b981ba1f9e47aaf9436d9
f718822a28bedab946f14f5203ffa9252f02f7a70940c056b2562789aa49fb31
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fdd1c42ec1c07eb92ea891a722e4d5db7277f9d3ec121684ab1c2b0414b46594

toaz.info Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

181 Requests

91 %HTTPS

61 %IPv6

21 Domains

29 Subdomains

25 IPs

6 Countries

3285 kBTransfer

31578 kBSize

23 Cookies

0 Outgoing links

Page URL History

Redirected requests

181 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

toaz.info Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

181
Requests

91 %
HTTPS

61 %
IPv6

21
Domains

29
Subdomains

25
IPs

6
Countries

3285 kB
Transfer

31578 kB
Size

23
Cookies

181 HTTP transactions
9 data transactions