Submitted URL: http://yeosuteddybearmuseum.com/
Effective URL: https://www.yeosuteddybearmuseum.com/
Submission: On September 22 via manual from US — Scanned from NL

Summary

This website contacted 25 IPs in 8 countries across 20 domains to perform 133 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.yeosuteddybearmuseum.com. The Cisco Umbrella rank of the primary domain is 939893.
TLS certificate: Issued by E1 on July 31st 2022. Valid for: 3 months.
This is the only time www.yeosuteddybearmuseum.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 7 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
23 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 142.250.180.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2620:116:800d... 16509 (AMAZON-02)
4 4 69.192.160.219 16625 (AKAMAI-AS)
8 142.250.185.226 15169 (GOOGLE)
1 34.98.67.61 15169 (GOOGLE)
2 35.186.253.211 15169 (GOOGLE)
2 185.64.190.78 62713 (AS-PUBMATIC)
2 2 69.173.144.138 26667 (RUBICONPR...)
4 4 104.18.19.126 13335 (CLOUDFLAR...)
1 2406:da18:5a5... 16509 (AMAZON-02)
133 25
Apex Domain
Subdomains
Transfer
38 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
525 KB
30 yeosuteddybearmuseum.com
yeosuteddybearmuseum.com — Cisco Umbrella Rank: 939966
www.yeosuteddybearmuseum.com — Cisco Umbrella Rank: 939893
355 KB
18 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
151 KB
17 gstatic.com
fonts.gstatic.com
www.gstatic.com
276 KB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 75
www.google.com — Cisco Umbrella Rank: 2
2 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 40
5 KB
4 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438
4 KB
4 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1728
3 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
175 KB
3 google.nl
adservice.google.nl — Cisco Umbrella Rank: 14952
www.google.nl — Cisco Umbrella Rank: 9480
1 KB
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
923 B
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 648
207 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1505
486 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1020
925 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1423
296 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 947
356 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 857
656 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 209
11 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
42 KB
133 20
Domain Requested by
28 www.yeosuteddybearmuseum.com www.yeosuteddybearmuseum.com
24 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
14 pagead2.googlesyndication.com www.yeosuteddybearmuseum.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
9 fonts.gstatic.com fonts.googleapis.com
8 cm.g.doubleclick.net googleads.g.doubleclick.net
www.yeosuteddybearmuseum.com
8 www.gstatic.com googleads.g.doubleclick.net
6 fonts.googleapis.com www.yeosuteddybearmuseum.com
googleads.g.doubleclick.net
4 ssum-sec.casalemedia.com 4 redirects
4 e.dlx.addthis.com 4 redirects
4 www.googletagservices.com googleads.g.doubleclick.net
4 www.google.com www.yeosuteddybearmuseum.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
2 pixel.rubiconproject.com 2 redirects
2 image6.pubmatic.com googleads.g.doubleclick.net
2 rtb.openx.net googleads.g.doubleclick.net
2 cms.quantserve.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.nl pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 yeosuteddybearmuseum.com 2 redirects
1 ag.innovid.com googleads.g.doubleclick.net
1 odr.mookie1.com googleads.g.doubleclick.net
1 www.google.nl www.yeosuteddybearmuseum.com
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdnjs.cloudflare.com www.yeosuteddybearmuseum.com
1 www.googletagmanager.com www.yeosuteddybearmuseum.com
133 27

This site contains no links.

Subject Issuer Validity Valid
*.yeosuteddybearmuseum.com
E1
2022-07-31 -
2022-10-29
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
*.google.nl
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
*.google.com
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
www.google.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1
2022-02-24 -
2023-03-27
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-15 -
2023-04-15
a year crt.sh

This page contains 16 frames:

Primary Page: https://www.yeosuteddybearmuseum.com/
Frame ID: 14B8D216D95339A737D1655FC0B8AF37
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20190131/zrt_lookup.html
Frame ID: 881FD6A712768535C4FA22A4E3B60453
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&adk=1812271804&adf=3025194257&lmt=1663868657&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868657410&bpp=8&bdt=449&idt=237&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1795934947609&frm=20&pv=2&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=252
Frame ID: 429316603BCE848FC316D925EF33E3B5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=2665530630&adf=3791006476&pi=t.aa~a.2483298696~rp.4&w=1176&fwrn=4&fwrnh=100&lmt=1663868657&rafmt=1&to=qs&pwprc=8977564207&psa=0&format=1176x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868657418&bpp=2&bdt=457&idt=248&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LiMoL58e1k&p=https%3A//www.yeosuteddybearmuseum.com&dtd=251
Frame ID: 2DA56EC74870F36C6C48C04317C7D707
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1057643952&pi=t.aa~a.1481608961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=2&bdt=1774&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280&nras=3&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OTjtbhHRXQ&p=https%3A//www.yeosuteddybearmuseum.com&dtd=18
Frame ID: 44F651712108BD7234EDC1429A86B480
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1007934963&pi=t.aa~a.1481608961~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=1&bdt=1775&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280%2C1200x280&nras=4&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=OrkutNzGxw&p=https%3A//www.yeosuteddybearmuseum.com&dtd=21
Frame ID: 4F875CB040CB7E760F9DC1F5C4C8E70E
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Frame ID: D6A0761858A84BD0F0056D531B95033D
Requests: 6 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/13f3f09bfb49b566c7b639b7608c1c0e.js?tag=client_fast_engine_2019
Frame ID: BEE16CF2D5D9A3F972D96CF91A0CFEF7
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Frame ID: AC69D22D125AEE3246576C095E3C66AA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Frame ID: F1C166D8E5B4004E27FEB504F00D5712
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B87B1DFA6B16AC7CB5470A4322AE935B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9828827CBB695AD671A2FA78B4AA532E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Frame ID: 47C2D33B3960EA1F2BD1A2E4E046F1F1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Frame ID: F1B65E59567122E903B5D46A6F53F163
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 88D8FC0F9EEF70AA4EA8E48B1C415B65
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E7E58C3124214FC4912D342E18642308
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

yeosuteddybearmuseum.com Official Site-Provide you with the latest travel coupons and the last minute deals!

Page URL History Show full URLs

  1. http://yeosuteddybearmuseum.com/ HTTP 301
    https://yeosuteddybearmuseum.com/ HTTP 301
    https://www.yeosuteddybearmuseum.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js


Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Page Statistics

133
Requests

95 %
HTTPS

70 %
IPv6

20
Domains

27
Subdomains

25
IPs

8
Countries

1562 kB
Transfer

3625 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://yeosuteddybearmuseum.com/ HTTP 301
    https://yeosuteddybearmuseum.com/ HTTP 301
    https://www.yeosuteddybearmuseum.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 106
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg9sY618AchpVsAJnZKULxV4d53_1bkoByxi7_UYdhHw_tAZYrxGyDmGawJ_mGk1YEEXWmlDJJkuhM3d-RrtTdBOJaaUHPN4&google_gid=CAESEBI_xMp24JR3xfg4cNz9S74&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg9sY618AchpVsAJnZKULxV4d53_1bkoByxi7_UYdhHw_tAZYrxGyDmGawJ_mGk1YEEXWmlDJJkuhM3d-RrtTdBOJaaUHPN4&google_gid=CAESEBI_xMp24JR3xfg4cNz9S74&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxNzQ0MTkwMDA1NDE2MDE3MTY3MA%3D%3D&google_push=AZmPxg9sY618AchpVsAJnZKULxV4d53_1bkoByxi7_UYdhHw_tAZYrxGyDmGawJ_mGk1YEEXWmlDJJkuhM3d-RrtTdBOJaaUHPN4
Request Chain 110
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAZEe2nYmQMtsg1c-PMvNxg&google_cver=1&google_push=AZmPxg_2K8UWL8ovkuWq4mvZZb8YcshVs5dRg8YlgN_lxEcI_z7aEyDiHgr_POotOcmoLuS8toL6yuBjUMdVwo969mL6qmnYP8TE8A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEQ0ZVRjktMUctRjQxSA==&google_push=AZmPxg_2K8UWL8ovkuWq4mvZZb8YcshVs5dRg8YlgN_lxEcI_z7aEyDiHgr_POotOcmoLuS8toL6yuBjUMdVwo969mL6qmnYP8TE8A
Request Chain 111
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIccTIrMdGRzPxLk8x3IQJU&google_cver=1&google_push=AZmPxg_wLzuzuRt9Yt-2TDrEeuiO3rYDPc5T1y4XlVu3zsnj3yn-fmRHdeDck7Q47G7F1UYQbwlkBXKok1A2wBOrZnsDPrqrCMiBrw HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIccTIrMdGRzPxLk8x3IQJU&google_push=AZmPxg_wLzuzuRt9Yt-2TDrEeuiO3rYDPc5T1y4XlVu3zsnj3yn-fmRHdeDck7Q47G7F1UYQbwlkBXKok1A2wBOrZnsDPrqrCMiBrw&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIccTIrMdGRzPxLk8x3IQJU&google_hm=Yyye86Dv3CtzQJhIsoAfYAAABLMAAAAB&google_nid=index&google_push=AZmPxg_wLzuzuRt9Yt-2TDrEeuiO3rYDPc5T1y4XlVu3zsnj3yn-fmRHdeDck7Q47G7F1UYQbwlkBXKok1A2wBOrZnsDPrqrCMiBrw
Request Chain 114
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_rXDr7w5B8xNAR_BLq-RFj91-3beqX9NWyl08vMPU1f0Afsd1Oew5KqlzZiEHUZ2giUgDICTktygMHWFlgrMO-72y3GCc&google_gid=CAESEBI_xMp24JR3xfg4cNz9S74&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_rXDr7w5B8xNAR_BLq-RFj91-3beqX9NWyl08vMPU1f0Afsd1Oew5KqlzZiEHUZ2giUgDICTktygMHWFlgrMO-72y3GCc&google_gid=CAESEBI_xMp24JR3xfg4cNz9S74&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxNzQ0MTkwMDAxNDE0NjE4MjQ4OA%3D%3D&google_push=AZmPxg_rXDr7w5B8xNAR_BLq-RFj91-3beqX9NWyl08vMPU1f0Afsd1Oew5KqlzZiEHUZ2giUgDICTktygMHWFlgrMO-72y3GCc
Request Chain 117
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAZEe2nYmQMtsg1c-PMvNxg&google_cver=1&google_push=AZmPxg-0Wj47-OCs-g1-I-81evoEayJdn0Mm6ktLcsoD0TI7hZ4CFFc9_OEMWUmpO5E4dLx9mq1l9mhEft2dEgAPYzEMy8J0Ziw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEQ0ZVRjktMUgtS01aVQ==&google_push=AZmPxg-0Wj47-OCs-g1-I-81evoEayJdn0Mm6ktLcsoD0TI7hZ4CFFc9_OEMWUmpO5E4dLx9mq1l9mhEft2dEgAPYzEMy8J0Ziw
Request Chain 118
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIccTIrMdGRzPxLk8x3IQJU&google_cver=1&google_push=AZmPxg887iSGcgCtCr0PXFAFItbGtXWgDaV709LULNRLuBqQ3asIsqFL0nklUJrtLxhZvfaWNC_los4qL9jQsXfr3_CBo9zOLbI HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIccTIrMdGRzPxLk8x3IQJU&google_push=AZmPxg887iSGcgCtCr0PXFAFItbGtXWgDaV709LULNRLuBqQ3asIsqFL0nklUJrtLxhZvfaWNC_los4qL9jQsXfr3_CBo9zOLbI&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIccTIrMdGRzPxLk8x3IQJU&google_hm=Yyye86Dv3CtzQJhIsoAfYAAABLMAAAAB&google_nid=index&google_push=AZmPxg887iSGcgCtCr0PXFAFItbGtXWgDaV709LULNRLuBqQ3asIsqFL0nklUJrtLxhZvfaWNC_los4qL9jQsXfr3_CBo9zOLbI

133 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.yeosuteddybearmuseum.com/
Redirect Chain
  • http://yeosuteddybearmuseum.com/
  • https://yeosuteddybearmuseum.com/
  • https://www.yeosuteddybearmuseum.com/
67 KB
10 KB
Document
General
Full URL
https://www.yeosuteddybearmuseum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
b0d2e6631f54c86a455358c5227264c6fbc962008cd5ba3444c1e276db4c272d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
74ecd8ffb96a1e69-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 22 Sep 2022 17:44:16 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FnmSpdmvLewK%2B%2B%2BHGQYIFQaHn1dAaCfwfadUOGS6itoRPAhgjwUREU%2BgbBbIr7zaxt49fobpQ9S1YA9T%2FpXUTBoTHdoFG%2B7soyyRUfLB12w5Yqd0U7XBs5ekBiwUwBeHFTaD927euM1NLkj8HuyNndlQWkfTYeWSnhY3"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.2.34

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-ray
74ecd8ff78fe1e69-AMS
date
Thu, 22 Sep 2022 17:44:16 GMT
expires
Thu, 22 Sep 2022 18:44:16 GMT
location
https://www.yeosuteddybearmuseum.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0oUs%2B%2BZi1spCQTFTAsKQAq6sV4EtWq%2Fv9YI2j%2B4vWxFY7GLN6tizy%2BMql9eyUkX8YQ0w%2BveeeapozcOy2DLZ%2BTx%2FyYWH0ZuNUeC%2FKShlvEQCgJE1NthjTWWAVce2zd4AsrBsM4KpW7n0sg9hABxX347r1%2BX1moU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
css
fonts.googleapis.com/
1 KB
898 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 16:59:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 17:44:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 17:44:17 GMT
owl.carousel.css
www.yeosuteddybearmuseum.com/theme/static/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://www.yeosuteddybearmuseum.com/theme/static/css/owl.carousel.css?v=07262131245
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48cd89098b0c4cac5ff06740aaa4052f981e29612762642b60a0406a5fd48bab

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Aug 2022 07:59:56 GMT
server
cloudflare
age
5436
etag
W/"62f3657c-1246"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5x2YQL5LJQliFC8IltqAi7tOuF8vq9PRVD0CvtmEZtT6jSLPMJieo0UCBUMGMngiTuzlqu%2FHRdFYR3LY7wCctFfp%2BmR6qctbw%2F4n5X0l4ZHwXlYMl9%2BEEZ6Wop%2BKMGya9nZSwWQhKTk3ifU81h8LfmV6%2FYIvXpGdmVz"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ecd9020c811e69-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
owl.theme.green.css
www.yeosuteddybearmuseum.com/theme/static/css/
1 KB
816 B
Stylesheet
General
Full URL
https://www.yeosuteddybearmuseum.com/theme/static/css/owl.theme.green.css?v=0726123345312345
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bc0ffc0387504d797c37a96a1382551cce5ca69c4734889080f1060ae499a84

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Aug 2022 07:59:56 GMT
server
cloudflare
age
5436
etag
W/"62f3657c-551"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kj1UUbGEyAhPaN6ninnI36KWe5aV6UxeFVi42euyIuTJzNyBHEvVOTjpFJSF9KGPCNQrAFSUZnBmvSc9SUh%2FlmOID%2BsLhIqZKPL3crMG9HjmgU72UwKzZeF170bk7SvzYVguCe0TQlPxEHqLXRWfsP2oqmF9cmca1OUT"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ecd9020c851e69-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mktsem.css
www.yeosuteddybearmuseum.com/theme/static/css/
98 KB
18 KB
Stylesheet
General
Full URL
https://www.yeosuteddybearmuseum.com/theme/static/css/mktsem.css?v=9765341699
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868d0d28ea97f34fe38115758abc7a6b1b3578ef3eafc72e5cebff5454ea7d65

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 18 Aug 2022 02:41:48 GMT
server
cloudflare
age
5436
etag
W/"62fda6ec-18899"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqfMeWYXzmrENtuHml%2B5ZUmL4Gb%2BIWpWcaQVHy0VrU%2B5xzRsiH6w8tfNUlcdjhaNaUFTdG1hliMNvWFE9JHv3mNkoyHLqxxLVTSiQYeIescxZF3rMIobm0bH94xxVsU0tpQAYLC4s0v2GdLmY98MeH68Ko4vs2wMAV4X"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ecd9020c861e69-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
167 KB
57 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8226496976943169
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a5f0677866b704955030ae727eace421e6d47fe3b693410ef20b4d6815542b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yeosuteddybearmuseum.com/
Origin
https://www.yeosuteddybearmuseum.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58045
x-xss-protection
0
server
cafe
etag
12470625633007412045
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 17:44:17 GMT
js
www.googletagmanager.com/gtag/
106 KB
42 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-218248390-26
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bf7c982b5f5d37d909cee4adc3cb0aba4f6bfd36c3c8a887e6931c1f1cafe38b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42242
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 16:26:15 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 22 Sep 2022 17:44:17 GMT
5107af4424459728e7c89946fabe6ae2.png
www.yeosuteddybearmuseum.com/logo/20210811/
4 KB
4 KB
Image
General
Full URL
https://www.yeosuteddybearmuseum.com/logo/20210811/5107af4424459728e7c89946fabe6ae2.png
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fb9a41074fcb050a4b62e2e7ed45e30033a80318ff6bacaa1b32f83ff4f1a24

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
cf-cache-status
HIT
last-modified
Wed, 11 Aug 2021 11:25:55 GMT
server
cloudflare
age
5437
etag
"6113b3c3-fb4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AY%2FRrL38sUSfkktrgRM73s0hC8RdU%2B8f7XsOAG3PbQag%2BCH0eHH6uNolYS0TTcfCFvU7wfV4tjS9ItBfqQVkf2QqP9ZrIUCGJ0WrlQbQVUKEoVcZGtjAYmTtdfXsS%2B7lpt6uayW3dGpHUSBANXp14ZvSdcbSLQSenGLA"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74ecd90359a70c75-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4020
longislandferry_62fb7af536d24.webp
www.yeosuteddybearmuseum.com/mimg/merimg/202207/
5 KB
5 KB
Image
General
Full URL
https://www.yeosuteddybearmuseum.com/mimg/merimg/202207/longislandferry_62fb7af536d24.webp
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f5b7a9ac7616ee84f9967e1aace4b11e0211c8d36551dc7867f0f41f84fc0e9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4FF0H9SFV1H7NMEH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4970
x-amz-id-2
Vm5rDnitKYRWD8J9uoowo/AsOoI57fXN6JLcsdsTiE2BaR7KiR4q6zhHMCNJKIbE/DTseE3W5Io=
last-modified
Wed, 07 Sep 2022 10:14:30 GMT
server
cloudflare
etag
"d13675d7454f9a64fdcf3429a97454e2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMl2gwbSkbQNbDhdGQ%2B8E43qJNmUWqcOVqBgficeuvKle8zKgrGmGHho%2FIlYrqazwJSgNme5NLNO2YRwVd5tzQWmLo7R4GtI4I0fNTW%2BXRsu3y%2BNea%2FFyTmkhZD86HE3YqBDjuDgTaTmSSg%2BDsT8kzNGBL8dFc4s%2F%2BYi"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74ecd90359ae0c75-AMS
time4learning2bb065ce9414c.jpg
www.yeosuteddybearmuseum.com/mimg/merimg/
5 KB
6 KB
Image
General
Full URL
https://www.yeosuteddybearmuseum.com/mimg/merimg/time4learning2bb065ce9414c.jpg
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b203250f649209c35b940ed3d6af551b49998ebcaaf9c0d820dca0d136337cbe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4FFACWJXA5EBWJ34
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5625
x-amz-id-2
/zQiDeAL/7/Tab6KhX/vu7gkz3q8iKAg+1qxOWM+5CTImbfYzM0ZIOd1sMq+MKF5ICEBKobB6Oc=
last-modified
Fri, 29 Apr 2022 06:15:05 GMT
server
cloudflare
etag
"a2172f81213cec6f5bf1caa4b2a34f98"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYyZlF7zFltE8lHII99SKMCEqo42AqTqFVDGek0DxhTveiD6fjmOt6bGIoYBXNK4qPeCt%2BxqK45CwV5bTwffsFvxe%2F4rjG%2BPF7jRCsNwpYvGBCSyzok%2Bk49hNy7t8nQWDvJ1ZKSiSPqD1SVQZNrt5OxIPEbBGecWo366"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74ecd90359af0c75-AMS
grayline_631ab0f9c1b1c.webp
www.yeosuteddybearmuseum.com/mimg/merimg/202211/
758 B
1 KB
Image
General
Full URL
https://www.yeosuteddybearmuseum.com/mimg/merimg/202211/grayline_631ab0f9c1b1c.webp
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34587242a875c695bc1ef9d3326d464b67808baa0fdc55e7663a5b03e8252c55

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4FFA13TTQ5912FJ2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
758
x-amz-id-2
pUcNC1uOcFjYxp5nhuc5yL86vMFoQO5+/H46HPa7Bm26sPA5k3bioOwYbLdjcIvVhw+wFH6P9XE=
last-modified
Fri, 09 Sep 2022 03:51:04 GMT
server
cloudflare
etag
"f82995d944da213f5052070cae90361d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ear%2B1TZqvEEXAi8TdyfTCY0TkBELvwmOBEfBrdQZS9%2BF0GCw02OYUiO4g5kvCvTTkjXecUDK%2BoK3QHn0wrCjcyZHHq%2B1B1ArBa4pPSdyQiY%2Ff5Kp8adrYoI94W036MDQFQBNDo0g982J365zOuvi1Eyg10b4dAqxR%2B3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74ecd90359b00c75-AMS
thebagster_6319aa021bcf3.webp
www.yeosuteddybearmuseum.com/mimg/merimg/202210/
1022 B
2 KB
Image
General
Full URL
https://www.yeosuteddybearmuseum.com/mimg/merimg/202210/thebagster_6319aa021bcf3.webp
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dfc3a2ce1d7d8b30638da19e5c52d0f4a271f9aeb6f69d1bb0efc675fd7dd58

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4FF12CJHMJECXYK4
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1022
x-amz-id-2
VoBTdS9TdYUIs2X5ogWBU3tljGDJ6YL8UOxtkZCan09TWmyY9Ylu335GbWK93P8HOW0NNk/eNVo=
last-modified
Thu, 08 Sep 2022 10:24:13 GMT
server
cloudflare
etag
"759c42a8d8a287d50cd0bd3805eb0ad8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FI8busIniQw5EnzP3UODU462E0SRTDKVQH4bIYumZVHGVtmi6o17AnWLXwcTJHTy5txb%2BHSQxu2pu0HgBVK5xtK4vcxNt6tcoURYZ%2FqrJ6HY2KjjdItShINCT0wZdCGj6woPkhUmH6HeAA5i7V75rofHQCDGMLtDCew"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74ecd90359b50c75-AMS
lectricebikesa7d5a799b84ef.png
www.yeosuteddybearmuseum.com/mimg/merimg/
8 KB
8 KB
Image
General
Full URL
https://www.yeosuteddybearmuseum.com/mimg/merimg/lectricebikesa7d5a799b84ef.png
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88349dc1bdf60bb724ed3749b11e7042d2305e60678493b4d4b6573a657733bb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4FF14XEQTQPGB904
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7704
x-amz-id-2
My0AOoyDL3Atx2eEotlxo9FTAtTcYFTFwa2TlVCIRcae7JR63Tgb/GLZRkQ4RRxuYCDWyBOjjMI=
last-modified
Mon, 06 Dec 2021 14:15:04 GMT
server
cloudflare
etag
"394f3d25f239f1c8e3e13389f8795c80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZP%2Fj2kahlDidbp6wo%2BVGa8OFydaRslsvXyoUicLZlBdtaeKghnSr6Irm0vRyEoArVcebe0WavPO5lsgk3XHK4SPRe5wnVsvNgpRgvnLISLUBboAElINoVrChwmWgU9byx6yLN4pXWpdB%2BPGrEpUSrfQgtw6MCg1DPwCy"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74ecd90359bd0c75-AMS
miamiseaquarium_62fb8d7da5e46.webp
www.yeosuteddybearmuseum.com/mimg/merimg/202207/
5 KB
5 KB
Image
General
Full URL
https://www.yeosuteddybearmuseum.com/mimg/merimg/202207/miamiseaquarium_62fb8d7da5e46.webp
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34fa6636d3f8f0d5bbacdcb26765066f2733bf0fa302daf5421bf531ce6d63a4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4FFBFM14D3M78P2S
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4832
x-amz-id-2
ZbVpUCZUY27BF+mNN19hcxx7S0uBVKEMLTHZ3EoLw9Wfad/JMNxf528/Iuy+CZbreuxxJv2of58=
last-modified
Wed, 07 Sep 2022 10:17:33 GMT
server
cloudflare
etag
"5c0ed11ee84f3cddc8c1099400d67a3d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WXNvxC1GNGxnh3xYLAx%2BzSChBTMCEVBdMz%2BsAibzqD%2FzOUtmsjzS%2Fnzv62rsmAe84w80aPC3C7z73gRZ9LqeCM%2BWBmZoKGIOt%2FtxUEMSRTXN%2B4qHi2SQOwmMiwrP9owyN1ygkkT9ZUqTqp8MUYJ%2FFlYsczo1%2FtuRio6"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74ecd90359bf0c75-AMS
macuhealth59f1c6e31cf3e.png
www.yeosuteddybearmuseum.com/mimg/merimg/
21 KB
22 KB
Image
General
Full URL
https://www.yeosuteddybearmuseum.com/mimg/merimg/macuhealth59f1c6e31cf3e.png
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbff4fc0db2c4d1c5e4f652a67cb65263d472ffa5b079b4fc43035821a297b01

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4FF0CP2H89X9N9GG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21639
x-amz-id-2
s8cW89VsWNOITNQziB5vDn+cYbXtzRJK69fWlTIqhEO23g8nLFLznbT+ng9QHytwbDMiIRsGtSM=
last-modified
Fri, 31 Jul 2020 11:03:16 GMT
server
cloudflare
etag
"52915354dea67c6629245660db6c6912"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCN8Cd%2BEGHf%2Fiv7LZufP22%2Bc0qId4uIXds5uuhcZ5MfiiDMgve04YU7%2FTqWsmTizLBx4Tmry%2FOgSDMKyjYUHyjreoVOrS4l5qBe58c2xuCfoSg8xhIpG3sSNJDB67w7%2F4uAIqst%2BlUHOXosTt3V%2FInkfzKMClv8t0ocI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74ecd90359c00c75-AMS
homeagainea95688f5b5cc.png
www.yeosuteddybearmuseum.com/mimg/merimg/
11 KB
11 KB
Image
General
Full URL
https://www.yeosuteddybearmuseum.com/mimg/merimg/homeagainea95688f5b5cc.png
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4FF7RC64G14MMD81
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15009
x-amz-id-2
noK9DF/trxtcSB6tkvXGaYDN82A+usF63oV3zTgxbN2hLBC7oq4j9eMD/JFKlI64hYEJkv6aeaI=
last-modified
Wed, 16 Jun 2021 13:22:03 GMT
server
cloudflare
etag
"6a0083382b97c118e7a61e3fbd6086a3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQtjbuL3Jk%2BK9aysKQpxTTsmCOa8iX3TN7t0EQINnePJnyEKhA5WGZjbUbXOLuObhEMAg5%2FDylpzUOLLS%2F8sohhIt4oR0OxD0KMQlHKVbSDA0FOQAdSUZr0mW8e%2FBIrgGs3o7vMoCreSLBms%2BJ%2BX2yM4KBvCqdpdLwYb"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74ecd90359c10c75-AMS
longwoodgardens_62fb7ee3ef23d.webp
www.yeosuteddybearmuseum.com/mimg/merimg/202207/
660 B
1 KB
Image
General
Full URL
https://www.yeosuteddybearmuseum.com/mimg/merimg/202207/longwoodgardens_62fb7ee3ef23d.webp
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
765a7bbaef68bf954e7d7e20c5cc24086f64febeb970d2d3b2e7f7a70bd3bd38

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4FFE9BZ7VB95V3B2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
660
x-amz-id-2
hITwbiU8fBps3W+58grxT94uwGiwBxD3jhxWzcaV/opu8sthw4DZI2EhC7YrTxDAnnLnhMEvNpY=
last-modified
Wed, 07 Sep 2022 10:15:05 GMT
server
cloudflare
etag
"1a7349490da8209949be991dbcbdf6af"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IJmVwP5sVpL6usj%2BtZrhTiou3x0T8hbUKDH%2FclFFVYNOFsdm5LZxmr%2FdH6p3T1MzXgy%2BqOUxVP24eaIAEr6UFDsTA3pNBg%2B5s%2B3z6kuVOLMr5h9hdHc9lp4XYUlS8HQYnduDVzteplFAgQPI%2FrvY1vefdRVDAL8JDWr"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74ecd90359c30c75-AMS
therapist-development-center5a1667076d0ff.png
www.yeosuteddybearmuseum.com/mimg/merimg/
55 KB
56 KB
Image
General
Full URL
https://www.yeosuteddybearmuseum.com/mimg/merimg/therapist-development-center5a1667076d0ff.png
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
733bcf624ed301aa1bcd6a7e35d050d18cf0f0c1879195b83b2ea244fc7ec693

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4FF02CEWTSPH00KA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
56571
x-amz-id-2
z16UAeJ5rcJ1GwlvbdwW1gq9ChgDaZzYufSEAIcp+/K+X9wOGwv/ezvWwaJrzR6i60D0NaBCTqs=
last-modified
Fri, 31 Jul 2020 12:39:28 GMT
server
cloudflare
etag
"d677be597ed93866c0f5f0f254eeda85"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zJR1JNL0Uewcwpmp%2FZlV5bUFfMrz66crSGxbmZrt9spLegcmX%2BNu%2Fww7BBUwCYU7N98iH8LlPeIv2oeadA%2BPbGWZE6HSiUy%2FTMifUXmmQqAuDfZO23TyeHDO9f1%2FPRZfa%2F3EpTSqiu59TmH8gcKGmU%2BKNeSYaauLTPz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74ecd90359c40c75-AMS
carlisle-events1430277940.png
www.yeosuteddybearmuseum.com/mimg/merimg/
17 KB
18 KB
Image
General
Full URL
https://www.yeosuteddybearmuseum.com/mimg/merimg/carlisle-events1430277940.png
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bd46a29019ea7c8c3c87ba865d2033f4665ceda81a7d238878c5d05bfeb8cf4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4FF03K0G3XVF0XQG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17400
x-amz-id-2
UV6qzKp9h5wzw9m7PrSHoXXD57jTKBW3czjNxZU3dQl9bRicA8hECjVdxYcwzoz9PEGr6N263pg=
last-modified
Fri, 31 Jul 2020 10:14:37 GMT
server
cloudflare
etag
"15366d2f87653eb11c2c108ddb2d2d4f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfjmwBh2GS3j7I6ittpoIQJdvnjtWoFwju1rdTGiAA89JkHatlGcVpQUdIAnUCEqlJik7ahzj2plRb5nrnNRfepESSUPZRdBuzhyxNKCbv%2FkDYLSS%2BFhIn8ZD77jQH3BLEIxAP1kgbWnFxsby7nMX9K3J3kx80bvWDAL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74ecd90359c60c75-AMS
tuffypacks_62fbfb2d04148.webp
www.yeosuteddybearmuseum.com/mimg/merimg/202207/
388 B
1009 B
Image
General
Full URL
https://www.yeosuteddybearmuseum.com/mimg/merimg/202207/tuffypacks_62fbfb2d04148.webp
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
173867c5c1433ab5dc5041cc3c6b7358b3c3ebdcf9cb2bbbe1455a6c298726a6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4FFAFCAQT30THMBZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
388
x-amz-id-2
gCbJHOjA2aB1iW/wsXymSZTPQiLey9DCBB0BKxHyDZ7MQ48ZHTnsxPgRKXVqJUQXcEoT8SoToq4=
last-modified
Wed, 07 Sep 2022 10:42:46 GMT
server
cloudflare
etag
"ff33a8cd45c8bd6b9fa1023135cad82b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XD520vjsWzmZvJWirgyelT074FVVo6sqd11HzlByNJ6am2t%2BnvTy1BgjlAuEMmNQF3Ref6Tuj4iNDW%2Fo%2FS519pnf5q9dfGL5dV81lN%2ForXkOKm%2BTYQnTkGxwkno68FEYJkaKn%2FdDzDK0Al90NT6vHe8MeqoxVuOKpoMY"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74ecd90359c90c75-AMS
heybike1514a2ffda7bf.png
www.yeosuteddybearmuseum.com/mimg/merimg/
29 KB
30 KB
Image
General
Full URL
https://www.yeosuteddybearmuseum.com/mimg/merimg/heybike1514a2ffda7bf.png
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e2d8646c9f01b6d9950e26d1c7c8097bd8c787ced5d805599f9ec1b5de7bfc9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4FF95H2GEBMA4C5C
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29952
x-amz-id-2
aMWoj76QIEzTRYTJpeymSgV2RIu70nTUT73zV/jcFqMoplBYNxdqYpxWCFIVSJwwvi1MvgsMUSM=
last-modified
Tue, 01 Mar 2022 18:01:03 GMT
server
cloudflare
etag
"5e83ba98dd7bc425b2f7128a69801913"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vx%2FoYUYEOpBxjy0Ft30X4egl5msU%2BAG8aOt66%2Bw3AbBf23qHzJcunUPW0aSg1gd4Vnu1x3ndSaMcIeS3HGk%2F%2B7qwYxSILiDKfriO3JUPHh8EDXiqIRGiLm22CK%2FLB7gfoZJbDtszrRdHZ4iC%2FRK42mSI%2FJ%2FlKBMoUFsU"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74ecd90359cb0c75-AMS
pes-cpe1430278980.png
www.yeosuteddybearmuseum.com/mimg/merimg/
5 KB
5 KB
Image
General
Full URL
https://www.yeosuteddybearmuseum.com/mimg/merimg/pes-cpe1430278980.png
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c3b0ac9d7bc65ae6b4167df8ae656cb589238348342ffff5dc793dceec9e39b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4FF43W6H0SZFK32P
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4668
x-amz-id-2
RbzIqjpF1OzzW6VoSmsv4HrcbOz+O0FB5GZ9xghO1rWUjgs8ZgxLFxNljDFg0PelRY7oMZKCn4U=
last-modified
Fri, 31 Jul 2020 11:20:39 GMT
server
cloudflare
etag
"87502d804788da52dcb644dcbf00843f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRdZOwq75CNjWYIOL3L7XjcUV%2FCJgUG0PCqeJeWS2lBvPFmKoqxUTotMgN%2FOs95E7s%2Bz80WUoFmZRb3Zx8%2Fi3hta0UjNSwIM%2Fgw36Kd8cwcMdLWPMJSyAbHVfORD93pnMe7Qr%2F1UjFprA0Ah5WoAFqZggla90LNsPEl1"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74ecd90359cc0c75-AMS
surplus-building-materials5a0d317670808.jpg
www.yeosuteddybearmuseum.com/mimg/merimg/
25 KB
26 KB
Image
General
Full URL
https://www.yeosuteddybearmuseum.com/mimg/merimg/surplus-building-materials5a0d317670808.jpg
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
663ee68d5298396e2f70fbf9e563909511a7b291919e8de2a07ba8b0332713cb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4FF34SHR5XJ0964H
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25773
x-amz-id-2
FeEsws5x4GeuBx80knHkptIOt0U58isR4KRgnCBSCjJTA7ChhakU08M6V7iJf5mXIWiHxKeWL40=
last-modified
Fri, 31 Jul 2020 12:35:03 GMT
server
cloudflare
etag
"47e809cccf81f5fcc5cf877c7fe392f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCOTEK8pWlQKInMT2D9u2vfDYCWGFW5SeOgdZy%2F%2B22NQnnX2W9LGZUQVblvHeWtuwYaY4Et01fJMNWNg%2B3IPGu9JWtbEHbpoo5stc70y26O6TTX2aCmoAq%2FYubezETQOPX81SWIUmIuunfEnR8PyBdSePKsq7M0x7XlL"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74ecd90359cf0c75-AMS
pcsrefurbished_6319b01832e03.webp
www.yeosuteddybearmuseum.com/mimg/merimg/202210/
908 B
1 KB
Image
General
Full URL
https://www.yeosuteddybearmuseum.com/mimg/merimg/202210/pcsrefurbished_6319b01832e03.webp
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf73c94e406ca0ada215cca17bf56a4e06539208694267ca2ce0a6eaac059f2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4FFEZ2Z03HJBJXM2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
908
x-amz-id-2
TiCbh0qMOPkXZ9A+Qy/L9ue+VeSdvd0m+2fWftFgT8uHb27JULgE3vIEqB4gZtvqhToUXHc+7vM=
last-modified
Thu, 08 Sep 2022 10:26:21 GMT
server
cloudflare
etag
"835003d066c6e12a101cacae1fd3f54a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CuwVhTzol75yl4MjZ3nCyeruvH2eJIa46b7vYkmb7llBrnoyVtm4JhdPnKmO%2FZzTB7Ltajm308E3dyUHkm2UvbRtPcywcyO3tHU8ikl89Gn0erx8PPkxcI8m%2FQrNOl7UbKYZk7OQtUxfI6qEmWvA1hL%2B64%2FbH5liGFK"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74ecd90359d10c75-AMS
beautybox-walmart_631aaf8730aaa.webp
www.yeosuteddybearmuseum.com/mimg/merimg/202211/
1 KB
2 KB
Image
General
Full URL
https://www.yeosuteddybearmuseum.com/mimg/merimg/202211/beautybox-walmart_631aaf8730aaa.webp
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b35421d3556a5f2424c0cd74a00bf04402839476e24a7ec410c832257fbf15e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4FF8TXWBFNCS1MZV
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1282
x-amz-id-2
bRWOmLHs8DOqR3QkJRFQPiD4Nnle9pNRda4CwsEd28l+KyIzcE5cpgGUHqeiJXLbktwCCm9McMI=
last-modified
Fri, 09 Sep 2022 03:48:10 GMT
server
cloudflare
etag
"4d2fd25970db970d74e0edc88a10c07c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vibdf4Q4Pm0d1iMX1yuwqxLRTNsPvm19PO%2FuQgP5kR57gUKdPhCpq7U%2F9HCcHRHDUSPcVGaGdykXSkPxQXHTx%2BXa47AztFc%2BuGES%2FJXYJBc4VgNod3FTHUdpJ0MDAjh30nQqcLFi%2BgkG2mhbSzFYrEUZHU5bsArS0%2B52"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74ecd90359d20c75-AMS
riu_631aafac5c124.webp
www.yeosuteddybearmuseum.com/mimg/merimg/202211/
450 B
1 KB
Image
General
Full URL
https://www.yeosuteddybearmuseum.com/mimg/merimg/202211/riu_631aafac5c124.webp
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeea7d726bb452245ff82c0702261ddfa58932840bf5bd367a9c4dd48f0d3dc4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4FF7FY5SYPVS7CSR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
450
x-amz-id-2
7mZXIlXZBdKi1bM62XiDFdXSkqZck+tMnhmKSDecF0EVoDE3IVOGhuXcFC2YrjBExh2D0N8CBp4=
last-modified
Fri, 09 Sep 2022 03:48:59 GMT
server
cloudflare
etag
"973393110738b8ea10a8745e6b71f191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmFyfCScPK54qF7oNmJsulSRdb5ki1tTXI2AtmukPKYIksn3SOQFo1F07%2F4B8ivcZKOZ9L%2Fp4CtpsU1fAq9OIptj8EsU458jP1dZ4s%2B5RP8WXMNjdH73n%2BcuUsVv8hZH2Isdw4%2BBZe9jJv0MMe6%2BINUzHMb%2B59NiGgmx"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74ecd90359d30c75-AMS
priceline_631aaf6210559.webp
www.yeosuteddybearmuseum.com/mimg/merimg/202211/
712 B
1 KB
Image
General
Full URL
https://www.yeosuteddybearmuseum.com/mimg/merimg/202211/priceline_631aaf6210559.webp
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de209b1f5eebc1df786230fb90d53042e23a9f50f3f2e58ed0b6eb838d200f3f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4FFDTJBKB245S9TR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
712
x-amz-id-2
8C8wj2LNPALifHePzv3IuXe+6BMWXw1FVfha5mmbp8gtKNAoVsHboaVinFxjgmM8/YaRBYhk+bE=
last-modified
Fri, 09 Sep 2022 03:47:56 GMT
server
cloudflare
etag
"cf7ef60956ee36a7584deb374daa6678"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hAPJadLiAn5w6gFQTsrpml2xAKvPoQmEt%2BUCMnv2GlIr1clcOZyEgjZOph7gxmqDOaW8TZcF%2FGCmID9%2FvpnWKgo%2Bb7kzlLfs2zH85vLy4TBLayxb4j6aa0proZfvN4Kn7B0RYwX44QBLsjjpVw1Jc8xw7wKIGV2ZLZX"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74ecd90359d60c75-AMS
bestwestern-co_631aae6c905d3.webp
www.yeosuteddybearmuseum.com/mimg/merimg/202211/
654 B
1 KB
Image
General
Full URL
https://www.yeosuteddybearmuseum.com/mimg/merimg/202211/bestwestern-co_631aae6c905d3.webp
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74b8aff1a4cd142aa3a09eede04c478dd251ecad4096a01c4de70e767fcec5dd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4FF2XTQSFQSA11DW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
654
x-amz-id-2
G1jrfgcEsiR+m0Qf5U9ZQO9zZ757jZinZcHQ6dUT2352EFsrI28s7I2CX1si5B9Vat+NCUfgGzs=
last-modified
Fri, 09 Sep 2022 03:42:56 GMT
server
cloudflare
etag
"4feef83a11527c1c53938805d7cce76b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tiRKHqmz36kufG3oNwdWHAczxqRfaNuYFvbxT5gpKj%2Fbv2t%2FhHNMRxLq4FBu2GnbQaHzHwwK%2Fmft56YkcKc4aDSVFSleLBtMFs9ui56Y7S1MIIwBBXUoIRmq8N8%2FDC6atLD4k1ZTvSDf8Wt6Ovc9La5N7Q%2F1Y4wBFeMp"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74ecd90359d70c75-AMS
vacansoleil5a2e014029fb3.png
www.yeosuteddybearmuseum.com/mimg/merimg/
9 KB
10 KB
Image
General
Full URL
https://www.yeosuteddybearmuseum.com/mimg/merimg/vacansoleil5a2e014029fb3.png
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
109b0c4054f913d7b4b471684fb1a39914b003dc5125fedb769c5ca605797c63

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4FF48MMMY4H9S1KJ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9566
x-amz-id-2
TtSTbHY3IcdMcw1Bqdy795Nqjb8njHAwbOMbu4OWRK9sWRwKsg18TdEFmC6lNe6L99KczJx8RxE=
last-modified
Fri, 31 Jul 2020 12:46:46 GMT
server
cloudflare
etag
"7ea56ed5919043cc46845858e7629c04"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8rfWrm60Rv%2BBkUFaFfFLxAlZAOARrB%2F3nAQLt2RRjxIRbkRzDdvKu9ux5UEp%2BGSMV5jBBYIdFhQKx55yCGMl2dJf2PkcT3IqSSZtelD9hJKyChpQzXCjfVozBeTvPWEc0AgtzAQuUyfQB%2FDsLVRU8gMkAt89zeO3FrKI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74ecd90359d80c75-AMS
mktsem.js
www.yeosuteddybearmuseum.com/theme/static/js/
352 KB
104 KB
Script
General
Full URL
https://www.yeosuteddybearmuseum.com/theme/static/js/mktsem.js?version=13453450499
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
954987d70ed44525bd0f498a809ae8e4ef7a1126b3ee7c50b1a208fb1f2f3d28

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Aug 2022 08:32:07 GMT
server
cloudflare
age
6729
etag
W/"62f36d07-57ea3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PydNE9MI7DEmfJ%2F3RfCmQMDrkzGPldKldh%2F0ZAtBjzTysi38Mgr6oxuWbyPilNOPkxrloxCSY9jFjTy9Vhnj%2BtcP3UFdH54d%2FcEjKMdYmsFy2aSAlUMU%2BRZ%2FMIl45bMuZi2up0gWnRKVwp37Z4DLw1TtIiXlTsBdMyS%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74ecd9025cc61e69-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
owl.carousel.min.js
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/
43 KB
11 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.yeosuteddybearmuseum.com/
Origin
https://www.yeosuteddybearmuseum.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
672734
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10158
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf0-ad36"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pShyoTsk3nMHF5gBIzTmszjzreHw7U5PCZp5%2FuXS7eM2Wf1tvZDNRn%2B0lXym2JyHfrlUzo9xU0TaMrZjzBC%2Bld0Rmrt%2FKjlWaaDxwYCXhdD0L88scPFOWtSKMZd4HcNJbPDsYjLI3V7ausR7ePnngKxc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74ecd9037d53b7ba-AMS
expires
Tue, 12 Sep 2023 17:44:17 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.yeosuteddybearmuseum.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 09:00:35 GMT
x-content-type-options
nosniff
age
204222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 09:00:35 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.yeosuteddybearmuseum.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 10:23:17 GMT
x-content-type-options
nosniff
age
199260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 10:23:17 GMT
/
www.yeosuteddybearmuseum.com/verify/
36 B
593 B
XHR
General
Full URL
https://www.yeosuteddybearmuseum.com/verify/
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
fcca40d39e392ed1fed0515a2ed890128e3a461bc12240751cf2df7506160f86

Request headers

Referer
https://www.yeosuteddybearmuseum.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 17:44:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDUtJFKYcRdTHzlKWbWAOQHn%2F1eTVIfujOOL7JXIXluImQQpsYaBHIXW4NI%2BpPF5dcs%2Fzwj5X84vdwQj25HxYoKaIkLvLZ8xjByoFNLZJLQwnv9IZzUUMqd8XMucPvYFU7mggPyxoTEzPs7kTWIESfGEPFNwq9%2FnVoSt"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
74ecd9041ace0c75-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
truncated
/
120 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-218248390-26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
4604
date
Thu, 22 Sep 2022 16:27:33 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Thu, 22 Sep 2022 18:27:33 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/
346 KB
122 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8226496976943169&plah=www.yeosuteddybearmuseum.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8226496976943169
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2097d2daee6aa5351463bb5735010fe64d32247826d69503eeed5b6f50aae76c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124748
x-xss-protection
0
server
cafe
etag
16053710859814501926
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 17:44:17 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220919/r20190131/ Frame 881F
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220919/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8226496976943169
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yeosuteddybearmuseum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
31553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 08:58:24 GMT
etag
9671129459699598864
expires
Thu, 06 Oct 2022 08:58:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1434602861&t=pageview&_s=1&dl=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&ul=en-us&de=UTF-8&dt=yeosuteddybearmuseum.com%20Official%20Site-Provide%20you%20with%20the%20latest%20travel%20coupons%20and%20the%20last%20minute%20deals!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=164877888&gjid=1223718185&cid=781504909.1663868658&tid=UA-218248390-26&_gid=1301201383.1663868658&_r=1&gtm=2ou9l0&z=1716114159
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.yeosuteddybearmuseum.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 17:44:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.yeosuteddybearmuseum.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
228 B
656 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.yeosuteddybearmuseum.com&callback=_gfp_s_&client=ca-pub-8226496976943169
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8226496976943169&plah=www.yeosuteddybearmuseum.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
8f384e078a0168edf5dc830ef2a9572cc4ad41b5eda587c025652f503833c9c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
212
x-xss-protection
0
integrator.js
adservice.google.nl/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=www.yeosuteddybearmuseum.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8226496976943169&plah=www.yeosuteddybearmuseum.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 17:44:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.yeosuteddybearmuseum.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8226496976943169&plah=www.yeosuteddybearmuseum.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 17:44:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4293
186 KB
47 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&adk=1812271804&adf=3025194257&lmt=1663868657&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868657410&bpp=8&bdt=449&idt=237&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1795934947609&frm=20&pv=2&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=252
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8226496976943169&plah=www.yeosuteddybearmuseum.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bae0c0741966d8e305b04907686f5d187e0dbb726d05d38f817918b1433d3aac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yeosuteddybearmuseum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
48430
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 17:44:18 GMT
expires
Thu, 22 Sep 2022 17:44:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2DA5
91 KB
31 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=2665530630&adf=3791006476&pi=t.aa~a.2483298696~rp.4&w=1176&fwrn=4&fwrnh=100&lmt=1663868657&rafmt=1&to=qs&pwprc=8977564207&psa=0&format=1176x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868657418&bpp=2&bdt=457&idt=248&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LiMoL58e1k&p=https%3A//www.yeosuteddybearmuseum.com&dtd=251
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8226496976943169&plah=www.yeosuteddybearmuseum.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3a8fcb1cb4ae5a0f816281a9138913b1397c3c7c78b7071afb35378206d101a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yeosuteddybearmuseum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
31993
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 17:44:18 GMT
expires
Thu, 22 Sep 2022 17:44:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/
4 B
451 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-218248390-26&cid=781504909.1663868658&jid=164877888&gjid=1223718185&_gid=1301201383.1663868658&_u=YEBAAUAAAAAAAC~&z=1543757882
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.yeosuteddybearmuseum.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 22 Sep 2022 17:44:17 GMT
content-type
text/plain
access-control-allow-origin
https://www.yeosuteddybearmuseum.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-218248390-26&cid=781504909.1663868658&jid=164877888&_u=YEBAAUAAAAAAAC~&z=1361181912
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 17:44:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/
42 B
501 B
Image
General
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-218248390-26&cid=781504909.1663868658&jid=164877888&_u=YEBAAUAAAAAAAC~&z=1361181912
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 17:44:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 2DA5
8 KB
893 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=2665530630&adf=3791006476&pi=t.aa~a.2483298696~rp.4&w=1176&fwrn=4&fwrnh=100&lmt=1663868657&rafmt=1&to=qs&pwprc=8977564207&psa=0&format=1176x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868657418&bpp=2&bdt=457&idt=248&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LiMoL58e1k&p=https%3A//www.yeosuteddybearmuseum.com&dtd=251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 17:14:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 17:44:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 17:44:18 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 2DA5
2 KB
983 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=2665530630&adf=3791006476&pi=t.aa~a.2483298696~rp.4&w=1176&fwrn=4&fwrnh=100&lmt=1663868657&rafmt=1&to=qs&pwprc=8977564207&psa=0&format=1176x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868657418&bpp=2&bdt=457&idt=248&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LiMoL58e1k&p=https%3A//www.yeosuteddybearmuseum.com&dtd=251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:12:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1890
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 17:12:48 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2DA5
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CBV0F8Z4sY6z4MZa_tweB-IvQBfj6tbJr84Xw3sgQ2tkeEAEg-PaEf2CRhKCFjBigAaX5gvgByAEJqAMByAPLBKoE7QFP0H7A0uDOa_-kBC6BP5-W5izz57HYUHshFeytUveePKJOY90h4xHIK6dpvJZMJhak81Rnfp1UIo9ZlwbqamN481rlwrjm3gnoTl4P7fyt2rif13W8r5dS4S3BchCf7s3M3lsVeDazSNqh1FBhF1PiVoVT0EaaTTzFQNCSov1m-xXofwG8LZociUd55g0tPMjaZjzKicbz9lLCMHru0LmjpGWK1BCh4QOtkUKEjgVqtPFr7-A1Nn2qjsufWPQm4MigmK2IWHD5CpBTqUre3kHF-o0bxobuePazge3sN8dvB0LWTV8wgHBguUaP6GDABM3zjNL9A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfDhv2HAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEM2VJ9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTgyMjY0OTY5NzY5NDMxNjkYAA&sigh=6TVXSu-D3Zg&uach_m=[UACH]&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=2665530630&adf=3791006476&pi=t.aa~a.2483298696~rp.4&w=1176&fwrn=4&fwrnh=100&lmt=1663868657&rafmt=1&to=qs&pwprc=8977564207&psa=0&format=1176x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868657418&bpp=2&bdt=457&idt=248&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LiMoL58e1k&p=https%3A//www.yeosuteddybearmuseum.com&dtd=251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=2665530630&adf=3791006476&pi=t.aa~a.2483298696~rp.4&w=1176&fwrn=4&fwrnh=100&lmt=1663868657&rafmt=1&to=qs&pwprc=8977564207&psa=0&format=1176x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868657418&bpp=2&bdt=457&idt=248&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LiMoL58e1k&p=https%3A//www.yeosuteddybearmuseum.com&dtd=251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 22 Sep 2022 17:44:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 22 Sep 2022 17:44:18 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/1679724596090637809/ Frame 2DA5
24 KB
25 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1679724596090637809/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=2665530630&adf=3791006476&pi=t.aa~a.2483298696~rp.4&w=1176&fwrn=4&fwrnh=100&lmt=1663868657&rafmt=1&to=qs&pwprc=8977564207&psa=0&format=1176x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868657418&bpp=2&bdt=457&idt=248&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LiMoL58e1k&p=https%3A//www.yeosuteddybearmuseum.com&dtd=251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a12f9041941730e3d187bd8685e424d5fdc0eab717f39d2b6af7a324edb3aec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 22:03:14 GMT
x-content-type-options
nosniff
age
330064
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24870
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 06:21:58 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 18 Sep 2023 22:03:14 GMT
truncated
/ Frame 2DA5
206 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2DA5
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/svg+xml
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame 2DA5
23 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=2665530630&adf=3791006476&pi=t.aa~a.2483298696~rp.4&w=1176&fwrn=4&fwrnh=100&lmt=1663868657&rafmt=1&to=qs&pwprc=8977564207&psa=0&format=1176x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868657418&bpp=2&bdt=457&idt=248&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LiMoL58e1k&p=https%3A//www.yeosuteddybearmuseum.com&dtd=251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:38:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
324
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9574
x-xss-protection
0
server
cafe
etag
3447265524526809024
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 17:38:54 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 2DA5
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=2665530630&adf=3791006476&pi=t.aa~a.2483298696~rp.4&w=1176&fwrn=4&fwrnh=100&lmt=1663868657&rafmt=1&to=qs&pwprc=8977564207&psa=0&format=1176x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868657418&bpp=2&bdt=457&idt=248&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LiMoL58e1k&p=https%3A//www.yeosuteddybearmuseum.com&dtd=251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:39:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 17:39:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 2DA5
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=2665530630&adf=3791006476&pi=t.aa~a.2483298696~rp.4&w=1176&fwrn=4&fwrnh=100&lmt=1663868657&rafmt=1&to=qs&pwprc=8977564207&psa=0&format=1176x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868657418&bpp=2&bdt=457&idt=248&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LiMoL58e1k&p=https%3A//www.yeosuteddybearmuseum.com&dtd=251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:42:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7568
x-xss-protection
0
server
cafe
etag
16266204680973569043
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 17:42:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2DA5
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=2665530630&adf=3791006476&pi=t.aa~a.2483298696~rp.4&w=1176&fwrn=4&fwrnh=100&lmt=1663868657&rafmt=1&to=qs&pwprc=8977564207&psa=0&format=1176x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868657418&bpp=2&bdt=457&idt=248&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LiMoL58e1k&p=https%3A//www.yeosuteddybearmuseum.com&dtd=251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 17:44:18 GMT
b6810b6596f7ed55ed76c68d0358aca1.js
www.gstatic.com/mysidia/ Frame 2DA5
33 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=2665530630&adf=3791006476&pi=t.aa~a.2483298696~rp.4&w=1176&fwrn=4&fwrnh=100&lmt=1663868657&rafmt=1&to=qs&pwprc=8977564207&psa=0&format=1176x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868657418&bpp=2&bdt=457&idt=248&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LiMoL58e1k&p=https%3A//www.yeosuteddybearmuseum.com&dtd=251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 08:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13684
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 21:38:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 21 Dec 2022 08:57:31 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/
149 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8226496976943169&plah=www.yeosuteddybearmuseum.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2cd2872e56003c6aa3d4c7520ba10d940a56cb307fef19a803e2f8ba2cd6c45b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54572
x-xss-protection
0
server
cafe
etag
1019900136169219454
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 17:44:18 GMT
integrator.js
adservice.google.nl/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=www.yeosuteddybearmuseum.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8226496976943169&plah=www.yeosuteddybearmuseum.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 17:44:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.yeosuteddybearmuseum.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8226496976943169&plah=www.yeosuteddybearmuseum.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 17:44:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 44F6
82 KB
31 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1057643952&pi=t.aa~a.1481608961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=2&bdt=1774&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280&nras=3&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OTjtbhHRXQ&p=https%3A//www.yeosuteddybearmuseum.com&dtd=18
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8226496976943169&plah=www.yeosuteddybearmuseum.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d25de0d3565daa6ad156af9787f32f7cb7fed3c1084c50dc64a8b0c0c5e2067
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yeosuteddybearmuseum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
31614
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 17:44:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4F87
82 KB
31 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1007934963&pi=t.aa~a.1481608961~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=1&bdt=1775&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280%2C1200x280&nras=4&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=OrkutNzGxw&p=https%3A//www.yeosuteddybearmuseum.com&dtd=21
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8226496976943169&plah=www.yeosuteddybearmuseum.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31f4a46f21498e2e3e567078133c5af4eb0eac21760e9ceeed60021ca6f143fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yeosuteddybearmuseum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
31652
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 17:44:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2DA5
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7d92e74aef555d4af72ebff45064e8fe79225769ff280831f68f9d063c69e5d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/ Frame D6A0
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8226496976943169&plah=www.yeosuteddybearmuseum.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yeosuteddybearmuseum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
72942
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Sep 2022 21:28:36 GMT
etag
9671129459699598864
expires
Wed, 05 Oct 2022 21:28:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame D6A0
4 KB
636 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 16:57:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 17:44:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 17:44:18 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D6A0
205 B
229 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:02:15 GMT
x-content-type-options
nosniff
age
2523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 22 Sep 2023 17:02:15 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D6A0
604 B
628 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 15:28:53 GMT
x-content-type-options
nosniff
age
8125
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 22 Sep 2023 15:28:53 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/elements/html/ Frame D6A0
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccd56192935bead3c190529fa8a4aa18908c58089a415adcd26bbbece8719548
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:36:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
458
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8229
x-xss-protection
0
server
cafe
etag
9754140552441161425
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 17:36:40 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/elements/html/ Frame D6A0
12 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a99644bc91da89a412fed44f9c214bfbc6727daf9485edd3c8ab2c7b4006a623
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 03:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51157
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5802
x-xss-protection
0
server
cafe
etag
3173403343623169035
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 03:31:41 GMT
13f3f09bfb49b566c7b639b7608c1c0e.js
www.gstatic.com/mysidia/ Frame BEE1
10 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/13f3f09bfb49b566c7b639b7608c1c0e.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1f242c0ca41b5205d903c5e63adbfaea5caffe0961c686132e9db15f3d1e5a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 11:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109383
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4281
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 20:14:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 20 Dec 2022 11:21:15 GMT
ffe58aee72c269aab210115fddc94b8a.js
www.gstatic.com/mysidia/ Frame BEE1
135 KB
50 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/ffe58aee72c269aab210115fddc94b8a.js?tag=video_mra/web_interstitial_raspberry
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bbd85d88380db545c647f67b3a91bbea5ccd22977ab477e285919118e4c0c1f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 22:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589425
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51136
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 20:14:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 22:00:33 GMT
css
fonts.googleapis.com/ Frame BEE1
8 KB
893 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 16:10:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 17:44:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 17:44:18 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame BEE1
2 KB
902 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:12:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1890
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 17:12:48 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame BEE1
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:38:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
324
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9574
x-xss-protection
0
server
cafe
etag
3447265524526809024
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 17:38:54 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame BEE1
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:36:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 17:36:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame BEE1
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
870
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7568
x-xss-protection
0
server
cafe
etag
16266204680973569043
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 17:29:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BEE1
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 17:44:19 GMT
b6810b6596f7ed55ed76c68d0358aca1.js
www.gstatic.com/mysidia/ Frame BEE1
33 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 08:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13684
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 21:38:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 21 Dec 2022 08:57:31 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 2DA5
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 20:38:02 GMT
x-content-type-options
nosniff
age
75977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 20:38:02 GMT
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame AC69
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=2665530630&adf=3791006476&pi=t.aa~a.2483298696~rp.4&w=1176&fwrn=4&fwrnh=100&lmt=1663868657&rafmt=1&to=qs&pwprc=8977564207&psa=0&format=1176x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868657418&bpp=2&bdt=457&idt=248&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LiMoL58e1k&p=https%3A//www.yeosuteddybearmuseum.com&dtd=251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 06:20:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41036
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 06:20:23 GMT
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame F1C1
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 06:20:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41036
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 06:20:23 GMT
css
fonts.googleapis.com/ Frame 4F87
6 KB
672 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1007934963&pi=t.aa~a.1481608961~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=1&bdt=1775&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280%2C1200x280&nras=4&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=OrkutNzGxw&p=https%3A//www.yeosuteddybearmuseum.com&dtd=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 17:04:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 17:44:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 17:44:19 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 4F87
2 KB
902 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1007934963&pi=t.aa~a.1481608961~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=1&bdt=1775&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280%2C1200x280&nras=4&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=OrkutNzGxw&p=https%3A//www.yeosuteddybearmuseum.com&dtd=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:12:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1891
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 17:12:48 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame 4F87
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1007934963&pi=t.aa~a.1481608961~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=1&bdt=1775&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280%2C1200x280&nras=4&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=OrkutNzGxw&p=https%3A//www.yeosuteddybearmuseum.com&dtd=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:38:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9574
x-xss-protection
0
server
cafe
etag
3447265524526809024
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 17:38:54 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 4F87
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1007934963&pi=t.aa~a.1481608961~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=1&bdt=1775&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280%2C1200x280&nras=4&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=OrkutNzGxw&p=https%3A//www.yeosuteddybearmuseum.com&dtd=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:36:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
442
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 17:36:57 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 4F87
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CKjVN8p4sY_WYMNKEtwfO7YzwB5OQyJFUsOrmnMgI_dnyu4wyEAEg-PaEf2CRhKCFjBigAY7DuYEDyAEJqQJMTDBH80M-PqgDAcgDywSqBPQBT9CMAurgwISB8F3f5NNfN_7BXMDUiHtet-nFsJayzckTSgHzjqv6QilcSzgF-ovmVvTSbKkdkSKQqOKk5i9_1MIoIoV9Ww72txlBbilCYEWmt98s794-H6uFu0-5VG34wlJxLbLmI9rMHEMD4S06NZb-nF3dbVUt02WS5Dw-FVA3O_SeoOVMQ0Bo7V6M2R2SMnjeBLC3t2cgIOI0tV8E6Ga8z2JsxyeRr6LM5gAzVaX1xLuWhjbZ-pMkdAvmQX4gPAkuijNXtvBejZOtarDAzs3k-3JrLfDCycPbz6WCqtYkT-8QNE2dzBiB3Gr9eCI_iq7cmMAEo9PvqeQBkgUECAQYAZIFBAgFGASgBi6AB9q8xn6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDTogPSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEw2IFAXQFQGYFgGAFwGyFxwKGggAEhRwdWItODIyNjQ5Njk3Njk0MzE2ORgA&sigh=jZaFdsJbknA&uach_m=[UACH]&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1007934963&pi=t.aa~a.1481608961~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=1&bdt=1775&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280%2C1200x280&nras=4&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=OrkutNzGxw&p=https%3A//www.yeosuteddybearmuseum.com&dtd=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1007934963&pi=t.aa~a.1481608961~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=1&bdt=1775&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280%2C1200x280&nras=4&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=OrkutNzGxw&p=https%3A//www.yeosuteddybearmuseum.com&dtd=21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 22 Sep 2022 17:44:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 4F87
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1007934963&pi=t.aa~a.1481608961~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=1&bdt=1775&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280%2C1200x280&nras=4&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=OrkutNzGxw&p=https%3A//www.yeosuteddybearmuseum.com&dtd=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7568
x-xss-protection
0
server
cafe
etag
16266204680973569043
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 17:29:48 GMT
l
www.google.com/ads/measurement/ Frame 4F87
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3QsMawrJ3kEDt1nErsSwTkNNP5EVhEc84sVX009AElhJFXg4Wl5_VewDSE2rFltNylZewIziwAPpxXqaxkwg-cy84_A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1007934963&pi=t.aa~a.1481608961~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=1&bdt=1775&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280%2C1200x280&nras=4&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=OrkutNzGxw&p=https%3A//www.yeosuteddybearmuseum.com&dtd=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4F87
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1007934963&pi=t.aa~a.1481608961~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=1&bdt=1775&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280%2C1200x280&nras=4&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=OrkutNzGxw&p=https%3A//www.yeosuteddybearmuseum.com&dtd=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 17:44:19 GMT
b6810b6596f7ed55ed76c68d0358aca1.js
www.gstatic.com/mysidia/ Frame 4F87
33 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1007934963&pi=t.aa~a.1481608961~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=1&bdt=1775&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280%2C1200x280&nras=4&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=OrkutNzGxw&p=https%3A//www.yeosuteddybearmuseum.com&dtd=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 08:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13684
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 21:38:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 21 Dec 2022 08:57:31 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/4925388443964756851/ Frame 4F87
37 KB
37 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/4925388443964756851/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1007934963&pi=t.aa~a.1481608961~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=1&bdt=1775&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280%2C1200x280&nras=4&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=OrkutNzGxw&p=https%3A//www.yeosuteddybearmuseum.com&dtd=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86292c76e3c09ba369d0f45c5aaa95ac470e2d3c538cfbd653074ac23187aa7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 19:56:05 GMT
x-content-type-options
nosniff
age
337694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38070
x-xss-protection
0
last-modified
Tue, 11 Jun 2019 08:10:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 18 Sep 2023 19:56:05 GMT
css
fonts.googleapis.com/ Frame 44F6
6 KB
672 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1057643952&pi=t.aa~a.1481608961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=2&bdt=1774&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280&nras=3&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OTjtbhHRXQ&p=https%3A//www.yeosuteddybearmuseum.com&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 16:58:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 17:44:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 17:44:19 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 44F6
2 KB
902 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1057643952&pi=t.aa~a.1481608961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=2&bdt=1774&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280&nras=3&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OTjtbhHRXQ&p=https%3A//www.yeosuteddybearmuseum.com&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:12:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1891
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 17:12:48 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame 44F6
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1057643952&pi=t.aa~a.1481608961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=2&bdt=1774&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280&nras=3&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OTjtbhHRXQ&p=https%3A//www.yeosuteddybearmuseum.com&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:38:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9574
x-xss-protection
0
server
cafe
etag
3447265524526809024
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 17:38:54 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 44F6
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1057643952&pi=t.aa~a.1481608961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=2&bdt=1774&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280&nras=3&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OTjtbhHRXQ&p=https%3A//www.yeosuteddybearmuseum.com&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:36:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
442
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 17:36:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 44F6
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1057643952&pi=t.aa~a.1481608961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=2&bdt=1774&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280&nras=3&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OTjtbhHRXQ&p=https%3A//www.yeosuteddybearmuseum.com&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7568
x-xss-protection
0
server
cafe
etag
16266204680973569043
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 17:29:48 GMT
l
www.google.com/ads/measurement/ Frame 44F6
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWTg38GlCE8rWj4SuAGCGp3NqHj65_8WSroNb1Fw5a8HyKQyQVXBlm0mph83Hq2CV6ax_XEh_ABuw2jvdDzxIb6TLt_Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1057643952&pi=t.aa~a.1481608961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=2&bdt=1774&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280&nras=3&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OTjtbhHRXQ&p=https%3A//www.yeosuteddybearmuseum.com&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 44F6
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1057643952&pi=t.aa~a.1481608961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=2&bdt=1774&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280&nras=3&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OTjtbhHRXQ&p=https%3A//www.yeosuteddybearmuseum.com&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 17:44:19 GMT
b6810b6596f7ed55ed76c68d0358aca1.js
www.gstatic.com/mysidia/ Frame 44F6
33 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1057643952&pi=t.aa~a.1481608961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=2&bdt=1774&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280&nras=3&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OTjtbhHRXQ&p=https%3A//www.yeosuteddybearmuseum.com&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 08:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13684
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 21:38:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 21 Dec 2022 08:57:31 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 44F6
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CmxGZ8p4sY6GFMMTZtwenqoLwDJOQyJFUsOrmnMgI_dnyu4wyEAEg-PaEf2CRhKCFjBigAY7DuYEDyAEJqQIdwld4yRg-PqgDAcgDywSqBPQBT9DHnzpp3aWFHPBXDd-LLOpBfrnA8fTGIFhgtLe-yrZ5cnrE2PIKPbY3jGbL1Swxu7diByZ2FsHsAuZDgPkj-DDO2fd8vixAjUAhCIQITr3qsJlAseIof4d3iX9I4v1OUwg8D40gVGHgturQPyQU75WKzdUX4b8vlKzlFBlISFzqnzodUgZx1Kh96JVjcvgNuZkDgAkEq2UnlfZEOz4VId3iCFF7ljj6uEpItzLp-afIYT1pa-Dx2OdX9zGPXsbiHcQG9O83eWtUiDTS2S3y9eS9hZ9UIw6jE-R6k-N-nQdGTS71_H7xYBrGxRF26LXM3JPL-cAEo9PvqeQBkgUECAQYAZIFBAgFGASgBi6AB9q8xn6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCi9ALSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEw2IFAXQFQGYFgGAFwGyFxwKGggAEhRwdWItODIyNjQ5Njk3Njk0MzE2ORgA&sigh=RjkPEsJ0XtY&uach_m=[UACH]&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1057643952&pi=t.aa~a.1481608961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=2&bdt=1774&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280&nras=3&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OTjtbhHRXQ&p=https%3A//www.yeosuteddybearmuseum.com&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1057643952&pi=t.aa~a.1481608961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=2&bdt=1774&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280&nras=3&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OTjtbhHRXQ&p=https%3A//www.yeosuteddybearmuseum.com&dtd=18
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 22 Sep 2022 17:44:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/4925388443964756851/ Frame 44F6
37 KB
37 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/4925388443964756851/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1057643952&pi=t.aa~a.1481608961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=2&bdt=1774&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280&nras=3&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OTjtbhHRXQ&p=https%3A//www.yeosuteddybearmuseum.com&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86292c76e3c09ba369d0f45c5aaa95ac470e2d3c538cfbd653074ac23187aa7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 19:56:05 GMT
x-content-type-options
nosniff
age
337694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38070
x-xss-protection
0
last-modified
Tue, 11 Jun 2019 08:10:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 18 Sep 2023 19:56:05 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B87B
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1007934963&pi=t.aa~a.1481608961~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=1&bdt=1775&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280%2C1200x280&nras=4&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=OrkutNzGxw&p=https%3A//www.yeosuteddybearmuseum.com&dtd=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
30054
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 09:23:25 GMT
etag
48472445140208031
expires
Fri, 23 Sep 2022 09:23:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4F87
207 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b35d6e9eda95b0122a849a64462ee12aaf35a7868ba43e9e0acfc5d75d8aeb4a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9828
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1057643952&pi=t.aa~a.1481608961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=2&bdt=1774&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280&nras=3&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OTjtbhHRXQ&p=https%3A//www.yeosuteddybearmuseum.com&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
30054
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 09:23:25 GMT
etag
48472445140208031
expires
Fri, 23 Sep 2022 09:23:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 44F6
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ed50ce996962522442a4a0db1a5da705c135e6d6947a30aa85ce1c236e3988e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame B87B
35 B
462 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECuSQvhaNCLexHi-FS9NPu4&google_cver=1&google_push=AZmPxg-oaX6x_stK6Svz0K5VzvQdZrQC7Jxqj4_gPnkvyUnaZ-CQTjIgZxVr0DdLELzWrm3sRl5KESrP8TEu8SyiAi9iiu4PWVpsTg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1007934963&pi=t.aa~a.1481608961~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=1&bdt=1775&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280%2C1200x280&nras=4&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=OrkutNzGxw&p=https%3A//www.yeosuteddybearmuseum.com&dtd=21
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 17:44:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B87B
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg9sY618...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg9sY618...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxNzQ0MTkwMDA1NDE2MDE3MTY3MA%3D%3D&google_push=AZmPxg9sY618AchpVsAJnZKULxV4d53_1bkoByxi7_UYdhHw_tAZYrxGyDmGawJ_mGk1YE...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxNzQ0MTkwMDA1NDE2MDE3MTY3MA%3D%3D&google_push=AZmPxg9sY618AchpVsAJnZKULxV4d53_1bkoByxi7_UYdhHw_tAZYrxGyDmGawJ_mGk1YEEXWmlDJJkuhM3d-RrtTdBOJaaUHPN4
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 17:44:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxNzQ0MTkwMDA1NDE2MDE3MTY3MA%3D%3D&google_push=AZmPxg9sY618AchpVsAJnZKULxV4d53_1bkoByxi7_UYdhHw_tAZYrxGyDmGawJ_mGk1YEEXWmlDJJkuhM3d-RrtTdBOJaaUHPN4
pragma
no-cache
date
Thu, 22 Sep 2022 17:44:19 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Thu, 22 Sep 2022 17:44:19 GMT
sync
odr.mookie1.com/t/v2/ Frame B87B
43 B
356 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEPJd8KKi4wElmB-nh4EaM58&google_push=AZmPxg-nteXASAPrImJFBUTWARd6egR1KsaDjKQS612frwddV5Cvd_LsPCPVE_kV5qU4aqItCi9n4VAc9aJEZ9Kd0Pot5NXGR_2D-A&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1007934963&pi=t.aa~a.1481608961~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=1&bdt=1775&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280%2C1200x280&nras=4&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=OrkutNzGxw&p=https%3A//www.yeosuteddybearmuseum.com&dtd=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 17:44:19 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame B87B
43 B
135 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEPQHd1eeqlrXa3ZDBOIAAa0&google_cver=1&google_push=AZmPxg8p4r5zfcAz82Qoxyr6qX8dgSjgD8pfKbzUeN1vGXcN5KGEOVCWDto9IPQAFp1caQmhGPbsOUsxFpZxPJTsIJ1z98cq1GGM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1007934963&pi=t.aa~a.1481608961~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=1&bdt=1775&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280%2C1200x280&nras=4&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=OrkutNzGxw&p=https%3A//www.yeosuteddybearmuseum.com&dtd=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 17:44:18 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
6kt37kp72m1i13nth7eevlk3j45ukr0q
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame B87B
0
166 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEP5uLpmp5kJmL8sIhxbrfTI&google_cver=1&google_push=AZmPxg9uAmznEy_S3dmcMFnnCR15in3_uGmikLGKgYziGpajyUQk9cffmYhawK5TdS3KOMQVlv5UdNxnB64S-vfewMxXGhwZKC_nxw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1007934963&pi=t.aa~a.1481608961~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=1&bdt=1775&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280%2C1200x280&nras=4&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=OrkutNzGxw&p=https%3A//www.yeosuteddybearmuseum.com&dtd=21
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame B87B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAZEe2nYmQMtsg1c-PMvNxg&google_cver=1&google_push=AZmPxg_2K8UWL8ovkuWq4mvZZb8YcshVs5dRg8YlgN_lxEcI_z7aEyDiHgr_POotOcmoLuS8toL...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEQ0ZVRjktMUctRjQxSA==&google_push=AZmPxg_2K8UWL8ovkuWq4mvZZb8YcshVs5dRg8YlgN_lxEcI_z7aEyDiHgr_POotOcmoLuS8toL6yuBjUMdVwo969mL6qmnYP8TE8A
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEQ0ZVRjktMUctRjQxSA==&google_push=AZmPxg_2K8UWL8ovkuWq4mvZZb8YcshVs5dRg8YlgN_lxEcI_z7aEyDiHgr_POotOcmoLuS8toL6yuBjUMdVwo969mL6qmnYP8TE8A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1007934963&pi=t.aa~a.1481608961~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=1&bdt=1775&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280%2C1200x280&nras=4&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=OrkutNzGxw&p=https%3A//www.yeosuteddybearmuseum.com&dtd=21
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 17:44:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEQ0ZVRjktMUctRjQxSA==&google_push=AZmPxg_2K8UWL8ovkuWq4mvZZb8YcshVs5dRg8YlgN_lxEcI_z7aEyDiHgr_POotOcmoLuS8toL6yuBjUMdVwo969mL6qmnYP8TE8A
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame B87B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIccTIrMdGRzPxLk8x3IQJU&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIccTIrMdGRzPxLk8x3IQJU&google_push=AZ...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIccTIrMdGRzPxLk8x3IQJU&google_hm=Yyye86Dv3CtzQJhIsoAfYAAABLMAAAAB&google_nid=index&google_push=AZmPxg_wLzuzuRt9Yt-2TDrEeuiO3rYDPc5T1...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIccTIrMdGRzPxLk8x3IQJU&google_hm=Yyye86Dv3CtzQJhIsoAfYAAABLMAAAAB&google_nid=index&google_push=AZmPxg_wLzuzuRt9Yt-2TDrEeuiO3rYDPc5T1y4XlVu3zsnj3yn-fmRHdeDck7Q47G7F1UYQbwlkBXKok1A2wBOrZnsDPrqrCMiBrw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1007934963&pi=t.aa~a.1481608961~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=1&bdt=1775&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280%2C1200x280&nras=4&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=OrkutNzGxw&p=https%3A//www.yeosuteddybearmuseum.com&dtd=21
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 17:44:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Sep 2022 17:44:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYKx7CgKNeWBqzE5TI%2BSJmW619zE8O0WbjGgTEfJ6sO92DDe3VmEeZNs7ZI57O%2BDQuqO3fFV73RqgA9i0OTdL6Wa7xbAySA1%2FKH%2BAOJrd6Ha85M%2FV5hmeSKfsxEDwwigzReMOIl0KiCp7w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIccTIrMdGRzPxLk8x3IQJU&google_hm=Yyye86Dv3CtzQJhIsoAfYAAABLMAAAAB&google_nid=index&google_push=AZmPxg_wLzuzuRt9Yt-2TDrEeuiO3rYDPc5T1y4XlVu3zsnj3yn-fmRHdeDck7Q47G7F1UYQbwlkBXKok1A2wBOrZnsDPrqrCMiBrw
cache-control
no-cache
cf-ray
74ecd9131fe1b96f-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame B87B
0
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kxqn6A7PC2zsU8NFcQ1XReOryrfc5GqQ8Waj9yery5zwDKg8RVEn_MeBjTDxaRY2dj4Jy_
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1007934963&pi=t.aa~a.1481608961~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=1&bdt=1775&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280%2C1200x280&nras=4&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=OrkutNzGxw&p=https%3A//www.yeosuteddybearmuseum.com&dtd=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dpixel
cms.quantserve.com/ Frame 9828
35 B
463 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECuSQvhaNCLexHi-FS9NPu4&google_cver=1&google_push=AZmPxg-4SEC5UJCiSieCRwkPpGJAQakE26nS44YEZfVz7kuhZdWrg8b_kiLdQ6bD-mMkQgM7AE3sNE1PAmLNU9Wq1O9y9oTyacM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1057643952&pi=t.aa~a.1481608961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=2&bdt=1774&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280&nras=3&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OTjtbhHRXQ&p=https%3A//www.yeosuteddybearmuseum.com&dtd=18
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 17:44:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9828
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_rXDr7...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_rXDr7...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxNzQ0MTkwMDAxNDE0NjE4MjQ4OA%3D%3D&google_push=AZmPxg_rXDr7w5B8xNAR_BLq-RFj91-3beqX9NWyl08vMPU1f0Afsd1Oew5KqlzZiEHUZ2...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxNzQ0MTkwMDAxNDE0NjE4MjQ4OA%3D%3D&google_push=AZmPxg_rXDr7w5B8xNAR_BLq-RFj91-3beqX9NWyl08vMPU1f0Afsd1Oew5KqlzZiEHUZ2giUgDICTktygMHWFlgrMO-72y3GCc
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 17:44:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxNzQ0MTkwMDAxNDE0NjE4MjQ4OA%3D%3D&google_push=AZmPxg_rXDr7w5B8xNAR_BLq-RFj91-3beqX9NWyl08vMPU1f0Afsd1Oew5KqlzZiEHUZ2giUgDICTktygMHWFlgrMO-72y3GCc
pragma
no-cache
date
Thu, 22 Sep 2022 17:44:19 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Thu, 22 Sep 2022 17:44:19 GMT
dds
rtb.openx.net/sync/ Frame 9828
43 B
351 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEPQHd1eeqlrXa3ZDBOIAAa0&google_cver=1&google_push=AZmPxg9Fn0xWLMyaAt40DU9A6SzabwZzvx4hnsE0aRWfsXevB0f20PASALPBRoFcU81n03-1DIe2tU1oTvr6qdnCF5mF8lsZOg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1057643952&pi=t.aa~a.1481608961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=2&bdt=1774&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280&nras=3&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OTjtbhHRXQ&p=https%3A//www.yeosuteddybearmuseum.com&dtd=18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 17:44:19 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
r5bu2n0s4a5djmt189ahvcrjf8ahakho
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 9828
0
41 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEP5uLpmp5kJmL8sIhxbrfTI&google_cver=1&google_push=AZmPxg_bBvYb1OEDnAt-Dh7nfUwDPBY6ekIxPO-T0SesiGDXmx5oUCrTFkGJwMnKvhRhqHTd2D_koNC9w_rQTd-xj1L2hVwXYAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1057643952&pi=t.aa~a.1481608961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=2&bdt=1774&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280&nras=3&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OTjtbhHRXQ&p=https%3A//www.yeosuteddybearmuseum.com&dtd=18
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 9828
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAZEe2nYmQMtsg1c-PMvNxg&google_cver=1&google_push=AZmPxg-0Wj47-OCs-g1-I-81evoEayJdn0Mm6ktLcsoD0TI7hZ4CFFc9_OEMWUmpO5E4dLx9mq1...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEQ0ZVRjktMUgtS01aVQ==&google_push=AZmPxg-0Wj47-OCs-g1-I-81evoEayJdn0Mm6ktLcsoD0TI7hZ4CFFc9_OEMWUmpO5E4dLx9mq1l9mhEft2dEgAPYzEMy8J0Ziw
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEQ0ZVRjktMUgtS01aVQ==&google_push=AZmPxg-0Wj47-OCs-g1-I-81evoEayJdn0Mm6ktLcsoD0TI7hZ4CFFc9_OEMWUmpO5E4dLx9mq1l9mhEft2dEgAPYzEMy8J0Ziw
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 17:44:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEQ0ZVRjktMUgtS01aVQ==&google_push=AZmPxg-0Wj47-OCs-g1-I-81evoEayJdn0Mm6ktLcsoD0TI7hZ4CFFc9_OEMWUmpO5E4dLx9mq1l9mhEft2dEgAPYzEMy8J0Ziw
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
pixel
cm.g.doubleclick.net/ Frame 9828
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIccTIrMdGRzPxLk8x3IQJU&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIccTIrMdGRzPxLk8x3IQJU&google_push=AZ...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIccTIrMdGRzPxLk8x3IQJU&google_hm=Yyye86Dv3CtzQJhIsoAfYAAABLMAAAAB&google_nid=index&google_push=AZmPxg887iSGcgCtCr0PXFAFItbGtXWgDaV70...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIccTIrMdGRzPxLk8x3IQJU&google_hm=Yyye86Dv3CtzQJhIsoAfYAAABLMAAAAB&google_nid=index&google_push=AZmPxg887iSGcgCtCr0PXFAFItbGtXWgDaV709LULNRLuBqQ3asIsqFL0nklUJrtLxhZvfaWNC_los4qL9jQsXfr3_CBo9zOLbI
Requested by
Host: www.yeosuteddybearmuseum.com
URL: https://www.yeosuteddybearmuseum.com/
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 17:44:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Sep 2022 17:44:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5DyyqKjIQNlin%2F1F3jXwT4vsKYMpWlIV0h5cDrGpuhIiO5kdfYe7ezEV6hnrGSDFnSIxPAy%2BAAhMUqcfgmhNH5faiiGqmvINGYeJVbOXU%2Fc28rOeEiXRhIZt6laZHufzJi6rGA0Trl%2FQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIccTIrMdGRzPxLk8x3IQJU&google_hm=Yyye86Dv3CtzQJhIsoAfYAAABLMAAAAB&google_nid=index&google_push=AZmPxg887iSGcgCtCr0PXFAFItbGtXWgDaV709LULNRLuBqQ3asIsqFL0nklUJrtLxhZvfaWNC_los4qL9jQsXfr3_CBo9zOLbI
cache-control
no-cache
cf-ray
74ecd9131fe2b96f-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
trk
ag.innovid.com/ Frame 9828
43 B
296 B
Image
General
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEO3B7pbh-N-dcC7L8TBi8uU&google_cver=1&google_push=AZmPxg-klpbvlIFQYpLfhhCT4wR5AM4AvOF9pz3nGZmT4QDWM-gsqpyNNu4K6bfxX2fvzOi_0quSKaqrX0Sh0p--_Rptxib_x30
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1057643952&pi=t.aa~a.1481608961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=2&bdt=1774&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280&nras=3&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OTjtbhHRXQ&p=https%3A//www.yeosuteddybearmuseum.com&dtd=18
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:5a5:3100:3874:de:d87a:a022 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 17:44:20 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 9828
0
49 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J_WTd-n8V9LyvYhhXlpJz4P0iTgH9LlYHqCncNqL1i55e8WRuzE8QtNOCMjIAPAYoJEt8a
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1057643952&pi=t.aa~a.1481608961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=2&bdt=1774&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280&nras=3&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OTjtbhHRXQ&p=https%3A//www.yeosuteddybearmuseum.com&dtd=18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 44F6
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 19:33:08 GMT
x-content-type-options
nosniff
age
79871
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 19:33:08 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 44F6
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 19:35:33 GMT
x-content-type-options
nosniff
age
79726
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 19:35:33 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 44F6
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 19:33:00 GMT
x-content-type-options
nosniff
age
79879
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 19:33:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4F87
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 19:33:08 GMT
x-content-type-options
nosniff
age
79871
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 19:33:08 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4F87
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 19:35:33 GMT
x-content-type-options
nosniff
age
79726
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 19:35:33 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4F87
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 19:33:00 GMT
x-content-type-options
nosniff
age
79879
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 19:33:00 GMT
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame 47C2
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1057643952&pi=t.aa~a.1481608961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=2&bdt=1774&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280&nras=3&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2532&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OTjtbhHRXQ&p=https%3A//www.yeosuteddybearmuseum.com&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 06:20:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41036
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 06:20:23 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220919&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8226496976943169&plah=www.yeosuteddybearmuseum.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d903eefc68c9eb896e0b3d5f944db9dc7046c609bc5602aade3d359e03d8c849
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 17:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11222
x-xss-protection
0
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame F1B6
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8226496976943169&output=html&h=280&adk=1418185256&adf=1007934963&pi=t.aa~a.1481608961~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663868658&rafmt=1&to=qs&pwprc=8977564207&psa=1&format=1200x280&url=https%3A%2F%2Fwww.yeosuteddybearmuseum.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663868658735&bpp=1&bdt=1775&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9cb65880db7a0778-22bfc68128ce000c%3AT%3D1663868657%3ART%3D1663868657%3AS%3DALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ&prev_fmts=0x0%2C1176x280%2C1200x280&nras=4&correlator=1795934947609&frm=20&pv=1&ga_vid=781504909.1663868658&ga_sid=1663868658&ga_hid=1434602861&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44771548&oid=2&psts=APxP-9DF0dMLaLkHYitFgzBWOM_1N0rc-TO3AXBr8b0E-95L7-hKOeIc-Dbcr1g5XqTIT9-o2aDihHXOhumoZ6CBEw&pvsid=4215956292836960&tmod=1903118939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=OrkutNzGxw&p=https%3A//www.yeosuteddybearmuseum.com&dtd=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 06:20:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41036
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 06:20:23 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8226496976943169&plah=www.yeosuteddybearmuseum.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 17:44:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 88D8
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yeosuteddybearmuseum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
5507
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 16:12:33 GMT
expires
Fri, 22 Sep 2023 16:12:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E7E5
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6df9413e84c1355ec37fccc3a4bb2f6f51da10d1e84c1bfa2f3a0719aa5f07e3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Bim2GIMF_b8X1lkBu30iJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.yeosuteddybearmuseum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-Bim2GIMF_b8X1lkBu30iJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 17:44:20 GMT
expires
Thu, 22 Sep 2022 17:44:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame 2DA5
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscwCiOXrj1mgs-yfv0uwKTyLykarhKiu4FjyV5zehuS5go8TzFqtF23QpstW4k4adMiaNjuz8nXiufCaflhrr9_R9ZojQJ-CM_5ETOYrxxlxzPvEOatEKc6X9VOMTXuR9BIaKAfA&sai=AMfl-YSFq_60-xKa2vlALUwN6q5oeOESoZn5dUbWUPVL1vJJbrlgai3RVKqGc-ti6IqAW4OrXUtlrjCl9168dMk&sig=Cg0ArKJSzHPkpGJi0gSWEAE&id=lidar2&mcvt=1000&p=0,0,280,1176&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220919&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2665530630&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663868657670&rpt=1358&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 17:44:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame 88D8
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 06:20:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 06:20:23 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E7E5
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220919&jk=4215956292836960&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 88D8
0
11 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?OqWdqA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 17:44:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220919&jk=4215956292836960&bg=!pKelp-PNAAZqQh0mSkI7ACkAdvg8Witj1wLdjiDYblk1R9AWk1ug8x59ggSxekO6WpI5z_g8RM90XQIAAABWUgAAAANoAQeZArHOcO8Suq3xWP2-ilnqmAbZJuPhuT2HbanuPhoZuqGXzmbgSe6KbroJlSC6b0FCeGBHQDeiELPkE4ld4nB9Z4skemwcDEyXIA44-yqAlpne9SI30xfkXHHgpSl4e357df0VCT5aFgSL5tWnX_3I9Q9eYDjyfFfcKedOM7Rp-LhMjANr5sfyy2BP-L3DMj4E9x0PpLjJcAWUl9GxrKT_cOMFvogrInjXDWE76uDPFPqSfGsTcCO-cBZvRW-4EmcaVuaZQ2DZLfpXwY1HRjZTcWKx7ee53HU3udhDkCFKKd57jxNsVLYt3OvTzNAOfznbsdwDyeKekfQnND07viafwLaUzku8aEAlCESzrTLE1xCIBAzY2Ykm6kG4cTb3P6I71FjBWO-LMhq8gRO13NjuUVmxCP8Qxu03KLVSzmrvr4J9W_WVBAwnl4oT5KxRCJ9BhtGwU4A6DUE0InrJUfVQjJclX28JlrQdWb4VF5QOKF-LfUPfk5d58OH3Krievf93PTY7h-OkRvex63IBCTQxc-pbyJYTEC1X5bxyASwbXaTLT5XeEKFHagDcW7Eitu7dwEN4GKoKHiZGya5QaMmD6CXHVKI2HkmDFntbFxzC3j_k_Fbsi-iQMykQiKX5_IOkRAekf27ftvT8i-9vD4C8fDGH1MIFPUkaUhmzCpmiF_wnFajLd1rMIqC-Mz8FXPxeyNMkM92pckH61w0lLDkgqf4vvFlS3I5H4NY8WZq0UuUu4vkl4kkrirTXseS8TGSseoyDvgVtaOR3TfH16Rh6mskNMHZ1qjgCxYrfOGHklI7fLwy9otZTTUxILXxDSoA1FcK1yAaNqWrKzhVt9c-A-8MzgN9lZiDfXqOqIM8B9cLmuy8_t74P2k48u3bCGrbbA80EVFwsNP2U4rjDfey-ZZtxWQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.yeosuteddybearmuseum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| gtag object| dataLayer function| openwindow string| siteName string| cookie_domain function| getco function| init_rating function| getpop function| returnblock function| setCodetoCookie function| $ function| jQuery object| xhr object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| google_llp object| GoogleGcLKhOms object| google_image_requests

26 Cookies

Domain/Path Name / Value
www.yeosuteddybearmuseum.com/ Name: PHPSESSID
Value: 2991jrjcl67in8n4dv7gqm3trn
www.yeosuteddybearmuseum.com/ Name: _ivr
Value: 113180654787328
www.yeosuteddybearmuseum.com/ Name: _reu
Value: a2f3e9fa55ed9bb41d4d97f3bc29f433
.yeosuteddybearmuseum.com/ Name: _ga
Value: GA1.2.781504909.1663868658
.yeosuteddybearmuseum.com/ Name: _gid
Value: GA1.2.1301201383.1663868658
.yeosuteddybearmuseum.com/ Name: _gat_gtag_UA_218248390_26
Value: 1
www.yeosuteddybearmuseum.com/ Name: _ivr_ck
Value: 1
.yeosuteddybearmuseum.com/ Name: __gads
Value: ID=9cb65880db7a0778-22bfc68128ce000c:T=1663868657:RT=1663868657:S=ALNI_MYc-5xykobj6XVhdSo8ft0aHnxEEQ
.doubleclick.net/ Name: IDE
Value: AHWqTUl0Qx8osGrXCJ1bFIetv-cMoNLm-yrCMatSgO1fyMJWIo7EmnH9b1ZXTjV_skA
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.quantserve.com/ Name: d
Value: ECsBCQGUJ4EA
.quantserve.com/ Name: mc
Value: 632c9ef3-924f9-b7736-eca08
.casalemedia.com/ Name: CMID
Value: Yyye86Dv3CtzQJhIsoAfYAAA
.casalemedia.com/ Name: CMPS
Value: 1203
.casalemedia.com/ Name: CMPRO
Value: 1203
.casalemedia.com/ Name: CMTS
Value: 1111
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: na_tc
Value: Y
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220922
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.addthis.com/ Name: na_id
Value: 2022092217441900014146182488
.addthis.com/ Name: uid
Value: 632c9ef31a125a2f
.addthis.com/ Name: ouid
Value: 632c9ef30001f7ded9e856f91c8698afd7b1d02c0633e3fa2cda
.innovid.com/ Name: uuid
Value: 9c438e1f-f8b8-4ad4-974d-06a534e43ecc-20220922 13:44:20

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
ag.innovid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
ssum-sec.casalemedia.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.yeosuteddybearmuseum.com
yeosuteddybearmuseum.com
104.18.19.126
142.250.180.226
142.250.185.226
185.64.190.78
2406:da18:5a5:3100:3874:de:d87a:a022
2606:4700::6811:190e
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:801::2002
2a00:1450:4001:802::2003
2a00:1450:4001:806::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2008
2a00:1450:4001:831::2002
2a00:1450:400a:800::200a
2a00:1450:400c:c08::9c
2a00:1450:400d:806::2002
2a00:1450:400d:807::2003
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2002
2a00:1450:400d:80d::2004
2a00:1450:400d:80e::2003
2a06:98c1:3120::3
2a06:98c1:3121::3
34.98.67.61
35.186.253.211
69.173.144.138
69.192.160.219
0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
109b0c4054f913d7b4b471684fb1a39914b003dc5125fedb769c5ca605797c63
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
173867c5c1433ab5dc5041cc3c6b7358b3c3ebdcf9cb2bbbe1455a6c298726a6
1b35421d3556a5f2424c0cd74a00bf04402839476e24a7ec410c832257fbf15e
1e2d8646c9f01b6d9950e26d1c7c8097bd8c787ced5d805599f9ec1b5de7bfc9
2097d2daee6aa5351463bb5735010fe64d32247826d69503eeed5b6f50aae76c
2cd2872e56003c6aa3d4c7520ba10d940a56cb307fef19a803e2f8ba2cd6c45b
2d25de0d3565daa6ad156af9787f32f7cb7fed3c1084c50dc64a8b0c0c5e2067
31f4a46f21498e2e3e567078133c5af4eb0eac21760e9ceeed60021ca6f143fb
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
34587242a875c695bc1ef9d3326d464b67808baa0fdc55e7663a5b03e8252c55
34fa6636d3f8f0d5bbacdcb26765066f2733bf0fa302daf5421bf531ce6d63a4
3a5f0677866b704955030ae727eace421e6d47fe3b693410ef20b4d6815542b0
3bd46a29019ea7c8c3c87ba865d2033f4665ceda81a7d238878c5d05bfeb8cf4
3dfc3a2ce1d7d8b30638da19e5c52d0f4a271f9aeb6f69d1bb0efc675fd7dd58
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48cd89098b0c4cac5ff06740aaa4052f981e29612762642b60a0406a5fd48bab
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663ee68d5298396e2f70fbf9e563909511a7b291919e8de2a07ba8b0332713cb
6df9413e84c1355ec37fccc3a4bb2f6f51da10d1e84c1bfa2f3a0719aa5f07e3
6fb9a41074fcb050a4b62e2e7ed45e30033a80318ff6bacaa1b32f83ff4f1a24
733bcf624ed301aa1bcd6a7e35d050d18cf0f0c1879195b83b2ea244fc7ec693
74b8aff1a4cd142aa3a09eede04c478dd251ecad4096a01c4de70e767fcec5dd
765a7bbaef68bf954e7d7e20c5cc24086f64febeb970d2d3b2e7f7a70bd3bd38
7bc0ffc0387504d797c37a96a1382551cce5ca69c4734889080f1060ae499a84
7c3b0ac9d7bc65ae6b4167df8ae656cb589238348342ffff5dc793dceec9e39b
86292c76e3c09ba369d0f45c5aaa95ac470e2d3c538cfbd653074ac23187aa7b
868d0d28ea97f34fe38115758abc7a6b1b3578ef3eafc72e5cebff5454ea7d65
88349dc1bdf60bb724ed3749b11e7042d2305e60678493b4d4b6573a657733bb
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ed50ce996962522442a4a0db1a5da705c135e6d6947a30aa85ce1c236e3988e
8f384e078a0168edf5dc830ef2a9572cc4ad41b5eda587c025652f503833c9c7
8f5b7a9ac7616ee84f9967e1aace4b11e0211c8d36551dc7867f0f41f84fc0e9
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
954987d70ed44525bd0f498a809ae8e4ef7a1126b3ee7c50b1a208fb1f2f3d28
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a12f9041941730e3d187bd8685e424d5fdc0eab717f39d2b6af7a324edb3aec
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a99644bc91da89a412fed44f9c214bfbc6727daf9485edd3c8ab2c7b4006a623
aeea7d726bb452245ff82c0702261ddfa58932840bf5bd367a9c4dd48f0d3dc4
b0d2e6631f54c86a455358c5227264c6fbc962008cd5ba3444c1e276db4c272d
b203250f649209c35b940ed3d6af551b49998ebcaaf9c0d820dca0d136337cbe
b35d6e9eda95b0122a849a64462ee12aaf35a7868ba43e9e0acfc5d75d8aeb4a
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
bae0c0741966d8e305b04907686f5d187e0dbb726d05d38f817918b1433d3aac
bbd85d88380db545c647f67b3a91bbea5ccd22977ab477e285919118e4c0c1f5
bf7c982b5f5d37d909cee4adc3cb0aba4f6bfd36c3c8a887e6931c1f1cafe38b
c1f242c0ca41b5205d903c5e63adbfaea5caffe0961c686132e9db15f3d1e5a2
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ccd56192935bead3c190529fa8a4aa18908c58089a415adcd26bbbece8719548
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7d92e74aef555d4af72ebff45064e8fe79225769ff280831f68f9d063c69e5d
d903eefc68c9eb896e0b3d5f944db9dc7046c609bc5602aade3d359e03d8c849
de209b1f5eebc1df786230fb90d53042e23a9f50f3f2e58ed0b6eb838d200f3f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897
eaf73c94e406ca0ada215cca17bf56a4e06539208694267ca2ce0a6eaac059f2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8fcb1cb4ae5a0f816281a9138913b1397c3c7c78b7071afb35378206d101a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fbff4fc0db2c4d1c5e4f652a67cb65263d472ffa5b079b4fc43035821a297b01
fcca40d39e392ed1fed0515a2ed890128e3a461bc12240751cf2df7506160f86