URL: https://www.infokeeda.xyz/
Submission: On February 26 via manual from CZ — Scanned from NL

Summary

This website contacted 36 IPs in 4 countries across 24 domains to perform 124 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.infokeeda.xyz.
TLS certificate: Issued by E1 on December 30th 2023. Valid for: 3 months.
This is the only time www.infokeeda.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 10 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 216.24.57.3 397273 (RENDER)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:3::12 44788 (ASN-CRITE...)
1 2a02:2638:d::c 44788 (ASN-CRITE...)
15 2a02:2638:3::3 44788 (ASN-CRITE...)
1 23.213.165.236 16625 (AKAMAI-AS)
2 178.250.1.6 44788 (ASN-CRITE...)
1 2 142.250.186.134 15169 (GOOGLE)
7 2a02:2638:3::10 44788 (ASN-CRITE...)
2 2a02:2638:3::1a 44788 (ASN-CRITE...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 142.250.186.98 15169 (GOOGLE)
124 36
Apex Domain
Subdomains
Transfer
35 googlesyndication.com
5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 106
tpc.googlesyndication.com — Cisco Umbrella Rank: 161
357 KB
24 criteo.net
static.criteo.net — Cisco Umbrella Rank: 686
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9643
csm.eu.criteo.net — Cisco Umbrella Rank: 9110
102 KB
14 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219
stats.g.doubleclick.net — Cisco Umbrella Rank: 85
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
ad.doubleclick.net — Cisco Umbrella Rank: 157
281 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
128 KB
7 infokeeda.xyz
www.infokeeda.xyz
infokeeda.xyz
211 KB
6 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 394
136 KB
5 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 9065
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15482
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10448
110 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2663
21 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
5 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 306
82 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 136
2 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 11817
4 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 226
5 KB
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 764
255 B
1 google.nl
www.google.nl — Cisco Umbrella Rank: 9434
408 B
1 bmcdn6.com
cdn.bmcdn6.com — Cisco Umbrella Rank: 183923
1 npoint.io
api.npoint.io — Cisco Umbrella Rank: 388117
610 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 787
7 KB
1 blogger.com
www.blogger.com — Cisco Umbrella Rank: 10879
51 KB
1 cloudfront.net
d3u598arehftfk.cloudfront.net
1 blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 12422
3 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 729
30 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 341
29 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
91 KB
124 24
Domain Requested by
22 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.infokeeda.xyz
tpc.googlesyndication.com
5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
15 static.criteo.net ads.eu.criteo.com
cdnjs.cloudflare.com
static.criteo.net
10 securepubads.g.doubleclick.net 1 redirects www.infokeeda.xyz
www.googletagservices.com
securepubads.g.doubleclick.net
5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
8 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
www.infokeeda.xyz
7 imageproxy.eu.criteo.net ads.eu.criteo.com
6 cdn.ampproject.org securepubads.g.doubleclick.net
5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
6 www.infokeeda.xyz www.infokeeda.xyz
static.cloudflareinsights.com
5 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.gstatic.com www.infokeeda.xyz
5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
4 fonts.googleapis.com securepubads.g.doubleclick.net
5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
www.infokeeda.xyz
4 fonts.gstatic.com www.infokeeda.xyz
fonts.googleapis.com
4 cdn.jsdelivr.net www.infokeeda.xyz
3 www.google.com 1 redirects www.infokeeda.xyz
tpc.googlesyndication.com
2 www.googleadservices.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 ad.doubleclick.net 1 redirects ads.eu.criteo.com
2 cat.nl3.eu.criteo.com ads.eu.criteo.com
2 ads.eu.criteo.com 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
2 blogger.googleusercontent.com
2 region1.analytics.google.com www.googletagmanager.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 z.moatads.com ads.eu.criteo.com
1 rtb.fr3.eu.criteo.com 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
1 googleads.g.doubleclick.net www.infokeeda.xyz
1 www.google.nl www.infokeeda.xyz
1 stats.g.doubleclick.net www.googletagmanager.com
1 cdn.bmcdn6.com www.infokeeda.xyz
1 api.npoint.io cdn.jsdelivr.net
1 static.cloudflareinsights.com www.infokeeda.xyz
1 www.blogger.com www.infokeeda.xyz
1 d3u598arehftfk.cloudfront.net www.infokeeda.xyz
1 infokeeda.xyz 1 redirects
1 1.bp.blogspot.com www.infokeeda.xyz
1 code.jquery.com www.infokeeda.xyz
1 www.googletagservices.com www.infokeeda.xyz
1 www.googletagmanager.com www.infokeeda.xyz
124 36
Subject Issuer Validity Valid
infokeeda.xyz
E1
2023-12-30 -
2024-03-29
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
misc-sni.blogspot.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
*.gstatic.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
www.google.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
*.blogger.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
api.npoint.io
E1
2024-01-13 -
2024-04-12
3 months crt.sh
bmcdn6.com
GTS CA 1P5
2024-01-02 -
2024-04-01
3 months crt.sh
*.google.nl
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-08 -
2024-05-06
3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-10 -
2024-05-05
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-17 -
2024-05-17
3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2023-10-25 -
2024-10-24
a year crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-06 -
2024-05-03
3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-27 -
2024-03-21
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh

This page contains 13 frames:

Primary Page: https://www.infokeeda.xyz/
Frame ID: 534290D2461050739029BCEE7D9C9EC6
Requests: 40 HTTP requests in this frame

Frame: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B5BB1DB790BE76843C919A41896C37A1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012402122308000/amp4ads-v0.mjs
Frame ID: 87B6EA3E885242E4A4995EF40F8B0182
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0C74644FE67DD88EE22BF6BAF19CAEB1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 71E59BC27178C8189BF93C03C19682F7
Requests: 2 HTTP requests in this frame

Frame: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 60503E7F1066B2FDD32EE5348FAA8129
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igAIouoIVQnjAAP6EHYms3fiGSGNgMS2Sw&u=%7Ckg5gc4rNOo7W7Rpzmzan3svDYlc3CLihfKtZdsoS8zA%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37N_IRw2GZaxAfrTwL4yR1DQg7NFNPSptE4fExhVxGY0-n2rJDJvj48ZUweOud_PKkRVdV12ryF3R3-5myEvEX816hpeGtUMAtxThj9R4ilYxXpDSGLdC7Q-Mtkh1bWqOWFfqLPUR98EoMIF6QqZtSy4WNh8EhXsk_LKaaN-vV4yrLOq-E1c-dJGXw5h8iGgaNHoOuC01QKzDL1NBxUFK2eV6PgJlfoXUnEbCgKAABkFgedXznQoh1MP8ITRuj-EtCQX6UK7iolV4p4oQb7RRcGAasBE12A3PmjNmwQUCWijt4NRwJg7Pgm7TzouMOxJ4ID3_QAY5HugS6OCOlruqHaflTWPFzL_varXKLxqRlUwjG311onWwvbWsXEm2c3ccCOMFMTgjwfZL5MGFp8BB8G2ZLN3GGRtR6khf1-b1QzixMPmCH3nhU1zpsmSHz-8u_u9-k5DCBL9Rw9AFHnpLPgTjSZwqXH4BXRuXKV84iPNRlhXMe5G85NL_wM4fUCVQWZkwnvhZAqkH0j75EuoQeHnphpuHP4NPFn7a6MwEsoVjsWSh-g9DZRHb3hKji9k58Z0dz7gqvSKKLvU1_KV0kMJrTGWQW9QgGPOk2j9o4vFxYPtwVPNQVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3dBXij7cZerFIuOT1PIPkPSP6ATJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT-AU_QUgWzDQY9V6YNKY5G3wXECoDbPzaN0VJv89xG-hdorpDmQJfF1Om_p-4KsJ6rOvFzG75omZBMhjNVjOxmqAE_uXDvFZJOzNiZ201L6f3l2wUkmtyd4GeUXmyIkvjOo_Fkqv6mPaNlxPNXjGs4Usslwd94HS4-YLWS7CI45HIVJ6vX8O0H3WeYnWw8jb4H8GlARU09vuDE4lxHQKlt7R2C-Z-uaB-5rP2WySD8hBAIuODUXLWqZQhlXMw1PJtIf9VoYcWQe6OSHAwpOGg73St_06AjBVJ5KyUAgxI049HCjpvSXLqqIkVQxyyFrnkEoFkZaBbErSg6nN-lzVeX4AQBgAbBnf2K5pX0-wugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICUDki9_cE6WLKuosq-yIQD-gsCCAGADAHiDRMI1eWiyr7IhAMV4wlVCB0Q-gNN0BUBgBcB%26num%3D1%26sig%3DAOD64_1-2ocUhLxYuBgNu4Qq-ZhhGJ6RVA%26client%3Dca-pub-2319441746403294%26adurl%3D
Frame ID: 526E7A0AAB0EDBDD29FB3DBF082EB401
Requests: 18 HTTP requests in this frame

Frame: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A4E30E7A380A6C3F54F1882557484C06
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igANtpMIVSuUAAp_EzN3dPdMr3vP31QmCw&u=%7Cff5pF1GHMsCHNxN32xdq2ZEfBL0vo4MQzzGm3SkU2SA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_n31MQyFig-4JM3Evzx297O6Xdnvie514Tl5O9KRf8Iy98OA4C17yPuyMPFs52kGKwQs_jDM3-8F8scLiImkhbcP4sxGT6RvwNj0xqHuh0wuYrVAFILhc4qvcBdxNEenRyjA3JQdPbTQ6ZNb2yCyBz7AfT5gQZgFSPjGM0J7Zb1jVVTMlFV5P5jpSZsDM-URWtteaKJo4IKj-PYyrkBy5TYqgd3AsRMxpq7XvrOwddbTT1dNyWj_KWNcvopPXkkSq9jCVThts0z83dz7YDN803rlNcU2EvhmtN-uOog7gKROjcY3p2VsOxcU4kquKLEpC_WSX8QpAYscF2mi_dHup83XAwO7cMQpbTiN7VOE2je7XXSPshbGArVcWEmj7zkOXyyAD4EuZ7kC63YcdzJP1-sUI-pOpBIS5iIcRKdRlP-cjHR9t5lTm_o9BgN1Z-efS7RaCkNnDs3junJPfcgsoDSKonWQZboy3hJMuJBpzN_bkxEm8W165NDPRo4lrsOzIzT67Ca8q7BUbUrVAJstcBLdjrlvkh6CkElqo2H0H9Z4YlF7OdOe0J9VbGEH8GNgox&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAIOUij7cZZPtNpTX1PIPk_6pwAPJntKxXM2jlvdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT4AU_Q-dwdpuhuqkoK6VjvXtE6DPsy2nvm9olGjgk9SU23u7CK4JjU_YqOMxJmLDRPWSFnzDAxJrASU1NaLImDxFuo41twgkDZvCGutS2Foj6fSUBWSBVgKz6WA6BuGXjNE4KExHMQLgp2Qsb_DuuYkS-60VXtfyk8K7-fF0k5LKra2TlKkcQgh4x5Bh48CvR8O0vpQSiaHMEdA5wis06Ik9EcYx1U6sb-Ss_p672dGE_kSPFeGaAvz3bCIkTfkfRi5a39ABHlACR-KFB_A34E28hMFCJxyE6j42J2oEZf2ha2gOziEYyIfOsNAlvzvyuUHxsERMYbVp1Z4AQBgAaI_prd15LFtqMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YAQEAEyAqoCOgmAQICAhICAlA5Ivf3BOljPtKLKvsiEA_oLAggBgAwB4g0TCOP3osq-yIQDFZQrVQgdE38KONAVAYAXAQ%26num%3D1%26sig%3DAOD64_0f4gdw3XlGqncs-wbXMJuk-Q1BUA%26client%3Dca-pub-2319441746403294%26adurl%3D
Frame ID: 1C51CE4D24E95D49371317DA6504DFEA
Requests: 13 HTTP requests in this frame

Frame: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C4D3FBF1C98429EC29CAF61CCF4315D2
Requests: 5 HTTP requests in this frame

Frame: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1DACE72A6283D418F970BF30F042E738
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 62DAE6695C59092347EB79771BB0B041
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8Tsy5hKGOkd2pZxHZ-DVXCM53v6mWtt85lweNHdJ0fc.js
Frame ID: DCD67EBD25B19B14674ECCD3D0C69C94
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Infokeeda

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

124
Requests

97 %
HTTPS

86 %
IPv6

24
Domains

36
Subdomains

36
IPs

4
Countries

1653 kB
Transfer

4709 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://infokeeda.xyz/ HTTP 301
  • https://www.infokeeda.xyz/
Request Chain 52
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 70
  • https://ad.doubleclick.net/ddm/trackimp/N1343778.154378CRITEO/B26779844.319997743;dc_trk_aid=512442708;dc_trk_cid=161146427;dcopt=anid;ord=65dc3e8a7ba0d403ccfee9c5a156f8e5;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;;ltd=;dc_tdv=1 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1343778.154378CRITEO/B26779844.319997743;dc_pre=CPn-3sq-yIQDFaeJgwcdnK8Jsw;dc_trk_aid=512442708;dc_trk_cid=161146427;dcopt=anid;ord=65dc3e8a7ba0d403ccfee9c5a156f8e5;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;;ltd=;dc_tdv=1
Request Chain 126
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=C8pC6ij7cZZXtNpTX1PIPk_6pwAP3xKfwdeWX74SGEorRo-2-ARABIOHR0ZsBYJGEoIWMGKAB-cLOzQPIAQHgAgCoAwHIAwqqBJQCT9BUnY5bYgKnTq0WJ8HUcDgE8eQpyoOIi7XKerw52rDkKic0xu0NeHuDG4eBLUIOOdxVeS7nF71xOaR4AEnHmi7qvzBerIvv5ZAB1N3_Uhe4Zlec_munCffFTptP0DotQjRjE2q-80IfYLuAE9VyqXZSQAGgXpRavXwVLPRKwlaPX52DQInmdFPQMmaPIKbi5xSYA0Fdy4OlHxaVuGWI7bZ1eCBAt4uXkPk7Jck0m7M96Q-RdWW8Hi6SNaUWMLGcCuAzwo1FDKN_qjy62STiMFoAuDPoBF1J-FsfxV-qvujn4t3D2SFNTKhSxKjm_jqpRfVlpnjcL_wyAxFf-IVmKjFhtqCg8d6OzPelTAd_gpPxwjj0wATWnfvyqgTgBAGIBdD03P5LkgUECAQYAZIFBAgFGASgBi6AB-b6rAmoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAfIHBBCr8CDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAlA5Ivf3BOljPtKLKvsiEA5oJaWh0dHBzOi8vd3d3LmRpc2NvdmVyYXNyLmNvbS9lbi9zb21lcnNldC1zZXJ2aWNlZC1yZXNpZGVuY2UvY2hpbmEvc29tZXJzZXQtaGFybW9ueS1jaXR5LXd1eGk_Z2Nsc3JjPWF3LmRzJoAKA8gLAeINEwjl96LKvsiEAxWUK1UIHRN_CjjYEwvQFQGYFgGAFwGyFx8KHQgAEhRwdWItMzgzMDAxNTM5MDQ4NzI4Nxjk-4EB&sigh=Jp4sb8b7WAQ&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqvSZDqpaKVz17qCTHBQBe7Tw2i-7OWZKYOAc5UJvmeVluA_Y4Ugjt3b_yg1-4dZq8harBtxOoaEfoAkEqQWFfWrXgNzmkASUit4QYAQ&template_id=5004&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215709242258870329263%22,%22debug_reporting%22:true,%22destination%22:%22https://discoverasr.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22968073593%22],%2222%22:[%22true%22],%224%22:[%2202-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223079180784421408081%22}&andc=true

124 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.infokeeda.xyz/
596 KB
170 KB
Document
General
Full URL
https://www.infokeeda.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9758ef45c8fe3e9bb98cb389f576eceafe1dbdb20b6bce96336c916f123ec7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0
cf-cache-status
DYNAMIC
cf-ray
85b67e79f9140b58-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 26 Feb 2024 07:32:25 GMT
expires
Mon, 26 Feb 2024 07:32:25 GMT
last-modified
Wed, 21 Feb 2024 03:05:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uumgiJDm%2B3Ug9qwRVyE0WCjlktStsac5BxS1IBLFIf%2BcycqgmSc3J2DDAlC%2Bvrs9MAu7KdqDCC9nK1d7f%2FARbWAq7aR87jfnU%2BA1Bq8oKb6q4aqF7U%2FhbMF1jsbaGHUwMSSV4gq4cMCP54Ct3bksCg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-robots-tag
all,noodp
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/
267 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M24T57XSVV
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1fc186c1572e8db8e789ba427673dda1a70a06968812ffefa49207f92394ceed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92382
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 26 Feb 2024 07:32:25 GMT
gpt.js
www.googletagservices.com/tag/js/
90 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc0935d268079388d82030d353f86dab49e06914968a61fbe6ca0236b79c9ac8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28918
x-xss-protection
0
server
cafe
etag
363 / 19779 / 31081346 / config-hash: 2958856145408218626
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 26 Feb 2024 07:32:25 GMT
jquery-3.6.0.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:25 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1390364
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-ams21044-AMS
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1708932746.692030,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
31, 732537
OIT-Footer-secured-by.jpg
1.bp.blogspot.com/-mQ3mboG16GQ/XotAye2gniI/AAAAAAAABPk/nZGtUsueFaw9i_e5pR4ADtPVPOz375LJQCLcBGAsYHQ/s1600/
3 KB
3 KB
Image
General
Full URL
https://1.bp.blogspot.com/-mQ3mboG16GQ/XotAye2gniI/AAAAAAAABPk/nZGtUsueFaw9i_e5pR4ADtPVPOz375LJQCLcBGAsYHQ/s1600/OIT-Footer-secured-by.jpg
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e50d262e6afec4413c96a433c31a9d0e0602066bd851e099a07e7e2e16e59f68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 05:18:27 GMT
x-content-type-options
nosniff
age
8038
cross-origin-resource-policy
cross-origin
content-disposition
inline;filename="OIT-Footer-secured-by.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2855
x-xss-protection
0
server
fife
etag
"v4fa"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 27 Feb 2024 05:18:27 GMT
themes.js
cdn.jsdelivr.net/gh/GamerGiri999/InfokeedaPublic@2930dad76a9678227f91683462e9fda0623791f7/blogger/
123 KB
46 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/GamerGiri999/InfokeedaPublic@2930dad76a9678227f91683462e9fda0623791f7/blogger/themes.js
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2934a5956808a41722c75f3747d95a7e3bca59ea40b6c3c7ed556bbc9e13c61e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
520658
x-jsd-version
2930dad76a9678227f91683462e9fda0623791f7
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230057-FRA, cache-lga21960-LGA
x-jsd-version-type
commit
server
cloudflare
etag
W/"1eb77-SKo27ne5OLP4B+iXngDrg42tj0c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwt0vEvBW4I1VoJ7lgozB0hAQjYPiDeFM%2BaH%2By4Upz3ACK6XISaQ4NloqD3LdyCr7WvqR0mmq93WYjPHJ5ioaR8vljf8KqJrTjXBP30%2BAJOY0Ct4pgU0AQWnbeTzlT%2BDf3UIGJZQHVApzsCXpWs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
85b67e7c9dc4670f-AMS
/
www.infokeeda.xyz/
Redirect Chain
  • https://infokeeda.xyz/
  • https://www.infokeeda.xyz/
12 KB
12 KB
Image
General
Full URL
https://www.infokeeda.xyz/
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 21 Feb 2024 03:05:50 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTFS2refIVNpgl%2BXnfXfJQCmDJv9UoF2INkrnrmticy4RP6iVgIqF6ZQhMEcVx7Z9kNLbxj7K7e%2FKtb6vOYUM4SlsqMqZGiaDEBD4pT2QlLqz%2BZxwg1jIfyZoKOWtxMa3G%2B0s5ERmOZOpHjVBNwiPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0
x-robots-tag
all,noodp
cf-ray
85b67e7e49d90e18-AMS
priority
u=2,i
expires
Mon, 26 Feb 2024 07:32:26 GMT

Redirect headers

date
Mon, 26 Feb 2024 07:32:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JHeJqbNFWE%2FcOAOz12och8TpM5R7ZeyODubAS6i%2F8DAYmpFprh3ffGzqS5jtZCd5gZzWeQ1pm7X2zkj4tQsxTWth4dpG%2FwzNJ%2Bq1YRVHOh%2FVw5TdYpjdo4ET%2BtJSYXCFyDwFsPShTHUD6sf"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://www.infokeeda.xyz/
cf-ray
85b67e7d0c8e0b58-AMS
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/
90 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6d0a0b68b031145e1bc6309503b26afa5b88e8d70c028f826e32aa9d26c023c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28916
x-xss-protection
0
server
cafe
etag
841 / 19779 / m202402200101 / config-hash: 2958856145408218626
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 26 Feb 2024 07:32:25 GMT
thetimer.js
cdn.jsdelivr.net/gh/Indzign/theme@master/
2 KB
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/Indzign/theme@master/thetimer.js
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb3346cbbe576f59c7ecda6deb6fb008bdeba1d437c4e9d0222609e5d5e9e218
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
32808
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230044-FRA, cache-ams21073-AMS
x-jsd-version-type
branch
server
cloudflare
etag
W/"714-/uQmcQrU/R+nmv/k+mNYQKESOFo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79j0NT5wRa7KsJzZqd8Bxo7%2FVhNFyCBaSe2Scf7AFxrrNL3XFf%2BLkxOI3EzXclQMCRT6nOhjVsoG3WhgL7IEq08Z8aUHOlG8v6jVyFPFouTQqnEY1URzC3OFIcrmrjLLq4FfWM3V5uxFO%2FmH%2FNk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
85b67e7cce00670f-AMS
moneycase.js
cdn.jsdelivr.net/gh/GamerGiri999/InfokeedaPublic@main/Organic-Safelink-1Page/
87 KB
34 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/GamerGiri999/InfokeedaPublic@main/Organic-Safelink-1Page/moneycase.js
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a7eb74e814b830cfe89caa840f5cce3d16e9a773bfb74e2a304a4c3fffd24ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
13508
x-jsd-version
main
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230040-FRA, cache-ams21038-AMS
x-jsd-version-type
branch
server
cloudflare
etag
W/"15dbc-ht/p93DKmmujVMwpsLT+zWzh0do"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fn1Ph4D40A6ZmNIuvBc7pbSGvI8RqjiF%2Bev4zjpAXpVAZ08o2Nbe1bkzy1BVOapublhiSxrIaZZIIU%2B08RbAxTAJkz6o0rWnx8FkN9qJ5qm7f%2FmnxkG3D7nWWKORs48AlrTf1ttHnGm6dPr4gE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
85b67e7cce03670f-AMS
5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
fonts.gstatic.com/s/googlesanstext/v16/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesanstext/v16/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bad1c5850c2453996c8dc11934799affb96c43eae953ca75fe9c15a9df07fe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.infokeeda.xyz/
Origin
https://www.infokeeda.xyz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 02:38:33 GMT
x-content-type-options
nosniff
age
536032
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14856
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:54:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Feb 2025 02:38:33 GMT
prebid_hb_4130_8967.js
d3u598arehftfk.cloudfront.net/
0
0
Script
General
Full URL
https://d3u598arehftfk.cloudfront.net/prebid_hb_4130_8967.js
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ca00:1f:946:f000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

cookienotice.js
www.infokeeda.xyz/js/
6 KB
2 KB
Script
General
Full URL
https://www.infokeeda.xyz/js/cookienotice.js
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
63281
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
last-modified
Sun, 25 Feb 2024 12:54:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=2678400
cf-ray
85b67e7cdc620b58-AMS
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sun, 03 Mar 2024 13:57:44 GMT
VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js
www.google.com/js/bg/
51 KB
20 KB
Script
General
Full URL
https://www.google.com/js/bg/VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55648948cf9c70de7b9ba9b640fb3e34fedcc5a726a8a88469e57c964d62ba73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 06:45:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
434804
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19939
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 20 Feb 2025 06:45:41 GMT
csi.js
www.infokeeda.xyz/b/
44 KB
25 KB
Script
General
Full URL
https://www.infokeeda.xyz/b/csi.js?h=VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fefcd58aebc992ef9800aa676a31a19f2cd7b383e3b3efd72ec074a2541bcb3
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:25 GMT
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pg3eDGFJ1x%2FOeL9ln3v1d%2Bl2vFjTW7D5T5loCquGn6DSOLGTshfdX4%2F8VmVDWu6Pc5qtA1LiCJgbft8JbmRiNsai4A3ce%2BVndm04bht9uMDnZxzEwoXLF%2BS%2B%2BYcZNWfRTytVfNqo%2FwgVMXbYOBY%2FsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-ray
85b67e7cec650b58-AMS
expires
Mon, 01 Jan 1990 00:00:00 GMT
2650238066-widgets.js
www.blogger.com/static/v1/widgets/
141 KB
51 KB
Script
General
Full URL
https://www.blogger.com/static/v1/widgets/2650238066-widgets.js
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15d2df8093a2a811da976443d352b95ae84e28aec34affbbc3280349444b54c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 01:51:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
279652
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51584
x-xss-protection
0
last-modified
Thu, 22 Feb 2024 12:56:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sat, 22 Feb 2025 01:51:33 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/
20 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://www.infokeeda.xyz/
Origin
https://www.infokeeda.xyz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:25 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
85b67e7d1f5066c4-AMS
0ebf972007249e303d80
api.npoint.io/
186 B
610 B
Fetch
General
Full URL
https://api.npoint.io/0ebf972007249e303d80
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/GamerGiri999/InfokeedaPublic@2930dad76a9678227f91683462e9fda0623791f7/blogger/themes.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.24.57.3 , United States, ASN397273 (RENDER, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a14eaece3f496e15a55e9ec0b8d98ccb5c9e818aabc1a993712b88440ffb1e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
rndr-id
8d89c4e9-79ed-4b91
x-render-origin-server
Render
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
3f926f52-df02-47a7-abae-19b4d5fb96ec
x-runtime
0.004355
server
cloudflare
etag
W/"36a14eaece3f496e15a55e9ec0b8d98c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-max-age
7200
cf-ray
85b67e7d6af7b891-AMS
x-frame-options
SAMEORIGIN
64f1a267c70b0380fe88cdd7.js
cdn.bmcdn6.com/js/
0
0
Script
General
Full URL
https://cdn.bmcdn6.com/js/64f1a267c70b0380fe88cdd7.js?v=1708932745778
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:3e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:25 GMT
strict-transport-security
max-age=15768000
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVIbeRER%2F8Ptub3ltri3qZziy6e4Ip4ie2A0uAfmNAFBudRm3EEEZtEV0bLbOfQ7fQTut8KaY9Mhb1oJ4TND7P8HyBNrjT%2F0WcA5%2FdGuPzk302npkaVBg5S3MLTFqU4oFG8Xd%2FYZGDj4n2nLQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
public, max-age=1800
cf-ray
85b67e7d7ce3669e-AMS
alt-svc
h3=":443"; ma=86400
truncated
/
26 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6611677c5391ceb6488b98028510d9d2398907292efff0cef7ab4d07e9cf5b69

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
447 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24785ba53c0ac2b29a5a5aa140fcbce1054a40af05c45d02094c52c9a5290f46

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type
image/svg+xml
5aUp9-KzpRiLCAt4Unrc-xIKmCU5oPFTnmhjtg.woff2
fonts.gstatic.com/s/googlesanstext/v16/
14 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesanstext/v16/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oPFTnmhjtg.woff2
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a1286273726bff8e1d79da7039788b34f34d8f439a9dff6492541bebfe23acf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.infokeeda.xyz/
Origin
https://www.infokeeda.xyz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 06:40:35 GMT
x-content-type-options
nosniff
age
435110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14836
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:54:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Feb 2025 06:40:35 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/
428 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js?cb=31081346
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ae3dcf8002e428f15567c5a304172fe086cf525cc41c02a83c091989152e4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 12:02:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
70226
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137981
x-xss-protection
0
server
cafe
etag
12437356588311396475
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 24 Feb 2025 12:02:00 GMT
collect
region1.analytics.google.com/g/
0
256 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-M24T57XSVV&gtm=45je42l0v875514113za220&_p=1708932745513&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=137345960.1708932746&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1708932746&sct=1&seg=0&dl=https%3A%2F%2Fwww.infokeeda.xyz%2F&dt=Infokeeda&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=842
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M24T57XSVV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Feb 2024 07:32:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.infokeeda.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
256 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M24T57XSVV&cid=137345960.1708932746&gtm=45je42l0v875514113za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M24T57XSVV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Feb 2024 07:32:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.infokeeda.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/
42 B
408 B
Image
General
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M24T57XSVV&cid=137345960.1708932746&gtm=45je42l0v875514113za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=2007102362
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Feb 2024 07:32:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
354 KB
73 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3225456218294825&correlator=1019289168898526&eid=31079956%2C31081195%2C31081346%2C44777901%2C31068826%2C31080117&output=ldjh&gdfp_req=1&vrg=202402200101&ptt=17&impl=fifs&iu_parts=22665103812%2CCPMAD%2Calright%2Canchor%2CInterstial_Ads%2CRad3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2F3%2C%2F0%2F4%2C%2F0%2F2%2F5&prev_iu_szs=250x250%7C300x250%2C1x1%2C1x1%2C300x250%7C320x100%7C250x250%7C336x280%7C300x50%7C320x50&ifi=1&sfv=1-0-40&ists=2&fas=0%2C2%2C8%2C0&sc=1&cookie_enabled=1&abxe=1&dt=1708932746194&lmt=1708484750&adxs=-9%2C-9%2C-9%2C538&adys=-9%2C-9%2C-9%2C345&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.infokeeda.xyz%2F&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C930x50&msz=0x-1%7C0x-1%7C0x-1%7C930x50&fws=2%2C2%2C2%2C4&ohw=0%2C0%2C0%2C1600&ga_vid=137345960.1708932746&ga_sid=1708932746&ga_hid=805313433&ga_fc=true&dlt=1708932745500&idt=675&prev_scp=test%3Dlazyload%7Ctest%3Danchor%7C%7C&adks=2818531264%2C2661531621%2C1970712516%2C867190180&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js?cb=31081346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b71771bf156b7073265503de27ec5c2c12ffb6141c38d330c848cde0139a11d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74541
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.infokeeda.xyz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
61 KB
14 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3225456218294825&correlator=1019289168898526&eid=31079956%2C31081195%2C31081346%2C44777901%2C31068826%2C31080117&output=ldjh&gdfp_req=1&vrg=202402200101&ptt=17&impl=fifs&iu_parts=22665103812%2Calright%2C250Real&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=250x250&ifi=5&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708932746198&lmt=1708484750&adxs=563&adys=1531&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.infokeeda.xyz%2F&vis=1&psz=930x500&msz=930x250&fws=4&ohw=1600&ga_vid=137345960.1708932746&ga_sid=1708932746&ga_hid=805313433&ga_fc=true&dlt=1708932745500&idt=675&adks=487286394&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js?cb=31081346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a089e7dc742b80d052fb01ab08f1cebbd6ee270cfa8253cd321fd745fe8d256e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14215
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.infokeeda.xyz
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
35 KB
14 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3225456218294825&correlator=1019289168898526&eid=31079956%2C31081195%2C31081346%2C44777901%2C31068826%2C31080117&output=ldjh&gdfp_req=1&vrg=202402200101&ptt=17&impl=fifs&iu_parts=22665103812%2Calright%2CRad2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=250x250%7C300x250&ifi=6&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708932746200&lmt=1708484750&adxs=563&adys=1781&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.infokeeda.xyz%2F&vis=1&psz=930x500&msz=930x250&fws=4&ohw=1600&ga_vid=137345960.1708932746&ga_sid=1708932746&ga_hid=805313433&ga_fc=true&dlt=1708932745500&idt=675&adks=128903091&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js?cb=31081346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea65bf2d2af1bc166193c47c68475ff8c085dd1a32f6dcecc13dfd9d9cbcfb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14527
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.infokeeda.xyz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B5BB
6 KB
3 KB
Document
General
Full URL
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js?cb=31081346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.infokeeda.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Feb 2024 07:32:26 GMT
expires
Tue, 25 Feb 2025 07:32:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/
46 KB
15 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl_page_level_ads.js?cb=31081346
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js?cb=31081346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51cedd78bb282a5680c39864d40c404bbb049b02d4fc854adfd4d4f97bb21607
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 18:31:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
46873
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15022
x-xss-protection
0
server
cafe
etag
12039705104838093267
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 24 Feb 2025 18:31:13 GMT
lazyarlinas.js
cdn.jsdelivr.net/gh/Arlina-Design/phantom@master/
1 KB
950 B
Script
General
Full URL
https://cdn.jsdelivr.net/gh/Arlina-Design/phantom@master/lazyarlinas.js
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b22f7436d75e6755e1e6ad82a41d0a21454388bb8adcb8f07c84d44975530c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
28996
x-jsd-version
master
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220030-FRA, cache-lga21960-LGA
x-jsd-version-type
branch
server
cloudflare
etag
W/"4a8-zAMceRkTu6f0uua8arRNKSgzuOI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7TqRCxjLhd1qH%2FZYcmxifFHSM2bPYd5CTck4Aufnjro9AbE8h%2F%2BQUKkEmCRIniFoFApE1BvgHEk1u5W24dRrN8f2ZJp6%2B52PchtZMK3R5DukIOd0%2BYlPtSpU1WugrjvapptjnqVZdD2ua99F3Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
85b67e80ab22670f-AMS
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402200101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js?cb=31081346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
726cfeefca9844aa6b5ede751df7f53d527ed0ac1657e6131f0c68154a37dc1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12291
x-xss-protection
0
rum
www.infokeeda.xyz/cdn-cgi/
0
143 B
XHR
General
Full URL
https://www.infokeeda.xyz/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.infokeeda.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type
application/json

Response headers

date
Mon, 26 Feb 2024 07:32:26 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.infokeeda.xyz
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
85b67e80acaf0e18-AMS
favicon.ico
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjojI2ig_JQYiG4yZH35vJoJKM6w9uVuALaGcxVPNMFUJnGeWc5XNrjlkQZSsVZ7779CQf3HrJCivH0I4EcRf1zMl2xVmTyYLBC7E3PcUt3JX7B7R6l7XtiFtwYG4IJ_v-HGWqUftod1WmJ9p5w...
715 B
1002 B
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjojI2ig_JQYiG4yZH35vJoJKM6w9uVuALaGcxVPNMFUJnGeWc5XNrjlkQZSsVZ7779CQf3HrJCivH0I4EcRf1zMl2xVmTyYLBC7E3PcUt3JX7B7R6l7XtiFtwYG4IJ_v-HGWqUftod1WmJ9p5wR1X15Z6xemjpij15NzPVQ7Yv2RsP/w60/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c30934b1fbefdb88dc1594f56e48b0ac82698a4654497be423e87d503288be6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v1314"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="favicon.ico.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
715
x-xss-protection
0
expires
Tue, 27 Feb 2024 07:32:26 GMT
20230412_013508_0000.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFjJIUROhqvTTHhzAAPCPcoLXKjUsBUUIG2_b7ckHcw9MBCpRuxoNNNakZf5MVfco20jOrRaTqhw9Kkp0tl98K1DEGBivQppTmwH16o8ORVgA2ZGtd9gT2XQeIG1rmwdbGOJr-tIaTQkc7daQQ...
3 KB
3 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFjJIUROhqvTTHhzAAPCPcoLXKjUsBUUIG2_b7ckHcw9MBCpRuxoNNNakZf5MVfco20jOrRaTqhw9Kkp0tl98K1DEGBivQppTmwH16o8ORVgA2ZGtd9gT2XQeIG1rmwdbGOJr-tIaTQkc7daQQK5k9vgQoHx3iZsGwVpujWzS_y35t/w60/20230412_013508_0000.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1d63382320745c2fcd0413dd4557edb8714d22beeb51476a9a1a629fb01f8801
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:27 GMT
x-content-type-options
nosniff
server
fife
etag
"v3964"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="20230412_013508_0000.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2858
x-xss-protection
0
expires
Tue, 27 Feb 2024 07:32:27 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js?cb=31081346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 07:32:26 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012402122308000/ Frame 87B6
196 KB
56 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012402122308000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js?cb=31081346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
120c31287cc76461147fa9f52645279804dea7ee5553572c8fffc1cc6ccaff88
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 23 Feb 2024 11:17:22 GMT
age
245704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56147
x-xss-protection
0
server
sffe
etag
"f5ceea7fe5564400"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 22 Feb 2025 11:17:22 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012402122308000/v0/ Frame 87B6
15 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012402122308000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js?cb=31081346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
620e650135367f175a542a88c0646be2b716930cc42e01e291eb24d63722616f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 20 Feb 2024 18:11:31 GMT
age
480055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5218
x-xss-protection
0
server
sffe
etag
"68373f9a2b9add5a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 19 Feb 2025 18:11:31 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012402122308000/v0/ Frame 87B6
95 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012402122308000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js?cb=31081346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
722117cb3654f60fe9c913d636106dd30b90c0d805b0828ebf6f06d1f0d3b32c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 20 Feb 2024 18:11:31 GMT
age
480055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29054
x-xss-protection
0
server
sffe
etag
"a02e8be6a8b6fcf0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 19 Feb 2025 18:11:31 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012402122308000/v0/ Frame 87B6
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012402122308000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js?cb=31081346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3931bffd71d3d21af5cea0706aa3d3ba7147650c6fe5fcaddb819e7a80af0b8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 20 Feb 2024 18:11:31 GMT
age
480055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"ac1827860467156e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 19 Feb 2025 18:11:31 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012402122308000/v0/ Frame 87B6
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012402122308000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js?cb=31081346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b4a089a7e7b88e8b1e5abbc3ac0a6896728f92535be02e7c5cec719f2776533
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 20 Feb 2024 18:11:31 GMT
age
480055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12949
x-xss-protection
0
server
sffe
etag
"daae09dd16aaa4d7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 19 Feb 2025 18:11:31 GMT
css
fonts.googleapis.com/ Frame 87B6
14 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js?cb=31081346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f0f179eba989a5d55300cbb2fbb9381421109c1ab9b099ebacb3dc91f6e62a1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 26 Feb 2024 07:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 05:34:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Feb 2024 07:32:26 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 87B6
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 02:10:56 GMT
x-content-type-options
nosniff
server
cafe
age
19290
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Tue, 27 Feb 2024 02:10:56 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 87B6
295 B
537 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 20:23:00 GMT
x-content-type-options
nosniff
server
cafe
age
40166
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Mon, 26 Feb 2024 20:23:00 GMT
truncated
/ Frame 87B6
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 87B6
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb80ae8be84fd33d154a32252a40ddacdfa9bd114b7236917813910edd511753

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0C74
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.infokeeda.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
4300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Feb 2024 06:20:46 GMT
expires
Tue, 25 Feb 2025 06:20:46 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 71E5
829 B
991 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c8fbe75a099be42134bac59fdf86ef8d9ed43bbaeaa7473617100fe2bc18167d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2N1PYFGFlOqiIl9Yk07deA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.infokeeda.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-2N1PYFGFlOqiIl9Yk07deA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 26 Feb 2024 07:32:26 GMT
expires
Mon, 26 Feb 2024 07:32:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 71E5
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402200101&jk=3225456218294825&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 87B6
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.infokeeda.xyz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:54:54 GMT
x-content-type-options
nosniff
age
441452
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Feb 2025 04:54:54 GMT
BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js
pagead2.googlesyndication.com/bg/ Frame 0C74
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 05:31:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
7270
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15302
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 17:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 25 Feb 2025 05:31:16 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 87B6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H2
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Redirect headers

date
Mon, 26 Feb 2024 07:32:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 0C74
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?yDsnDQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 87B6
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=COMP-ij7cZYPYDqb91PIPwYi12AL_sZ7sddPPo4bQEpq37MaaDhABIOHR0ZsBYJGEoIWMGKAB-bGwyQPIAQGpAnMgfuG6J7I-4AIAqAMByAMKqgSAAk_QJh2MDKcNl07ZjyG-VH9nuN85om9WkCXi8y-xD8XaBJ09NdraqBt0vkXpO7PlB-HNORQTFixJ8DYiIZC1_r1IgRve4iJVyZcfzyyezcl0UiytFcaUbhW0VVH3_KnOi1Bfe70D823-1OY_wFX88YAuyXHJm9BTOGAuuKLfYBzLrf_XycL2M3HcsisLYL-4pmnZWn3v4Byh4HEVVdd_JREI1a0COuqs7l9q6JhhQW4AJx0M4Yupp6GVeaBrKheMIcA5hCwLOA_9zcEFJKiXlf-chHJQFQO-AslhIr7zP1LU92L4laz6oywrDMsIy-yUbcO-zgz92ToMDPZmdUccqXzABPLM0YDOBOAEAYgF9uvtpk6SBQQIBBgBkgUECAUYBIAH783PNqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcB8gcEELu1A9IIKwiA4YAQEAEYHTIHqoKA4J-AAToJgECAgISAgJQOSL39wTpYqrOiyr7IhAOaCT9odHRwczovL3d3dy5hbmdlbHMtaGVhdmVuLm9yZy9lbmdsaXNoL2RlZmF1bHRfMDJfb2JyMjkwM19lbi5odG2ACgPICwHiDRMI5dyiyr7IhAMVpj5VCB1BRA0r2BMCiBQC0BUBgBcBshcfCh0IABIUcHViLTM4MzAwMTUzOTA0ODcyODcY5PuBAQ&sigh=9eQaGVQDHfA&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_GAGbDIF074mrb35_iu79ILUaJzrY7ky8IrOEhQ9h4ABFFg0tWt_V2OabIQZOS0E04sm5ncsfU7lEgWrmA2xJ0-F_fSM1wyvy_yIYAQ&template_id=5020&cbvp=2
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

container.html
5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6050
6 KB
3 KB
Document
General
Full URL
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js?cb=31081346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.infokeeda.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Feb 2024 07:32:26 GMT
expires
Tue, 25 Feb 2025 07:32:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 526E
192 KB
57 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igAIouoIVQnjAAP6EHYms3fiGSGNgMS2Sw&u=%7Ckg5gc4rNOo7W7Rpzmzan3svDYlc3CLihfKtZdsoS8zA%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37N_IRw2GZaxAfrTwL4yR1DQg7NFNPSptE4fExhVxGY0-n2rJDJvj48ZUweOud_PKkRVdV12ryF3R3-5myEvEX816hpeGtUMAtxThj9R4ilYxXpDSGLdC7Q-Mtkh1bWqOWFfqLPUR98EoMIF6QqZtSy4WNh8EhXsk_LKaaN-vV4yrLOq-E1c-dJGXw5h8iGgaNHoOuC01QKzDL1NBxUFK2eV6PgJlfoXUnEbCgKAABkFgedXznQoh1MP8ITRuj-EtCQX6UK7iolV4p4oQb7RRcGAasBE12A3PmjNmwQUCWijt4NRwJg7Pgm7TzouMOxJ4ID3_QAY5HugS6OCOlruqHaflTWPFzL_varXKLxqRlUwjG311onWwvbWsXEm2c3ccCOMFMTgjwfZL5MGFp8BB8G2ZLN3GGRtR6khf1-b1QzixMPmCH3nhU1zpsmSHz-8u_u9-k5DCBL9Rw9AFHnpLPgTjSZwqXH4BXRuXKV84iPNRlhXMe5G85NL_wM4fUCVQWZkwnvhZAqkH0j75EuoQeHnphpuHP4NPFn7a6MwEsoVjsWSh-g9DZRHb3hKji9k58Z0dz7gqvSKKLvU1_KV0kMJrTGWQW9QgGPOk2j9o4vFxYPtwVPNQVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3dBXij7cZerFIuOT1PIPkPSP6ATJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT-AU_QUgWzDQY9V6YNKY5G3wXECoDbPzaN0VJv89xG-hdorpDmQJfF1Om_p-4KsJ6rOvFzG75omZBMhjNVjOxmqAE_uXDvFZJOzNiZ201L6f3l2wUkmtyd4GeUXmyIkvjOo_Fkqv6mPaNlxPNXjGs4Usslwd94HS4-YLWS7CI45HIVJ6vX8O0H3WeYnWw8jb4H8GlARU09vuDE4lxHQKlt7R2C-Z-uaB-5rP2WySD8hBAIuODUXLWqZQhlXMw1PJtIf9VoYcWQe6OSHAwpOGg73St_06AjBVJ5KyUAgxI049HCjpvSXLqqIkVQxyyFrnkEoFkZaBbErSg6nN-lzVeX4AQBgAbBnf2K5pX0-wugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICUDki9_cE6WLKuosq-yIQD-gsCCAGADAHiDRMI1eWiyr7IhAMV4wlVCB0Q-gNN0BUBgBcB%26num%3D1%26sig%3DAOD64_1-2ocUhLxYuBgNu4Qq-ZhhGJ6RVA%26client%3Dca-pub-2319441746403294%26adurl%3D
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
83966d6e64cdd998e41dbab254bf9cfce03aac0b73da23cc268ac1eea49472da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 26 Feb 2024 07:32:26 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=PWluMJUlnCd3lR3GjvAHQewvEgjznuH0rH3MCWY4xJeVpSa-Csz8-V8BmsOsOQCEkmRtQeR-JSXOWKkfj5RvdSgHVYcDr8I1Tfj_KZwbKb5w5RTkQqO602A8W4oY2CobQiJiRs-9BfzK4_musa6AhuE3sXwoex2td3WcnleQXfetFudGtEwAFOM0pF3dr0YhbPvEwKkLjfiaKPzwcIFaRodz-xvTbKO_S6lhwhV5Uq7zvD7Ms4NfzVRTV6yBNqfmV6jlDQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
59416006
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 6050
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 20:12:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
40779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 20:12:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 6050
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 23:01:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
30672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8211
x-xss-protection
0
server
cafe
etag
3968847549730513390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 23:01:15 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6050
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 07:41:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
431461
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 20 Feb 2025 07:41:26 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6050
204 KB
61 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:19:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
752
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62895
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-2
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 26 Feb 2024 08:19:55 GMT
truncated
/ Frame 6050
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee8a3414f0fc988c65b4a1c9a1748bc1bc80a95f82be46198a3ea258fedaea97

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 6050
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVuGFij7cZerFIuOT1PIPkPSP6ATJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT7AU_QUgWzDQY9V6YNKY5G3wXECoDbPzaN0VJv89xG-hdorpDmQJfF1Om_p-4KsJ6rOvFzG75omZBMhjNVjOxmqAE_uXDvFZJOzNiZ201L6f3l2wUkmtyd4GeUXmyIkvjOo_Fkqv6mPaNlxPNXjGs4Usslwd94HS4-YLWS7CI45HIVJ6vX8O0H3WeYnWw8jb4H8GlARU09vuDE4lxHQKlt7R2C-Z-uaB-5rP2WySD8hBAIuODUXLWqZQhlXMw1PJtIf9VoYcWQe6OSHAwpOGg73St_06AjBRB7CreAEMIJRQHlVBfytR6kBU_mzQKdLM3Mnf_r1wjotbDwCP9M4AQBgAbBnf2K5pX0-wugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICUDki9_cE6WLKuosq-yIQDgAoD-gsCCAGADAHiDRMI1eWiyr7IhAMV4wlVCB0Q-gNN0BUBgBcBshcdChsSFHB1Yi0yMzE5NDQxNzQ2NDAzMjk0GOT7gQE&sigh=2pdv_mRP7qM&uach_m=%5BUACH%5D&cid=CAQSTwB7FLtq1XDURB7mprov-lV4upNFuAjzTDyVhL9cIT7T4BFu2TQ3-Uohiz_QxGmpD5UfMVqIaeLE0TKhuVBcI_lHkfm6qGqFU0cZGgfMY_4YAQ&cbvp=2&vis=1
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 6050
0
126 B
Image
General
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kNjSEO9BrAL6AZ2DYgICAAAA4v4gF_bBqXYQij7cZX3WtUahfhHFX3sAABIAAAoKQVFVQkR3RUJEdw&wp=Zdw-igAIouoIVQnjAAP6EHYms3fiGSGNgMS2Sw&cbvp=2
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:26 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
169337
server
Kestrel
content-length
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 526E
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igAIouoIVQnjAAP6EHYms3fiGSGNgMS2Sw&u=%7Ckg5gc4rNOo7W7Rpzmzan3svDYlc3CLihfKtZdsoS8zA%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37N_IRw2GZaxAfrTwL4yR1DQg7NFNPSptE4fExhVxGY0-n2rJDJvj48ZUweOud_PKkRVdV12ryF3R3-5myEvEX816hpeGtUMAtxThj9R4ilYxXpDSGLdC7Q-Mtkh1bWqOWFfqLPUR98EoMIF6QqZtSy4WNh8EhXsk_LKaaN-vV4yrLOq-E1c-dJGXw5h8iGgaNHoOuC01QKzDL1NBxUFK2eV6PgJlfoXUnEbCgKAABkFgedXznQoh1MP8ITRuj-EtCQX6UK7iolV4p4oQb7RRcGAasBE12A3PmjNmwQUCWijt4NRwJg7Pgm7TzouMOxJ4ID3_QAY5HugS6OCOlruqHaflTWPFzL_varXKLxqRlUwjG311onWwvbWsXEm2c3ccCOMFMTgjwfZL5MGFp8BB8G2ZLN3GGRtR6khf1-b1QzixMPmCH3nhU1zpsmSHz-8u_u9-k5DCBL9Rw9AFHnpLPgTjSZwqXH4BXRuXKV84iPNRlhXMe5G85NL_wM4fUCVQWZkwnvhZAqkH0j75EuoQeHnphpuHP4NPFn7a6MwEsoVjsWSh-g9DZRHb3hKji9k58Z0dz7gqvSKKLvU1_KV0kMJrTGWQW9QgGPOk2j9o4vFxYPtwVPNQVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3dBXij7cZerFIuOT1PIPkPSP6ATJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT-AU_QUgWzDQY9V6YNKY5G3wXECoDbPzaN0VJv89xG-hdorpDmQJfF1Om_p-4KsJ6rOvFzG75omZBMhjNVjOxmqAE_uXDvFZJOzNiZ201L6f3l2wUkmtyd4GeUXmyIkvjOo_Fkqv6mPaNlxPNXjGs4Usslwd94HS4-YLWS7CI45HIVJ6vX8O0H3WeYnWw8jb4H8GlARU09vuDE4lxHQKlt7R2C-Z-uaB-5rP2WySD8hBAIuODUXLWqZQhlXMw1PJtIf9VoYcWQe6OSHAwpOGg73St_06AjBVJ5KyUAgxI049HCjpvSXLqqIkVQxyyFrnkEoFkZaBbErSg6nN-lzVeX4AQBgAbBnf2K5pX0-wugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICUDki9_cE6WLKuosq-yIQD-gsCCAGADAHiDRMI1eWiyr7IhAMV4wlVCB0Q-gNN0BUBgBcB%26num%3D1%26sig%3DAOD64_1-2ocUhLxYuBgNu4Qq-ZhhGJ6RVA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 20 Feb 2025 07:32:27 GMT
adchoices_nl.svg
static.criteo.net/flash/icon/ Frame 526E
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_nl.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igAIouoIVQnjAAP6EHYms3fiGSGNgMS2Sw&u=%7Ckg5gc4rNOo7W7Rpzmzan3svDYlc3CLihfKtZdsoS8zA%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37N_IRw2GZaxAfrTwL4yR1DQg7NFNPSptE4fExhVxGY0-n2rJDJvj48ZUweOud_PKkRVdV12ryF3R3-5myEvEX816hpeGtUMAtxThj9R4ilYxXpDSGLdC7Q-Mtkh1bWqOWFfqLPUR98EoMIF6QqZtSy4WNh8EhXsk_LKaaN-vV4yrLOq-E1c-dJGXw5h8iGgaNHoOuC01QKzDL1NBxUFK2eV6PgJlfoXUnEbCgKAABkFgedXznQoh1MP8ITRuj-EtCQX6UK7iolV4p4oQb7RRcGAasBE12A3PmjNmwQUCWijt4NRwJg7Pgm7TzouMOxJ4ID3_QAY5HugS6OCOlruqHaflTWPFzL_varXKLxqRlUwjG311onWwvbWsXEm2c3ccCOMFMTgjwfZL5MGFp8BB8G2ZLN3GGRtR6khf1-b1QzixMPmCH3nhU1zpsmSHz-8u_u9-k5DCBL9Rw9AFHnpLPgTjSZwqXH4BXRuXKV84iPNRlhXMe5G85NL_wM4fUCVQWZkwnvhZAqkH0j75EuoQeHnphpuHP4NPFn7a6MwEsoVjsWSh-g9DZRHb3hKji9k58Z0dz7gqvSKKLvU1_KV0kMJrTGWQW9QgGPOk2j9o4vFxYPtwVPNQVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3dBXij7cZerFIuOT1PIPkPSP6ATJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT-AU_QUgWzDQY9V6YNKY5G3wXECoDbPzaN0VJv89xG-hdorpDmQJfF1Om_p-4KsJ6rOvFzG75omZBMhjNVjOxmqAE_uXDvFZJOzNiZ201L6f3l2wUkmtyd4GeUXmyIkvjOo_Fkqv6mPaNlxPNXjGs4Usslwd94HS4-YLWS7CI45HIVJ6vX8O0H3WeYnWw8jb4H8GlARU09vuDE4lxHQKlt7R2C-Z-uaB-5rP2WySD8hBAIuODUXLWqZQhlXMw1PJtIf9VoYcWQe6OSHAwpOGg73St_06AjBVJ5KyUAgxI049HCjpvSXLqqIkVQxyyFrnkEoFkZaBbErSg6nN-lzVeX4AQBgAbBnf2K5pX0-wugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICUDki9_cE6WLKuosq-yIQD-gsCCAGADAHiDRMI1eWiyr7IhAMV4wlVCB0Q-gNN0BUBgBcB%26num%3D1%26sig%3DAOD64_1-2ocUhLxYuBgNu4Qq-ZhhGJ6RVA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-754"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 20 Feb 2025 07:32:27 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 526E
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igAIouoIVQnjAAP6EHYms3fiGSGNgMS2Sw&u=%7Ckg5gc4rNOo7W7Rpzmzan3svDYlc3CLihfKtZdsoS8zA%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37N_IRw2GZaxAfrTwL4yR1DQg7NFNPSptE4fExhVxGY0-n2rJDJvj48ZUweOud_PKkRVdV12ryF3R3-5myEvEX816hpeGtUMAtxThj9R4ilYxXpDSGLdC7Q-Mtkh1bWqOWFfqLPUR98EoMIF6QqZtSy4WNh8EhXsk_LKaaN-vV4yrLOq-E1c-dJGXw5h8iGgaNHoOuC01QKzDL1NBxUFK2eV6PgJlfoXUnEbCgKAABkFgedXznQoh1MP8ITRuj-EtCQX6UK7iolV4p4oQb7RRcGAasBE12A3PmjNmwQUCWijt4NRwJg7Pgm7TzouMOxJ4ID3_QAY5HugS6OCOlruqHaflTWPFzL_varXKLxqRlUwjG311onWwvbWsXEm2c3ccCOMFMTgjwfZL5MGFp8BB8G2ZLN3GGRtR6khf1-b1QzixMPmCH3nhU1zpsmSHz-8u_u9-k5DCBL9Rw9AFHnpLPgTjSZwqXH4BXRuXKV84iPNRlhXMe5G85NL_wM4fUCVQWZkwnvhZAqkH0j75EuoQeHnphpuHP4NPFn7a6MwEsoVjsWSh-g9DZRHb3hKji9k58Z0dz7gqvSKKLvU1_KV0kMJrTGWQW9QgGPOk2j9o4vFxYPtwVPNQVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3dBXij7cZerFIuOT1PIPkPSP6ATJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT-AU_QUgWzDQY9V6YNKY5G3wXECoDbPzaN0VJv89xG-hdorpDmQJfF1Om_p-4KsJ6rOvFzG75omZBMhjNVjOxmqAE_uXDvFZJOzNiZ201L6f3l2wUkmtyd4GeUXmyIkvjOo_Fkqv6mPaNlxPNXjGs4Usslwd94HS4-YLWS7CI45HIVJ6vX8O0H3WeYnWw8jb4H8GlARU09vuDE4lxHQKlt7R2C-Z-uaB-5rP2WySD8hBAIuODUXLWqZQhlXMw1PJtIf9VoYcWQe6OSHAwpOGg73St_06AjBVJ5KyUAgxI049HCjpvSXLqqIkVQxyyFrnkEoFkZaBbErSg6nN-lzVeX4AQBgAbBnf2K5pX0-wugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICUDki9_cE6WLKuosq-yIQD-gsCCAGADAHiDRMI1eWiyr7IhAMV4wlVCB0Q-gNN0BUBgBcB%26num%3D1%26sig%3DAOD64_1-2ocUhLxYuBgNu4Qq-ZhhGJ6RVA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 20 Feb 2025 07:32:27 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 526E
293 B
622 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igAIouoIVQnjAAP6EHYms3fiGSGNgMS2Sw&u=%7Ckg5gc4rNOo7W7Rpzmzan3svDYlc3CLihfKtZdsoS8zA%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37N_IRw2GZaxAfrTwL4yR1DQg7NFNPSptE4fExhVxGY0-n2rJDJvj48ZUweOud_PKkRVdV12ryF3R3-5myEvEX816hpeGtUMAtxThj9R4ilYxXpDSGLdC7Q-Mtkh1bWqOWFfqLPUR98EoMIF6QqZtSy4WNh8EhXsk_LKaaN-vV4yrLOq-E1c-dJGXw5h8iGgaNHoOuC01QKzDL1NBxUFK2eV6PgJlfoXUnEbCgKAABkFgedXznQoh1MP8ITRuj-EtCQX6UK7iolV4p4oQb7RRcGAasBE12A3PmjNmwQUCWijt4NRwJg7Pgm7TzouMOxJ4ID3_QAY5HugS6OCOlruqHaflTWPFzL_varXKLxqRlUwjG311onWwvbWsXEm2c3ccCOMFMTgjwfZL5MGFp8BB8G2ZLN3GGRtR6khf1-b1QzixMPmCH3nhU1zpsmSHz-8u_u9-k5DCBL9Rw9AFHnpLPgTjSZwqXH4BXRuXKV84iPNRlhXMe5G85NL_wM4fUCVQWZkwnvhZAqkH0j75EuoQeHnphpuHP4NPFn7a6MwEsoVjsWSh-g9DZRHb3hKji9k58Z0dz7gqvSKKLvU1_KV0kMJrTGWQW9QgGPOk2j9o4vFxYPtwVPNQVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3dBXij7cZerFIuOT1PIPkPSP6ATJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT-AU_QUgWzDQY9V6YNKY5G3wXECoDbPzaN0VJv89xG-hdorpDmQJfF1Om_p-4KsJ6rOvFzG75omZBMhjNVjOxmqAE_uXDvFZJOzNiZ201L6f3l2wUkmtyd4GeUXmyIkvjOo_Fkqv6mPaNlxPNXjGs4Usslwd94HS4-YLWS7CI45HIVJ6vX8O0H3WeYnWw8jb4H8GlARU09vuDE4lxHQKlt7R2C-Z-uaB-5rP2WySD8hBAIuODUXLWqZQhlXMw1PJtIf9VoYcWQe6OSHAwpOGg73St_06AjBVJ5KyUAgxI049HCjpvSXLqqIkVQxyyFrnkEoFkZaBbErSg6nN-lzVeX4AQBgAbBnf2K5pX0-wugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICUDki9_cE6WLKuosq-yIQD-gsCCAGADAHiDRMI1eWiyr7IhAMV4wlVCB0Q-gNN0BUBgBcB%26num%3D1%26sig%3DAOD64_1-2ocUhLxYuBgNu4Qq-ZhhGJ6RVA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 20 Feb 2025 07:32:27 GMT
moatad.js
z.moatads.com/revolveuscriteodisplay958847220414/ Frame 526E
0
255 B
Script
General
Full URL
https://z.moatads.com/revolveuscriteodisplay958847220414/moatad.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igAIouoIVQnjAAP6EHYms3fiGSGNgMS2Sw&u=%7Ckg5gc4rNOo7W7Rpzmzan3svDYlc3CLihfKtZdsoS8zA%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37N_IRw2GZaxAfrTwL4yR1DQg7NFNPSptE4fExhVxGY0-n2rJDJvj48ZUweOud_PKkRVdV12ryF3R3-5myEvEX816hpeGtUMAtxThj9R4ilYxXpDSGLdC7Q-Mtkh1bWqOWFfqLPUR98EoMIF6QqZtSy4WNh8EhXsk_LKaaN-vV4yrLOq-E1c-dJGXw5h8iGgaNHoOuC01QKzDL1NBxUFK2eV6PgJlfoXUnEbCgKAABkFgedXznQoh1MP8ITRuj-EtCQX6UK7iolV4p4oQb7RRcGAasBE12A3PmjNmwQUCWijt4NRwJg7Pgm7TzouMOxJ4ID3_QAY5HugS6OCOlruqHaflTWPFzL_varXKLxqRlUwjG311onWwvbWsXEm2c3ccCOMFMTgjwfZL5MGFp8BB8G2ZLN3GGRtR6khf1-b1QzixMPmCH3nhU1zpsmSHz-8u_u9-k5DCBL9Rw9AFHnpLPgTjSZwqXH4BXRuXKV84iPNRlhXMe5G85NL_wM4fUCVQWZkwnvhZAqkH0j75EuoQeHnphpuHP4NPFn7a6MwEsoVjsWSh-g9DZRHb3hKji9k58Z0dz7gqvSKKLvU1_KV0kMJrTGWQW9QgGPOk2j9o4vFxYPtwVPNQVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3dBXij7cZerFIuOT1PIPkPSP6ATJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT-AU_QUgWzDQY9V6YNKY5G3wXECoDbPzaN0VJv89xG-hdorpDmQJfF1Om_p-4KsJ6rOvFzG75omZBMhjNVjOxmqAE_uXDvFZJOzNiZ201L6f3l2wUkmtyd4GeUXmyIkvjOo_Fkqv6mPaNlxPNXjGs4Usslwd94HS4-YLWS7CI45HIVJ6vX8O0H3WeYnWw8jb4H8GlARU09vuDE4lxHQKlt7R2C-Z-uaB-5rP2WySD8hBAIuODUXLWqZQhlXMw1PJtIf9VoYcWQe6OSHAwpOGg73St_06AjBVJ5KyUAgxI049HCjpvSXLqqIkVQxyyFrnkEoFkZaBbErSg6nN-lzVeX4AQBgAbBnf2K5pX0-wugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICUDki9_cE6WLKuosq-yIQD-gsCCAGADAHiDRMI1eWiyr7IhAMV4wlVCB0Q-gNN0BUBgBcB%26num%3D1%26sig%3DAOD64_1-2ocUhLxYuBgNu4Qq-ZhhGJ6RVA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:27 GMT
last-modified
Thu, 16 Feb 2023 20:27:37 GMT
server
AmazonS3
x-amz-request-id
AVH4CEXA9JHYVDZD
etag
"d41d8cd98f00b204e9800998ecf8427e"
content-type
application/x-javascript
cache-control
max-age=60443
accept-ranges
bytes
content-length
0
x-amz-id-2
2izGBpmENq8WLJj+kYD2q82gzhd204CkE7cNA4Gvz6QrzhAo8e+IoGPRhFspTNKGyFfpSTyrJDM=
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 526E
43 B
348 B
Image
General
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=BooOJ8er2SE0siAreR9hUMhYk0i7X-QRz3UMU2Ns8I3YmRZbQCyvWyuwsdLH4-u10ahLfx2hSCHt6bkaH0S4gU01wFZ4lM-vspnU3R5pFA6zXiqEu6SGb5YvVL3Nr3fV-Vg2PV5-3-JYXk4bT3cNbnwvu8tyju1fOku5rZeQG218OD4oZZh5bXT2PFCwfxTU_oyym8LfoVpXskvjPmylzEMKdsFtPGaPrxYYcg528nhyiOZpXWhup9LY8NUgGiHh9o8lQ44JaMER7JgwKTU8AHBcNtjV4ja5oBYqxwQwiY4NQeVuLktaiGti2RQnp75ooyov90B9ALfRqm1yRAk2d8KBhBOvzpeVemjExDTv8DA8YiDoSpB1J2JBMaxmoKvMk_Y58D9hudzqarlhPEBKmRDXmejm4k7uybjtFFpKimR4-NxB
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igAIouoIVQnjAAP6EHYms3fiGSGNgMS2Sw&u=%7Ckg5gc4rNOo7W7Rpzmzan3svDYlc3CLihfKtZdsoS8zA%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37N_IRw2GZaxAfrTwL4yR1DQg7NFNPSptE4fExhVxGY0-n2rJDJvj48ZUweOud_PKkRVdV12ryF3R3-5myEvEX816hpeGtUMAtxThj9R4ilYxXpDSGLdC7Q-Mtkh1bWqOWFfqLPUR98EoMIF6QqZtSy4WNh8EhXsk_LKaaN-vV4yrLOq-E1c-dJGXw5h8iGgaNHoOuC01QKzDL1NBxUFK2eV6PgJlfoXUnEbCgKAABkFgedXznQoh1MP8ITRuj-EtCQX6UK7iolV4p4oQb7RRcGAasBE12A3PmjNmwQUCWijt4NRwJg7Pgm7TzouMOxJ4ID3_QAY5HugS6OCOlruqHaflTWPFzL_varXKLxqRlUwjG311onWwvbWsXEm2c3ccCOMFMTgjwfZL5MGFp8BB8G2ZLN3GGRtR6khf1-b1QzixMPmCH3nhU1zpsmSHz-8u_u9-k5DCBL9Rw9AFHnpLPgTjSZwqXH4BXRuXKV84iPNRlhXMe5G85NL_wM4fUCVQWZkwnvhZAqkH0j75EuoQeHnphpuHP4NPFn7a6MwEsoVjsWSh-g9DZRHb3hKji9k58Z0dz7gqvSKKLvU1_KV0kMJrTGWQW9QgGPOk2j9o4vFxYPtwVPNQVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3dBXij7cZerFIuOT1PIPkPSP6ATJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT-AU_QUgWzDQY9V6YNKY5G3wXECoDbPzaN0VJv89xG-hdorpDmQJfF1Om_p-4KsJ6rOvFzG75omZBMhjNVjOxmqAE_uXDvFZJOzNiZ201L6f3l2wUkmtyd4GeUXmyIkvjOo_Fkqv6mPaNlxPNXjGs4Usslwd94HS4-YLWS7CI45HIVJ6vX8O0H3WeYnWw8jb4H8GlARU09vuDE4lxHQKlt7R2C-Z-uaB-5rP2WySD8hBAIuODUXLWqZQhlXMw1PJtIf9VoYcWQe6OSHAwpOGg73St_06AjBVJ5KyUAgxI049HCjpvSXLqqIkVQxyyFrnkEoFkZaBbErSg6nN-lzVeX4AQBgAbBnf2K5pX0-wugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICUDki9_cE6WLKuosq-yIQD-gsCCAGADAHiDRMI1eWiyr7IhAMV4wlVCB0Q-gNN0BUBgBcB%26num%3D1%26sig%3DAOD64_1-2ocUhLxYuBgNu4Qq-ZhhGJ6RVA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Feb 2024 07:32:26 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1625653
expires
Mon, 26 Jul 1997 05:00:00 GMT
B26779844.319997743;dc_pre=CPn-3sq-yIQDFaeJgwcdnK8Jsw;dc_trk_aid=512442708;dc_trk_cid=161146427;dcopt=anid;ord=65dc3e8a7ba0d403ccfee9c5a156f8e5;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
ad.doubleclick.net/ddm/trackimp/N1343778.154378CRITEO/ Frame 526E
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1343778.154378CRITEO/B26779844.319997743;dc_trk_aid=512442708;dc_trk_cid=161146427;dcopt=anid;ord=65dc3e8a7ba0d403ccfee9c5a156f8e5;dc_lat=;dc_rdid=;tag_for_...
  • https://ad.doubleclick.net/ddm/trackimp/N1343778.154378CRITEO/B26779844.319997743;dc_pre=CPn-3sq-yIQDFaeJgwcdnK8Jsw;dc_trk_aid=512442708;dc_trk_cid=161146427;dcopt=anid;ord=65dc3e8a7ba0d403ccfee9c5...
42 B
339 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1343778.154378CRITEO/B26779844.319997743;dc_pre=CPn-3sq-yIQDFaeJgwcdnK8Jsw;dc_trk_aid=512442708;dc_trk_cid=161146427;dcopt=anid;ord=65dc3e8a7ba0d403ccfee9c5a156f8e5;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;;ltd=;dc_tdv=1?
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igAIouoIVQnjAAP6EHYms3fiGSGNgMS2Sw&u=%7Ckg5gc4rNOo7W7Rpzmzan3svDYlc3CLihfKtZdsoS8zA%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37N_IRw2GZaxAfrTwL4yR1DQg7NFNPSptE4fExhVxGY0-n2rJDJvj48ZUweOud_PKkRVdV12ryF3R3-5myEvEX816hpeGtUMAtxThj9R4ilYxXpDSGLdC7Q-Mtkh1bWqOWFfqLPUR98EoMIF6QqZtSy4WNh8EhXsk_LKaaN-vV4yrLOq-E1c-dJGXw5h8iGgaNHoOuC01QKzDL1NBxUFK2eV6PgJlfoXUnEbCgKAABkFgedXznQoh1MP8ITRuj-EtCQX6UK7iolV4p4oQb7RRcGAasBE12A3PmjNmwQUCWijt4NRwJg7Pgm7TzouMOxJ4ID3_QAY5HugS6OCOlruqHaflTWPFzL_varXKLxqRlUwjG311onWwvbWsXEm2c3ccCOMFMTgjwfZL5MGFp8BB8G2ZLN3GGRtR6khf1-b1QzixMPmCH3nhU1zpsmSHz-8u_u9-k5DCBL9Rw9AFHnpLPgTjSZwqXH4BXRuXKV84iPNRlhXMe5G85NL_wM4fUCVQWZkwnvhZAqkH0j75EuoQeHnphpuHP4NPFn7a6MwEsoVjsWSh-g9DZRHb3hKji9k58Z0dz7gqvSKKLvU1_KV0kMJrTGWQW9QgGPOk2j9o4vFxYPtwVPNQVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3dBXij7cZerFIuOT1PIPkPSP6ATJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT-AU_QUgWzDQY9V6YNKY5G3wXECoDbPzaN0VJv89xG-hdorpDmQJfF1Om_p-4KsJ6rOvFzG75omZBMhjNVjOxmqAE_uXDvFZJOzNiZ201L6f3l2wUkmtyd4GeUXmyIkvjOo_Fkqv6mPaNlxPNXjGs4Usslwd94HS4-YLWS7CI45HIVJ6vX8O0H3WeYnWw8jb4H8GlARU09vuDE4lxHQKlt7R2C-Z-uaB-5rP2WySD8hBAIuODUXLWqZQhlXMw1PJtIf9VoYcWQe6OSHAwpOGg73St_06AjBVJ5KyUAgxI049HCjpvSXLqqIkVQxyyFrnkEoFkZaBbErSg6nN-lzVeX4AQBgAbBnf2K5pX0-wugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICUDki9_cE6WLKuosq-yIQD-gsCCAGADAHiDRMI1eWiyr7IhAMV4wlVCB0Q-gNN0BUBgBcB%26num%3D1%26sig%3DAOD64_1-2ocUhLxYuBgNu4Qq-ZhhGJ6RVA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Feb 2024 07:32:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Feb 2024 07:32:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1343778.154378CRITEO/B26779844.319997743;dc_pre=CPn-3sq-yIQDFaeJgwcdnK8Jsw;dc_trk_aid=512442708;dc_trk_cid=161146427;dcopt=anid;ord=65dc3e8a7ba0d403ccfee9c5a156f8e5;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;;ltd=;dc_tdv=1?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 526E
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igAIouoIVQnjAAP6EHYms3fiGSGNgMS2Sw&u=%7Ckg5gc4rNOo7W7Rpzmzan3svDYlc3CLihfKtZdsoS8zA%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37N_IRw2GZaxAfrTwL4yR1DQg7NFNPSptE4fExhVxGY0-n2rJDJvj48ZUweOud_PKkRVdV12ryF3R3-5myEvEX816hpeGtUMAtxThj9R4ilYxXpDSGLdC7Q-Mtkh1bWqOWFfqLPUR98EoMIF6QqZtSy4WNh8EhXsk_LKaaN-vV4yrLOq-E1c-dJGXw5h8iGgaNHoOuC01QKzDL1NBxUFK2eV6PgJlfoXUnEbCgKAABkFgedXznQoh1MP8ITRuj-EtCQX6UK7iolV4p4oQb7RRcGAasBE12A3PmjNmwQUCWijt4NRwJg7Pgm7TzouMOxJ4ID3_QAY5HugS6OCOlruqHaflTWPFzL_varXKLxqRlUwjG311onWwvbWsXEm2c3ccCOMFMTgjwfZL5MGFp8BB8G2ZLN3GGRtR6khf1-b1QzixMPmCH3nhU1zpsmSHz-8u_u9-k5DCBL9Rw9AFHnpLPgTjSZwqXH4BXRuXKV84iPNRlhXMe5G85NL_wM4fUCVQWZkwnvhZAqkH0j75EuoQeHnphpuHP4NPFn7a6MwEsoVjsWSh-g9DZRHb3hKji9k58Z0dz7gqvSKKLvU1_KV0kMJrTGWQW9QgGPOk2j9o4vFxYPtwVPNQVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3dBXij7cZerFIuOT1PIPkPSP6ATJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT-AU_QUgWzDQY9V6YNKY5G3wXECoDbPzaN0VJv89xG-hdorpDmQJfF1Om_p-4KsJ6rOvFzG75omZBMhjNVjOxmqAE_uXDvFZJOzNiZ201L6f3l2wUkmtyd4GeUXmyIkvjOo_Fkqv6mPaNlxPNXjGs4Usslwd94HS4-YLWS7CI45HIVJ6vX8O0H3WeYnWw8jb4H8GlARU09vuDE4lxHQKlt7R2C-Z-uaB-5rP2WySD8hBAIuODUXLWqZQhlXMw1PJtIf9VoYcWQe6OSHAwpOGg73St_06AjBVJ5KyUAgxI049HCjpvSXLqqIkVQxyyFrnkEoFkZaBbErSg6nN-lzVeX4AQBgAbBnf2K5pX0-wugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICUDki9_cE6WLKuosq-yIQD-gsCCAGADAHiDRMI1eWiyr7IhAMV4wlVCB0Q-gNN0BUBgBcB%26num%3D1%26sig%3DAOD64_1-2ocUhLxYuBgNu4Qq-ZhhGJ6RVA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 20 Feb 2025 07:32:27 GMT
img
imageproxy.eu.criteo.net/img/ Frame 526E
4 KB
4 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=64286&q=80&r=0&u=https%3A%2F%2Fis4.revolveassets.com%2Fimages%2Fp4%2Fn%2Fd%2FOUAR-WU127_V1.jpg&v=3&w=400&rid=4&s=6Mwc2QtS6NM07iTzv_tZg6TR&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igAIouoIVQnjAAP6EHYms3fiGSGNgMS2Sw&u=%7Ckg5gc4rNOo7W7Rpzmzan3svDYlc3CLihfKtZdsoS8zA%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37N_IRw2GZaxAfrTwL4yR1DQg7NFNPSptE4fExhVxGY0-n2rJDJvj48ZUweOud_PKkRVdV12ryF3R3-5myEvEX816hpeGtUMAtxThj9R4ilYxXpDSGLdC7Q-Mtkh1bWqOWFfqLPUR98EoMIF6QqZtSy4WNh8EhXsk_LKaaN-vV4yrLOq-E1c-dJGXw5h8iGgaNHoOuC01QKzDL1NBxUFK2eV6PgJlfoXUnEbCgKAABkFgedXznQoh1MP8ITRuj-EtCQX6UK7iolV4p4oQb7RRcGAasBE12A3PmjNmwQUCWijt4NRwJg7Pgm7TzouMOxJ4ID3_QAY5HugS6OCOlruqHaflTWPFzL_varXKLxqRlUwjG311onWwvbWsXEm2c3ccCOMFMTgjwfZL5MGFp8BB8G2ZLN3GGRtR6khf1-b1QzixMPmCH3nhU1zpsmSHz-8u_u9-k5DCBL9Rw9AFHnpLPgTjSZwqXH4BXRuXKV84iPNRlhXMe5G85NL_wM4fUCVQWZkwnvhZAqkH0j75EuoQeHnphpuHP4NPFn7a6MwEsoVjsWSh-g9DZRHb3hKji9k58Z0dz7gqvSKKLvU1_KV0kMJrTGWQW9QgGPOk2j9o4vFxYPtwVPNQVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3dBXij7cZerFIuOT1PIPkPSP6ATJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT-AU_QUgWzDQY9V6YNKY5G3wXECoDbPzaN0VJv89xG-hdorpDmQJfF1Om_p-4KsJ6rOvFzG75omZBMhjNVjOxmqAE_uXDvFZJOzNiZ201L6f3l2wUkmtyd4GeUXmyIkvjOo_Fkqv6mPaNlxPNXjGs4Usslwd94HS4-YLWS7CI45HIVJ6vX8O0H3WeYnWw8jb4H8GlARU09vuDE4lxHQKlt7R2C-Z-uaB-5rP2WySD8hBAIuODUXLWqZQhlXMw1PJtIf9VoYcWQe6OSHAwpOGg73St_06AjBVJ5KyUAgxI049HCjpvSXLqqIkVQxyyFrnkEoFkZaBbErSg6nN-lzVeX4AQBgAbBnf2K5pX0-wugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICUDki9_cE6WLKuosq-yIQD-gsCCAGADAHiDRMI1eWiyr7IhAMV4wlVCB0Q-gNN0BUBgBcB%26num%3D1%26sig%3DAOD64_1-2ocUhLxYuBgNu4Qq-ZhhGJ6RVA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
88ec91c23abd5a95cdcd13b93d7b5047cc829d378167563b123c679005705262
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=77859
timing-allow-origin
*
content-length
4392
expires
Mon, 26 Feb 2024 23:30:36 GMT
img
imageproxy.eu.criteo.net/img/ Frame 526E
3 KB
3 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=64286&q=80&r=0&u=https%3A%2F%2Fis4.revolveassets.com%2Fimages%2Fp4%2Fn%2Fd%2FILIR-WU124_V1.jpg&v=3&w=400&rid=4&s=76CDoG0HwPz7JMlO0C4shW4k&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igAIouoIVQnjAAP6EHYms3fiGSGNgMS2Sw&u=%7Ckg5gc4rNOo7W7Rpzmzan3svDYlc3CLihfKtZdsoS8zA%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37N_IRw2GZaxAfrTwL4yR1DQg7NFNPSptE4fExhVxGY0-n2rJDJvj48ZUweOud_PKkRVdV12ryF3R3-5myEvEX816hpeGtUMAtxThj9R4ilYxXpDSGLdC7Q-Mtkh1bWqOWFfqLPUR98EoMIF6QqZtSy4WNh8EhXsk_LKaaN-vV4yrLOq-E1c-dJGXw5h8iGgaNHoOuC01QKzDL1NBxUFK2eV6PgJlfoXUnEbCgKAABkFgedXznQoh1MP8ITRuj-EtCQX6UK7iolV4p4oQb7RRcGAasBE12A3PmjNmwQUCWijt4NRwJg7Pgm7TzouMOxJ4ID3_QAY5HugS6OCOlruqHaflTWPFzL_varXKLxqRlUwjG311onWwvbWsXEm2c3ccCOMFMTgjwfZL5MGFp8BB8G2ZLN3GGRtR6khf1-b1QzixMPmCH3nhU1zpsmSHz-8u_u9-k5DCBL9Rw9AFHnpLPgTjSZwqXH4BXRuXKV84iPNRlhXMe5G85NL_wM4fUCVQWZkwnvhZAqkH0j75EuoQeHnphpuHP4NPFn7a6MwEsoVjsWSh-g9DZRHb3hKji9k58Z0dz7gqvSKKLvU1_KV0kMJrTGWQW9QgGPOk2j9o4vFxYPtwVPNQVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3dBXij7cZerFIuOT1PIPkPSP6ATJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT-AU_QUgWzDQY9V6YNKY5G3wXECoDbPzaN0VJv89xG-hdorpDmQJfF1Om_p-4KsJ6rOvFzG75omZBMhjNVjOxmqAE_uXDvFZJOzNiZ201L6f3l2wUkmtyd4GeUXmyIkvjOo_Fkqv6mPaNlxPNXjGs4Usslwd94HS4-YLWS7CI45HIVJ6vX8O0H3WeYnWw8jb4H8GlARU09vuDE4lxHQKlt7R2C-Z-uaB-5rP2WySD8hBAIuODUXLWqZQhlXMw1PJtIf9VoYcWQe6OSHAwpOGg73St_06AjBVJ5KyUAgxI049HCjpvSXLqqIkVQxyyFrnkEoFkZaBbErSg6nN-lzVeX4AQBgAbBnf2K5pX0-wugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICUDki9_cE6WLKuosq-yIQD-gsCCAGADAHiDRMI1eWiyr7IhAMV4wlVCB0Q-gNN0BUBgBcB%26num%3D1%26sig%3DAOD64_1-2ocUhLxYuBgNu4Qq-ZhhGJ6RVA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b5112ae4675152f8ddd7c328145fe6ee7040cb43f241fb77e964931de6cadd70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=78175
timing-allow-origin
*
content-length
2842
expires
Mon, 26 Feb 2024 11:04:10 GMT
img
imageproxy.eu.criteo.net/img/ Frame 526E
14 KB
14 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=64286&q=80&r=0&u=https%3A%2F%2Fis4.revolveassets.com%2Fimages%2Fp4%2Fn%2Fd%2FLMME-WU5_V1.jpg&v=3&w=400&rid=4&s=Sgm80ubxlklXC06gE7kVxryk&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igAIouoIVQnjAAP6EHYms3fiGSGNgMS2Sw&u=%7Ckg5gc4rNOo7W7Rpzmzan3svDYlc3CLihfKtZdsoS8zA%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37N_IRw2GZaxAfrTwL4yR1DQg7NFNPSptE4fExhVxGY0-n2rJDJvj48ZUweOud_PKkRVdV12ryF3R3-5myEvEX816hpeGtUMAtxThj9R4ilYxXpDSGLdC7Q-Mtkh1bWqOWFfqLPUR98EoMIF6QqZtSy4WNh8EhXsk_LKaaN-vV4yrLOq-E1c-dJGXw5h8iGgaNHoOuC01QKzDL1NBxUFK2eV6PgJlfoXUnEbCgKAABkFgedXznQoh1MP8ITRuj-EtCQX6UK7iolV4p4oQb7RRcGAasBE12A3PmjNmwQUCWijt4NRwJg7Pgm7TzouMOxJ4ID3_QAY5HugS6OCOlruqHaflTWPFzL_varXKLxqRlUwjG311onWwvbWsXEm2c3ccCOMFMTgjwfZL5MGFp8BB8G2ZLN3GGRtR6khf1-b1QzixMPmCH3nhU1zpsmSHz-8u_u9-k5DCBL9Rw9AFHnpLPgTjSZwqXH4BXRuXKV84iPNRlhXMe5G85NL_wM4fUCVQWZkwnvhZAqkH0j75EuoQeHnphpuHP4NPFn7a6MwEsoVjsWSh-g9DZRHb3hKji9k58Z0dz7gqvSKKLvU1_KV0kMJrTGWQW9QgGPOk2j9o4vFxYPtwVPNQVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3dBXij7cZerFIuOT1PIPkPSP6ATJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT-AU_QUgWzDQY9V6YNKY5G3wXECoDbPzaN0VJv89xG-hdorpDmQJfF1Om_p-4KsJ6rOvFzG75omZBMhjNVjOxmqAE_uXDvFZJOzNiZ201L6f3l2wUkmtyd4GeUXmyIkvjOo_Fkqv6mPaNlxPNXjGs4Usslwd94HS4-YLWS7CI45HIVJ6vX8O0H3WeYnWw8jb4H8GlARU09vuDE4lxHQKlt7R2C-Z-uaB-5rP2WySD8hBAIuODUXLWqZQhlXMw1PJtIf9VoYcWQe6OSHAwpOGg73St_06AjBVJ5KyUAgxI049HCjpvSXLqqIkVQxyyFrnkEoFkZaBbErSg6nN-lzVeX4AQBgAbBnf2K5pX0-wugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICUDki9_cE6WLKuosq-yIQD-gsCCAGADAHiDRMI1eWiyr7IhAMV4wlVCB0Q-gNN0BUBgBcB%26num%3D1%26sig%3DAOD64_1-2ocUhLxYuBgNu4Qq-ZhhGJ6RVA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
33037d967f08dbc42e9803a10a776ed326c9123e06706447c8926a858295e19d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=77086
timing-allow-origin
*
content-length
14264
expires
Mon, 26 Feb 2024 12:56:34 GMT
img
imageproxy.eu.criteo.net/img/ Frame 526E
6 KB
6 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=64286&q=80&r=0&u=https%3A%2F%2Fis4.revolveassets.com%2Fimages%2Fp4%2Fn%2Fd%2FSERR-WC3_V1.jpg&v=3&w=400&rid=4&s=kEhmFUv4aJH2sI5FEsq1SmyN&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igAIouoIVQnjAAP6EHYms3fiGSGNgMS2Sw&u=%7Ckg5gc4rNOo7W7Rpzmzan3svDYlc3CLihfKtZdsoS8zA%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37N_IRw2GZaxAfrTwL4yR1DQg7NFNPSptE4fExhVxGY0-n2rJDJvj48ZUweOud_PKkRVdV12ryF3R3-5myEvEX816hpeGtUMAtxThj9R4ilYxXpDSGLdC7Q-Mtkh1bWqOWFfqLPUR98EoMIF6QqZtSy4WNh8EhXsk_LKaaN-vV4yrLOq-E1c-dJGXw5h8iGgaNHoOuC01QKzDL1NBxUFK2eV6PgJlfoXUnEbCgKAABkFgedXznQoh1MP8ITRuj-EtCQX6UK7iolV4p4oQb7RRcGAasBE12A3PmjNmwQUCWijt4NRwJg7Pgm7TzouMOxJ4ID3_QAY5HugS6OCOlruqHaflTWPFzL_varXKLxqRlUwjG311onWwvbWsXEm2c3ccCOMFMTgjwfZL5MGFp8BB8G2ZLN3GGRtR6khf1-b1QzixMPmCH3nhU1zpsmSHz-8u_u9-k5DCBL9Rw9AFHnpLPgTjSZwqXH4BXRuXKV84iPNRlhXMe5G85NL_wM4fUCVQWZkwnvhZAqkH0j75EuoQeHnphpuHP4NPFn7a6MwEsoVjsWSh-g9DZRHb3hKji9k58Z0dz7gqvSKKLvU1_KV0kMJrTGWQW9QgGPOk2j9o4vFxYPtwVPNQVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3dBXij7cZerFIuOT1PIPkPSP6ATJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT-AU_QUgWzDQY9V6YNKY5G3wXECoDbPzaN0VJv89xG-hdorpDmQJfF1Om_p-4KsJ6rOvFzG75omZBMhjNVjOxmqAE_uXDvFZJOzNiZ201L6f3l2wUkmtyd4GeUXmyIkvjOo_Fkqv6mPaNlxPNXjGs4Usslwd94HS4-YLWS7CI45HIVJ6vX8O0H3WeYnWw8jb4H8GlARU09vuDE4lxHQKlt7R2C-Z-uaB-5rP2WySD8hBAIuODUXLWqZQhlXMw1PJtIf9VoYcWQe6OSHAwpOGg73St_06AjBVJ5KyUAgxI049HCjpvSXLqqIkVQxyyFrnkEoFkZaBbErSg6nN-lzVeX4AQBgAbBnf2K5pX0-wugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICUDki9_cE6WLKuosq-yIQD-gsCCAGADAHiDRMI1eWiyr7IhAMV4wlVCB0Q-gNN0BUBgBcB%26num%3D1%26sig%3DAOD64_1-2ocUhLxYuBgNu4Qq-ZhhGJ6RVA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
55651de407e35a48e050752655c4c775e39f9f9404559baa515b3dc1b4cbf4b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=34820
timing-allow-origin
*
content-length
6432
expires
Mon, 26 Feb 2024 15:45:48 GMT
img
imageproxy.eu.criteo.net/img/ Frame 526E
11 KB
11 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=64286&q=80&r=0&u=https%3A%2F%2Fis4.revolveassets.com%2Fimages%2Fp4%2Fn%2Fd%2FSNCI-WS13_V1.jpg&v=3&w=400&rid=4&s=-Jq2yhwyyWHngXRVS6UtEJ3A&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igAIouoIVQnjAAP6EHYms3fiGSGNgMS2Sw&u=%7Ckg5gc4rNOo7W7Rpzmzan3svDYlc3CLihfKtZdsoS8zA%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37N_IRw2GZaxAfrTwL4yR1DQg7NFNPSptE4fExhVxGY0-n2rJDJvj48ZUweOud_PKkRVdV12ryF3R3-5myEvEX816hpeGtUMAtxThj9R4ilYxXpDSGLdC7Q-Mtkh1bWqOWFfqLPUR98EoMIF6QqZtSy4WNh8EhXsk_LKaaN-vV4yrLOq-E1c-dJGXw5h8iGgaNHoOuC01QKzDL1NBxUFK2eV6PgJlfoXUnEbCgKAABkFgedXznQoh1MP8ITRuj-EtCQX6UK7iolV4p4oQb7RRcGAasBE12A3PmjNmwQUCWijt4NRwJg7Pgm7TzouMOxJ4ID3_QAY5HugS6OCOlruqHaflTWPFzL_varXKLxqRlUwjG311onWwvbWsXEm2c3ccCOMFMTgjwfZL5MGFp8BB8G2ZLN3GGRtR6khf1-b1QzixMPmCH3nhU1zpsmSHz-8u_u9-k5DCBL9Rw9AFHnpLPgTjSZwqXH4BXRuXKV84iPNRlhXMe5G85NL_wM4fUCVQWZkwnvhZAqkH0j75EuoQeHnphpuHP4NPFn7a6MwEsoVjsWSh-g9DZRHb3hKji9k58Z0dz7gqvSKKLvU1_KV0kMJrTGWQW9QgGPOk2j9o4vFxYPtwVPNQVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3dBXij7cZerFIuOT1PIPkPSP6ATJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT-AU_QUgWzDQY9V6YNKY5G3wXECoDbPzaN0VJv89xG-hdorpDmQJfF1Om_p-4KsJ6rOvFzG75omZBMhjNVjOxmqAE_uXDvFZJOzNiZ201L6f3l2wUkmtyd4GeUXmyIkvjOo_Fkqv6mPaNlxPNXjGs4Usslwd94HS4-YLWS7CI45HIVJ6vX8O0H3WeYnWw8jb4H8GlARU09vuDE4lxHQKlt7R2C-Z-uaB-5rP2WySD8hBAIuODUXLWqZQhlXMw1PJtIf9VoYcWQe6OSHAwpOGg73St_06AjBVJ5KyUAgxI049HCjpvSXLqqIkVQxyyFrnkEoFkZaBbErSg6nN-lzVeX4AQBgAbBnf2K5pX0-wugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICUDki9_cE6WLKuosq-yIQD-gsCCAGADAHiDRMI1eWiyr7IhAMV4wlVCB0Q-gNN0BUBgBcB%26num%3D1%26sig%3DAOD64_1-2ocUhLxYuBgNu4Qq-ZhhGJ6RVA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1573e4d74487c65901c9d868b6e47711ca388c18c7cdd5276ebba0e2ced98708
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=78005
timing-allow-origin
*
content-length
11078
expires
Mon, 26 Feb 2024 22:30:13 GMT
img
imageproxy.eu.criteo.net/img/ Frame 526E
14 KB
14 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=64286&q=80&r=0&u=https%3A%2F%2Fis4.revolveassets.com%2Fimages%2Fp4%2Fn%2Fd%2FLMME-WU8_V1.jpg&v=3&w=400&rid=4&s=ROrdKdXrRVxpbPA586AqGJTk&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igAIouoIVQnjAAP6EHYms3fiGSGNgMS2Sw&u=%7Ckg5gc4rNOo7W7Rpzmzan3svDYlc3CLihfKtZdsoS8zA%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37N_IRw2GZaxAfrTwL4yR1DQg7NFNPSptE4fExhVxGY0-n2rJDJvj48ZUweOud_PKkRVdV12ryF3R3-5myEvEX816hpeGtUMAtxThj9R4ilYxXpDSGLdC7Q-Mtkh1bWqOWFfqLPUR98EoMIF6QqZtSy4WNh8EhXsk_LKaaN-vV4yrLOq-E1c-dJGXw5h8iGgaNHoOuC01QKzDL1NBxUFK2eV6PgJlfoXUnEbCgKAABkFgedXznQoh1MP8ITRuj-EtCQX6UK7iolV4p4oQb7RRcGAasBE12A3PmjNmwQUCWijt4NRwJg7Pgm7TzouMOxJ4ID3_QAY5HugS6OCOlruqHaflTWPFzL_varXKLxqRlUwjG311onWwvbWsXEm2c3ccCOMFMTgjwfZL5MGFp8BB8G2ZLN3GGRtR6khf1-b1QzixMPmCH3nhU1zpsmSHz-8u_u9-k5DCBL9Rw9AFHnpLPgTjSZwqXH4BXRuXKV84iPNRlhXMe5G85NL_wM4fUCVQWZkwnvhZAqkH0j75EuoQeHnphpuHP4NPFn7a6MwEsoVjsWSh-g9DZRHb3hKji9k58Z0dz7gqvSKKLvU1_KV0kMJrTGWQW9QgGPOk2j9o4vFxYPtwVPNQVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3dBXij7cZerFIuOT1PIPkPSP6ATJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT-AU_QUgWzDQY9V6YNKY5G3wXECoDbPzaN0VJv89xG-hdorpDmQJfF1Om_p-4KsJ6rOvFzG75omZBMhjNVjOxmqAE_uXDvFZJOzNiZ201L6f3l2wUkmtyd4GeUXmyIkvjOo_Fkqv6mPaNlxPNXjGs4Usslwd94HS4-YLWS7CI45HIVJ6vX8O0H3WeYnWw8jb4H8GlARU09vuDE4lxHQKlt7R2C-Z-uaB-5rP2WySD8hBAIuODUXLWqZQhlXMw1PJtIf9VoYcWQe6OSHAwpOGg73St_06AjBVJ5KyUAgxI049HCjpvSXLqqIkVQxyyFrnkEoFkZaBbErSg6nN-lzVeX4AQBgAbBnf2K5pX0-wugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICUDki9_cE6WLKuosq-yIQD-gsCCAGADAHiDRMI1eWiyr7IhAMV4wlVCB0Q-gNN0BUBgBcB%26num%3D1%26sig%3DAOD64_1-2ocUhLxYuBgNu4Qq-ZhhGJ6RVA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
82a1fe6223b0d35839ffb371a0a8f0f3f9e7d817a5afc52cff4b86d658fdf36b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=77844
timing-allow-origin
*
content-length
14406
expires
Mon, 26 Feb 2024 16:22:13 GMT
img
imageproxy.eu.criteo.net/img/ Frame 526E
4 KB
4 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?h=76&m=0&partner=64286&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F64286%2F200220%2F127a5a65018946a087b9130d24073fb8_logo_n_horizontal_3.png&v=3&w=596&rid=4&s=C2JkOD9CBZ-wRcCg3PTEsfVD
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igAIouoIVQnjAAP6EHYms3fiGSGNgMS2Sw&u=%7Ckg5gc4rNOo7W7Rpzmzan3svDYlc3CLihfKtZdsoS8zA%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37N_IRw2GZaxAfrTwL4yR1DQg7NFNPSptE4fExhVxGY0-n2rJDJvj48ZUweOud_PKkRVdV12ryF3R3-5myEvEX816hpeGtUMAtxThj9R4ilYxXpDSGLdC7Q-Mtkh1bWqOWFfqLPUR98EoMIF6QqZtSy4WNh8EhXsk_LKaaN-vV4yrLOq-E1c-dJGXw5h8iGgaNHoOuC01QKzDL1NBxUFK2eV6PgJlfoXUnEbCgKAABkFgedXznQoh1MP8ITRuj-EtCQX6UK7iolV4p4oQb7RRcGAasBE12A3PmjNmwQUCWijt4NRwJg7Pgm7TzouMOxJ4ID3_QAY5HugS6OCOlruqHaflTWPFzL_varXKLxqRlUwjG311onWwvbWsXEm2c3ccCOMFMTgjwfZL5MGFp8BB8G2ZLN3GGRtR6khf1-b1QzixMPmCH3nhU1zpsmSHz-8u_u9-k5DCBL9Rw9AFHnpLPgTjSZwqXH4BXRuXKV84iPNRlhXMe5G85NL_wM4fUCVQWZkwnvhZAqkH0j75EuoQeHnphpuHP4NPFn7a6MwEsoVjsWSh-g9DZRHb3hKji9k58Z0dz7gqvSKKLvU1_KV0kMJrTGWQW9QgGPOk2j9o4vFxYPtwVPNQVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3dBXij7cZerFIuOT1PIPkPSP6ATJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT-AU_QUgWzDQY9V6YNKY5G3wXECoDbPzaN0VJv89xG-hdorpDmQJfF1Om_p-4KsJ6rOvFzG75omZBMhjNVjOxmqAE_uXDvFZJOzNiZ201L6f3l2wUkmtyd4GeUXmyIkvjOo_Fkqv6mPaNlxPNXjGs4Usslwd94HS4-YLWS7CI45HIVJ6vX8O0H3WeYnWw8jb4H8GlARU09vuDE4lxHQKlt7R2C-Z-uaB-5rP2WySD8hBAIuODUXLWqZQhlXMw1PJtIf9VoYcWQe6OSHAwpOGg73St_06AjBVJ5KyUAgxI049HCjpvSXLqqIkVQxyyFrnkEoFkZaBbErSg6nN-lzVeX4AQBgAbBnf2K5pX0-wugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICUDki9_cE6WLKuosq-yIQD-gsCCAGADAHiDRMI1eWiyr7IhAMV4wlVCB0Q-gNN0BUBgBcB%26num%3D1%26sig%3DAOD64_1-2ocUhLxYuBgNu4Qq-ZhhGJ6RVA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3634695ec36529d8a8851ff5f6e40ae6a6aa6936e29942be1896d933e88e3acf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
3693
expires
Mon, 03 Feb 2025 04:06:26 GMT
all
csm.eu.criteo.net/ Frame 526E
0
128 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=PWluMJUlnCd3lR3GjvAHQewvEgjznuH0rH3MCWY4xJeVpSa-Csz8-V8BmsOsOQCEkmRtQeR-JSXOWKkfj5RvdSgHVYcDr8I1Tfj_KZwbKb5w5RTkQqO602A8W4oY2CobQiJiRs-9BfzK4_musa6AhuE3sXwoex2td3WcnleQXfetFudGtEwAFOM0pF3dr0YhbPvEwKkLjfiaKPzwcIFaRodz-xvTbKO_S6lhwhV5Uq7zvD7Ms4NfzVRTV6yBNqfmV6jlDQ&sds=2&rev=90787.5&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igAIouoIVQnjAAP6EHYms3fiGSGNgMS2Sw&u=%7Ckg5gc4rNOo7W7Rpzmzan3svDYlc3CLihfKtZdsoS8zA%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37N_IRw2GZaxAfrTwL4yR1DQg7NFNPSptE4fExhVxGY0-n2rJDJvj48ZUweOud_PKkRVdV12ryF3R3-5myEvEX816hpeGtUMAtxThj9R4ilYxXpDSGLdC7Q-Mtkh1bWqOWFfqLPUR98EoMIF6QqZtSy4WNh8EhXsk_LKaaN-vV4yrLOq-E1c-dJGXw5h8iGgaNHoOuC01QKzDL1NBxUFK2eV6PgJlfoXUnEbCgKAABkFgedXznQoh1MP8ITRuj-EtCQX6UK7iolV4p4oQb7RRcGAasBE12A3PmjNmwQUCWijt4NRwJg7Pgm7TzouMOxJ4ID3_QAY5HugS6OCOlruqHaflTWPFzL_varXKLxqRlUwjG311onWwvbWsXEm2c3ccCOMFMTgjwfZL5MGFp8BB8G2ZLN3GGRtR6khf1-b1QzixMPmCH3nhU1zpsmSHz-8u_u9-k5DCBL9Rw9AFHnpLPgTjSZwqXH4BXRuXKV84iPNRlhXMe5G85NL_wM4fUCVQWZkwnvhZAqkH0j75EuoQeHnphpuHP4NPFn7a6MwEsoVjsWSh-g9DZRHb3hKji9k58Z0dz7gqvSKKLvU1_KV0kMJrTGWQW9QgGPOk2j9o4vFxYPtwVPNQVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3dBXij7cZerFIuOT1PIPkPSP6ATJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT-AU_QUgWzDQY9V6YNKY5G3wXECoDbPzaN0VJv89xG-hdorpDmQJfF1Om_p-4KsJ6rOvFzG75omZBMhjNVjOxmqAE_uXDvFZJOzNiZ201L6f3l2wUkmtyd4GeUXmyIkvjOo_Fkqv6mPaNlxPNXjGs4Usslwd94HS4-YLWS7CI45HIVJ6vX8O0H3WeYnWw8jb4H8GlARU09vuDE4lxHQKlt7R2C-Z-uaB-5rP2WySD8hBAIuODUXLWqZQhlXMw1PJtIf9VoYcWQe6OSHAwpOGg73St_06AjBVJ5KyUAgxI049HCjpvSXLqqIkVQxyyFrnkEoFkZaBbErSg6nN-lzVeX4AQBgAbBnf2K5pX0-wugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICUDki9_cE6WLKuosq-yIQD-gsCCAGADAHiDRMI1eWiyr7IhAMV4wlVCB0Q-gNN0BUBgBcB%26num%3D1%26sig%3DAOD64_1-2ocUhLxYuBgNu4Qq-ZhhGJ6RVA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 26 Feb 2024 07:32:26 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
privacy.svg
static.criteo.net/flash/icon/ Frame 526E
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igAIouoIVQnjAAP6EHYms3fiGSGNgMS2Sw&u=%7Ckg5gc4rNOo7W7Rpzmzan3svDYlc3CLihfKtZdsoS8zA%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37N_IRw2GZaxAfrTwL4yR1DQg7NFNPSptE4fExhVxGY0-n2rJDJvj48ZUweOud_PKkRVdV12ryF3R3-5myEvEX816hpeGtUMAtxThj9R4ilYxXpDSGLdC7Q-Mtkh1bWqOWFfqLPUR98EoMIF6QqZtSy4WNh8EhXsk_LKaaN-vV4yrLOq-E1c-dJGXw5h8iGgaNHoOuC01QKzDL1NBxUFK2eV6PgJlfoXUnEbCgKAABkFgedXznQoh1MP8ITRuj-EtCQX6UK7iolV4p4oQb7RRcGAasBE12A3PmjNmwQUCWijt4NRwJg7Pgm7TzouMOxJ4ID3_QAY5HugS6OCOlruqHaflTWPFzL_varXKLxqRlUwjG311onWwvbWsXEm2c3ccCOMFMTgjwfZL5MGFp8BB8G2ZLN3GGRtR6khf1-b1QzixMPmCH3nhU1zpsmSHz-8u_u9-k5DCBL9Rw9AFHnpLPgTjSZwqXH4BXRuXKV84iPNRlhXMe5G85NL_wM4fUCVQWZkwnvhZAqkH0j75EuoQeHnphpuHP4NPFn7a6MwEsoVjsWSh-g9DZRHb3hKji9k58Z0dz7gqvSKKLvU1_KV0kMJrTGWQW9QgGPOk2j9o4vFxYPtwVPNQVZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3dBXij7cZerFIuOT1PIPkPSP6ATJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT-AU_QUgWzDQY9V6YNKY5G3wXECoDbPzaN0VJv89xG-hdorpDmQJfF1Om_p-4KsJ6rOvFzG75omZBMhjNVjOxmqAE_uXDvFZJOzNiZ201L6f3l2wUkmtyd4GeUXmyIkvjOo_Fkqv6mPaNlxPNXjGs4Usslwd94HS4-YLWS7CI45HIVJ6vX8O0H3WeYnWw8jb4H8GlARU09vuDE4lxHQKlt7R2C-Z-uaB-5rP2WySD8hBAIuODUXLWqZQhlXMw1PJtIf9VoYcWQe6OSHAwpOGg73St_06AjBVJ5KyUAgxI049HCjpvSXLqqIkVQxyyFrnkEoFkZaBbErSg6nN-lzVeX4AQBgAbBnf2K5pX0-wugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICUDki9_cE6WLKuosq-yIQD-gsCCAGADAHiDRMI1eWiyr7IhAMV4wlVCB0Q-gNN0BUBgBcB%26num%3D1%26sig%3DAOD64_1-2ocUhLxYuBgNu4Qq-ZhhGJ6RVA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 20 Feb 2025 07:32:27 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402200101&jk=3225456218294825&bg=!paalpunNAAZ3BdUuVwU7ADQBe5WfOKDCawUx3UREWcrf2AQtIL2jeMIQWfL6wymajIx-Y9XtV5qps2-n0I-mWcXg9e8FAgAAAE9SAAAAAmgBB5kDH_Lg6qthJmkN3wuw8iRZfNc-v6LIhTPdeG8HkAslS7woieWdZP0xNMONtIRxnpN-DZis_JN5uJeUyNjfNbh4lS3Z-qlBo-ULhB_73J_4FX0Z4bymTTjpsBlYDOnQVlyCLqneILeQEggQZXDHr2wATFPwZdICtr9yBZX_Ck6ynzDXHcfkdtEbpeugVoho6sXvkYkeYEKlf1cae5k2lVRhElTpW0utUfex8a1f6_zJC2kXN9VXsNXNETEZA2dLJyNd1mmE3fHOKjJhvzZoz75O8pyUzJjb8GdkjDv4_yhTLLUd_nAI1JGByzTbtCnHsmfXMjPFlGEcqON6CegDMb_tdDa0yKvmeteXeCJSwEmExljNuScyACgnUxbrtET3ENuLXLajWbO1UC0FVWCKUrJyB5S6X-PHmu5OAeqOJjybPjBUMEfdN6AD4Ks17ojWsd02oWW-Qn0MTK8d_3eqDhlyM3jYC9d5mhpv_iQfJo5Z_ItX9U8X6Gv7Xx32HFeVeFg5W5XOSDXqCH4Kqe50mbKo5j6R-CXL6PSrq7vE1er5FGIym1jdy3ODS1xQe4xiMVKCrlPqLeKXZla8CfgmXgjIVqJlpiJ6Vn3jKpaECsXtzjmaWs69n2eSR6mq2sWD5SgTwBX7o2WXZaVZhl6f3s-Aq8q8kIS43nCUKUSoYijQDH3m_tRTHAjWsXemK6H95DUuKkuErDJCZw4HvsuVHcXOLhec0QRKNZaVkWzxMfX7miO0QllTx4Vve5WaHb78XpGtzNjzqi4mkg4NGUtOOOTfJ6TG4gciTj6Ebj5kYX6H9FUOcFDKQVXX3WO9W-4pWPQURaW-TV8stci2uUI8svqHrelPEd1nRaNojn5cS8SqDq1u-ytdjWzkAu5-aivzt7n5wR1pGClsS8_6r8OIVu8ov7EccYPJZgyUHOSxCpOBbrFj7He6mwj5rOHrcNHTNViKW-YNal2J7zzcig8mhhrULw9AbO5Gh8iq2Y2qHeKcxog705SjtUbBSVYJ8ogPiFyaYlbyvG8T6UVxaNdT0A9lyDEEitDnKoLZX8PLEHu22Wo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.infokeeda.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

container.html
5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A4E3
6 KB
3 KB
Document
General
Full URL
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js?cb=31081346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.infokeeda.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Feb 2024 07:32:26 GMT
expires
Tue, 25 Feb 2025 07:32:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 1C51
164 KB
52 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igANtpMIVSuUAAp_EzN3dPdMr3vP31QmCw&u=%7Cff5pF1GHMsCHNxN32xdq2ZEfBL0vo4MQzzGm3SkU2SA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_n31MQyFig-4JM3Evzx297O6Xdnvie514Tl5O9KRf8Iy98OA4C17yPuyMPFs52kGKwQs_jDM3-8F8scLiImkhbcP4sxGT6RvwNj0xqHuh0wuYrVAFILhc4qvcBdxNEenRyjA3JQdPbTQ6ZNb2yCyBz7AfT5gQZgFSPjGM0J7Zb1jVVTMlFV5P5jpSZsDM-URWtteaKJo4IKj-PYyrkBy5TYqgd3AsRMxpq7XvrOwddbTT1dNyWj_KWNcvopPXkkSq9jCVThts0z83dz7YDN803rlNcU2EvhmtN-uOog7gKROjcY3p2VsOxcU4kquKLEpC_WSX8QpAYscF2mi_dHup83XAwO7cMQpbTiN7VOE2je7XXSPshbGArVcWEmj7zkOXyyAD4EuZ7kC63YcdzJP1-sUI-pOpBIS5iIcRKdRlP-cjHR9t5lTm_o9BgN1Z-efS7RaCkNnDs3junJPfcgsoDSKonWQZboy3hJMuJBpzN_bkxEm8W165NDPRo4lrsOzIzT67Ca8q7BUbUrVAJstcBLdjrlvkh6CkElqo2H0H9Z4YlF7OdOe0J9VbGEH8GNgox&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAIOUij7cZZPtNpTX1PIPk_6pwAPJntKxXM2jlvdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT4AU_Q-dwdpuhuqkoK6VjvXtE6DPsy2nvm9olGjgk9SU23u7CK4JjU_YqOMxJmLDRPWSFnzDAxJrASU1NaLImDxFuo41twgkDZvCGutS2Foj6fSUBWSBVgKz6WA6BuGXjNE4KExHMQLgp2Qsb_DuuYkS-60VXtfyk8K7-fF0k5LKra2TlKkcQgh4x5Bh48CvR8O0vpQSiaHMEdA5wis06Ik9EcYx1U6sb-Ss_p672dGE_kSPFeGaAvz3bCIkTfkfRi5a39ABHlACR-KFB_A34E28hMFCJxyE6j42J2oEZf2ha2gOziEYyIfOsNAlvzvyuUHxsERMYbVp1Z4AQBgAaI_prd15LFtqMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YAQEAEyAqoCOgmAQICAhICAlA5Ivf3BOljPtKLKvsiEA_oLAggBgAwB4g0TCOP3osq-yIQDFZQrVQgdE38KONAVAYAXAQ%26num%3D1%26sig%3DAOD64_0f4gdw3XlGqncs-wbXMJuk-Q1BUA%26client%3Dca-pub-2319441746403294%26adurl%3D
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2a58703bfbd64909a2c50c126d827db99706df5b5f0f671e3917b9ac05e1b1f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 26 Feb 2024 07:32:27 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=TEPOZJUlnCd3lR3GFYPk5iXz8V3Wq5uHtzbbST9dgUok04fdarzkLW2TuX8-dmjPN6ZjNno5O3dOYsxW5XXOgniNdMh8TfQ3t0Q5fv9_MhfQi10YvOS6OFlozB0AGnOiIFNHtlZyDpJ7ltbphVCPqc_rsgKN3vrUVDaPC89uS_zzMukIctHt8nRl6Qf6gq87dQp7wYdqT4yAWBsFVB6-F3jxIBdzfu2O3s77sQZEIsbFgsVZ6YdYyz9jQWwlTIQ25rk0NA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
41149409
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame A4E3
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 20:12:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
40779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 20:12:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame A4E3
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 23:01:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
30672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8211
x-xss-protection
0
server
cafe
etag
3968847549730513390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 23:01:15 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A4E3
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 07:41:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
431461
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 20 Feb 2025 07:41:26 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A4E3
204 KB
61 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:19:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
752
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62895
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-2
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 26 Feb 2024 08:19:55 GMT
container.html
5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C4D3
6 KB
3 KB
Document
General
Full URL
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js?cb=31081346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.infokeeda.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Feb 2024 07:32:26 GMT
expires
Tue, 25 Feb 2025 07:32:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1DAC
6 KB
3 KB
Document
General
Full URL
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js?cb=31081346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.infokeeda.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Feb 2024 07:32:26 GMT
expires
Tue, 25 Feb 2025 07:32:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 1C51
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igANtpMIVSuUAAp_EzN3dPdMr3vP31QmCw&u=%7Cff5pF1GHMsCHNxN32xdq2ZEfBL0vo4MQzzGm3SkU2SA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_n31MQyFig-4JM3Evzx297O6Xdnvie514Tl5O9KRf8Iy98OA4C17yPuyMPFs52kGKwQs_jDM3-8F8scLiImkhbcP4sxGT6RvwNj0xqHuh0wuYrVAFILhc4qvcBdxNEenRyjA3JQdPbTQ6ZNb2yCyBz7AfT5gQZgFSPjGM0J7Zb1jVVTMlFV5P5jpSZsDM-URWtteaKJo4IKj-PYyrkBy5TYqgd3AsRMxpq7XvrOwddbTT1dNyWj_KWNcvopPXkkSq9jCVThts0z83dz7YDN803rlNcU2EvhmtN-uOog7gKROjcY3p2VsOxcU4kquKLEpC_WSX8QpAYscF2mi_dHup83XAwO7cMQpbTiN7VOE2je7XXSPshbGArVcWEmj7zkOXyyAD4EuZ7kC63YcdzJP1-sUI-pOpBIS5iIcRKdRlP-cjHR9t5lTm_o9BgN1Z-efS7RaCkNnDs3junJPfcgsoDSKonWQZboy3hJMuJBpzN_bkxEm8W165NDPRo4lrsOzIzT67Ca8q7BUbUrVAJstcBLdjrlvkh6CkElqo2H0H9Z4YlF7OdOe0J9VbGEH8GNgox&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAIOUij7cZZPtNpTX1PIPk_6pwAPJntKxXM2jlvdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT4AU_Q-dwdpuhuqkoK6VjvXtE6DPsy2nvm9olGjgk9SU23u7CK4JjU_YqOMxJmLDRPWSFnzDAxJrASU1NaLImDxFuo41twgkDZvCGutS2Foj6fSUBWSBVgKz6WA6BuGXjNE4KExHMQLgp2Qsb_DuuYkS-60VXtfyk8K7-fF0k5LKra2TlKkcQgh4x5Bh48CvR8O0vpQSiaHMEdA5wis06Ik9EcYx1U6sb-Ss_p672dGE_kSPFeGaAvz3bCIkTfkfRi5a39ABHlACR-KFB_A34E28hMFCJxyE6j42J2oEZf2ha2gOziEYyIfOsNAlvzvyuUHxsERMYbVp1Z4AQBgAaI_prd15LFtqMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YAQEAEyAqoCOgmAQICAhICAlA5Ivf3BOljPtKLKvsiEA_oLAggBgAwB4g0TCOP3osq-yIQDFZQrVQgdE38KONAVAYAXAQ%26num%3D1%26sig%3DAOD64_0f4gdw3XlGqncs-wbXMJuk-Q1BUA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 20 Feb 2025 07:32:27 GMT
adchoices_nl.svg
static.criteo.net/flash/icon/ Frame 1C51
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_nl.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igANtpMIVSuUAAp_EzN3dPdMr3vP31QmCw&u=%7Cff5pF1GHMsCHNxN32xdq2ZEfBL0vo4MQzzGm3SkU2SA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_n31MQyFig-4JM3Evzx297O6Xdnvie514Tl5O9KRf8Iy98OA4C17yPuyMPFs52kGKwQs_jDM3-8F8scLiImkhbcP4sxGT6RvwNj0xqHuh0wuYrVAFILhc4qvcBdxNEenRyjA3JQdPbTQ6ZNb2yCyBz7AfT5gQZgFSPjGM0J7Zb1jVVTMlFV5P5jpSZsDM-URWtteaKJo4IKj-PYyrkBy5TYqgd3AsRMxpq7XvrOwddbTT1dNyWj_KWNcvopPXkkSq9jCVThts0z83dz7YDN803rlNcU2EvhmtN-uOog7gKROjcY3p2VsOxcU4kquKLEpC_WSX8QpAYscF2mi_dHup83XAwO7cMQpbTiN7VOE2je7XXSPshbGArVcWEmj7zkOXyyAD4EuZ7kC63YcdzJP1-sUI-pOpBIS5iIcRKdRlP-cjHR9t5lTm_o9BgN1Z-efS7RaCkNnDs3junJPfcgsoDSKonWQZboy3hJMuJBpzN_bkxEm8W165NDPRo4lrsOzIzT67Ca8q7BUbUrVAJstcBLdjrlvkh6CkElqo2H0H9Z4YlF7OdOe0J9VbGEH8GNgox&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAIOUij7cZZPtNpTX1PIPk_6pwAPJntKxXM2jlvdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT4AU_Q-dwdpuhuqkoK6VjvXtE6DPsy2nvm9olGjgk9SU23u7CK4JjU_YqOMxJmLDRPWSFnzDAxJrASU1NaLImDxFuo41twgkDZvCGutS2Foj6fSUBWSBVgKz6WA6BuGXjNE4KExHMQLgp2Qsb_DuuYkS-60VXtfyk8K7-fF0k5LKra2TlKkcQgh4x5Bh48CvR8O0vpQSiaHMEdA5wis06Ik9EcYx1U6sb-Ss_p672dGE_kSPFeGaAvz3bCIkTfkfRi5a39ABHlACR-KFB_A34E28hMFCJxyE6j42J2oEZf2ha2gOziEYyIfOsNAlvzvyuUHxsERMYbVp1Z4AQBgAaI_prd15LFtqMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YAQEAEyAqoCOgmAQICAhICAlA5Ivf3BOljPtKLKvsiEA_oLAggBgAwB4g0TCOP3osq-yIQDFZQrVQgdE38KONAVAYAXAQ%26num%3D1%26sig%3DAOD64_0f4gdw3XlGqncs-wbXMJuk-Q1BUA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-754"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 20 Feb 2025 07:32:27 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 1C51
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igANtpMIVSuUAAp_EzN3dPdMr3vP31QmCw&u=%7Cff5pF1GHMsCHNxN32xdq2ZEfBL0vo4MQzzGm3SkU2SA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_n31MQyFig-4JM3Evzx297O6Xdnvie514Tl5O9KRf8Iy98OA4C17yPuyMPFs52kGKwQs_jDM3-8F8scLiImkhbcP4sxGT6RvwNj0xqHuh0wuYrVAFILhc4qvcBdxNEenRyjA3JQdPbTQ6ZNb2yCyBz7AfT5gQZgFSPjGM0J7Zb1jVVTMlFV5P5jpSZsDM-URWtteaKJo4IKj-PYyrkBy5TYqgd3AsRMxpq7XvrOwddbTT1dNyWj_KWNcvopPXkkSq9jCVThts0z83dz7YDN803rlNcU2EvhmtN-uOog7gKROjcY3p2VsOxcU4kquKLEpC_WSX8QpAYscF2mi_dHup83XAwO7cMQpbTiN7VOE2je7XXSPshbGArVcWEmj7zkOXyyAD4EuZ7kC63YcdzJP1-sUI-pOpBIS5iIcRKdRlP-cjHR9t5lTm_o9BgN1Z-efS7RaCkNnDs3junJPfcgsoDSKonWQZboy3hJMuJBpzN_bkxEm8W165NDPRo4lrsOzIzT67Ca8q7BUbUrVAJstcBLdjrlvkh6CkElqo2H0H9Z4YlF7OdOe0J9VbGEH8GNgox&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAIOUij7cZZPtNpTX1PIPk_6pwAPJntKxXM2jlvdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT4AU_Q-dwdpuhuqkoK6VjvXtE6DPsy2nvm9olGjgk9SU23u7CK4JjU_YqOMxJmLDRPWSFnzDAxJrASU1NaLImDxFuo41twgkDZvCGutS2Foj6fSUBWSBVgKz6WA6BuGXjNE4KExHMQLgp2Qsb_DuuYkS-60VXtfyk8K7-fF0k5LKra2TlKkcQgh4x5Bh48CvR8O0vpQSiaHMEdA5wis06Ik9EcYx1U6sb-Ss_p672dGE_kSPFeGaAvz3bCIkTfkfRi5a39ABHlACR-KFB_A34E28hMFCJxyE6j42J2oEZf2ha2gOziEYyIfOsNAlvzvyuUHxsERMYbVp1Z4AQBgAaI_prd15LFtqMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YAQEAEyAqoCOgmAQICAhICAlA5Ivf3BOljPtKLKvsiEA_oLAggBgAwB4g0TCOP3osq-yIQDFZQrVQgdE38KONAVAYAXAQ%26num%3D1%26sig%3DAOD64_0f4gdw3XlGqncs-wbXMJuk-Q1BUA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 20 Feb 2025 07:32:27 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 1C51
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igANtpMIVSuUAAp_EzN3dPdMr3vP31QmCw&u=%7Cff5pF1GHMsCHNxN32xdq2ZEfBL0vo4MQzzGm3SkU2SA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_n31MQyFig-4JM3Evzx297O6Xdnvie514Tl5O9KRf8Iy98OA4C17yPuyMPFs52kGKwQs_jDM3-8F8scLiImkhbcP4sxGT6RvwNj0xqHuh0wuYrVAFILhc4qvcBdxNEenRyjA3JQdPbTQ6ZNb2yCyBz7AfT5gQZgFSPjGM0J7Zb1jVVTMlFV5P5jpSZsDM-URWtteaKJo4IKj-PYyrkBy5TYqgd3AsRMxpq7XvrOwddbTT1dNyWj_KWNcvopPXkkSq9jCVThts0z83dz7YDN803rlNcU2EvhmtN-uOog7gKROjcY3p2VsOxcU4kquKLEpC_WSX8QpAYscF2mi_dHup83XAwO7cMQpbTiN7VOE2je7XXSPshbGArVcWEmj7zkOXyyAD4EuZ7kC63YcdzJP1-sUI-pOpBIS5iIcRKdRlP-cjHR9t5lTm_o9BgN1Z-efS7RaCkNnDs3junJPfcgsoDSKonWQZboy3hJMuJBpzN_bkxEm8W165NDPRo4lrsOzIzT67Ca8q7BUbUrVAJstcBLdjrlvkh6CkElqo2H0H9Z4YlF7OdOe0J9VbGEH8GNgox&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAIOUij7cZZPtNpTX1PIPk_6pwAPJntKxXM2jlvdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT4AU_Q-dwdpuhuqkoK6VjvXtE6DPsy2nvm9olGjgk9SU23u7CK4JjU_YqOMxJmLDRPWSFnzDAxJrASU1NaLImDxFuo41twgkDZvCGutS2Foj6fSUBWSBVgKz6WA6BuGXjNE4KExHMQLgp2Qsb_DuuYkS-60VXtfyk8K7-fF0k5LKra2TlKkcQgh4x5Bh48CvR8O0vpQSiaHMEdA5wis06Ik9EcYx1U6sb-Ss_p672dGE_kSPFeGaAvz3bCIkTfkfRi5a39ABHlACR-KFB_A34E28hMFCJxyE6j42J2oEZf2ha2gOziEYyIfOsNAlvzvyuUHxsERMYbVp1Z4AQBgAaI_prd15LFtqMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YAQEAEyAqoCOgmAQICAhICAlA5Ivf3BOljPtKLKvsiEA_oLAggBgAwB4g0TCOP3osq-yIQDFZQrVQgdE38KONAVAYAXAQ%26num%3D1%26sig%3DAOD64_0f4gdw3XlGqncs-wbXMJuk-Q1BUA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 20 Feb 2025 07:32:27 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 1C51
43 B
347 B
Image
General
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=cWoaLQTOUSUJrM_ym1fVRGhGPhCZKFpBqlcgYqNCFDK2On4AkepzelFTNWbUNWpq3N9rZOgtRSrS6Z0MpaVmlNGPH7xjc_NxwGUJl9v7C81IZGwOxc6049oCNu97F8sgYOP0OgV87C7vv7GhhnjCJZxS5lb54hQ5PmfNsS0wJDQ_n9nfkehrn0hNb62_mZXm0uFvotZ8StoXUYW3GY93HW-yPX2jbEJz0LDKWk62rdJyTZ0QDnWSelS_deVwEHwfTu8z45xi-GAQkHpdR54eVs0d78D6tYhzBWpQK6ZEsUN99MkJ4a5h2ALuDrjJZp-j5BR8OZy8eyFgyRDsmLU3CWQ50tYQXoIIyW_sl62L6Al8QuOnHrh-xKPiu6gKsssQQB5G2F-HrkBd1Iao3mC5Br5fhhpLNKaL853Wi4M10D2Fv5jEhxXxmBAzfChlgB1Xx159SQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igANtpMIVSuUAAp_EzN3dPdMr3vP31QmCw&u=%7Cff5pF1GHMsCHNxN32xdq2ZEfBL0vo4MQzzGm3SkU2SA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_n31MQyFig-4JM3Evzx297O6Xdnvie514Tl5O9KRf8Iy98OA4C17yPuyMPFs52kGKwQs_jDM3-8F8scLiImkhbcP4sxGT6RvwNj0xqHuh0wuYrVAFILhc4qvcBdxNEenRyjA3JQdPbTQ6ZNb2yCyBz7AfT5gQZgFSPjGM0J7Zb1jVVTMlFV5P5jpSZsDM-URWtteaKJo4IKj-PYyrkBy5TYqgd3AsRMxpq7XvrOwddbTT1dNyWj_KWNcvopPXkkSq9jCVThts0z83dz7YDN803rlNcU2EvhmtN-uOog7gKROjcY3p2VsOxcU4kquKLEpC_WSX8QpAYscF2mi_dHup83XAwO7cMQpbTiN7VOE2je7XXSPshbGArVcWEmj7zkOXyyAD4EuZ7kC63YcdzJP1-sUI-pOpBIS5iIcRKdRlP-cjHR9t5lTm_o9BgN1Z-efS7RaCkNnDs3junJPfcgsoDSKonWQZboy3hJMuJBpzN_bkxEm8W165NDPRo4lrsOzIzT67Ca8q7BUbUrVAJstcBLdjrlvkh6CkElqo2H0H9Z4YlF7OdOe0J9VbGEH8GNgox&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAIOUij7cZZPtNpTX1PIPk_6pwAPJntKxXM2jlvdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT4AU_Q-dwdpuhuqkoK6VjvXtE6DPsy2nvm9olGjgk9SU23u7CK4JjU_YqOMxJmLDRPWSFnzDAxJrASU1NaLImDxFuo41twgkDZvCGutS2Foj6fSUBWSBVgKz6WA6BuGXjNE4KExHMQLgp2Qsb_DuuYkS-60VXtfyk8K7-fF0k5LKra2TlKkcQgh4x5Bh48CvR8O0vpQSiaHMEdA5wis06Ik9EcYx1U6sb-Ss_p672dGE_kSPFeGaAvz3bCIkTfkfRi5a39ABHlACR-KFB_A34E28hMFCJxyE6j42J2oEZf2ha2gOziEYyIfOsNAlvzvyuUHxsERMYbVp1Z4AQBgAaI_prd15LFtqMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YAQEAEyAqoCOgmAQICAhICAlA5Ivf3BOljPtKLKvsiEA_oLAggBgAwB4g0TCOP3osq-yIQDFZQrVQgdE38KONAVAYAXAQ%26num%3D1%26sig%3DAOD64_0f4gdw3XlGqncs-wbXMJuk-Q1BUA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Feb 2024 07:32:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1456842
expires
Mon, 26 Jul 1997 05:00:00 GMT
css2
fonts.googleapis.com/ Frame C4D3
5 KB
790 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 26 Feb 2024 07:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 06:49:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Feb 2024 07:32:27 GMT
css
fonts.googleapis.com/ Frame 62DA
6 KB
801 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 26 Feb 2024 07:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 07:07:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Feb 2024 07:32:27 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 62DA
2 KB
822 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 23:07:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
30327
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 23:07:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame 62DA
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 20:12:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
40779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8988
x-xss-protection
0
server
cafe
etag
12564770436581814922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 20:12:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 62DA
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 20:12:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
40779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 20:12:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 62DA
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 23:01:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
30672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8211
x-xss-protection
0
server
cafe
etag
3968847549730513390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 23:01:15 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 62DA
204 KB
61 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:19:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
752
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62895
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-2
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 26 Feb 2024 08:19:55 GMT
c0f9635aabdd33ab086e3930fa461563.js
www.gstatic.com/mysidia/ Frame 62DA
36 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 07:44:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
431304
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15250
x-xss-protection
0
last-modified
Fri, 16 Feb 2024 00:22:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 21 May 2024 07:44:04 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/ Frame C4D3
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce8c05a7248a3803ffc6d3a871f42b125e2358c700a59e082501d81d5c94400b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 23:51:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
27661
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9139
x-xss-protection
0
server
cafe
etag
14231659491099539135
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 23:51:26 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C4D3
205 B
296 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 23:53:15 GMT
x-content-type-options
nosniff
age
459553
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 19 Feb 2025 23:53:15 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C4D3
604 B
920 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:03:39 GMT
x-content-type-options
nosniff
age
444529
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 20 Feb 2025 04:03:39 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 1C51
12 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igANtpMIVSuUAAp_EzN3dPdMr3vP31QmCw&u=%7Cff5pF1GHMsCHNxN32xdq2ZEfBL0vo4MQzzGm3SkU2SA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_n31MQyFig-4JM3Evzx297O6Xdnvie514Tl5O9KRf8Iy98OA4C17yPuyMPFs52kGKwQs_jDM3-8F8scLiImkhbcP4sxGT6RvwNj0xqHuh0wuYrVAFILhc4qvcBdxNEenRyjA3JQdPbTQ6ZNb2yCyBz7AfT5gQZgFSPjGM0J7Zb1jVVTMlFV5P5jpSZsDM-URWtteaKJo4IKj-PYyrkBy5TYqgd3AsRMxpq7XvrOwddbTT1dNyWj_KWNcvopPXkkSq9jCVThts0z83dz7YDN803rlNcU2EvhmtN-uOog7gKROjcY3p2VsOxcU4kquKLEpC_WSX8QpAYscF2mi_dHup83XAwO7cMQpbTiN7VOE2je7XXSPshbGArVcWEmj7zkOXyyAD4EuZ7kC63YcdzJP1-sUI-pOpBIS5iIcRKdRlP-cjHR9t5lTm_o9BgN1Z-efS7RaCkNnDs3junJPfcgsoDSKonWQZboy3hJMuJBpzN_bkxEm8W165NDPRo4lrsOzIzT67Ca8q7BUbUrVAJstcBLdjrlvkh6CkElqo2H0H9Z4YlF7OdOe0J9VbGEH8GNgox&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAIOUij7cZZPtNpTX1PIPk_6pwAPJntKxXM2jlvdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT4AU_Q-dwdpuhuqkoK6VjvXtE6DPsy2nvm9olGjgk9SU23u7CK4JjU_YqOMxJmLDRPWSFnzDAxJrASU1NaLImDxFuo41twgkDZvCGutS2Foj6fSUBWSBVgKz6WA6BuGXjNE4KExHMQLgp2Qsb_DuuYkS-60VXtfyk8K7-fF0k5LKra2TlKkcQgh4x5Bh48CvR8O0vpQSiaHMEdA5wis06Ik9EcYx1U6sb-Ss_p672dGE_kSPFeGaAvz3bCIkTfkfRi5a39ABHlACR-KFB_A34E28hMFCJxyE6j42J2oEZf2ha2gOziEYyIfOsNAlvzvyuUHxsERMYbVp1Z4AQBgAaI_prd15LFtqMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YAQEAEyAqoCOgmAQICAhICAlA5Ivf3BOljPtKLKvsiEA_oLAggBgAwB4g0TCOP3osq-yIQDFZQrVQgdE38KONAVAYAXAQ%26num%3D1%26sig%3DAOD64_0f4gdw3XlGqncs-wbXMJuk-Q1BUA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7533134
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjZqZzlybHOUqD7GQbDkZgZAkEUm%2BRYLSrjA3KrqmmmmtyX9dyeX3QGAE%2BiP%2FNQFcatUkTtYMbzxiNzW1ZCSyGFr8dNz4GuWxgM25K%2FDwIWkuY2ltaTAp%2B9XPxFwf3WOQsZKVPUPo2PGM5VAKSGom3LJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85b67e8b2eb4b8eb-AMS
expires
Sat, 15 Feb 2025 07:32:28 GMT
css
fonts.googleapis.com/ Frame 1DAC
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f0f179eba989a5d55300cbb2fbb9381421109c1ab9b099ebacb3dc91f6e62a1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 26 Feb 2024 07:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 06:18:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Feb 2024 07:32:28 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ Frame 1DAC
110 KB
32 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f1b04bbee17883aa19aaa35e196fcb6e6f9270918783eb1a4b216dacec486db
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 26 Feb 2024 07:32:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32209
x-xss-protection
0
server
sffe
etag
"17b8cd8bcef53b12"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 26 Feb 2024 07:32:28 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 1DAC
2 KB
822 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 23:07:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
30328
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 23:07:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame 1DAC
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 20:12:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
40780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8988
x-xss-protection
0
server
cafe
etag
12564770436581814922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 20:12:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 1DAC
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 20:12:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
40780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 20:12:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 1DAC
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 23:01:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
30673
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8211
x-xss-protection
0
server
cafe
etag
3968847549730513390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 23:01:15 GMT
c0f9635aabdd33ab086e3930fa461563.js
www.gstatic.com/mysidia/ Frame 1DAC
36 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 07:44:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
431304
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15250
x-xss-protection
0
last-modified
Fri, 16 Feb 2024 00:22:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 21 May 2024 07:44:04 GMT
animejs.js
static.criteo.net/animejs/ Frame 1C51
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igANtpMIVSuUAAp_EzN3dPdMr3vP31QmCw&u=%7Cff5pF1GHMsCHNxN32xdq2ZEfBL0vo4MQzzGm3SkU2SA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_n31MQyFig-4JM3Evzx297O6Xdnvie514Tl5O9KRf8Iy98OA4C17yPuyMPFs52kGKwQs_jDM3-8F8scLiImkhbcP4sxGT6RvwNj0xqHuh0wuYrVAFILhc4qvcBdxNEenRyjA3JQdPbTQ6ZNb2yCyBz7AfT5gQZgFSPjGM0J7Zb1jVVTMlFV5P5jpSZsDM-URWtteaKJo4IKj-PYyrkBy5TYqgd3AsRMxpq7XvrOwddbTT1dNyWj_KWNcvopPXkkSq9jCVThts0z83dz7YDN803rlNcU2EvhmtN-uOog7gKROjcY3p2VsOxcU4kquKLEpC_WSX8QpAYscF2mi_dHup83XAwO7cMQpbTiN7VOE2je7XXSPshbGArVcWEmj7zkOXyyAD4EuZ7kC63YcdzJP1-sUI-pOpBIS5iIcRKdRlP-cjHR9t5lTm_o9BgN1Z-efS7RaCkNnDs3junJPfcgsoDSKonWQZboy3hJMuJBpzN_bkxEm8W165NDPRo4lrsOzIzT67Ca8q7BUbUrVAJstcBLdjrlvkh6CkElqo2H0H9Z4YlF7OdOe0J9VbGEH8GNgox&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAIOUij7cZZPtNpTX1PIPk_6pwAPJntKxXM2jlvdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT4AU_Q-dwdpuhuqkoK6VjvXtE6DPsy2nvm9olGjgk9SU23u7CK4JjU_YqOMxJmLDRPWSFnzDAxJrASU1NaLImDxFuo41twgkDZvCGutS2Foj6fSUBWSBVgKz6WA6BuGXjNE4KExHMQLgp2Qsb_DuuYkS-60VXtfyk8K7-fF0k5LKra2TlKkcQgh4x5Bh48CvR8O0vpQSiaHMEdA5wis06Ik9EcYx1U6sb-Ss_p672dGE_kSPFeGaAvz3bCIkTfkfRi5a39ABHlACR-KFB_A34E28hMFCJxyE6j42J2oEZf2ha2gOziEYyIfOsNAlvzvyuUHxsERMYbVp1Z4AQBgAaI_prd15LFtqMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YAQEAEyAqoCOgmAQICAhICAlA5Ivf3BOljPtKLKvsiEA_oLAggBgAwB4g0TCOP3osq-yIQDFZQrVQgdE38KONAVAYAXAQ%26num%3D1%26sig%3DAOD64_0f4gdw3XlGqncs-wbXMJuk-Q1BUA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 20 Feb 2025 07:32:28 GMT
all
csm.eu.criteo.net/ Frame 1C51
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=TEPOZJUlnCd3lR3GFYPk5iXz8V3Wq5uHtzbbST9dgUok04fdarzkLW2TuX8-dmjPN6ZjNno5O3dOYsxW5XXOgniNdMh8TfQ3t0Q5fv9_MhfQi10YvOS6OFlozB0AGnOiIFNHtlZyDpJ7ltbphVCPqc_rsgKN3vrUVDaPC89uS_zzMukIctHt8nRl6Qf6gq87dQp7wYdqT4yAWBsFVB6-F3jxIBdzfu2O3s77sQZEIsbFgsVZ6YdYyz9jQWwlTIQ25rk0NA&sds=2&rev=90787.5&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igANtpMIVSuUAAp_EzN3dPdMr3vP31QmCw&u=%7Cff5pF1GHMsCHNxN32xdq2ZEfBL0vo4MQzzGm3SkU2SA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_n31MQyFig-4JM3Evzx297O6Xdnvie514Tl5O9KRf8Iy98OA4C17yPuyMPFs52kGKwQs_jDM3-8F8scLiImkhbcP4sxGT6RvwNj0xqHuh0wuYrVAFILhc4qvcBdxNEenRyjA3JQdPbTQ6ZNb2yCyBz7AfT5gQZgFSPjGM0J7Zb1jVVTMlFV5P5jpSZsDM-URWtteaKJo4IKj-PYyrkBy5TYqgd3AsRMxpq7XvrOwddbTT1dNyWj_KWNcvopPXkkSq9jCVThts0z83dz7YDN803rlNcU2EvhmtN-uOog7gKROjcY3p2VsOxcU4kquKLEpC_WSX8QpAYscF2mi_dHup83XAwO7cMQpbTiN7VOE2je7XXSPshbGArVcWEmj7zkOXyyAD4EuZ7kC63YcdzJP1-sUI-pOpBIS5iIcRKdRlP-cjHR9t5lTm_o9BgN1Z-efS7RaCkNnDs3junJPfcgsoDSKonWQZboy3hJMuJBpzN_bkxEm8W165NDPRo4lrsOzIzT67Ca8q7BUbUrVAJstcBLdjrlvkh6CkElqo2H0H9Z4YlF7OdOe0J9VbGEH8GNgox&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAIOUij7cZZPtNpTX1PIPk_6pwAPJntKxXM2jlvdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT4AU_Q-dwdpuhuqkoK6VjvXtE6DPsy2nvm9olGjgk9SU23u7CK4JjU_YqOMxJmLDRPWSFnzDAxJrASU1NaLImDxFuo41twgkDZvCGutS2Foj6fSUBWSBVgKz6WA6BuGXjNE4KExHMQLgp2Qsb_DuuYkS-60VXtfyk8K7-fF0k5LKra2TlKkcQgh4x5Bh48CvR8O0vpQSiaHMEdA5wis06Ik9EcYx1U6sb-Ss_p672dGE_kSPFeGaAvz3bCIkTfkfRi5a39ABHlACR-KFB_A34E28hMFCJxyE6j42J2oEZf2ha2gOziEYyIfOsNAlvzvyuUHxsERMYbVp1Z4AQBgAaI_prd15LFtqMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YAQEAEyAqoCOgmAQICAhICAlA5Ivf3BOljPtKLKvsiEA_oLAggBgAwB4g0TCOP3osq-yIQDFZQrVQgdE38KONAVAYAXAQ%26num%3D1%26sig%3DAOD64_0f4gdw3XlGqncs-wbXMJuk-Q1BUA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 26 Feb 2024 07:32:27 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
privacy.svg
static.criteo.net/flash/icon/ Frame 1C51
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zdw-igANtpMIVSuUAAp_EzN3dPdMr3vP31QmCw&u=%7Cff5pF1GHMsCHNxN32xdq2ZEfBL0vo4MQzzGm3SkU2SA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_n31MQyFig-4JM3Evzx297O6Xdnvie514Tl5O9KRf8Iy98OA4C17yPuyMPFs52kGKwQs_jDM3-8F8scLiImkhbcP4sxGT6RvwNj0xqHuh0wuYrVAFILhc4qvcBdxNEenRyjA3JQdPbTQ6ZNb2yCyBz7AfT5gQZgFSPjGM0J7Zb1jVVTMlFV5P5jpSZsDM-URWtteaKJo4IKj-PYyrkBy5TYqgd3AsRMxpq7XvrOwddbTT1dNyWj_KWNcvopPXkkSq9jCVThts0z83dz7YDN803rlNcU2EvhmtN-uOog7gKROjcY3p2VsOxcU4kquKLEpC_WSX8QpAYscF2mi_dHup83XAwO7cMQpbTiN7VOE2je7XXSPshbGArVcWEmj7zkOXyyAD4EuZ7kC63YcdzJP1-sUI-pOpBIS5iIcRKdRlP-cjHR9t5lTm_o9BgN1Z-efS7RaCkNnDs3junJPfcgsoDSKonWQZboy3hJMuJBpzN_bkxEm8W165NDPRo4lrsOzIzT67Ca8q7BUbUrVAJstcBLdjrlvkh6CkElqo2H0H9Z4YlF7OdOe0J9VbGEH8GNgox&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAIOUij7cZZPtNpTX1PIPk_6pwAPJntKxXM2jlvdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTIzMTk0NDE3NDY0MDMyOTTIAQmpAnMgfuG6J7I-4AIAqAMByAMCqgT4AU_Q-dwdpuhuqkoK6VjvXtE6DPsy2nvm9olGjgk9SU23u7CK4JjU_YqOMxJmLDRPWSFnzDAxJrASU1NaLImDxFuo41twgkDZvCGutS2Foj6fSUBWSBVgKz6WA6BuGXjNE4KExHMQLgp2Qsb_DuuYkS-60VXtfyk8K7-fF0k5LKra2TlKkcQgh4x5Bh48CvR8O0vpQSiaHMEdA5wis06Ik9EcYx1U6sb-Ss_p672dGE_kSPFeGaAvz3bCIkTfkfRi5a39ABHlACR-KFB_A34E28hMFCJxyE6j42J2oEZf2ha2gOziEYyIfOsNAlvzvyuUHxsERMYbVp1Z4AQBgAaI_prd15LFtqMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJAiA4YAQEAEyAqoCOgmAQICAhICAlA5Ivf3BOljPtKLKvsiEA_oLAggBgAwB4g0TCOP3osq-yIQDFZQrVQgdE38KONAVAYAXAQ%26num%3D1%26sig%3DAOD64_0f4gdw3XlGqncs-wbXMJuk-Q1BUA%26client%3Dca-pub-2319441746403294%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 20 Feb 2025 07:32:28 GMT
2398034351986173227
tpc.googlesyndication.com/simgad/12514123988932426468/ Frame 1DAC
8 KB
8 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12514123988932426468/2398034351986173227
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd6444f676471414c5e4496146bc582d67146bd5e32a9908d798b6907dd4cf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Mon, 26 Feb 2024 07:32:28 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8022
x-xss-protection
0
last-modified
Wed, 26 Jul 2023 09:43:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 25 Feb 2025 07:32:28 GMT
9071856956631758924
tpc.googlesyndication.com/simgad/ Frame 1DAC
12 KB
12 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/9071856956631758924
Requested by
Host: 5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1eed7a9d63f1aff7f20ab79320a6463be4fa723025ddac68c0e8ef58ad5e9764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires
Sat, 22 Feb 2025 12:23:57 GMT
date
Fri, 23 Feb 2024 12:23:57 GMT
x-content-type-options
nosniff
age
241711
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12580
x-xss-protection
0
last-modified
Wed, 26 Jul 2023 08:27:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
barlow-400.css
static.criteo.net/design/googlefont/barlow/ Frame 1C51
1017 B
705 B
Stylesheet
General
Full URL
https://static.criteo.net/design/googlefont/barlow/barlow-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
1acdff1e7f03270a5ca5581b0ca780826d0ade45170440604ee5228cc3077ae8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 13:54:47 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391eca7-3f9"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 20 Feb 2025 07:32:28 GMT
barlow-700.css
static.criteo.net/design/googlefont/barlow/ Frame 1C51
1017 B
705 B
Stylesheet
General
Full URL
https://static.criteo.net/design/googlefont/barlow/barlow-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
14f4a8ac3755c13bb7b177a4801fd5dfeb182fa283a2f48367047f9ba00dc91e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 13:54:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391eca8-3f9"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 20 Feb 2025 07:32:28 GMT
8Tsy5hKGOkd2pZxHZ-DVXCM53v6mWtt85lweNHdJ0fc.js
pagead2.googlesyndication.com/bg/ Frame DCD6
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/8Tsy5hKGOkd2pZxHZ-DVXCM53v6mWtt85lweNHdJ0fc.js
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f13b32e612863a4776a59c4767e0d55c2339defea65adb7ce65c1e347749d1f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 14:42:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
492580
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19817
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 17:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Feb 2025 14:42:48 GMT
truncated
/ Frame 1DAC
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9011530fd948bb374c36d64a22adf6b7eb53d37f9470d5a32fe6cbccaaef8373

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1DAC
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:54:54 GMT
x-content-type-options
nosniff
age
441454
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Feb 2025 04:54:54 GMT
barlow-400-latin.woff2
static.criteo.net/design/googlefont/barlow/ Frame 1C51
21 KB
21 KB
Font
General
Full URL
https://static.criteo.net/design/googlefont/barlow/barlow-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/barlow/barlow-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/barlow/barlow-400.css
Origin
https://ads.eu.criteo.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 13:54:46 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391eca6-5298"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 20 Feb 2025 07:32:28 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame
0
0
Preflight
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C8pC6ij7cZZXtNpTX1PIPk_6pwAP3xKfwdeWX74SGEorRo-2-ARABIOHR0ZsBYJGEoIWMGKAB-cLOzQPIAQHgAgCoAwHIAwqqBJQCT9BUnY5bYgKnTq0WJ8HUcDgE8eQpyoOIi7XKerw52rDkKic0xu0NeHuDG4eBLUIOOdxVeS7nF71xOaR4AEnHmi7qvzBerIvv5ZAB1N3_Uhe4Zlec_munCffFTptP0DotQjRjE2q-80IfYLuAE9VyqXZSQAGgXpRavXwVLPRKwlaPX52DQInmdFPQMmaPIKbi5xSYA0Fdy4OlHxaVuGWI7bZ1eCBAt4uXkPk7Jck0m7M96Q-RdWW8Hi6SNaUWMLGcCuAzwo1FDKN_qjy62STiMFoAuDPoBF1J-FsfxV-qvujn4t3D2SFNTKhSxKjm_jqpRfVlpnjcL_wyAxFf-IVmKjFhtqCg8d6OzPelTAd_gpPxwjj0wATWnfvyqgTgBAGIBdD03P5LkgUECAQYAZIFBAgFGASgBi6AB-b6rAmoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAfIHBBCr8CDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAlA5Ivf3BOljPtKLKvsiEA5oJaWh0dHBzOi8vd3d3LmRpc2NvdmVyYXNyLmNvbS9lbi9zb21lcnNldC1zZXJ2aWNlZC1yZXNpZGVuY2UvY2hpbmEvc29tZXJzZXQtaGFybW9ueS1jaXR5LXd1eGk_Z2Nsc3JjPWF3LmRzJoAKA8gLAeINEwjl96LKvsiEAxWUK1UIHRN_CjjYEwvQFQGYFgGAFwGyFx8KHQgAEhRwdWItMzgzMDAxNTM5MDQ4NzI4Nxjk-4EB&sigh=Jp4sb8b7WAQ&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqvSZDqpaKVz17qCTHBQBe7Tw2i-7OWZKYOAc5UJvmeVluA_Y4Ugjt3b_yg1-4dZq8harBtxOoaEfoAkEqQWFfWrXgNzmkASUit4QYAQ&template_id=5004&cbvp=2&vis=1&nis=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 26 Feb 2024 07:32:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 1DAC
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=C8pC6ij7cZZXtNpTX1PIPk_6pwAP3xKfwdeWX74SGEorRo-2-ARABIOHR0ZsBYJGEoIWMGKAB-cLOzQPIAQHgAgCoAwHIAwqqBJQCT9BUnY5bYgKnTq0WJ8HUcDgE8eQpyoOIi7XKerw5...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215709242258870329263%22,%22debug_reporting%22:true,%22destination%22:%22https://discoverasr.com%22,%22event_report_window%...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215709242258870329263%22,%22debug_reporting%22:true,%22destination%22:%22https://discoverasr.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22968073593%22],%2222%22:[%22true%22],%224%22:[%2202-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223079180784421408081%22}&andc=true
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 07:32:28 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"15709242258870329263","debug_reporting":true,"destination":"https://discoverasr.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["968073593"],"22":["true"],"4":["02-26"],"6":["true"]},"priority":"500","source_event_id":"3079180784421408081"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 26 Feb 2024 07:32:28 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 26 Feb 2024 07:32:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15709242258870329263","debug_reporting":true,"destination":"https://discoverasr.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["968073593"],"22":["true"],"4":["02-26"],"6":["true"]},"priority":"500","source_event_id":"3079180784421408081"}&andc=true
access-control-allow-origin
https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215709242258870329263%22,%22debug_reporting%22:true,%22destination%22:%22https://discoverasr.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22968073593%22],%2222%22:[%22true%22],%224%22:[%2202-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223079180784421408081%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 26 Feb 2024 07:32:28 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
csi.do
www.infokeeda.xyz/b/
17 B
879 B
XHR
General
Full URL
https://www.infokeeda.xyz/b/csi.do
Requested by
Host: www.infokeeda.xyz
URL: https://www.infokeeda.xyz/b/csi.js?h=VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fd9e0277ad5956fc28b07c382859d4ade71a0d7a05fd3da2e05f7d00a388838
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.infokeeda.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 26 Feb 2024 07:32:31 GMT
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z93RL1zWFGApE4b%2F9CwAxHIAXbCxNjMN9JEWAMDRQ11z%2FW%2Ba2h3D6QUS7x5hmJbbY2rJK73C4pzR8XUeUpCuDRTZPTHT0SjqAiF41ay%2BKtTXBev0bCYYN2alY3fMVDEKiR1NC8eJKIVV46QiJboIMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-ray
85b67e9e2e2b0e18-AMS
priority
u=1,i
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-M24T57XSVV&gtm=45je42l0v875514113za220&_p=1708932745513&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=137345960.1708932746&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EEI&sid=1708932746&sct=1&seg=0&dl=https%3A%2F%2Fwww.infokeeda.xyz%2F&dt=Infokeeda&_s=2&tfd=6440
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M24T57XSVV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.infokeeda.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 26 Feb 2024 07:32:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.infokeeda.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

236 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| gtag object| dataLayer object| googletag object| anchorSlot object| image string| bwLink number| expire function| _0x148abe function| _0x2027d4 function| _0x1e1dd7 function| _0x123b function| _0x25e86f function| _0x5669cf function| _0x516b09 function| _0x27a716 function| _0x45b821 function| _0x2978 function| _0x139c5d object| alias function| _0x448d09 undefined| sZalRZ undefined| dWqMuX undefined| date undefined| minutes undefined| now function| _0x449c53 object| Pu function| getid function| getclass function| qSel function| qSell function| addCt function| remCt function| stS function| stC function| stE function| ldJs function| ldCss function| pushAds function| insertAfter function| middleAds function| recurAds object| cookieChoices function| Defer function| defer function| deferscript function| deferstyle function| deferiframe function| deferimg function| $ function| jQuery object| adsbygoogle function| _0x5bbe function| _0x4b2a59 function| _0x5a8f2f function| themeColor function| _0xce6d function| toastNotif function| fixedNotif function| neonLight function| vibRate function| _0x360c1e function| getCookie function| _0xa50c function| _0x4bc46e function| _0x3c2dbd function| _0x16627f function| _0x1cad function| _0x5d4ba9 function| _0x382359 undefined| setCookie undefined| handleVisibilityChange undefined| newElement undefined| blogContDiv function| checkCookies object| d number| n object| infinite_scroll function| puImgPs function| InfiniteScroll function| darkMode function| headScroll function| lazyCustomJs function| scrollCustomJs function| googleTranslateElementInit function| puViews function| blogAdmin object| aryLzJs function| loadLzJs object| aryLzJsM function| loadLzJsM boolean| lazyJs undefined| style object| infokeedaValue boolean| lazyadsense string| aksiAds number| maxClick function| ASSetCookie function| ASGetCookie function| ASSetCookieAds function| ASMaxClick function| loadScript function| downloadJSAtOnload boolean| lazysizer function| myFunction function| _0x3bc3 function| get_cookie function| _0x17481c function| _0x2e115f string| cookieName function| _0x54b9 function| _0x431923 function| _0x169fc6 function| _0x268bd2 function| _0x42c6ff object| getlink string| final string| adlink number| bwtimer number| scrl1 number| p2scrl2 string| btn2txt string| btn2text string| btn2timerdiv number| imgadtimer number| timer1div boolean| add2 boolean| add4 number| add2timer number| add4timer string| timer2last function| _0x1a923f function| _0x379ce8 function| _0x4e1d function| _0x2da9c5 function| _0x5932 function| _0x22b65d undefined| request undefined| countdownTimer undefined| countdownSeconds undefined| timerStarted undefined| timerStarted1 undefined| button object| button1 function| _0x5e445a function| _0x5cac90 undefined| gotolinkcountdown function| isInViewport undefined| startTimer undefined| updateButton undefined| scrollToButton2 number| scrolltimer number| iktimer number| gtlinktimer number| gtlinktimer2 string| gtlinktimertxt string| plswait2 string| p2btn2txt number| btn2timer string| piecolor object| timer2 object| timer1 object| button2 object| btn object| gotolink object| wr object| infokeeda object| btnn object| btnn2 object| imgad string| adlinkfly function| checkDiv5Style object| google_tag_manager object| google_tag_data object| botguard function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| ggeac object| google_js_reporting_queue function| BLOG_processCsi object| __cfBeacon function| onYouTubeIframeAPIReady object| gaGlobal undefined| google_measure_js_timing object| google_reactive_ads_global_state number| google_unique_id function| ArlinaCodes function| registerListener object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

11 Cookies

Domain/Path Name / Value
.infokeeda.xyz/ Name: _ga
Value: GA1.1.137345960.1708932746
.doubleclick.net/ Name: IDE
Value: AHWqTUkYvtcrF-IrmFePlntgZpAeCfII6QgiD81HgtBcGleSnFGiX_Oh-K6Ni4Ct7Y0
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: APC
Value: AfxxVi5QBTSceBcyjQ4eNSmq6qA-3D527Rnn1UqiEypWYk9LYEHrnw
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.infokeeda.xyz/ Name: __gads
Value: ID=b20bc8f6ac93f72e:T=1708932746:RT=1708932746:S=ALNI_MYaAzVDoyVBrgm0vfvTCIQxy1kWKQ
.infokeeda.xyz/ Name: __gpi
Value: UID=00000d62a337c86a:T=1708932746:RT=1708932746:S=ALNI_MaGo6jx5yc_MaHH5h48uSReVu7VqA
.infokeeda.xyz/ Name: __eoi
Value: ID=2e2371e0692c8e87:T=1708932746:RT=1708932746:S=AA-AfjaL1a6J8X7oOg5HjBTyLxiS
.infokeeda.xyz/ Name: _ga_M24T57XSVV
Value: GS1.1.1708932746.1.0.1708932747.59.0.0
.googleadservices.com/ Name: ar_debug
Value: 1

22 Console Messages

Source Level URL
Text
network error URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_4130_8967.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cdn.bmcdn6.com/js/64f1a267c70b0380fe88cdd7.js?v=1708932745778
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other warning URL: https://www.infokeeda.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.infokeeda.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://www.infokeeda.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.infokeeda.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.infokeeda.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.infokeeda.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.infokeeda.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.infokeeda.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.infokeeda.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.infokeeda.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.infokeeda.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.infokeeda.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.infokeeda.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.infokeeda.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.infokeeda.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.infokeeda.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.infokeeda.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.infokeeda.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
5b42fcb72ca6dcaf2ace66ca153d195e.safeframe.googlesyndication.com
ad.doubleclick.net
ads.eu.criteo.com
api.npoint.io
blogger.googleusercontent.com
cat.nl3.eu.criteo.com
cdn.ampproject.org
cdn.bmcdn6.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
csm.eu.criteo.net
d3u598arehftfk.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
infokeeda.xyz
pagead2.googlesyndication.com
region1.analytics.google.com
rtb.fr3.eu.criteo.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.blogger.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.infokeeda.xyz
z.moatads.com
142.250.186.134
142.250.186.98
178.250.1.6
2001:4860:4802:32::36
216.24.57.3
23.213.165.236
2600:9000:223f:ca00:1f:946:f000:21
2606:4700:3030::6815:3e0e
2606:4700::6810:3865
2606:4700::6810:5814
2606:4700::6811:180e
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2008
2a00:1450:4001:812::2009
2a00:1450:4001:827::2001
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9d
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
2a04:4e42:600::649
2a06:98c1:3120::3
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
120c31287cc76461147fa9f52645279804dea7ee5553572c8fffc1cc6ccaff88
14f4a8ac3755c13bb7b177a4801fd5dfeb182fa283a2f48367047f9ba00dc91e
1573e4d74487c65901c9d868b6e47711ca388c18c7cdd5276ebba0e2ced98708
15d2df8093a2a811da976443d352b95ae84e28aec34affbbc3280349444b54c2
1acdff1e7f03270a5ca5581b0ca780826d0ade45170440604ee5228cc3077ae8
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
1d63382320745c2fcd0413dd4557edb8714d22beeb51476a9a1a629fb01f8801
1eed7a9d63f1aff7f20ab79320a6463be4fa723025ddac68c0e8ef58ad5e9764
1fc186c1572e8db8e789ba427673dda1a70a06968812ffefa49207f92394ceed
24785ba53c0ac2b29a5a5aa140fcbce1054a40af05c45d02094c52c9a5290f46
2934a5956808a41722c75f3747d95a7e3bca59ea40b6c3c7ed556bbc9e13c61e
2a58703bfbd64909a2c50c126d827db99706df5b5f0f671e3917b9ac05e1b1f1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33037d967f08dbc42e9803a10a776ed326c9123e06706447c8926a858295e19d
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3634695ec36529d8a8851ff5f6e40ae6a6aa6936e29942be1896d933e88e3acf
36a14eaece3f496e15a55e9ec0b8d98ccb5c9e818aabc1a993712b88440ffb1e
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3b71771bf156b7073265503de27ec5c2c12ffb6141c38d330c848cde0139a11d
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bad1c5850c2453996c8dc11934799affb96c43eae953ca75fe9c15a9df07fe6
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51cedd78bb282a5680c39864d40c404bbb049b02d4fc854adfd4d4f97bb21607
55648948cf9c70de7b9ba9b640fb3e34fedcc5a726a8a88469e57c964d62ba73
55651de407e35a48e050752655c4c775e39f9f9404559baa515b3dc1b4cbf4b2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620e650135367f175a542a88c0646be2b716930cc42e01e291eb24d63722616f
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6611677c5391ceb6488b98028510d9d2398907292efff0cef7ab4d07e9cf5b69
6f1b04bbee17883aa19aaa35e196fcb6e6f9270918783eb1a4b216dacec486db
6fefcd58aebc992ef9800aa676a31a19f2cd7b383e3b3efd72ec074a2541bcb3
722117cb3654f60fe9c913d636106dd30b90c0d805b0828ebf6f06d1f0d3b32c
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
726cfeefca9844aa6b5ede751df7f53d527ed0ac1657e6131f0c68154a37dc1e
7ae3dcf8002e428f15567c5a304172fe086cf525cc41c02a83c091989152e4cf
7b4a089a7e7b88e8b1e5abbc3ac0a6896728f92535be02e7c5cec719f2776533
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82a1fe6223b0d35839ffb371a0a8f0f3f9e7d817a5afc52cff4b86d658fdf36b
83966d6e64cdd998e41dbab254bf9cfce03aac0b73da23cc268ac1eea49472da
88ec91c23abd5a95cdcd13b93d7b5047cc829d378167563b123c679005705262
8a1286273726bff8e1d79da7039788b34f34d8f439a9dff6492541bebfe23acf
8a7eb74e814b830cfe89caa840f5cce3d16e9a773bfb74e2a304a4c3fffd24ac
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8fd9e0277ad5956fc28b07c382859d4ade71a0d7a05fd3da2e05f7d00a388838
9011530fd948bb374c36d64a22adf6b7eb53d37f9470d5a32fe6cbccaaef8373
9b22f7436d75e6755e1e6ad82a41d0a21454388bb8adcb8f07c84d44975530c3
a089e7dc742b80d052fb01ab08f1cebbd6ee270cfa8253cd321fd745fe8d256e
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b5112ae4675152f8ddd7c328145fe6ee7040cb43f241fb77e964931de6cadd70
bb3346cbbe576f59c7ecda6deb6fb008bdeba1d437c4e9d0222609e5d5e9e218
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
c30934b1fbefdb88dc1594f56e48b0ac82698a4654497be423e87d503288be6d
c3931bffd71d3d21af5cea0706aa3d3ba7147650c6fe5fcaddb819e7a80af0b8
c8fbe75a099be42134bac59fdf86ef8d9ed43bbaeaa7473617100fe2bc18167d
ce8c05a7248a3803ffc6d3a871f42b125e2358c700a59e082501d81d5c94400b
d6d0a0b68b031145e1bc6309503b26afa5b88e8d70c028f826e32aa9d26c023c
d9758ef45c8fe3e9bb98cb389f576eceafe1dbdb20b6bce96336c916f123ec7a
dc0935d268079388d82030d353f86dab49e06914968a61fbe6ca0236b79c9ac8
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50d262e6afec4413c96a433c31a9d0e0602066bd851e099a07e7e2e16e59f68
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
ea65bf2d2af1bc166193c47c68475ff8c085dd1a32f6dcecc13dfd9d9cbcfb0c
ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168
ee8a3414f0fc988c65b4a1c9a1748bc1bc80a95f82be46198a3ea258fedaea97
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f179eba989a5d55300cbb2fbb9381421109c1ab9b099ebacb3dc91f6e62a1e
f13b32e612863a4776a59c4767e0d55c2339defea65adb7ce65c1e347749d1f7
fb80ae8be84fd33d154a32252a40ddacdfa9bd114b7236917813910edd511753
fd6444f676471414c5e4496146bc582d67146bd5e32a9908d798b6907dd4cf63
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e