hero.galaxydays.xyz Open in urlscan Pro
2a06:98c1:3121::c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hero.galaxydays.xyz/
Effective URL:
https://hero.galaxydays.xyz/
Submission: On August 15 via api (August 15th 2022, 11:30:53 pm UTC) from US — Scanned from NL

Summary HTTP 123 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 14 domains to perform 123 HTTP transactions. The main IP is 2a06:98c1:3121::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is hero.galaxydays.xyz.
TLS certificate: Issued by E1 on July 18th 2022. Valid for: 3 months.

This is the only time hero.galaxydays.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 43	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3035::6815:5cc8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2006	15169 (GOOGLE) (GOOGLE)
123	20

43 2a06:98c1:3121::c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hero.galaxydays.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3035::6815:5cc8 (United States)

ASN13335 (CLOUDFLARENET, US)

kit-free.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.153 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	galaxydays.xyz 1 redirects hero.galaxydays.xyz	2 MB
33	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	402 KB
18	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 208 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313	125 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	249 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	5 KB
5	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	4 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 238	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	130 KB
3	fontawesome.com kit-free.fontawesome.com — Cisco Umbrella Rank: 22225	166 KB
2	google.nl adservice.google.nl — Cisco Umbrella Rank: 13999	914 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 289	3 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 862	644 B
1	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1886	998 B
123	14

	Domain	Requested by
43	hero.galaxydays.xyz	1 redirects hero.galaxydays.xyz
17	pagead2.googlesyndication.com	hero.galaxydays.xyz pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
16	tpc.googlesyndication.com	googleads.g.doubleclick.net hero.galaxydays.xyz tpc.googlesyndication.com pagead2.googlesyndication.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net hero.galaxydays.xyz
7	www.gstatic.com	googleads.g.doubleclick.net www.recaptcha.net
6	fonts.googleapis.com	hero.galaxydays.xyz pagead2.googlesyndication.com googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net hero.galaxydays.xyz
3	kit-free.fontawesome.com	hero.galaxydays.xyz kit-free.fontawesome.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.nl	pagead2.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
1	s0.2mdn.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.recaptcha.net	hero.galaxydays.xyz
123	19

This site contains no links.

Subject Issuer	Validity	Valid
*.galaxydays.xyz E1	`2022-07-18` - `2022-10-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://hero.galaxydays.xyz/
Frame ID: FE503B1F2FF6BD8ADEDCA6B0A0D0D244
Requests: 64 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20190131/zrt_lookup.html
Frame ID: 20F377737E5AA6BCC8735FC3BC5BA838
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4669487658263884&output=html&adk=1812271804&adf=3025194257&lmt=1660606250&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhero.galaxydays.xyz%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660606250285&bpp=5&bdt=4871&idt=215&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1378812971189&frm=20&pv=2&ga_vid=1317155586.1660606251&ga_sid=1660606251&ga_hid=324522123&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44770731&oid=2&pvsid=4471790220512976&tmod=1952648120&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=228
Frame ID: D6E859B0D910F031E8335E850587089F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4669487658263884&output=html&h=280&adk=3088186576&adf=2763401009&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660606250&rafmt=1&to=qs&pwprc=3033397859&psa=0&format=1200x280&url=https%3A%2F%2Fhero.galaxydays.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660606250290&bpp=1&bdt=4877&idt=235&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1378812971189&frm=20&pv=1&ga_vid=1317155586.1660606251&ga_sid=1660606251&ga_hid=324522123&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=119&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44770731&oid=2&pvsid=4471790220512976&tmod=1952648120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yY9Y5AFGJc&p=https%3A//hero.galaxydays.xyz&dtd=239
Frame ID: EBA81B76292703859166C200D9DE007E
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1
Frame ID: 14915726C6D01FAC6BA3DA36D3B5656D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1
Frame ID: FC6BAE7689222578CB11AD578306BFF7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 713DB039C07BFC6BCF35CDF110E68DD9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARiyoMbDATAB&v=APEucNUcO8DWVOF0KNcromdjgSeI832_tBs2FcYPRfDXkSs1fz0jGYchYkJAkt4cFgZPIKrp0DG8AAmgVFx4not7h0A8AB9wvi-cxoGXKOeHEY_4gEQn5vGa7HdsVcBREE7HEZcjli_PqmKK2vTUsBQ0mxi7oNJFOMnXYmF-UOxm7uJ3WKk90SU
Frame ID: 4EFDA4F3E9929FB1E1FCDE3322BCA494
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUmIWVWMuoL6Hy1I8ImMNRAfnfAvVk2PJecVkDGga0RUVs6VHXXoBuQo-dcfqV1n9zKUUmJrTMk3_l0N5k86ZBz6cfBw&cry=1&dbm_d=AKAmf-DkWzGh6AXP2vHWvHKz7B0jwwaLdpluzKcL8Q7cWKrXlxa5CNYVZNvjEu7t3uYgyAv72wFwUoXzF2LSRWOF7196l2TFd1w1aliTjVu3YQ7wZ2H7l6F2OjuRrWm01ZpePSyP207CtJp0dYE68w595dbIuIVe9sLed6ork-uj3-5Q4aZnDsaANdKNBIO2xBAuspIwHuQvMDW_yjN-cduuVD-H5KIfsNzshNeSdWZWeh6ZPNaKX4FsBPbvDJCLNd94cvvWJmGMxMvCc5xE1NmSq1yneFZdLOoDAMqfWDbQ7xgy96eRdHdW6TNTQGsJ7m2iQxwEaFSpJfwCDtTYmFdPT34aSL2gLAZy48cF4nVpxXW_I4Vc7rd3s3EAZ4zDmsStWMDdt2YwXm9nPmVAbEL0c5gMvS32V4TtsVdzUrXgBcDSJ9T7bWMYGhumH6cW6COLmHQjEtI7kQwX9NDSKsNmWFCbrbGTCCFoc61dC2lS-LT6Z2airJuOkZBvQVFyLE4dX_Whr9hayoWf0tLZZCWltsHfqwgLJsLsEUKzjvZ-6L6Nh31Mr4jDLnIo6any3twnVH-42kmGUrxNcx9PdtRS-PL4nEEXimubgTLXW9so1QTQC6G6SXLDPxxWmRhxMozHDKJ69Ocmq2HoVwiqkgW_9hPBlat1LOw6BYK5S1XdownNpIGlxpK1NdMx2zvVIaMZxFq45GIOr1cwqpAEzFSHe_Vi-KmwaYmuqoFTEZlWLuf2D4yT1jhar41G07uZE0e8Xn8K8hoGkXZ7wOrR4EMdEI2yvyi0O45tO8PBLxy4DZ9W86H1xpZG21gmKLNvViw9H-U5JzYvTKbwuhWRT_m0E1glFShPm_uJ9mvDLKcciNxChRGE5gXQyFGeZsGjxoRQFZWL9g16EfAO0e1khXQane5IV2ztNA1sggPBOJiZ7nUghWofv1RhJOv7vrefCUiQlmYKXW90LSNFxaPFMORAlImscj-CT2P18wS4oTZquTpRFpPmG5DizUXK-tcyeNgqeQGjyfd-rU5jO0iRLDeRFe2uVBu6ucbQg2FfuNTlUGkg-_6v4RRfWoIAPBxZQd1zKmfzTIn_OaejrlcJ7DtZd7lq_psVPwXJ97Jb7tmeZLaFVXpGKfLo8R35RVbeKE-eonLbvFwqCdBOK78-zsqaJsrmVzsxnKapMp-bj7Yqss2ghzzQ3_H9BLVQOZNZOK16nNUoBD3TJlAj9HqMyk5Qqz79A045KdmCNarh8fBX2lt8ktaZyT2IxrEsHNv_UuAtIj8dSxMoK7HKbcCKCQderLXjmEc1_LxTSSaMQQOSatKFwJ-ebw39zLblXZ1LuknWgtGT4oSCB8Gf8e-pXLdJhADvf9l8K9u4riUV9idzIpgLqKe1lOdMDHggLLE2JbMxqNgrDtUDdGUNZV3IRI3kEVri20Fuph_P8CFZTEY4XPUISBddtmP7onbbKBjv5GDwiG5AcT7yDjWCI_6eoHeaT2QJKwtHhgLXyR8AGvBH1kpB38jJ-TZsbHJrBD6__pgqV8ouZt_uGszlVyJ5gMFdoW4vWm1OJ5SpuLgh4Os9SHL8xuYhdPiceSgKCnSIV8G_3901fUux_ZrpCI9ahYQJ5Y9w2qrUnmpiqM5HTVgmM8YjJRWOjygAbiiCK5AZIhw13Bk3bkxo32HiNtbqLUUfqOPsYNJRD0Lhy1z_Y7xKOf-XalOY0CtdqSnrWirA10Bd5XXJ4lMplZmUYPT7EXEnVbyl5qLP_n07e8Sp84u695wWp5HIMR_WL9McwQZheXxooTaKK6ygsBybDB8uOJW7MtgyMKVJxNKxbqk9WYl0vs7nRkv4Q3I6h3rqUEljnGyTuRDemMBZxfSabiUK-emq0lZmZ-jXBvOV2F6ogn_bAv5uzcIg0uJ94CDW8o87uHVIoEH64a61SPfu8EV25Fl2E5GjiqWYQh9-nSHnmUXVkoQt3m7H6PR80YTRNrQQWC5GNJY-JlZU-jlgJwaQDrZSs2IZl90ZzPUYIypzuSKLNmBKY0k7f8kGEwm1P9v7EF2oaleO_JHY-WAH-F30_derIvJJNI26uqIKcU4vWaHNCMwKIj396yDV1eshHUTNf6k94Zc8qtP0yih1T8Bz0X55Ev6xkaxkLqwRtmc564dH-Gv81L0dlKWKJhtxtzia4CECiMt3HEbuOBQVEERmhXX1CRDpk50Zc3EtYbzvnUYO4LbQQOKqpJ1fL1uxG9P0oMMci1QSWnP4Xa911tzqXweGRBtOyK5dnm3JfasUh_eajja_Yd-41mdXhPu-Pz61TkBSZbFD8CoBhPzBOQiL_er-LcrYMUyf3U8BOSv2BXPvvxegnkkJPdPzRpomU0JvCwpTQHy02zgZpjy4cyZtJt-NbHc-uoQQ-KnqpfZEUsrvA9-7TWSuz088NvNUq3TDFoasHJKTIaYelLSs43FM7Y8lc59LX7tuf1-NZR91RacRYE3_JI8yoBCmJPj6n8lfGnQ5fHsXGJOBJFnojkfhb8ksdesKw6gvwTlo3r9rehfo4ZLptwXP4Xk8RXqf_83U_3hXOPxX5h_1rKJscVD6n9Jc0crDSDdhbq6UTHslxwDFwxciMfO_BuCoNMx7Eo8ZWBxj41qTbPdOCoCCzIUfW2UUKBpcttkCVgL-7gYo8QptLidAYOCnp7GTIpTvbZAzo1YU1jsU1ig1aO_sxof6zQpE3YZ5Ph0wMFiOKZvon8FwwYLkQy221s3U9ujgQvnhanjgY5ASoRfitKhA06iqhsgCjowa-29Zz3JUFOhL-T-aNlCUZVaYgM7qRn0iukAtKtNmwM8sMwHCURdK0wFMk5aRXd7_sfDTYiXFnCB8rrqm6TdWRfRp4bYieIL6uZd5RDupZ2bQkCXl1TXYSgymgELLoCnvfdVlAG5QV6zbqmCk08B6UUTFiSq6GT-0tRzv8bSQVRkzS7piYeYIyqOuHPFifMZY5t46uhgq1BYy_Rj0yeRl6E3Q5V_rcszX5PluWU8I4Ixh7M0728y17vZXBowyaKn267HGovs7rmUAUfB9bmbF5WRSAigMLfEMLdBf04aO2YipFGC8jTaOreQl_JIW2kFNCkoYGWdJLv84al2xW7ikfoWGjiQ&cid=CAASBORo2pc&rfl=2%2Chttps%253A%252F%252Fhero.galaxydays.xyz%252F%240
Frame ID: F3CCBB792718D0BF67B3A07BC10FA82A
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: F50DDF9D8E00C39F8FC2CB25F3315B55
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B1724B89E6CA61DCB30BD33ED30DEF37
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2984B5E727429C452E2DA05D9627FA19
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
Frame ID: 44633AA2960485E736D77BF181606CD4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
Frame ID: A932CF3043B5D605F19FC2A8570F3882
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2F1919147784F08F8F325A50D4E2B0CB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D66EAAD0C678492B5D34912622661C99
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hero

Page URL History Show full URLs

http://hero.galaxydays.xyz/ HTTP 301
https://hero.galaxydays.xyz/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

123
Requests

96 %
HTTPS

74 %
IPv6

14
Domains

19
Subdomains

20
IPs

3
Countries

2883 kB
Transfer

5335 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hero.galaxydays.xyz/ HTTP 301
https://hero.galaxydays.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 93

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAkuRvoZNO16v4XOVogkmGo&google_cver=1

Request Chain 95

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvrXKzVQS0Yybhv4fXSjDAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKiHeFm_HVv19hJwksMBBQk&google_cver=1

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECnfHSaGGo7ICV4UiXhGBBo&google_cver=1

Request Chain 97

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE1MDkzMDAyNDkxNDk3NDYw

Request Chain 106

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

123 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hero.galaxydays.xyz/
Redirect Chain

http://hero.galaxydays.xyz/
https://hero.galaxydays.xyz/

21 KB
6 KB

306ms
248ms

Document
text/html

2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.30 PleskLin

Resource Hash

c129f47481548300469bfa94e4430d91c5fc02ae9e94aa45ecceb50dc5a581ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 73b5b8485c2f0c19-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 15 Aug 2022 23:30:45 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DmGIsjmcG98AAgBR5BDd0RvqLZb%2Bk%2BmaWsWSrbB%2FFM2vs8SEaf45dB0HdTs6nzF5dEJCaOEczMqog0wCpS16i%2BIpOraz5bMcsOWxsaRAW0bRGkpsED5%2Fd%2BuJnQuhO9CnxkJcRl5%2B14xO8yAQ4i3Nopqp"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.4.30 PleskLin
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 73b5b847bc79b7eb-AMS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 15 Aug 2022 23:30:45 GMT
Expires: Tue, 16 Aug 2022 00:30:45 GMT
Location: https://hero.galaxydays.xyz/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBdEQ%2F2ExX2xPAyyckKOTejQqh1QgWuEnMqOzZRRZ5P1TxKkqb9wutwIo4GBLiJ3D0e%2FjwOcNaC1GI%2FaqgEzftibf6WyFDrJ7mwnd98xNL9hfyBLZzsLsTMVR7THrf4UCfJxHovikM3%2Bq6iO%2BRLMi4NT"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 116ms
42ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eced69e931e3d6fbbb896aec7733312d0f897063880d3d73b1403c5ca82aba7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 23:01:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 15 Aug 2022 23:30:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Aug 2022 23:30:45 GMT

GET bootstrap.min.css
hero.galaxydays.xyz/assets/css/plugins/ 0
0

GET
H2 200 fontawesome.min.css
hero.galaxydays.xyz/assets/css/plugins/ 71 KB
15 KB 347ms
345ms Stylesheet
text/css 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hero.galaxydays.xyz/assets/css/plugins/fontawesome.min.css

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

9c4077b418b514389c8348f6fa2e1856936caac42b8287c46fa9006a3452918a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtKDWvKLwmf7HBfcMG9XjpLBrK%2BMWf6fbKkdOztlwraH3pAyFV6s5W85P7V8WBVOAZ8moQfGF3JTIULBosMgDr2fuFwhKnCoOPtZWJvAWCWfTVLkVGZBdwA9KW98TzD6x%2BoXnf2spQjqjxj6AUG1ZOna"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 73b5b849fd3d0c19-AMS
expires: Wed, 14 Sep 2022 23:30:45 GMT

GET
H2 200 flaticon.css
hero.galaxydays.xyz/assets/css/plugins/ 1 KB
709 B 191ms
189ms Stylesheet
text/css 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hero.galaxydays.xyz/assets/css/plugins/flaticon.css

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

4368e8a1b5351aaaebd8c6d402599c9879b2c3aa456b76873483b505bb34a931

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clPfvJfKTMN%2FpapMCjG4zyOk7uB%2FDTNU7ds0OmvWzj%2B1p3tjBQeQgjYeKtqEk9D%2Ba66St3Q40%2Fv7j%2BuhQAUed2QX18XQshwryIuNdxf0gRiW1r8nlyc3WEmKrKqDaZQqOj6q%2FGcWxyz2NdlOfeCv1ydU"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 73b5b849fd3f0c19-AMS
expires: Wed, 14 Sep 2022 23:30:45 GMT

GET
H2 200 default.css
hero.galaxydays.xyz/assets/css/plugins/ 11 KB
2 KB 3619ms
3617ms Stylesheet
text/css 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hero.galaxydays.xyz/assets/css/plugins/default.css

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

91de54cb4318beda3d78f888a849d1d15f1325644e06b313467e27cf0e995bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2BjfZpQDCAuC801VukfLb%2BV0k1XgZpGzraBj8gPQacOArWkphV0cVi5DWvD72SQCWK5rCWScQKf2xqPVItJx4bFXiSivqvNJAW419iW6dZ2I1iYbRnF8qTxYtszzRMg5Z70zn0BgcbaVn6AYnVid9%2F20"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 73b5b849fd400c19-AMS
expires: Wed, 14 Sep 2022 23:30:48 GMT

GET
H2 200 animate.css
hero.galaxydays.xyz/assets/css/plugins/ 133 KB
7 KB 376ms
374ms Stylesheet
text/css 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hero.galaxydays.xyz/assets/css/plugins/animate.css

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

2fb77e8955803624ae06e110d0a603340e33a7f63b3680a5db28cb14569b3c6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQffoKKdbpOKEr28aojm4ZgOSkrKlMBiILy%2FDqpw9QYVUly%2BoiBD60fz5NWoPNQjSyUhOicBHKb4LMJEvmbaiO6Q6WLqb9Vv9gZwko0tRehcTvkT0ifIUxIIO5%2FCp2mhAZ1SriQjz8r03AjGJSpQ6cCb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 73b5b849fd410c19-AMS
expires: Wed, 14 Sep 2022 23:30:45 GMT

GET
H2 200 swiper-bundle.min.css
hero.galaxydays.xyz/assets/css/plugins/ 13 KB
4 KB 162ms
160ms Stylesheet
text/css 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hero.galaxydays.xyz/assets/css/plugins/swiper-bundle.min.css

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

291ca314fba8a9ee028905062838119c8e89fe27c2ede7b60470ee6f8313f084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w09EwbVoxTxrthFQ7fbews01tWthezXxXP%2F7vx7HuDpBuJ6CHbi5S7%2B6Hr0hcB%2F09LOj%2FIBLzotPsTNfX3yPP5UaN7nnChBmRoBZbcxOzG%2F7yPG2hEQcMx5C4GQ6EfYJG0vBTsDMm2cRIvhniwwoSlV6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 73b5b849fd420c19-AMS
expires: Wed, 14 Sep 2022 23:30:45 GMT

GET
H2 200 style.css
hero.galaxydays.xyz/assets/css/ 100 KB
12 KB 211ms
209ms Stylesheet
text/css 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hero.galaxydays.xyz/assets/css/style.css

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

84d9b6b1687c25d0b58b8f0d107c24a202b7e1a8572f6cf7e93e3ed521ff7695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJNZYq6vKGoYzmXhw%2FLEXGM8bCuqLSxBA4we44qHhdRqftIxTgR287441aJQsy933hGNy8UF9fb16m0YLp2QiydwDthqNo9mZRbk2FI4ZwN1TLSINx5FbvPbNV0hgZnlDYnL6rYMoZV0XYFsLT24DnRo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 73b5b849fd430c19-AMS
expires: Wed, 14 Sep 2022 23:30:45 GMT

GET
H2 200 styles.min.css
hero.galaxydays.xyz/hive_space_theme/build/css/ 261 KB
40 KB 375ms
373ms Stylesheet
text/css 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hero.galaxydays.xyz/hive_space_theme/build/css/styles.min.css?ver=6.5.3

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.30, PleskLin

Resource Hash

6d67f2154db419c1209e3309ef35f50b202f384834a2d5f9a9586a030f7b06ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.30, PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zERDxAM2k%2FBDIEA%2BsHbWw3Anyo5mnfykcHPQUHd2GRnRz41HW%2Fs6vWrw9PlF0LuQ%2FDzaeJZcFIEwgfxQdFoq9PZJ48fz1%2FX9rcYxLYN4qF3MIaD7uokDqPvrGOXJLK4BGIRz4vGhT%2Bo1zSpQGFA1nhI%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 73b5b849fd440c19-AMS
expires: Tue, 16 Aug 2022 23:30:45 GMT

GET
H2 200 free.min.css
kit-free.fontawesome.com/releases/latest/css/ 59 KB
13 KB 160ms
46ms Stylesheet
text/css 2606:4700:3035::6815:5cc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit-free.fontawesome.com/releases/latest/css/free.min.css
Requested by: Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5cc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 513
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: YN61ZDYT6T8MQ90J
x-amz-id-2: 9764nUDBFllI1vF3qAi19PPYwNm9Mnm9Nz5O67vhgxWhScXzBgi/H9ie15x1C9zYcU9HvacVBOo=
last-modified: Wed, 04 Aug 2021 21:22:50 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbLrIlTB3PD%2BVP%2FVlmkZ%2BzT29K0j4LcueKycJjgVJ2ILx64PSuddRYn%2BYp4oqgLyw7ZxujHUokv%2F0NkBJjnbQ%2FZQ0J8cHZF%2Bjcoxj5jubyvmV1UdeomE3HJ2cAmaq81ZNoc4ySrI%2FJMO%2B%2BcFJJE6t%2F%2BUue6tpA0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 73b5b84abc5e9025-FRA

GET
H2 200 shape-2.png
hero.galaxydays.xyz/assets/images/shape/ 127 KB
127 KB 440ms
437ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hero.galaxydays.xyz/assets/images/shape/shape-2.png

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

c58ee658553925730d72957baa3a3c104dc0ffa7151bc5a803852b8a4ba28846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:45 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 129593
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdLPek2HkbNcIPJESWaJ9665FZCfWPO%2FlJbDiFD5i3PIjs7N8RcUWRclOcTyLOcjcSvhKXpJAsufMISDv%2BIwHTZOr4Kd99zm0Qsl5WF6Sbxv8nNUwg0KDeyl9rWCq78GOD3ErIk%2BcN7LavWI%2F0EZDLVK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73b5b84a1d530c19-AMS
expires: Tue, 15 Aug 2023 23:30:45 GMT

GET
H2 200 shape-1.png
hero.galaxydays.xyz/assets/images/shape/ 28 KB
28 KB 432ms
429ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hero.galaxydays.xyz/assets/images/shape/shape-1.png

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

e837a41e656b5d9723e0b7d1e652ddca3e755ac670304718f3d387bd8ba80fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:45 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28738
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vPVil%2BO1qCXUGf6ZdLgZgMm2dOLRforOYr%2F4Nhrx7HK6TmlBlK9pEAcUFrEj%2FoC3noKoYUoWNtQRqF4ef2jfKmpb6axc7uk7EbzTXaOZlXoxcgh9UjSZ64BfmXU4LM6g8fl2meRIv4iE6XvdxLYPG7r"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73b5b84a1d550c19-AMS
expires: Tue, 15 Aug 2023 23:30:45 GMT

GET
H2 200 dots.png
hero.galaxydays.xyz/assets/images/shape/ 21 KB
21 KB 4834ms
4831ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hero.galaxydays.xyz/assets/images/shape/dots.png

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

5da2b3c56961c7cf7a5df550e60ad61e09f1ec2bd74bdf76220e9af687d17c1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:50 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21424
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNULRY9FqM4si4hRmvQvz6ix3y8JmOwY%2BHatZ9YQB02DZCUCje8Z37K87oqqUJ8%2BopITP0bJfPs3LmoYQVHigGTs%2FJUk1CjFmbFnWcePAGJm5tWO%2Bl1SWc05lIoX7bYdhKl4vIU3fbwx2XRHUmH%2BbH7v"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73b5b84a1d560c19-AMS
expires: Tue, 15 Aug 2023 23:30:49 GMT

GET
H2 200 short-links-and-earn.png
hero.galaxydays.xyz/assets/images/home/ 46 KB
47 KB 456ms
453ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hero.galaxydays.xyz/assets/images/home/short-links-and-earn.png

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

45352aa5305f57b2b031e6ecd61a49fa1fa78db0b84b0e2c1c7030d3b8d478b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:45 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47534
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yc2eqNnGGMkh1%2Fpcj8Vy3wd%2BthkeTF3ovFNHgyEJN79BLhLkBlj2wNghsJb75NNkwNuTn7Ebx5jLnqOMl8%2BrF5nX921wqb9rsoPhhxnOHDjGXJSiB%2Blvc%2FwCWQ%2FO7IVTZA7j2NicPWm65gfAwdi1aSEn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73b5b84a1d580c19-AMS
expires: Tue, 15 Aug 2023 23:30:45 GMT

GET
H2 200 shape-5.png
hero.galaxydays.xyz/assets/images/shape/ 7 KB
7 KB 409ms
406ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hero.galaxydays.xyz/assets/images/shape/shape-5.png

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

72961d1a94f7e3ef382eea07d53cc70332fbbcf0179e94ad21962b55845f789f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:45 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7077
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHmk4PPWC7Uj4tNguyAcbajnEPkH9oKrQ6uiD8GKM7ctbbdQVjRgCYiosYuPmcCUlYO8XSzJW%2B%2BHS5NzLQZtTc16e5Iot1Uv3y1KMA%2Bl3JG9%2FxsTF3LgN07jsc3xwQK552JqCLp8iO%2FuMvSgWgBxc6H%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73b5b84a1d5a0c19-AMS
expires: Tue, 15 Aug 2023 23:30:45 GMT

GET
H2 200 hive-space-theme-power.png
hero.galaxydays.xyz/assets/images/home/ 264 KB
265 KB 365ms
363ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hero.galaxydays.xyz/assets/images/home/hive-space-theme-power.png

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

a27a4e2dc65fc26c6bec8b0f653f43904f219fc167fe1f6c9aa37155ea4b789f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:45 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 270232
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAbT5tPx38iouYFutvW1VNx0my9%2Bie0D7stoQewQJeUKnkIewSS3wH5USFjoMMxAm%2BOtaVHRIYnwwt8%2BitcuZL3tAgp2VoRbhSCL5BQtmjJRlI%2BoPP2%2FFr949RA0k%2FmUnTmzw5NSjQFKXB%2FxSUe6crKZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73b5b84a1d5b0c19-AMS
expires: Tue, 15 Aug 2023 23:30:45 GMT

GET
H2 200 dots-3.png
hero.galaxydays.xyz/assets/images/shape/ 26 KB
26 KB 330ms
327ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hero.galaxydays.xyz/assets/images/shape/dots-3.png

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

49ce4700e62152bb26ab976997aeb9590ec32b2b87e7284e630b6648b1988d4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:45 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26684
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8wPf6wQyr1p6GyyVnZ%2BunHEkuC7%2FHwPwk4E55085jPCx5vEdfySLGQR%2Bws5CRsQid17eA6dDuJTBw9IlD0vmXM2sG6UIQ%2FBPrgU7x6rarYl66CrQRXvBg3LU98WEfmrXwQfU%2FDdLXeNXpG9fQQd%2BngC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73b5b84a1d5c0c19-AMS
expires: Tue, 15 Aug 2023 23:30:45 GMT

GET
H2 200 author-h1.png
hero.galaxydays.xyz/assets/images/ 3 KB
3 KB 329ms
327ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hero.galaxydays.xyz/assets/images/author-h1.png

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

1d4f866c6246f989343b154d69d4f60ea7181ea9749c817cd93bc8ac74665f6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:45 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2611
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0es%2BWvhejc%2BVkO%2BMdZPph6eH9JchI01HJ3ZrIHwnPU%2Bmj5ev5tmNRgWo4w%2FPhbgg%2BxDtjY04lKGFfTdDhP%2FEcNYtny3XEIFC4%2BcBBqfIpWiK5QnrjnM1mPNNMO6kl1DVINzA8b%2Fx1xFNUCC7rASOtPAe"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73b5b84a1d5d0c19-AMS
expires: Tue, 15 Aug 2023 23:30:45 GMT

GET
H2 200 author-h2.png
hero.galaxydays.xyz/assets/images/ 22 KB
22 KB 2970ms
2967ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hero.galaxydays.xyz/assets/images/author-h2.png

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

93edcf1958b672e97a12549534cc89e40156874b07ca7a99906a56221f05bddc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:48 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22298
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=um4Yhe90ocKCoxB0D8RQRIF3XA3pjQMnaVTiLdLLru55OAbveJ7ivkALTMToyR5V7UWc58GdBVJLYymYVzFBuw9Wx1dKaDdcOhNPBpcKSCXvkCsMftP12x2GYGonDjYVGWdkxLQr3S8HomuyIfRtOjmY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73b5b84a1d5e0c19-AMS
expires: Tue, 15 Aug 2023 23:30:47 GMT

GET
H2 200 author-h5.png
hero.galaxydays.xyz/assets/images/ 3 KB
3 KB 209ms
207ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hero.galaxydays.xyz/assets/images/author-h5.png

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

e64b2d40b74ab47fffcf42cf7a2c4858b09f7c72369ed4f960f92f4ced662ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:45 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2722
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YYq9jtB6lpXr%2F%2FEBMcTzxYA%2Fo3oRBxAVDoN4Ek%2BnI0X7rxS2nV2MVOWa5bhtxglDaO%2F8W7hxNmqoETTTaqL7JAJE9jPyvnY%2BQt46cOSo2S4OhOKVdI4B99%2BMWzf1yK7O7qi8qaVgUSCNkrMGHLpj5pYm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73b5b84a1d5f0c19-AMS
expires: Tue, 15 Aug 2023 23:30:45 GMT

GET
H2 200 author-h3.png
hero.galaxydays.xyz/assets/images/ 72 KB
73 KB 296ms
295ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hero.galaxydays.xyz/assets/images/author-h3.png

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

c0ce3645d32bab13196e10c586beec9b5b9be88487b5823d0e60805d7baa43e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:45 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 73879
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UO4ZasmQX69A6ALCyBXqQWzlqxWutmq7DjKq1uimklFsQLdZhMvXwE81G5c%2F2SxCL0tS9k6scQwrx5gCSJeJeLCBX4%2BqX6FItNm0BKecwA%2FNJgj8xbUbJEUalzNT%2BxLamCnckerL%2FrAVjztvDfh6sC84"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73b5b84a1d600c19-AMS
expires: Tue, 15 Aug 2023 23:30:45 GMT

GET
H2 200 shape-6.png
hero.galaxydays.xyz/assets/images/shape/ 4 KB
4 KB 328ms
326ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hero.galaxydays.xyz/assets/images/shape/shape-6.png

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

b8d77b73891e82cc952d959b926d0e1a60b9c80daa3d4d5332edb713803fe67f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:45 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3883
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gowDkZsHSo5Q5HgU0IK43Dk6mtV7pzHcqEfnkMLHoLYqlTELkwiZWoRDj2aTFYcw9Az%2F6SmtZ0Ch8x%2FbFljYWoiz1KGQRBpvPJXMV9h%2Br6vQQNa7D%2Bj5twjZhJx4%2BQSFCJeQevm3PpR8HT620waVX8fV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73b5b84a1d610c19-AMS
expires: Tue, 15 Aug 2023 23:30:45 GMT

GET
H2 200 hive-space-theme.jpg
hero.galaxydays.xyz/assets/images/home/ 134 KB
134 KB 327ms
325ms Image
image/jpeg 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hero.galaxydays.xyz/assets/images/home/hive-space-theme.jpg

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

82a330f2b5cf5e181429eb123b0a5b00406ad99a251677527d6a230ad0a20c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:45 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 137100
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRupUEpOPorfh0LcVIVnR7g4Ej%2F%2BZOP319qeeR8r%2BqdaM%2BGfmdaLExRwmfGugvnfBHBz%2F4Gn1XhRvD1h7LrsH2RDlJr31%2FN1NY4ohWx0KwLUBo2WT1eUCCbyrx41JldMZTW8n3K5J5De68RqH16J8EFa"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73b5b84a1d620c19-AMS
expires: Tue, 15 Aug 2023 23:30:45 GMT

GET
H2 200 email-decode.min.js Show response
hero.galaxydays.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 29ms
26ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hero.galaxydays.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Aug 2022 17:04:07 GMT
server: cloudflare
etag: W/"62f29387-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0LqWENOR44Q%2BF1juYtVXV9umLWhhExgOgGZ1F6SyCllmY2YI7KnIW%2FYbfCsf1mKqTsAS8Z2mjSF9gPdbH2M%2BOskeebhZPJj29jYFqws%2Bvj5agqrG7XIPnfyRyi6i9dKNIwQgYKhkKWeM%2FvXE4Mfw5S95"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73b5b84a1d4f0c19-AMS
vary: Accept-Encoding
expires: Wed, 17 Aug 2022 23:30:45 GMT

GET
H2 200 ads.js Show response
hero.galaxydays.xyz/js/ 191 B
460 B 416ms
412ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hero.galaxydays.xyz/js/ads.js

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkjazE0UmDJGcou5HauPeiD8U0URpOZkP4Z7YFaVzEtTBJbexhnV6HrkW8VBaE5D43QahBU4TNwqaQg11zXM4WBPredtzIQCjuNzGp7rxbWZZ4Qy7G5O2J%2BX6Ld%2BJdQQVxM9Km9iRdvT8yVsjr0KJQ5J"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 73b5b84a1d500c19-AMS
expires: Wed, 14 Sep 2022 23:30:45 GMT

GET
H2 200 rocket-loader.min.js Show response
hero.galaxydays.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 39ms
37ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hero.galaxydays.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Aug 2022 17:04:07 GMT
server: cloudflare
etag: W/"62f29387-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fp%2Fzx2TGFw%2B0%2FxUMlEkT3%2BuHYV6T8U%2FU%2BsegEcOaKbu7VBgUfR1IYsS1NOP5KMTkjoFbwgnueaI%2B%2FZSjBS1YnT06D0W%2FJjbGdK43upvjwbYU8dGhe7farUTvXghbgHIcKDfPcYhff3ryQGgZl4FycGZ8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73b5b84a1d640c19-AMS
vary: Accept-Encoding
expires: Wed, 17 Aug 2022 23:30:45 GMT

GET
H3 200 css2
fonts.googleapis.com/ 10 KB
669 B 110ms
43ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/assets/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e348cc4c328f9915c3b7b87a0a9659e0b2389ce112151c13f30af26cec748a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 23:21:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 15 Aug 2022 23:30:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Aug 2022 23:30:45 GMT

GET
H3 404 path-2-copy-2.png
hero.galaxydays.xyz/hive_space_theme/build/img/ 3 KB
3 KB 268ms
267ms Image
text/html 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hero.galaxydays.xyz/hive_space_theme/build/img/path-2-copy-2.png

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/hive_space_theme/build/css/styles.min.css?ver=6.5.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.30

Resource Hash

63028f774a4a116faccfc3cf6c240123686363a2333b47472b6aa9531caf3830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/hive_space_theme/build/css/styles.min.css?ver=6.5.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.30
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ascdxx1pusGfRAqkBv1c37YsUEky5in7aopgRgL%2BNmeY8LlrdqDGYHiAI0e8RH771nycXqBuNx1VlYpzTWqzuXy8FMpTLgX998vr3ho0RumSv3LOscd4O8LfbRoZfa2sBGT%2BvWXP8t%2F2Hg5fjF9HcmAc"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 73b5b860aa43b926-AMS
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 lines-2.png
hero.galaxydays.xyz/assets/images/shape/ 14 KB
15 KB 245ms
244ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hero.galaxydays.xyz/assets/images/shape/lines-2.png

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/assets/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

0268660be15597f6868394fc1e3ee92c2c41c2dd434c277389e6624b4e8e41e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14385
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0gl0yQawHAy0TG%2BXCBgRoH8ioXPOKKpVAIi%2FM6Jd2gsLMQO1VvhBNcWI%2BzQain8%2BXjtnEIn5KEcU3G52yNOx87ViAneDUj0TmzFGOVbePu5tYaiGwztNEVbo7jeSMRi3tS0R8bDYz%2B9IUEzyWa1FdKfH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73b5b860aa46b926-AMS
expires: Tue, 15 Aug 2023 23:30:49 GMT

GET
H3 200 testimonial-bg.jpg
hero.galaxydays.xyz/assets/images/ 450 KB
451 KB 316ms
316ms Image
image/jpeg 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hero.galaxydays.xyz/assets/images/testimonial-bg.jpg

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

1c36097e7e2e460286cad905b38dab7e6d363960ba4bcbb6e311fd2d50da17e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 461103
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSSCDs7PPL5VNtARwA75Tk%2Bb7B7Ofi0ZTH8VUxQfzE4J8KbPjuwYc0qtuF%2FnMu8Qfyf65Q4mR0a3SMouMgIka5v6%2FJ%2BVRY9si6e8v3accQi505We1sc2Rf9R%2BYEap9rxGEOQeQCOWBVzLVTxZynS7cv5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73b5b860aa47b926-AMS
expires: Tue, 15 Aug 2023 23:30:49 GMT

GET
H3 200 shape-3.png
hero.galaxydays.xyz/assets/images/shape/ 11 KB
12 KB 307ms
307ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hero.galaxydays.xyz/assets/images/shape/shape-3.png

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/assets/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

9465f22471a59cfccb0babd801238ca8654ff19d2ecb575f40a6213ead6d4582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11471
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0topnPaITbnkDCAByHbTgpOycgJ%2Bcv70kIHgARULDEjpDFKVEp0YttYKOZdGyQ0B6sAT7CzDohrI8AzemqGFhO3PjAwvoWL7CwyiWODYRxHca4Rxa2iwRTXXOl%2FZbeP97xKP0xBX7yRcSmTmohcma2aC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73b5b860aa49b926-AMS
expires: Tue, 15 Aug 2023 23:30:49 GMT

GET
H3 200 footer-bg.jpg
hero.galaxydays.xyz/assets/images/ 141 KB
141 KB 33ms
33ms Image
image/jpeg 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hero.galaxydays.xyz/assets/images/footer-bg.jpg

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

583fd70b585babfebd7808ce5eb5f631e04632388a829297dc92d83b5942e141

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:49 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167506
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 144035
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9853%2B2RLRGtqWT2n4OT1pNuXgPIWzWqXqshEvcZYDoQlOGbJC2hKtrzUaPqoalUlVw1pk5%2BIF0BhOC8A%2FmBIPd5n7ThGcaN6kEafs3GJEL8Pd5Oz32tL2b6v%2BWa%2B8SP52PvQV3twuE2H%2BgAiV87BBLl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73b5b860aa4bb926-AMS
expires: Mon, 14 Aug 2023 00:59:03 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 113ms
37ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hero.galaxydays.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 03:24:20 GMT
x-content-type-options: nosniff
age: 417989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Aug 2023 03:24:20 GMT

GET
H3 200 free-fa-solid-900.woff2
kit-free.fontawesome.com/releases/latest/webfonts/ 76 KB
77 KB 454ms
416ms Font
font/woff2 2606:4700:3035::6815:5cc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit-free.fontawesome.com/releases/latest/webfonts/free-fa-solid-900.woff2
Requested by: Host: kit-free.fontawesome.com
URL: https://kit-free.fontawesome.com/releases/latest/css/free.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5cc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer: https://kit-free.fontawesome.com/releases/latest/css/free.min.css
Origin: https://hero.galaxydays.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:49 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: PW203Y7K7GPYCJGQ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78168
x-amz-id-2: RR1pvIuSDGgtsBa2r6qGhvA7/ubz1jmBQqXOPA0M86kOwTnqNtlkkmhDdsDl/LYWxmrvRIOhQSs=
last-modified: Wed, 04 Aug 2021 21:26:53 GMT
server: cloudflare
etag: "a9fd1225fb2cd32320e2b931dca01089"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQZZE8ZdfbmP9%2FJjzMqfr3ak2a%2B2VivF%2B9AYDVY0wXq85cmILMULQCRoyX8P8zeKQapVluzSHUy%2BZOOj5Dai5WrNWxthoqXPXcvCRC5SU7mFSTJceVD1C%2BrXEwa%2Fva8UMIxeJTqnUvUd6qUegthcuhmE1LNH8ok%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 73b5b860eed15c26-FRA

GET
H3 200 fa-light-300.woff2
hero.galaxydays.xyz/assets/fonts/ 142 KB
143 KB 279ms
279ms Font
text/plain 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hero.galaxydays.xyz/assets/fonts/fa-light-300.woff2

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/assets/css/plugins/fontawesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

5abc742b577d1d20dd9946b8c3943717033307cdb707c1a7c5066896a0a5401f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hero.galaxydays.xyz/assets/css/plugins/fontawesome.min.css
Origin: https://hero.galaxydays.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:49 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 145656
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4l9X21RzBdRoGTOCNKF2zouMZHAM3uXgIiSJVerJ0Z%2Bw3kpboTXOgAju5votwGWdQrBrsEPV6ybmafUFs97pQQb283h0PParlXL8BIhl1im9UiKJY7tsv3qAJgKTXiTHioVf%2FlDokKePdFTOfc71wLB"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 73b5b860aa4eb926-AMS

GET
H3 200 free-fa-brands-400.woff2
kit-free.fontawesome.com/releases/latest/webfonts/ 75 KB
76 KB 484ms
447ms Font
font/woff2 2606:4700:3035::6815:5cc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit-free.fontawesome.com/releases/latest/webfonts/free-fa-brands-400.woff2
Requested by: Host: kit-free.fontawesome.com
URL: https://kit-free.fontawesome.com/releases/latest/css/free.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5cc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

Referer: https://kit-free.fontawesome.com/releases/latest/css/free.min.css
Origin: https://hero.galaxydays.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:49 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: PW2AG16TWQBAHXYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76736
x-amz-id-2: kf9m5rjRp1t/kaCaeZbC6WT1iPovo6tWVq3bdCTjqS+L1JHx01ajUB+yQG4LEn6K9Fnx6OlY6so=
last-modified: Wed, 04 Aug 2021 21:26:53 GMT
server: cloudflare
etag: "4f5ec865a8274ab291b6a42b5f70639e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JrkFZ%2BEJe3xXDp2Z5uQn%2FOjpERIC3T5phvPhkDwRLlaLVozFaxlMOvcGJFEaAST1zBo7NxBHr%2BovK1AV3ED2AfyOg8fMcvuBFiEY1eK57icAoFZvWH%2FXwMnHzdO98%2FdA169R3sEceVm3RSCNieNx9AlyySlYlxY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 73b5b860eed45c26-FRA

GET
H3 200 Flaticon.woff2
hero.galaxydays.xyz/assets/fonts/ 3 KB
4 KB 297ms
297ms Font
text/plain 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hero.galaxydays.xyz/assets/fonts/Flaticon.woff2

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/assets/css/plugins/flaticon.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

0e7fb0e7b85b9fbe8362adc890e2d117e2c36c489272eb54583c6b00dd0f8273

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hero.galaxydays.xyz/assets/css/plugins/flaticon.css
Origin: https://hero.galaxydays.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3124
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdwnzcpE%2Fr4O5BPGe6chaqVcOGpTiHxM%2F4SYV253hcBqMEMREIj4Y7ZvuyzfoUSZZuYvO1kfY9%2FMIKQUxWug6toDqfoOF7o%2B9XroWpjmQogSR98z0C6hJZB8jONdw7vk0VmU%2BNuiM7gTtt6%2F9TWWY3ji"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 73b5b860ea89b926-AMS

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 921 B
998 B 154ms
41ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c99a9493e8e78abb9c1a38ae8c4cb5a1175b9d0dfe262b7cda9fea1ad1c700cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 585
x-xss-protection: 1; mode=block
expires: Mon, 15 Aug 2022 23:30:49 GMT

GET
H3 200 script.all.min.js Show response
hero.galaxydays.xyz/hive_space_theme/build/js/ 29 KB
9 KB 3637ms
3637ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hero.galaxydays.xyz/hive_space_theme/build/js/script.all.min.js?ver=6.5.3

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.30, PleskLin

Resource Hash

d788d68b273f54d2a837bc024b702edad068ff587ab5fe95c594327c7bebe517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.30, PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0W%2Fv3zENi62dBgAdX%2FN29mLe9SDygqeTA9u6hzski8uyFm7eOT8p0gich4LeE3hYtzPHWJSU%2B7VyRNMbKhg9nmDTpxiQD2lE5LEe5GrzMNQ38V1ZgnPzbk782fG3mkm%2F7c84RFi%2F8QboqPFMRacELhq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 73b5b8611ae5b926-AMS
expires: Sun, 14 Aug 2022 00:33:15 GMT

GET
H3 200 script.min.js Show response
hero.galaxydays.xyz/hive_space_theme/build/js/ 201 KB
62 KB 329ms
328ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hero.galaxydays.xyz/hive_space_theme/build/js/script.min.js?ver=6.5.3

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.30, PleskLin

Resource Hash

ca9b111956fde7ed8838df402ff93bd224cddb56a57fa15fb3752f9cebbdfb28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.30, PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8X%2B39Rv7hQ69h5azAfqt%2FQK%2BF%2F1IOqPrmJBpmoFJEqMZY5zuXknmZMidhkqvEhld%2B3uq5R6uIQ%2B%2FXLfbuXvxxFAorazYWPHnbct8B2EHOVViL0aCOwK3t8qZVQgzP7Y8RXxfp1l2tirFFe%2FBC%2BbMg9N"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 73b5b8611ae7b926-AMS
expires: Sun, 14 Aug 2022 00:33:15 GMT

GET
H3 200 main.js Show response
hero.galaxydays.xyz/assets/js/ 2 KB
1 KB 44ms
44ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hero.galaxydays.xyz/assets/js/main.js

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

4f6fbf755d85942ee634546833e295905f5c7bff7607c893aabbc149365964c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167506
x-powered-by: PleskLin
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQxv4i%2FsAd1CLDxj4%2FssYCSHs%2B2%2FfbZz0O%2FEAjbMrWkFLjHfyl3siuQXMYrS9pUESCw5el7TqnUXiNM0OmREOZXhZnlkwiepp7kVlCP9Dkv5I7jtCdVwg2IhBpodqzux2NEzNCaK06DGJZGABWJAWu8%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-polished: origSize=5980
cf-ray: 73b5b8611ae8b926-AMS
expires: Tue, 13 Sep 2022 00:59:03 GMT

GET
H3 200 wow.min.js Show response
hero.galaxydays.xyz/assets/js/plugins/ 8 KB
3 KB 44ms
43ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hero.galaxydays.xyz/assets/js/plugins/wow.min.js

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167506
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6e3cBrCOgYeCwoKXUkX0c3ds4ONIoe%2Fftb1AGJCv2S7ceu1%2B%2BkpkVuY5xErpVzwSFee%2BXCTEgErJMxWmJoTwwoWqyQI36jWvS4azxqUzBuGmh2EZx%2Flk%2FnUFYQhgTbt4BPDPOeExr1Op01LfbX3u7QZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 73b5b8611aecb926-AMS
expires: Tue, 13 Sep 2022 00:59:03 GMT

GET
H3 200 scrolling-nav.js Show response
hero.galaxydays.xyz/assets/js/plugins/ 397 B
866 B 45ms
44ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hero.galaxydays.xyz/assets/js/plugins/scrolling-nav.js

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

dc35dab50085181c956a04d0f716a0752f871e468023aa61ca6895bc05918a30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167506
x-powered-by: PleskLin
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=syg6YmHAcDC5HOYiTJQrOFYUZEsG7LsAQpVmC9f1VhIeDEZwblsGNDJgaZjUyN%2Fyo5WFo1sE68KW2dcoHEedN2DQWf2ZxmKkW%2Bt0n%2FxLqYv9FcsPtvHZ5VLgF0Ji67k1cjhCg7Eg9ycV%2F%2FPHLiY2Re3t"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-polished: origSize=655
cf-ray: 73b5b8611aefb926-AMS
expires: Tue, 13 Sep 2022 00:59:03 GMT

GET
H3 200 jquery.easing.min.js Show response
hero.galaxydays.xyz/assets/js/plugins/ 5 KB
2 KB 278ms
277ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hero.galaxydays.xyz/assets/js/plugins/jquery.easing.min.js

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

ecfc183e33d25d24aa7c06218e0a413488fff8774e4b4b87543c766db9b0b8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAP%2F%2FLEnqZJi8ffMyWXVFZxXVdBOKzXCIGkrM03kk6ehUNTkKadAvQX1b9lfamzOa5Whn6AOp78EkJ%2BG%2BhWDM6IU2OOn5xMtqEp%2Fev7W78nFwo5VS1n2053Tla75XhQlgCJpUU8x5RVA6FxSqY2wE%2FnE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 73b5b8611af0b926-AMS
expires: Wed, 14 Sep 2022 23:30:49 GMT

GET
H3 200 swiper-bundle.min.js Show response
hero.galaxydays.xyz/assets/js/plugins/ 136 KB
36 KB 69ms
68ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hero.galaxydays.xyz/assets/js/plugins/swiper-bundle.min.js

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

b6a8d6c157f4adf5ea2ba79be291ab52fe3d0fed3c54673e95623f60b1931e00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167506
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JeKD9%2FdoWMBya5Tk4hbugtfr8yjOxFL5Zy%2FP6%2BYM4RaAEwX9R4K35dAAj4vsM%2BFYgtBna4bo5a4jir9Ovtd1VgVrcsTiJgoobrvhK5AZ6cEnYD%2BWlkrZz51%2F46Sz8NCTV5x6VlrsR3%2BdMSDWWFgyG7jk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 73b5b8611af3b926-AMS
expires: Tue, 13 Sep 2022 00:59:03 GMT

GET
H3 200 bootstrap.min.js Show response
hero.galaxydays.xyz/assets/js/plugins/ 59 KB
16 KB 44ms
43ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hero.galaxydays.xyz/assets/js/plugins/bootstrap.min.js

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167506
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5eXB756zNKEYMbN9S0w0LRsPYkrEAdu8SuvI9kKZeiPSlHV6%2B%2B52%2BwYC5KEivEItkDqPIHKwp3b2jcGlMpa65FUlj%2BE52SArEXcfAFqDvKkVSrs%2BuC4D9CwwwtSWqX94HWaD6F%2BVK%2Bhj5TxLw7d2GmQs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 73b5b8611af4b926-AMS
expires: Tue, 13 Sep 2022 00:59:03 GMT

GET
H3 200 popper.min.js Show response
hero.galaxydays.xyz/assets/js/plugins/ 21 KB
8 KB 71ms
70ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hero.galaxydays.xyz/assets/js/plugins/popper.min.js

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167506
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDB%2FyaPzmd0%2FdhF2nlcXtfXKW3Zysol3ygpDuYJZ%2B1%2FUbQfoQ1FvzX304L7N440in6rSRnLy%2FPz5BSylRomD6nvhpxUGcKkHqZycYCIhS388MzfYeZBbMZ97dG6ZVtQj5xpPBatHZLSnmB%2FHoM%2FENM0k"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 73b5b8611af5b926-AMS
expires: Tue, 13 Sep 2022 00:59:03 GMT

GET
H3 200 modernizr-3.7.1.min.js Show response
hero.galaxydays.xyz/assets/js/vendor/ 8 KB
4 KB 72ms
71ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hero.galaxydays.xyz/assets/js/vendor/modernizr-3.7.1.min.js

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

3202dcecca9f2ece9708dfd74cee1dfd4bc07e97779e8760510dd770f80bc83b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167506
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPNjArAqzyADDbzS2%2BxD59j4%2BguIomfaXRrC5B9ITxaB9qEIM94S8%2FqaW4Vu1YXZN9xqAlDb5cx1mXC6nKfgAEVypB0xf10xz19QJ0%2BUniviHUwun04fsQf9TmzUl1%2B4th2dxxpF4JUyckoISsAqPy1o"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 73b5b8611af7b926-AMS
expires: Tue, 13 Sep 2022 00:59:03 GMT

GET
H3 200 jquery-3.5.1.min.js Show response
hero.galaxydays.xyz/assets/js/vendor/ 87 KB
32 KB 72ms
71ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hero.galaxydays.xyz/assets/js/vendor/jquery-3.5.1.min.js

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167506
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 13:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8a0lqmK%2BR8i5FIcDmsXzAuaxJMJxJl%2FvuTwo1t5939CyVcMr6Nav3S5fIPiYPoiZO6BKH%2B3QSNlW5Rdv7LuHe73rEYxmYaFN7PZkKvrRnA5WOuiCsOrPIrcUxatf0wna4oTq03KWipcZkIwhweMWW7p"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 73b5b8611af8b926-AMS
expires: Tue, 13 Sep 2022 00:59:03 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 170 KB
57 KB 150ms
54ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4669487658263884

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

257fb1d5126ed0dff3dbeac8a83a35fe1aaca064f59a761a4c2747f6b9aa9082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hero.galaxydays.xyz/
Origin: https://hero.galaxydays.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57580
x-xss-protection: 0
server: cafe
etag: 6916372052723507747
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 15 Aug 2022 23:30:49 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/ 341 KB
120 KB 131ms
64ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4669487658263884&plah=hero.galaxydays.xyz&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=-1&asptt=-1&easpi=true&asro=false&easai=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4669487658263884

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0991fd1d91fd5255d1c06705273d8cca63329b090c2b21f5ca46463fe2a50e89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123143
x-xss-protection: 0
server: cafe
etag: 5034585599855657943
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 15 Aug 2022 23:30:50 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220811/r20190131/ Frame 20F3 10 KB
5 KB 119ms
31ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220811/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4669487658263884

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hero.galaxydays.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 61375
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 06:27:55 GMT
etag: 8616628553774171045
expires: Mon, 29 Aug 2022 06:27:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
644 B 160ms
43ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hero.galaxydays.xyz&callback=_gfp_s_&client=ca-pub-4669487658263884

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4669487658263884&plah=hero.galaxydays.xyz&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=-1&asptt=-1&easpi=true&asro=false&easai=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

9d11d0e8f6852c1af4c0f970c4f66ce2e8b3dd5f69c0431009221200ce1ba4dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
792 B 208ms
42ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=hero.galaxydays.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 23:30:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 128ms
42ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hero.galaxydays.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 23:30:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D6E8 168 KB
48 KB 462ms
392ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4669487658263884&output=html&adk=1812271804&adf=3025194257&lmt=1660606250&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhero.galaxydays.xyz%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660606250285&bpp=5&bdt=4871&idt=215&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1378812971189&frm=20&pv=2&ga_vid=1317155586.1660606251&ga_sid=1660606251&ga_hid=324522123&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44770731&oid=2&pvsid=4471790220512976&tmod=1952648120&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=228

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

592cbf7e12bc4b3257a58f43477ddd448f67fe4324c348752545552c40d86096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hero.galaxydays.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 48778
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 23:30:50 GMT
expires: Mon, 15 Aug 2022 23:30:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ 606 B
388 B 44ms
44ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Google+Material+Icons:wght@400;500;700

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a3a37423b5ac786af7b9a905ab9cb84ce756cc350f7e2c8329f2558a7164f04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 23:30:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 15 Aug 2022 23:30:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Aug 2022 23:30:50 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 68ms
68ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-4669487658263884&c=18&e=44770731&h=hero.galaxydays.xyz&ld=en&lx=en&m=0&n=0&o=a&p=28&t=0&w=637&x=6&sap=0&tap=1&bap=1&nsr=0&im=0&mo=0&ae=1&fs=1&eid=44759875%2C44759926%2C44759837%2C44770731

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 23:30:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EBA8 88 KB
31 KB 431ms
377ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4669487658263884&output=html&h=280&adk=3088186576&adf=2763401009&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660606250&rafmt=1&to=qs&pwprc=3033397859&psa=0&format=1200x280&url=https%3A%2F%2Fhero.galaxydays.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660606250290&bpp=1&bdt=4877&idt=235&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1378812971189&frm=20&pv=1&ga_vid=1317155586.1660606251&ga_sid=1660606251&ga_hid=324522123&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=119&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44770731&oid=2&pvsid=4471790220512976&tmod=1952648120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yY9Y5AFGJc&p=https%3A//hero.galaxydays.xyz&dtd=239

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a184e5bd9e80006de88400f6a92b6fcd7124cb1814ab541473829567f4f7a5df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hero.galaxydays.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31672
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 23:30:50 GMT
expires: Mon, 15 Aug 2022 23:30:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 e9729a99e2ce9704c0788d1ab658d164.js Show response
www.gstatic.com/mysidia/ Frame EBA8 12 KB
5 KB 123ms
38ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e9729a99e2ce9704c0788d1ab658d164.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4669487658263884&output=html&h=280&adk=3088186576&adf=2763401009&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660606250&rafmt=1&to=qs&pwprc=3033397859&psa=0&format=1200x280&url=https%3A%2F%2Fhero.galaxydays.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660606250290&bpp=1&bdt=4877&idt=235&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1378812971189&frm=20&pv=1&ga_vid=1317155586.1660606251&ga_sid=1660606251&ga_hid=324522123&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=119&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44770731&oid=2&pvsid=4471790220512976&tmod=1952648120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yY9Y5AFGJc&p=https%3A//hero.galaxydays.xyz&dtd=239

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 20:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 355516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4942
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 23:02:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 20:45:35 GMT

GET
H2 200 de03a69b80543f0fa8847e29147a30f0.js Show response
www.gstatic.com/mysidia/ Frame EBA8 11 KB
5 KB 118ms
33ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/de03a69b80543f0fa8847e29147a30f0.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6830d2cbbe2f4c359c873289bbeae9658100a5da81fe00270a7aab7c27cfcee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 20:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 355516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4857
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 23:02:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 20:45:35 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EBA8 8 KB
893 B 42ms
41ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 23:11:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 15 Aug 2022 23:30:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Aug 2022 23:30:50 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame EBA8 2 KB
902 B 126ms
50ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 22:19:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 22:19:57 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/ Frame EBA8 23 KB
10 KB 121ms
34ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 22:47:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 22:47:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame EBA8 3 KB
1 KB 122ms
50ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 22:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 22:54:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame EBA8 17 KB
8 KB 122ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 23:25:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EBA8 140 KB
44 KB 137ms
48ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 23:30:51 GMT

GET
H3 200 8b4497fa63e027c9bb788e6248932fc0.js Show response
www.gstatic.com/mysidia/ Frame EBA8 32 KB
13 KB 109ms
37ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:50:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 11:35:36 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/ 150 KB
53 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc3b303d9ba0050491e9064cf5427015237c6c07d5e813a6027308f1c79a2d98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54703
x-xss-protection: 0
server: cafe
etag: 5311310286402376785
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Aug 2022 23:30:51 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 128ms
44ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=hero.galaxydays.xyz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 23:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 128ms
46ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hero.galaxydays.xyz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 23:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/ Frame 1491 10 KB
4 KB 43ms
42ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hero.galaxydays.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 60770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 06:38:01 GMT
etag: 8616628553774171045
expires: Mon, 29 Aug 2022 06:38:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/ Frame FC6B 10 KB
4 KB 39ms
38ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hero.galaxydays.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 60770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 06:38:01 GMT
etag: 8616628553774171045
expires: Mon, 29 Aug 2022 06:38:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EBA8 0
0 77ms
76ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Czu7BKtf6Yvn7JY_ugAfxob5QoYOK02vOqunInRCYkviHswIQASCA1bs8YJGEoIWMGKABqfDCjwHIAQGoAwHIA8MEqgTsAU_Q61gHhcBbqlmfPBv90us6GzO21HxVsC9O4T0fblsgF6JNXNpRuOV8hQh4PFTT91pUfAYzoFIBCJF6sFKY6rr2fItnUrO-yAz1uwdp1WPweUc9Q-CxdRZvfflq2BGnavhBuEKZssZqtMu4vDaUEW9McbZgtYDCHrDViKwWm8cfMwhxHzk-etrH6tpF0Nd0Xce4K5_hIGag7l4zKtqq-pDn6eGfIqQGx6sUf90EPaFx-Q5x55ZjvUCDXYwccKxN4v7boVY48KREGTOy3jbGF5FpumUGuuVaMYFop4c5bCTkiXyYb4-baPWfrOwswAT14JuN_wOSBQQIBBgBkgUECAUYBKAGZoAHv4-98AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD1qRHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTFYgUAdAVAYAXAbIXHAoaCAASFHB1Yi00NjY5NDg3NjU4MjYzODg0GAA&sigh=usI_buGQdak&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4669487658263884&output=html&h=280&adk=3088186576&adf=2763401009&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660606250&rafmt=1&to=qs&pwprc=3033397859&psa=0&format=1200x280&url=https%3A%2F%2Fhero.galaxydays.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660606250290&bpp=1&bdt=4877&idt=235&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1378812971189&frm=20&pv=1&ga_vid=1317155586.1660606251&ga_sid=1660606251&ga_hid=324522123&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=119&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44770731&oid=2&pvsid=4471790220512976&tmod=1952648120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yY9Y5AFGJc&p=https%3A//hero.galaxydays.xyz&dtd=239
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 15 Aug 2022 23:30:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 15 Aug 2022 23:30:51 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 713D 143 B
163 B 34ms
34ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4669487658263884&output=html&h=280&adk=3088186576&adf=2763401009&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660606250&rafmt=1&to=qs&pwprc=3033397859&psa=0&format=1200x280&url=https%3A%2F%2Fhero.galaxydays.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660606250290&bpp=1&bdt=4877&idt=235&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1378812971189&frm=20&pv=1&ga_vid=1317155586.1660606251&ga_sid=1660606251&ga_hid=324522123&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=119&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44770731&oid=2&pvsid=4471790220512976&tmod=1952648120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yY9Y5AFGJc&p=https%3A//hero.galaxydays.xyz&dtd=239
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 3099
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 15 Aug 2022 22:39:12 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EBA8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b8f48b46f0fa45ccae7cd91c2250ee1a052771b03c08e79c484ba5746d945f7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css2
fonts.googleapis.com/ Frame 1491 4 KB
636 B 43ms
43ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 23:12:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 15 Aug 2022 23:30:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Aug 2022 23:30:51 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1491 205 B
229 B 72ms
38ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:03:47 GMT
x-content-type-options: nosniff
age: 1624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 15 Aug 2023 23:03:47 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1491 604 B
628 B 72ms
38ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 22:31:59 GMT
x-content-type-options: nosniff
age: 3532
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 15 Aug 2023 22:31:59 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/elements/html/ Frame 1491 19 KB
8 KB 69ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:08:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1326
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8368
x-xss-protection: 0
server: cafe
etag: 5162546928090487746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 23:08:45 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4EFD 624 B
300 B 43ms
42ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARiyoMbDATAB&v=APEucNUcO8DWVOF0KNcromdjgSeI832_tBs2FcYPRfDXkSs1fz0jGYchYkJAkt4cFgZPIKrp0DG8AAmgVFx4not7h0A8AB9wvi-cxoGXKOeHEY_4gEQn5vGa7HdsVcBREE7HEZcjli_PqmKK2vTUsBQ0mxi7oNJFOMnXYmF-UOxm7uJ3WKk90SU

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 23:30:51 GMT
expires: Mon, 15 Aug 2022 23:30:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F3CC 62 KB
30 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUmIWVWMuoL6Hy1I8ImMNRAfnfAvVk2PJecVkDGga0RUVs6VHXXoBuQo-dcfqV1n9zKUUmJrTMk3_l0N5k86ZBz6cfBw&cry=1&dbm_d=AKAmf-DkWzGh6AXP2vHWvHKz7B0jwwaLdpluzKcL8Q7cWKrXlxa5CNYVZNvjEu7t3uYgyAv72wFwUoXzF2LSRWOF7196l2TFd1w1aliTjVu3YQ7wZ2H7l6F2OjuRrWm01ZpePSyP207CtJp0dYE68w595dbIuIVe9sLed6ork-uj3-5Q4aZnDsaANdKNBIO2xBAuspIwHuQvMDW_yjN-cduuVD-H5KIfsNzshNeSdWZWeh6ZPNaKX4FsBPbvDJCLNd94cvvWJmGMxMvCc5xE1NmSq1yneFZdLOoDAMqfWDbQ7xgy96eRdHdW6TNTQGsJ7m2iQxwEaFSpJfwCDtTYmFdPT34aSL2gLAZy48cF4nVpxXW_I4Vc7rd3s3EAZ4zDmsStWMDdt2YwXm9nPmVAbEL0c5gMvS32V4TtsVdzUrXgBcDSJ9T7bWMYGhumH6cW6COLmHQjEtI7kQwX9NDSKsNmWFCbrbGTCCFoc61dC2lS-LT6Z2airJuOkZBvQVFyLE4dX_Whr9hayoWf0tLZZCWltsHfqwgLJsLsEUKzjvZ-6L6Nh31Mr4jDLnIo6any3twnVH-42kmGUrxNcx9PdtRS-PL4nEEXimubgTLXW9so1QTQC6G6SXLDPxxWmRhxMozHDKJ69Ocmq2HoVwiqkgW_9hPBlat1LOw6BYK5S1XdownNpIGlxpK1NdMx2zvVIaMZxFq45GIOr1cwqpAEzFSHe_Vi-KmwaYmuqoFTEZlWLuf2D4yT1jhar41G07uZE0e8Xn8K8hoGkXZ7wOrR4EMdEI2yvyi0O45tO8PBLxy4DZ9W86H1xpZG21gmKLNvViw9H-U5JzYvTKbwuhWRT_m0E1glFShPm_uJ9mvDLKcciNxChRGE5gXQyFGeZsGjxoRQFZWL9g16EfAO0e1khXQane5IV2ztNA1sggPBOJiZ7nUghWofv1RhJOv7vrefCUiQlmYKXW90LSNFxaPFMORAlImscj-CT2P18wS4oTZquTpRFpPmG5DizUXK-tcyeNgqeQGjyfd-rU5jO0iRLDeRFe2uVBu6ucbQg2FfuNTlUGkg-_6v4RRfWoIAPBxZQd1zKmfzTIn_OaejrlcJ7DtZd7lq_psVPwXJ97Jb7tmeZLaFVXpGKfLo8R35RVbeKE-eonLbvFwqCdBOK78-zsqaJsrmVzsxnKapMp-bj7Yqss2ghzzQ3_H9BLVQOZNZOK16nNUoBD3TJlAj9HqMyk5Qqz79A045KdmCNarh8fBX2lt8ktaZyT2IxrEsHNv_UuAtIj8dSxMoK7HKbcCKCQderLXjmEc1_LxTSSaMQQOSatKFwJ-ebw39zLblXZ1LuknWgtGT4oSCB8Gf8e-pXLdJhADvf9l8K9u4riUV9idzIpgLqKe1lOdMDHggLLE2JbMxqNgrDtUDdGUNZV3IRI3kEVri20Fuph_P8CFZTEY4XPUISBddtmP7onbbKBjv5GDwiG5AcT7yDjWCI_6eoHeaT2QJKwtHhgLXyR8AGvBH1kpB38jJ-TZsbHJrBD6__pgqV8ouZt_uGszlVyJ5gMFdoW4vWm1OJ5SpuLgh4Os9SHL8xuYhdPiceSgKCnSIV8G_3901fUux_ZrpCI9ahYQJ5Y9w2qrUnmpiqM5HTVgmM8YjJRWOjygAbiiCK5AZIhw13Bk3bkxo32HiNtbqLUUfqOPsYNJRD0Lhy1z_Y7xKOf-XalOY0CtdqSnrWirA10Bd5XXJ4lMplZmUYPT7EXEnVbyl5qLP_n07e8Sp84u695wWp5HIMR_WL9McwQZheXxooTaKK6ygsBybDB8uOJW7MtgyMKVJxNKxbqk9WYl0vs7nRkv4Q3I6h3rqUEljnGyTuRDemMBZxfSabiUK-emq0lZmZ-jXBvOV2F6ogn_bAv5uzcIg0uJ94CDW8o87uHVIoEH64a61SPfu8EV25Fl2E5GjiqWYQh9-nSHnmUXVkoQt3m7H6PR80YTRNrQQWC5GNJY-JlZU-jlgJwaQDrZSs2IZl90ZzPUYIypzuSKLNmBKY0k7f8kGEwm1P9v7EF2oaleO_JHY-WAH-F30_derIvJJNI26uqIKcU4vWaHNCMwKIj396yDV1eshHUTNf6k94Zc8qtP0yih1T8Bz0X55Ev6xkaxkLqwRtmc564dH-Gv81L0dlKWKJhtxtzia4CECiMt3HEbuOBQVEERmhXX1CRDpk50Zc3EtYbzvnUYO4LbQQOKqpJ1fL1uxG9P0oMMci1QSWnP4Xa911tzqXweGRBtOyK5dnm3JfasUh_eajja_Yd-41mdXhPu-Pz61TkBSZbFD8CoBhPzBOQiL_er-LcrYMUyf3U8BOSv2BXPvvxegnkkJPdPzRpomU0JvCwpTQHy02zgZpjy4cyZtJt-NbHc-uoQQ-KnqpfZEUsrvA9-7TWSuz088NvNUq3TDFoasHJKTIaYelLSs43FM7Y8lc59LX7tuf1-NZR91RacRYE3_JI8yoBCmJPj6n8lfGnQ5fHsXGJOBJFnojkfhb8ksdesKw6gvwTlo3r9rehfo4ZLptwXP4Xk8RXqf_83U_3hXOPxX5h_1rKJscVD6n9Jc0crDSDdhbq6UTHslxwDFwxciMfO_BuCoNMx7Eo8ZWBxj41qTbPdOCoCCzIUfW2UUKBpcttkCVgL-7gYo8QptLidAYOCnp7GTIpTvbZAzo1YU1jsU1ig1aO_sxof6zQpE3YZ5Ph0wMFiOKZvon8FwwYLkQy221s3U9ujgQvnhanjgY5ASoRfitKhA06iqhsgCjowa-29Zz3JUFOhL-T-aNlCUZVaYgM7qRn0iukAtKtNmwM8sMwHCURdK0wFMk5aRXd7_sfDTYiXFnCB8rrqm6TdWRfRp4bYieIL6uZd5RDupZ2bQkCXl1TXYSgymgELLoCnvfdVlAG5QV6zbqmCk08B6UUTFiSq6GT-0tRzv8bSQVRkzS7piYeYIyqOuHPFifMZY5t46uhgq1BYy_Rj0yeRl6E3Q5V_rcszX5PluWU8I4Ixh7M0728y17vZXBowyaKn267HGovs7rmUAUfB9bmbF5WRSAigMLfEMLdBf04aO2YipFGC8jTaOreQl_JIW2kFNCkoYGWdJLv84al2xW7ikfoWGjiQ&cid=CAASBORo2pc&rfl=2%2Chttps%253A%252F%252Fhero.galaxydays.xyz%252F%240

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8694e6f8dad487feb187bb00e33a1161ff340cf3c2d0bfc684f65719286ba8a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 23:30:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31175
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame F3CC 3 KB
1 KB 75ms
51ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/window_focus_fy2021.js

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 22:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 22:54:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F3CC 140 KB
43 KB 155ms
83ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 23:30:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame F3CC 17 KB
7 KB 61ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 23:28:28 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F3CC 42 B
63 B 74ms
73ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C-4pbmgqbXKP446WOyKExpUN8WyURHDjYu-9u14Kb_Hviccgl3hevCSQZ2xvcBa1rC61978viQQx91VPJdrCKpZ5eXvBYinznWcjvqq9Z33WSbEB8

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 23:30:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F50D 8 KB
893 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 23:11:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 15 Aug 2022 23:30:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Aug 2022 23:30:51 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame F50D 2 KB
902 B 33ms
33ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 22:19:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 22:19:57 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/ Frame F50D 23 KB
9 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 22:47:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 22:47:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame F50D 3 KB
1 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 22:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 22:54:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F50D 140 KB
43 KB 72ms
53ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 23:30:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame F50D 17 KB
7 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 23:28:28 GMT

GET
H3 200 8b4497fa63e027c9bb788e6248932fc0.js Show response
www.gstatic.com/mysidia/ Frame F50D 32 KB
13 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:50:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 11:35:36 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 713D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

53ms
51ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 15 Aug 2022 23:30:51 GMT
expires: Mon, 15 Aug 2022 23:30:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 23:30:51 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4EFD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAkuRvoZNO16v4XOVogkmGo&google_cver=1

43 B
944 B

60ms
58ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAkuRvoZNO16v4XOVogkmGo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARiyoMbDATAB&v=APEucNUcO8DWVOF0KNcromdjgSeI832_tBs2FcYPRfDXkSs1fz0jGYchYkJAkt4cFgZPIKrp0DG8AAmgVFx4not7h0A8AB9wvi-cxoGXKOeHEY_4gEQn5vGa7HdsVcBREE7HEZcjli_PqmKK2vTUsBQ0mxi7oNJFOMnXYmF-UOxm7uJ3WKk90SU
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73b5b86f6cd4b98c-AMS
pragma: no-cache
date: Mon, 15 Aug 2022 23:30:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7E2RusMonbUaX6ZH%2B1KQslmyY14IbRsBTrSO9nkQMl2IE3HJKI7ha%2BNUXFimmSaGO9cd7pReJXDAHXYIljIftuDg8B4v8wMqXtW3IGxmk2NBHxVNVvPMhIA6lKCeY6NTouKKC5AhG7Kwg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 23:30:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAkuRvoZNO16v4XOVogkmGo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4EFD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvrXKzVQS0Yybhv4fXSjDAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKiHeFm_HVv19hJwksMBBQk&google_cver=1

43 B
905 B

53ms
53ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKiHeFm_HVv19hJwksMBBQk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARiyoMbDATAB&v=APEucNUcO8DWVOF0KNcromdjgSeI832_tBs2FcYPRfDXkSs1fz0jGYchYkJAkt4cFgZPIKrp0DG8AAmgVFx4not7h0A8AB9wvi-cxoGXKOeHEY_4gEQn5vGa7HdsVcBREE7HEZcjli_PqmKK2vTUsBQ0mxi7oNJFOMnXYmF-UOxm7uJ3WKk90SU
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73b5b870ae0ab98c-AMS
pragma: no-cache
date: Mon, 15 Aug 2022 23:30:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eafnpVgDgFcxO1pOOiIx7zTstA1gnqTYg8jVPZKacsDPDJEwdJnxCE1O3rxmaInM6Zm8ghEad2EBmdZWQvCkduYt66MNHiva43I82wMTWSjLh9fj7lbv%2BM4N2za1BCAEr7bGoTZhHHj88g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 23:30:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKiHeFm_HVv19hJwksMBBQk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4EFD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECnfHSaGGo7ICV4UiXhGBBo&google_cver=1

43 B
1017 B

28ms
27ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECnfHSaGGo7ICV4UiXhGBBo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARiyoMbDATAB&v=APEucNUcO8DWVOF0KNcromdjgSeI832_tBs2FcYPRfDXkSs1fz0jGYchYkJAkt4cFgZPIKrp0DG8AAmgVFx4not7h0A8AB9wvi-cxoGXKOeHEY_4gEQn5vGa7HdsVcBREE7HEZcjli_PqmKK2vTUsBQ0mxi7oNJFOMnXYmF-UOxm7uJ3WKk90SU

Protocol

HTTP/1.1

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 23:30:51 GMT
X-Proxy-Origin: 31.204.150.110; 31.204.150.110; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7f164f32-3283-4b99-b3d5-9b7c942bcf4c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 23:30:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECnfHSaGGo7ICV4UiXhGBBo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4EFD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE1MDkzMDAyNDkxNDk3NDYw

170 B
243 B

43ms
43ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE1MDkzMDAyNDkxNDk3NDYw

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 23:30:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 23:30:51 GMT
X-Proxy-Origin: 31.204.150.110; 31.204.150.110; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: db7af390-d60b-4c7c-9ba7-f09297c79ff4
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE1MDkzMDAyNDkxNDk3NDYw
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame EBA8 28 KB
28 KB 117ms
38ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:36:54 GMT
x-content-type-options: nosniff
age: 442437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2023 20:36:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220811/r20110914/ Frame F3CC 30 KB
12 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220811/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUmIWVWMuoL6Hy1I8ImMNRAfnfAvVk2PJecVkDGga0RUVs6VHXXoBuQo-dcfqV1n9zKUUmJrTMk3_l0N5k86ZBz6cfBw&cry=1&dbm_d=AKAmf-DkWzGh6AXP2vHWvHKz7B0jwwaLdpluzKcL8Q7cWKrXlxa5CNYVZNvjEu7t3uYgyAv72wFwUoXzF2LSRWOF7196l2TFd1w1aliTjVu3YQ7wZ2H7l6F2OjuRrWm01ZpePSyP207CtJp0dYE68w595dbIuIVe9sLed6ork-uj3-5Q4aZnDsaANdKNBIO2xBAuspIwHuQvMDW_yjN-cduuVD-H5KIfsNzshNeSdWZWeh6ZPNaKX4FsBPbvDJCLNd94cvvWJmGMxMvCc5xE1NmSq1yneFZdLOoDAMqfWDbQ7xgy96eRdHdW6TNTQGsJ7m2iQxwEaFSpJfwCDtTYmFdPT34aSL2gLAZy48cF4nVpxXW_I4Vc7rd3s3EAZ4zDmsStWMDdt2YwXm9nPmVAbEL0c5gMvS32V4TtsVdzUrXgBcDSJ9T7bWMYGhumH6cW6COLmHQjEtI7kQwX9NDSKsNmWFCbrbGTCCFoc61dC2lS-LT6Z2airJuOkZBvQVFyLE4dX_Whr9hayoWf0tLZZCWltsHfqwgLJsLsEUKzjvZ-6L6Nh31Mr4jDLnIo6any3twnVH-42kmGUrxNcx9PdtRS-PL4nEEXimubgTLXW9so1QTQC6G6SXLDPxxWmRhxMozHDKJ69Ocmq2HoVwiqkgW_9hPBlat1LOw6BYK5S1XdownNpIGlxpK1NdMx2zvVIaMZxFq45GIOr1cwqpAEzFSHe_Vi-KmwaYmuqoFTEZlWLuf2D4yT1jhar41G07uZE0e8Xn8K8hoGkXZ7wOrR4EMdEI2yvyi0O45tO8PBLxy4DZ9W86H1xpZG21gmKLNvViw9H-U5JzYvTKbwuhWRT_m0E1glFShPm_uJ9mvDLKcciNxChRGE5gXQyFGeZsGjxoRQFZWL9g16EfAO0e1khXQane5IV2ztNA1sggPBOJiZ7nUghWofv1RhJOv7vrefCUiQlmYKXW90LSNFxaPFMORAlImscj-CT2P18wS4oTZquTpRFpPmG5DizUXK-tcyeNgqeQGjyfd-rU5jO0iRLDeRFe2uVBu6ucbQg2FfuNTlUGkg-_6v4RRfWoIAPBxZQd1zKmfzTIn_OaejrlcJ7DtZd7lq_psVPwXJ97Jb7tmeZLaFVXpGKfLo8R35RVbeKE-eonLbvFwqCdBOK78-zsqaJsrmVzsxnKapMp-bj7Yqss2ghzzQ3_H9BLVQOZNZOK16nNUoBD3TJlAj9HqMyk5Qqz79A045KdmCNarh8fBX2lt8ktaZyT2IxrEsHNv_UuAtIj8dSxMoK7HKbcCKCQderLXjmEc1_LxTSSaMQQOSatKFwJ-ebw39zLblXZ1LuknWgtGT4oSCB8Gf8e-pXLdJhADvf9l8K9u4riUV9idzIpgLqKe1lOdMDHggLLE2JbMxqNgrDtUDdGUNZV3IRI3kEVri20Fuph_P8CFZTEY4XPUISBddtmP7onbbKBjv5GDwiG5AcT7yDjWCI_6eoHeaT2QJKwtHhgLXyR8AGvBH1kpB38jJ-TZsbHJrBD6__pgqV8ouZt_uGszlVyJ5gMFdoW4vWm1OJ5SpuLgh4Os9SHL8xuYhdPiceSgKCnSIV8G_3901fUux_ZrpCI9ahYQJ5Y9w2qrUnmpiqM5HTVgmM8YjJRWOjygAbiiCK5AZIhw13Bk3bkxo32HiNtbqLUUfqOPsYNJRD0Lhy1z_Y7xKOf-XalOY0CtdqSnrWirA10Bd5XXJ4lMplZmUYPT7EXEnVbyl5qLP_n07e8Sp84u695wWp5HIMR_WL9McwQZheXxooTaKK6ygsBybDB8uOJW7MtgyMKVJxNKxbqk9WYl0vs7nRkv4Q3I6h3rqUEljnGyTuRDemMBZxfSabiUK-emq0lZmZ-jXBvOV2F6ogn_bAv5uzcIg0uJ94CDW8o87uHVIoEH64a61SPfu8EV25Fl2E5GjiqWYQh9-nSHnmUXVkoQt3m7H6PR80YTRNrQQWC5GNJY-JlZU-jlgJwaQDrZSs2IZl90ZzPUYIypzuSKLNmBKY0k7f8kGEwm1P9v7EF2oaleO_JHY-WAH-F30_derIvJJNI26uqIKcU4vWaHNCMwKIj396yDV1eshHUTNf6k94Zc8qtP0yih1T8Bz0X55Ev6xkaxkLqwRtmc564dH-Gv81L0dlKWKJhtxtzia4CECiMt3HEbuOBQVEERmhXX1CRDpk50Zc3EtYbzvnUYO4LbQQOKqpJ1fL1uxG9P0oMMci1QSWnP4Xa911tzqXweGRBtOyK5dnm3JfasUh_eajja_Yd-41mdXhPu-Pz61TkBSZbFD8CoBhPzBOQiL_er-LcrYMUyf3U8BOSv2BXPvvxegnkkJPdPzRpomU0JvCwpTQHy02zgZpjy4cyZtJt-NbHc-uoQQ-KnqpfZEUsrvA9-7TWSuz088NvNUq3TDFoasHJKTIaYelLSs43FM7Y8lc59LX7tuf1-NZR91RacRYE3_JI8yoBCmJPj6n8lfGnQ5fHsXGJOBJFnojkfhb8ksdesKw6gvwTlo3r9rehfo4ZLptwXP4Xk8RXqf_83U_3hXOPxX5h_1rKJscVD6n9Jc0crDSDdhbq6UTHslxwDFwxciMfO_BuCoNMx7Eo8ZWBxj41qTbPdOCoCCzIUfW2UUKBpcttkCVgL-7gYo8QptLidAYOCnp7GTIpTvbZAzo1YU1jsU1ig1aO_sxof6zQpE3YZ5Ph0wMFiOKZvon8FwwYLkQy221s3U9ujgQvnhanjgY5ASoRfitKhA06iqhsgCjowa-29Zz3JUFOhL-T-aNlCUZVaYgM7qRn0iukAtKtNmwM8sMwHCURdK0wFMk5aRXd7_sfDTYiXFnCB8rrqm6TdWRfRp4bYieIL6uZd5RDupZ2bQkCXl1TXYSgymgELLoCnvfdVlAG5QV6zbqmCk08B6UUTFiSq6GT-0tRzv8bSQVRkzS7piYeYIyqOuHPFifMZY5t46uhgq1BYy_Rj0yeRl6E3Q5V_rcszX5PluWU8I4Ixh7M0728y17vZXBowyaKn267HGovs7rmUAUfB9bmbF5WRSAigMLfEMLdBf04aO2YipFGC8jTaOreQl_JIW2kFNCkoYGWdJLv84al2xW7ikfoWGjiQ&cid=CAASBORo2pc&rfl=2%2Chttps%253A%252F%252Fhero.galaxydays.xyz%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 23:10:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220811/r20110914/elements/html/ Frame F3CC 8 KB
3 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220811/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 735
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 23:18:36 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F3CC 0
622 B 181ms
80ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_mdgIyt6DLhAN4YH7eu9rMigwv4XQx_bI4HX4kKp051bDI3uyuYxxP54p8mxIIDMNLxVLZBtdV-C9cqbCm5ejqEXUEU2JNnebO0bIdASwucYNwO8FBLLv5yYklSL9IbPN7dx39_QxZ6slPRRC818wnLji5sYsV0cfN-adfO1jDJIGB5VXrogAfyUI_tzMUS0KkZzt493ShBLBkOVmt75G9mO-dZN0jcq7dGObn4H_YAUfr3Dc8WNNOvJG70nQKeZsAjDl6mOKFFTcdADgJ542ikmBTREY9TonESTS4HPfBvR9o01z3NnlsVUuFiWUl8Fa9kLUKlQeExQzIbYB5QQFFhxZhJy7hnMGnQK-PDlA2YrUplxIVNSJkaSg-iyyRMQqMdj8nURDT085sOFxJcyO0lf5QuzUxGxUizWDwg5nLFrRPfv3RDs3PICA7fwlW7dOQpUmjZW6GzL3CxJA6DxkY5UlpJvHkFBY5XpgT72vBYBeq6hYcIvLbEjVLNxAXzkKSdHZRunOzN2NF65xLaoBY-aFvwB6PGJHrrr8DFQxKx2stMnfV5O2FjCxM6OO27-OShgdKkX053iQCHsuZ5UH5Q4Pt4Pi42sak76zRqOCZ-YFoqE31TYSZQq1kLBlh4UJcbRngXUoWf91wOOTor4sOyPvrcohSwBFPChTmKcGnm23JxbQ87lM7Q05FcsArTE0pDsIl_2paVtxJ4XuQOpPCfHEtPJkpIP8OMshubxQRINJ1teAp_ClywfaEFhfIxoUxhQHOGWt-vKi-0wJnofFQ7Rg0BaupZlKWNLxrwFK8KWOFyqKWqspEQMKticF_gy83FIAKEB5J4y-ex4XLYw_gaWONWORV6fwQEFRoMyA57jdwU2Md0-7g1sFYb-J86njQr-Qmy7iaa0IDLReteQ58LlKg1Rp0XzutC7XM2X1yxZP26mkGv3NwNQsuBqLXc_QzhhIhkEG04v7xtECfVuZJIX-vW7XsvOV4ebHRJFmhcJMAH--UbeUcuGKO0nWQQxnaxt9ws4FezuQVdPZSQNurNMd8Ro1TcMaXzJvKdumi3u_lXwgDKg-yQnP-TBIDtvvcV7qbFY5dikT6NH3FImHD8Pe4hJT5xXm9kBP3jkj_BPo3jnNLFAjBlvnXVtHUe9CBrUOyFZoAqG8YB2U9_SIHioAAjREfkUKmixGBVO_NBN5Xgr1FRR5ETIT2-PKJrNoY9SRsqipXYj-7bdkGEupwLN_caB5iNXrghsLjIEByYmfSf6ZS-aXWo8&sai=AMfl-YQEHYiP3XVptbUR0PKtaxf9-qgP-aDb-ROT1i1dvewOT9SwXdWLmiotAsbxRYbRZ9uVY30PsQqeneMmQiyWoQOAU7dmwDFXHro15dXltrxmh_LobGPZsmlm8NkvXEO9tW_Z&sig=Cg0ArKJSzOzwTuh8JcHMEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220811.74265&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 15 Aug 2022 23:30:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F3CC 41 KB
15 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315594
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Aug 2023 07:50:57 GMT

GET
H2 200 17982095080483268438
s0.2mdn.net/simgad/ Frame F3CC 3 KB
3 KB 158ms
33ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17982095080483268438

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50306f1c103f905c992fb76c697d85e431342c8a9209d12c8128515a2f42396a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 11:34:46 GMT
x-content-type-options: nosniff
age: 474965
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2783
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 15:27:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 11:34:46 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B172 143 B
163 B 43ms
43ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 3099
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 15 Aug 2022 22:39:12 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2984 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 315594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 07:50:57 GMT
expires: Sat, 12 Aug 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B172
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

52ms
52ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 15 Aug 2022 23:30:51 GMT
expires: Mon, 15 Aug 2022 23:30:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 23:30:51 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F3CC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ae156992cb91494c1d874fb7cd2575ec6541598b5c87c94a24d4645fd44ce94

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js Show response
pagead2.googlesyndication.com/bg/ Frame 2984 36 KB
14 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 13:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14301
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 13:46:13 GMT

GET
H3 200 dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js Show response
pagead2.googlesyndication.com/bg/ Frame 4463 36 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 13:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14301
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 13:46:13 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F3CC 0
63 B 70ms
69ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 23:30:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js Show response
pagead2.googlesyndication.com/bg/ Frame A932 36 KB
14 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js

Requested by

Host: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 13:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14301
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 13:46:13 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2984 0
20 B 69ms
69ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BmNCcK9f6YpydDemN3gPF066gAgAAAAA4AeAEAg&bg=!gIOlg8fNAAa4hXTbmIU7ACkAdvg8WkuV4Z0yZ-gRfybKDSYDjzM-T-YeibBn8g7C8YmmIVYMlHJsgwIAAAC5UgAAAAJoAQeZAz3X1A2hFMj59mg-rrjAq5Z9YdU84NdxSdzSMlLntaFuDR9z1hMXTdh924YAkRsaqnTdjTq4vLNQL8_wEW6aMRA0ZRLpCKkofnj8xnvF_w_lQDy_jOLe-yW_Z7gYT9KrkUmfmLls-sGn4-Cv_523bpQeOeHtgg-FbOAZPe0Xe4JU5h-NJIRTjoN_9MFuhgurKUmUmypHoiDqLUgSABGUXD2Q1YMiLqaQbdnn6rR858tVFpqAwyfSd5OXwhGV0Y_8z1Ss9B2a50njs_1civWjJ2NBv1JhxlgdtYl6aevEkWCIwTIL6E7__KZUpDziUXXD9mToSlm5QhfenmF0TbqZ7Myf-5Nqp3-4AKYIObRRNRiGHlIPWKgRpjRQyoTI3LkgcWTD7i1SKLTdOzNR0fozw2094fUL36-LbCJ7E7rKcZoWPkZh9LZRnQNmjDF_ZRphvKeroUUjK9cSulKZX3K0v43oxiFKDpBSEsAj-Mkn_cAlH1_ykHU-0p7zuAWPcU2R3uIHvc4KoX94gq0poVkrH2ARgXMmR4AQQZwGoeDVzgkPSvHEuHtTMDShJTdF9mD6kH3TMi1BlcqiUsvtVi_yE4_be1WZjSoo0_5aTAgJn9al_rQ1yfFsv2nlbug0c0z7zjIjSZ_EL-r2IwhEuCBoeOr8oVIxyYrJVUU-Up7UENzPlNZQaKLNo68Mjjq8BaTAM_NtUYydxoVN0qHU5hVLnLJUiNheG9SJly06ka4u8ZG6zcQvmrrdy2kTceMf2krx49b4WtrVfjuzqrkLqXS9t_nBpnCrCpcoD5lxQVTga52TifNIN8h_T3vEzwYEMcxWSxQeSn6VX-jWrNPptARoHWPp2pusjA3vU9LiASb2fHvZB1xcffgv8nMAbkbBBClM1Toxa8Lq-R58N6MpfJjGPQezAwc6ckWEGkmreXef7AwPGCMOyzYKxj-Nh7xAtndUYHYL9OUrLifwpctk80igGxdsy1ZlrghVFVdKkFql966UMOVX1PtoSNOAlz1ClvwK5jZnIBgWSeQ-WkIUd1f8vzW6AL8CbcIw7pndlcHDvVZmgbeukAQGemk0MgAb03vxUnM6yqT_idPj-eX4UYCL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 23:30:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EBA8 42 B
64 B 136ms
69ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuG2XqAnDvp60WNWG8FOYT_yOsw7r_XGiKpy0vaHNLK4BUraiAhqYGYqljWAq1aDFC5NXqc_6mw-mpgJOco_KFygder3Hx6UtSOj1GDdxK7RVacXn189KDPfxVArGdUpDyN9SK8RmBrF_kc&sai=AMfl-YTxU-xn68pcGDswrm-xEqZtlQ4_II8jwC3hFEXGB-Rk6xHHSLLlDlYF1B5ttEEXBtm0ZxMr8Mvd1BpJ&sig=Cg0ArKJSzIb56c4LFpdOEAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220810&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3088186576&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660606250530&rpt=920&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 23:30:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F3CC 42 B
64 B 70ms
69ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCcjtQXiFMKDDB59Nw6ozEdTfGQFpMGzwOtefsVALRiFIHcCI8VJnHYth23HFXBrGMjHjgPvGjP6LFsVs5D1673TdkvvVUxG7oVprzu8KSLcDz1yAppuUi0nALwqOXaih7N4MOguiO7_eL&sai=AMfl-YQOFf_mrK8hQ_PA94fmjNYJUbwRkENonh-ZMMwHNEmlWMyqKPvksi1PC4a8BE_arYIK5YLAqGZG46fN&sig=Cg0ArKJSzL3YAy7_VXEyEAE&cid=CAASBORo2pc&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=567,1000,1000,1000,1000&tos=567,433,0,0,0&v=20220810&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660606251178&rpt=482&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 23:30:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 54ms
54ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220811&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

829de1f6458a9bd5307cfd8a477000b3883958214b6f81d06b303c0dea373015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 23:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11046
x-xss-protection: 0

GET
H3 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ 384 KB
153 KB 100ms
34ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__nl.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dad4f19fb42cf6c77f8fb4bd8406904aea75f8b7cb6449ef94b0d7243e2ec1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hero.galaxydays.xyz/
Origin: https://hero.galaxydays.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 03:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 591785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156840
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 03:07:47 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 23:30:52 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2F19 13 KB
5 KB 32ms
31ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hero.galaxydays.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 9881
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 20:46:11 GMT
expires: Tue, 15 Aug 2023 20:46:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D66E 783 B
537 B 116ms
43ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

197ad4d762616832530225bec8ceb63c65e958ba2920b4e5b459a77ec43991f0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0MRki5JmXmLZX9Q3WZH0ow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hero.galaxydays.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-0MRki5JmXmLZX9Q3WZH0ow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 23:30:52 GMT
expires: Mon, 15 Aug 2022 23:30:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F19 36 KB
14 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 13:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14301
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 13:46:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D66E 0
0 101ms
100ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220811&jk=4471790220512976&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2F19 0
10 B 32ms
32ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OI-aEA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 23:30:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 70ms
69ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220811&jk=4471790220512976&bg=!3N-l35vNAAa4hXTbmIU7ACkAdvg8WrakwXeI0UsO1x_mVTAgEhgtlPWNRF9Y4UKv5UjdJfqH5YIkUQIAAABHUgAAAANoAQcKALg28oMiErVjq58_8kYi1zkoeEP80WXvXgFftc2iFwo0fq26gyrfteaihSaj7LVmbn2Ivm8LB2uTuXq0apiav0_GfOqgV97MzsRETeccXcbyLXdUrQezqcXBU2sDNvC_d4iBeUZAQRQIypIWYwumwxmel7h3wdf2-taKmG-i84rEvBkrwHLcTPRJT5YubQ7Ld_Kz34bzO3zIp94JMgRXqm3uH161zDt1O370XhqslXp7jtGyXATdlZ7KmQLKaC_bFHp3LNe4qfF5Cxy7bEPBgWX1DUPqmAdCwfCzpT4z7ZxKWGnbBcrNSCAGXvY8dYyQ2PSy428hMZO1FgZ9XmCjoAg9FzrEh5J-Whjo7bSMWzjcyJwGbVI_SpE6f1m3dipNLgq2t-9x8B7qW3vKCPTNwcZOnvCWSBvlFCuQyxZfTxSzxkqSPrPmxiWJaZERQuOxDJYly21OU9orBE42tMagaGMoxkjegsgeH8SRYrB-J0AJzefM89n6jkrQoDkg5dmwzMgeCaqc9YI5IBnv3IUGupfpPBj8feTv0lsH1fzOHa018C2h4y2N_iF_dlSjKYAdkWJxpELUDwc65LPh-slw6szz-Xs7nLs3lnKNwEgIp7C_ZC_tW5tR15FayBFiiEFz1cDMeFAwQ3-oGk2nDjN-_aoyA4_6a3FxfWAPHdCw3tHRkT4YajgIMoZOolZ6NkltmJvLiNeZY4Y8HLcMs8g9VWLh6UIJ2Yg9WTJRZbSYXX-wCGLqJYoMPEviDo1qjojaPxs_WzGw9r1Ndj8HQ1pLLrFMcmYSP4Jvibh0FALvbCIlUw65QOJrml5Ec7qAKf1_H-1MORB5bhXvp1L_-2l2j_gj0cn8E_o4GGn3rH45vhiaPLBIR0UnXrZq_t0bbuyrlIsLeqx3Ad9W5M8Qn-ofZ0Ej837pGmYCLPLjB_pBsgzWsI1v9plCiRoBaZ__whbSOxlYgvJBp_m5cYc_tTfkvnbipy6btLnFTn0Pg_qZVSNs7x0cMp5V8CPp-FBkZP2qxYsCOsYPPWQ9h6VLJGSPiPcPQwChg_EL5OF1dEbdHQUvmmJEl_EavYc3GUU3Gc0nbndVRZzA7f0TkTvU0-da92B0Fdi7RZsWYJqEc4x7zutF1J9Gzx2VvLtphlHAZ4AktLRaO66ePtSKzHuzl1-kI2I562q0mbE0d7pRVOP9e9ANs6FfWP23
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hero.galaxydays.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hero.galaxydays.xyz
URL: https://hero.galaxydays.xyz/assets/css/plugins/bootstrap.min.css

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hero.galaxydays.xyz/	1969-12-31 23:59:59	Name: AppSession Value: dda9jlq6aegtdnqkuusjrrc5af
hero.galaxydays.xyz/	1969-12-31 23:59:59	Name: csrfToken Value: caa588d60582e020ec8d3a96946aab9375d791790838cb10196550b83bc680f3f2fd1e5ca64b5c45e60bc61a42fa89303bfc365a88685300343a393824940268
hero.galaxydays.xyz/	1969-12-31 23:59:59	Name: ab Value: 2
.galaxydays.xyz/	1970-01-20 14:38:22	Name: __gads Value: ID=60e46bc99d5294d9-221e6c6af4cd0028:T=1660606250:RT=1660606250:S=ALNI_MaXs0effNcKlpyGxnNssQLoe4sBag
.doubleclick.net/	1970-01-20 14:38:22	Name: IDE Value: AHWqTUlBcBlk4oKOp8hCE2kvOSZW4tcQY-r0vu5fZCMmLokJkUUSIdqmp53YAbnI6KI
.adnxs.com/	1970-01-20 07:26:22	Name: uuid2 Value: 215093002491497460
.casalemedia.com/	1970-01-20 14:02:22	Name: CMID Value: YvrXKzVQS0Yybhv4fXSjDAAA
.casalemedia.com/	1970-01-20 07:26:22	Name: CMPS Value: 5163
.casalemedia.com/	1970-01-20 07:26:22	Name: CMPRO Value: 5163
.doubleclick.net/	1970-01-20 05:16:49	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 07:26:22	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?jhJ-A0!]tbPl1M>e)ZlrFUfJ+tGXxoaCGJF)Y>^hia^oQ=<WHc*P>e]Nc?3$Z^Kabz3If)y3KL9D3I?+XUTSwO
.casalemedia.com/	1970-01-20 07:26:22	Name: CMTS Value: 1105

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://hero.galaxydays.xyz/ Message: Refused to apply style from 'https://hero.galaxydays.xyz/assets/css/plugins/bootstrap.min.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: https://hero.galaxydays.xyz/hive_space_theme/build/img/path-2-copy-2.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hero.galaxydays.xyz
ib.adnxs.com
kit-free.fontawesome.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.recaptcha.net
hero.galaxydays.xyz
104.18.18.126
142.250.185.130
142.250.185.66
142.250.186.98
185.89.210.153
2606:4700:3035::6815:5cc8
2a00:1450:4001:801::2003
2a00:1450:4001:809::2002
2a00:1450:4001:809::2006
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200a
2a06:98c1:3121::c
0268660be15597f6868394fc1e3ee92c2c41c2dd434c277389e6624b4e8e41e2
0991fd1d91fd5255d1c06705273d8cca63329b090c2b21f5ca46463fe2a50e89
0ae156992cb91494c1d874fb7cd2575ec6541598b5c87c94a24d4645fd44ce94
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e7fb0e7b85b9fbe8362adc890e2d117e2c36c489272eb54583c6b00dd0f8273
0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
197ad4d762616832530225bec8ceb63c65e958ba2920b4e5b459a77ec43991f0
1c36097e7e2e460286cad905b38dab7e6d363960ba4bcbb6e311fd2d50da17e8
1d4f866c6246f989343b154d69d4f60ea7181ea9749c817cd93bc8ac74665f6e
257fb1d5126ed0dff3dbeac8a83a35fe1aaca064f59a761a4c2747f6b9aa9082
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
291ca314fba8a9ee028905062838119c8e89fe27c2ede7b60470ee6f8313f084
2b8f48b46f0fa45ccae7cd91c2250ee1a052771b03c08e79c484ba5746d945f7
2fb77e8955803624ae06e110d0a603340e33a7f63b3680a5db28cb14569b3c6d
3202dcecca9f2ece9708dfd74cee1dfd4bc07e97779e8760510dd770f80bc83b
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
4368e8a1b5351aaaebd8c6d402599c9879b2c3aa456b76873483b505bb34a931
45352aa5305f57b2b031e6ecd61a49fa1fa78db0b84b0e2c1c7030d3b8d478b8
49ce4700e62152bb26ab976997aeb9590ec32b2b87e7284e630b6648b1988d4d
4a3a37423b5ac786af7b9a905ab9cb84ce756cc350f7e2c8329f2558a7164f04
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f6fbf755d85942ee634546833e295905f5c7bff7607c893aabbc149365964c7
50306f1c103f905c992fb76c697d85e431342c8a9209d12c8128515a2f42396a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
583fd70b585babfebd7808ce5eb5f631e04632388a829297dc92d83b5942e141
592cbf7e12bc4b3257a58f43477ddd448f67fe4324c348752545552c40d86096
5abc742b577d1d20dd9946b8c3943717033307cdb707c1a7c5066896a0a5401f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5da2b3c56961c7cf7a5df550e60ad61e09f1ec2bd74bdf76220e9af687d17c1c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63028f774a4a116faccfc3cf6c240123686363a2333b47472b6aa9531caf3830
6830d2cbbe2f4c359c873289bbeae9658100a5da81fe00270a7aab7c27cfcee6
6d67f2154db419c1209e3309ef35f50b202f384834a2d5f9a9586a030f7b06ec
72961d1a94f7e3ef382eea07d53cc70332fbbcf0179e94ad21962b55845f789f
749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
829de1f6458a9bd5307cfd8a477000b3883958214b6f81d06b303c0dea373015
82a330f2b5cf5e181429eb123b0a5b00406ad99a251677527d6a230ad0a20c24
84d9b6b1687c25d0b58b8f0d107c24a202b7e1a8572f6cf7e93e3ed521ff7695
8694e6f8dad487feb187bb00e33a1161ff340cf3c2d0bfc684f65719286ba8a4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
91de54cb4318beda3d78f888a849d1d15f1325644e06b313467e27cf0e995bff
93edcf1958b672e97a12549534cc89e40156874b07ca7a99906a56221f05bddc
9465f22471a59cfccb0babd801238ca8654ff19d2ecb575f40a6213ead6d4582
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9c4077b418b514389c8348f6fa2e1856936caac42b8287c46fa9006a3452918a
9d11d0e8f6852c1af4c0f970c4f66ce2e8b3dd5f69c0431009221200ce1ba4dd
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a184e5bd9e80006de88400f6a92b6fcd7124cb1814ab541473829567f4f7a5df
a27a4e2dc65fc26c6bec8b0f653f43904f219fc167fe1f6c9aa37155ea4b789f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
b6a8d6c157f4adf5ea2ba79be291ab52fe3d0fed3c54673e95623f60b1931e00
b8d77b73891e82cc952d959b926d0e1a60b9c80daa3d4d5332edb713803fe67f
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
c0ce3645d32bab13196e10c586beec9b5b9be88487b5823d0e60805d7baa43e6
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c129f47481548300469bfa94e4430d91c5fc02ae9e94aa45ecceb50dc5a581ab
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c58ee658553925730d72957baa3a3c104dc0ffa7151bc5a803852b8a4ba28846
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
c99a9493e8e78abb9c1a38ae8c4cb5a1175b9d0dfe262b7cda9fea1ad1c700cd
ca9b111956fde7ed8838df402ff93bd224cddb56a57fa15fb3752f9cebbdfb28
cc3b303d9ba0050491e9064cf5427015237c6c07d5e813a6027308f1c79a2d98
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
d788d68b273f54d2a837bc024b702edad068ff587ab5fe95c594327c7bebe517
dad4f19fb42cf6c77f8fb4bd8406904aea75f8b7cb6449ef94b0d7243e2ec1b7
dc35dab50085181c956a04d0f716a0752f871e468023aa61ca6895bc05918a30
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e348cc4c328f9915c3b7b87a0a9659e0b2389ce112151c13f30af26cec748a6f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64b2d40b74ab47fffcf42cf7a2c4858b09f7c72369ed4f960f92f4ced662ed5
e837a41e656b5d9723e0b7d1e652ddca3e755ac670304718f3d387bd8ba80fd0
eced69e931e3d6fbbb896aec7733312d0f897063880d3d73b1403c5ca82aba7a
ecfc183e33d25d24aa7c06218e0a413488fff8774e4b4b87543c766db9b0b8ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb
fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

hero.galaxydays.xyz Open in urlscan Pro 2a06:98c1:3121::c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

123 Requests

96 %HTTPS

74 %IPv6

14 Domains

19 Subdomains

20 IPs

3 Countries

2883 kBTransfer

5335 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hero.galaxydays.xyz Open in urlscan Pro
2a06:98c1:3121::c Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

96 %
HTTPS

74 %
IPv6

14
Domains

19
Subdomains

20
IPs

3
Countries

2883 kB
Transfer

5335 kB
Size

12
Cookies

123 HTTP transactions
2 data transactions