URL: https://samfw.com/
Submission: On October 06 via manual from ID — Scanned from NL

Summary

This website contacted 66 IPs in 9 countries across 51 domains to perform 185 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is samfw.com. The Cisco Umbrella rank of the primary domain is 717463.
TLS certificate: Issued by E1 on September 11th 2023. Valid for: 3 months.
This is the only time samfw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 2a06:98c1:312... 13335 (CLOUDFLAR...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 6 146.75.116.193 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
2 46.105.202.39 16276 (OVH)
12 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 9 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 149.202.77.192 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:d::d 44788 (ASN-CRITE...)
3 18.66.147.119 16509 (AMAZON-02)
3 99.84.87.107 16509 (AMAZON-02)
2 141.95.98.64 16276 (OVH)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 104.26.9.178 13335 (CLOUDFLAR...)
1 185.184.8.90 204995 (RTB-HOUSE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a0c:5c87:524... 55081 (24SHELLS)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
2 35.244.159.8 15169 (GOOGLE)
1 18.195.173.93 16509 (AMAZON-02)
1 147.75.84.158 54825 (PACKET)
1 37.157.4.29 198622 (ADFORM)
1 3 37.252.171.53 29990 (ASN-APPNEX)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 162.19.138.82 16276 (OVH)
1 108.138.36.122 16509 (AMAZON-02)
1 13.32.119.77 16509 (AMAZON-02)
4 23.215.22.18 16625 (AKAMAI-AS)
1 108.138.36.27 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
17 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 54.217.80.122 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
4 142.250.186.130 15169 (GOOGLE)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 4 172.217.16.130 15169 (GOOGLE)
3 5 104.18.27.193 13335 (CLOUDFLAR...)
3 130.211.44.5 15169 (GOOGLE)
1 2600:9000:26d... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 67.202.105.34 32748 (STEADFAST)
1 185.83.69.26 55081 (24SHELLS)
1 76.223.111.18 16509 (AMAZON-02)
1 2 193.3.178.3 399668 (E-PLANNING-)
185 66
Apex Domain
Subdomains
Transfer
36 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
432 KB
22 samfw.com
samfw.com — Cisco Umbrella Rank: 717463
337 KB
15 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
270 KB
12 gstatic.com
www.gstatic.com
fonts.gstatic.com
312 KB
7 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 541
rtb0.doubleverify.com — Cisco Umbrella Rank: 941
tps.doubleverify.com — Cisco Umbrella Rank: 562
tpsc-ew1.doubleverify.com
126 KB
7 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
304 KB
6 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7529
2 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
4 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 334
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 657
aax.amazon-adsystem.com — Cisco Umbrella Rank: 426
71 KB
5 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200
www.googleadservices.com — Cisco Umbrella Rank: 153
601 B
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1235
104 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1474
www.google.com — Cisco Umbrella Rank: 2
101 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
21 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2033
a.ad.gt — Cisco Umbrella Rank: 2191
4 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
177 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
8 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1696
mp.4dex.io — Cisco Umbrella Rank: 2423
27 KB
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 470
cdn.id5-sync.com — Cisco Umbrella Rank: 1156
30 KB
3 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2410
58 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 478
bidder.criteo.com — Cisco Umbrella Rank: 895
556 B
3 heatmap.it
u.heatmap.it — Cisco Umbrella Rank: 41800
eu8.heatmap.it — Cisco Umbrella Rank: 252716
11 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
6 KB
2 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 3336
399 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
58 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1164
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073
12 KB
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 659
eb2.3lift.com — Cisco Umbrella Rank: 434
679 B
2 openx.net
setupad-d.openx.net — Cisco Umbrella Rank: 55157
u.openx.net — Cisco Umbrella Rank: 739
464 B
2 setupad.net
prebid-stag.setupad.net — Cisco Umbrella Rank: 42223
5 KB
2 dmca.com
images.dmca.com — Cisco Umbrella Rank: 13957
5 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
87 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
4 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
159 KB
1 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 12726
346 B
1 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 6648
1 pathtosuccess.global
cdn.pathtosuccess.global — Cisco Umbrella Rank: 19507
104 KB
1 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3029
393 B
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 70
4 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2088
10 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1145
269 B
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 2049
434 B
1 adform.net
adx.adform.net — Cisco Umbrella Rank: 4617
528 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1090
166 B
1 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 5991
1 KB
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7541
172 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1113
7 KB
1 vanced.me
vanced.me
3 KB
1 iccid.info
iccid.info
4 KB
1 lgrom.com
lgrom.com
967 B
1 ipsw.pro
ipsw.pro
14 KB
1 mifirm.net
mifirm.net
10 KB
1 stpd.cloud
stpd.cloud — Cisco Umbrella Rank: 44213
116 KB
185 51
Domain Requested by
22 samfw.com samfw.com
static.cloudflareinsights.com
19 pagead2.googlesyndication.com samfw.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
17 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
tagan.adlightning.com
9 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
8 fonts.gstatic.com fonts.googleapis.com
googleads.g.doubleclick.net
samfw.com
7 cdnjs.cloudflare.com samfw.com
cdnjs.cloudflare.com
6 i.imgur.com 3 redirects samfw.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 cdn.doubleverify.com googleads.g.doubleclick.net
cdn.doubleverify.com
samfw.com
4 www.googleadservices.com samfw.com
4 secure.cdn.fastclick.net tagan.adlightning.com
secure.cdn.fastclick.net
4 www.gstatic.com samfw.com
googleads.g.doubleclick.net
3 www.googletagservices.com googleads.g.doubleclick.net
3 ib.adnxs.com 1 redirects stpd.cloud
googleads.g.doubleclick.net
3 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
tagan.adlightning.com
3 c.amazon-adsystem.com stpd.cloud
c.amazon-adsystem.com
3 tagan.adlightning.com stpd.cloud
tagan.adlightning.com
3 fonts.googleapis.com samfw.com
googleads.g.doubleclick.net
2 ads.us.e-planning.net 1 redirects stpd.cloud
2 static.criteo.net stpd.cloud
static.criteo.net
2 id.hadron.ad.gt cdn.hadronid.net
2 prebid-stag.setupad.net stpd.cloud
2 script.4dex.io stpd.cloud
script.4dex.io
2 id5-sync.com stpd.cloud
2 gum.criteo.com stpd.cloud
2 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 u.heatmap.it samfw.com
u.heatmap.it
2 images.dmca.com samfw.com
2 connect.facebook.net samfw.com
connect.facebook.net
2 securepubads.g.doubleclick.net samfw.com
securepubads.g.doubleclick.net
2 cdn.jsdelivr.net samfw.com
stpd.cloud
2 www.googletagmanager.com samfw.com
www.googletagmanager.com
1 tpsc-ew1.doubleverify.com cdn.doubleverify.com
1 u.openx.net stpd.cloud
1 eb2.3lift.com stpd.cloud
1 s.console.adtarget.com.tr stpd.cloud
1 ic.tynt.com stpd.cloud
1 www.google.com tagan.adlightning.com
1 tps.doubleverify.com cdn.doubleverify.com
1 cdn.pathtosuccess.global googleads.g.doubleclick.net
1 rtb0.doubleverify.com cdn.doubleverify.com
1 a.ad.gt tagan.adlightning.com
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 lh3.googleusercontent.com samfw.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn.id5-sync.com tagan.adlightning.com
1 cdn.hadronid.net samfw.com
1 tags.crwdcntrl.net tagan.adlightning.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com tagan.adlightning.com
1 lb.eu-1-id5-sync.com stpd.cloud
1 cadmus.script.ac script.4dex.io
1 adx.adform.net stpd.cloud
1 prebid.a-mo.net stpd.cloud
1 tlx.3lift.com stpd.cloud
1 setupad-d.openx.net stpd.cloud
1 bidder.criteo.com stpd.cloud
1 ghb.adtelligent.com stpd.cloud
1 mp.4dex.io stpd.cloud
1 prebid-eu.creativecdn.com stpd.cloud
1 partner.googleadservices.com pagead2.googlesyndication.com
1 eu8.heatmap.it samfw.com
1 static.cloudflareinsights.com samfw.com
1 vanced.me samfw.com
1 iccid.info samfw.com
1 lgrom.com samfw.com
1 ipsw.pro samfw.com
1 mifirm.net samfw.com
1 stpd.cloud samfw.com
185 71
Subject Issuer Validity Valid
samfw.com
E1
2023-09-11 -
2023-12-10
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
stpd.cloud
E1
2023-08-20 -
2023-11-18
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-07-15 -
2023-10-13
3 months crt.sh
mifirm.net
E1
2023-09-11 -
2023-12-10
3 months crt.sh
ipsw.pro
E1
2023-09-28 -
2023-12-27
3 months crt.sh
lgrom.com
E1
2023-09-25 -
2023-12-24
3 months crt.sh
iccid.info
GTS CA 1P5
2023-10-01 -
2023-12-30
3 months crt.sh
vanced.me
GTS CA 1P5
2023-08-12 -
2023-11-10
3 months crt.sh
images.dmca.com
R3
2023-09-12 -
2023-12-11
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.heatmap.it
Sectigo RSA Domain Validation Secure Server CA
2023-06-04 -
2024-06-26
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2023-12-23
3 months crt.sh
*.adlightning.com
Amazon RSA 2048 M01
2023-07-08 -
2024-08-05
a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
*.id5-sync.com
R3
2023-09-01 -
2023-11-30
3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3
2022-11-23 -
2023-11-22
a year crt.sh
*.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1
2023-03-29 -
2024-04-28
a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2023-09-29 -
2023-12-28
3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
*.a-mo.net
R3
2023-10-06 -
2024-01-04
3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-06 -
2024-09-19
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
cadmus.script.ac
E1
2023-09-02 -
2023-12-01
3 months crt.sh
*.eu-1-id5-sync.com
R3
2023-09-01 -
2023-11-30
3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2023-02-20 -
2024-03-20
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2023-10-03 -
2024-10-03
a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2022-11-07 -
2023-12-06
a year crt.sh
hadronid.net
GTS CA 1P5
2023-10-05 -
2024-01-03
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018
2023-06-09 -
2024-07-10
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-05 -
2023-10-31
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1
2023-05-07 -
2024-05-07
a year crt.sh
cdn.pathtosuccess.global
Amazon RSA 2048 M02
2023-04-20 -
2024-05-18
a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2
2022-09-28 -
2023-10-30
a year crt.sh
www.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-05 -
2024-09-30
a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA
2023-09-20 -
2023-12-19
3 months crt.sh
ads.us.e-planning.net
R3
2023-09-21 -
2023-12-20
3 months crt.sh

This page contains 19 frames:

Primary Page: https://samfw.com/
Frame ID: 2FA006FBB718AAD1BFEECF152C4AA815
Requests: 115 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: 69C9841B6633F2CC27A20C50368353E8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&adk=1812271804&adf=3025194257&lmt=1696601289&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsamfw.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489162&bpp=3&bdt=620&idt=226&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1697707701026&frm=20&pv=2&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=246
Frame ID: 953BEB5A27EBFC05F95A30F46845A410
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=8063287263&adk=2260652161&adf=1436199206&pi=t.ma~as.8063287263&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489165&bpp=1&bdt=622&idt=248&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y55ghy3Tf5&p=https%3A//samfw.com&dtd=253
Frame ID: 43CF28923EED9337997FFCEC5C9B20BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=4246061066&adk=2985700671&adf=2272196671&pi=t.ma~as.4246061066&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489166&bpp=1&bdt=624&idt=256&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=tujg1n4uuX&p=https%3A//samfw.com&dtd=259
Frame ID: 704485C0D4217F0F75F094921E92316D
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=280&slotname=9436650906&adk=163764764&adf=1542529960&pi=t.ma~as.9436650906&w=1200&fwrn=4&fwrnh=100&lmt=1696601289&rafmt=1&format=1200x280&url=https%3A%2F%2Fsamfw.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489167&bpp=1&bdt=625&idt=270&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C970x90&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=pgkLfYSrQt&p=https%3A//samfw.com&dtd=274
Frame ID: 56DEA64BA96320F4DD94315380B03CAE
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
Frame ID: 399DDB797EB37921272FD9827B854A56
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
Frame ID: 0506553937C9452C4B6F584D78187C05
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbMZBDDy8cCGNL6zvABMAE&v=APEucNVNACWOTF-lqidQZFeOBN96k7Y9ESO2IXlhfU5u4OBsrvKr01QThbN5PGOS7RIfWUhsZAawY2MGB4AVgtyMwnEym-EuLZbTlLHjuiw-39dC6siZGGZQ4la0CmY4IfxtqmxuuBEupiWcj1bv7tMv3JC7okxzCUXtbzM_7rDWEv9Q_eogBLE
Frame ID: A0EDC8058FAC4B2DBE2D3CAEE7996926
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 442CEC05150E2B50F3FBA2FB6DDD4906
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: BFE7FBF67919AF3E1453B7F96E115B8C
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4803.js
Frame ID: BF52D694477DF261A07A35575ECFC309
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2B991E29B811F92A3F69AC6BE0760F4B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A16ABDD5A3DB2FDCB77CDF8B4726D2F0
Requests: 2 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D%26gpp%3D%5Breplace_me%5D%26gpp_sid%3D%5Breplace_me%5D
Frame ID: 32430BDCC6C4E15EE97C40D3C07A8590
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=748067
Frame ID: C723EEB4125A6E871F36425C9498D2CD
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: BD03189633C042178B5A7D2F7DD10662
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: C2E19D8D7C8E38A7BB1BFEE1E0B9FB0E
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 2D5E1167480D1FC7B3B650BF31A918A1
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Samsung Firmware Download - Lastest official firmware update

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

185
Requests

95 %
HTTPS

58 %
IPv6

51
Domains

71
Subdomains

66
IPs

9
Countries

3010 kB
Transfer

7741 kB
Size

22
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://i.imgur.com/yIOeX2Z.jpg HTTP 302
  • https://i.imgur.com/removed.png
Request Chain 38
  • https://i.imgur.com/3hlryrq.jpg HTTP 302
  • https://i.imgur.com/removed.png
Request Chain 39
  • https://i.imgur.com/RvgYHYp.gif HTTP 302
  • https://i.imgur.com/removed.png
Request Chain 132
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C0A4S6TAgZa-VHpqcywW8urjQBMGV7tZe7L3Xgd0R8aPts-kYEAEg7Mj-a2CRhKCFjBigAYW3icgDyAEJqAMByAPLBKoExgFP0Nyaj9g4iVJXQ7ScXNq26ou0AvujyUztOAaVpWhw1Id8kKA9C8i2y9-nSUliUzVc9FHLl-Q4BC1cL1LiPM2E-QWBcsP99kSQ5tqOko9GCjWprTXcMty1tV0UBc1Wk4dTSquasKaZ0qMufJeHapTKUnYgEbkopnz99TrcJr0Vupxmx34Y5Lb0pwfFWfaWi8IwdOpqeICyG4f0j2cyxhDVbvPn1CnMVZJpjI2FpLbM_2s_hcYYNHCAyQ69-Fx-97mfao0aJwnABMO6m5axBIgF7Lm-3hmSBQQIBBgBkgUECAUYBKAGLoAH5J3fOKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJDeA9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCT5odHRwczovL2RyZm9uZS53b25kZXJzaGFyZS5uZXQvYWQvYW5kcm9pZC1sb2NrLWZycC1ieXBhc3MuaHRtbIAKAcgLAbgT5APYEwKIFALQFQGYFgGAFwGyFxwKGggAEhRwdWItMTgzOTMxNTM2MjQ5NzQ0OBgA&sigh=1zuiAYCubjc&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNabCLWqvQMvfwgBVzgem3LNS25asabr4b5tFKOQBkDX8paKsnnhMo12su_uj8XM6dAF_cPpqVryFDAFrr7UumCuFF2KHPmwgYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211704969421432955968%22,%22debug_reporting%22:true,%22destination%22:%22https://wondershare.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22956455813%22],%224%22:[%2210-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211936129582399720657%22}&andc=true
Request Chain 133
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CjvIk6TAgZaDgIO-j5LcPu8KdqAbBle7WXuy914HdEfGj7bPpGBABIOzI_mtgkYSghYwYoAGFt4nIA8gBCagDAcgDywSqBMQBT9Bgn1HSKzDZFqubqvY3mSaQkGjHgzJcrLLhZmTrkfIyT3YhtUMgJVqLd7MtqMeZGA5km2I9Y137yb33MyI1rwEyWfRX1YaQ-cLx2m11bZce200gdVsQ5aimI3e8k8Cve8lPZF9pconi8l2HQKSI6ElNfUPFeg6X6Z0jW6Z4Pgls5y7jEMJq7GWCYOKOeMqJv2hkPeFu9DiDwdBlw4M8yu2eww0Ch4QTrt5-x3tYIkNu9u7NeypJOtwZxr5z5ndzZQ45AsAEw7qblrEEiAXsub7eGZIFBAgEGAGSBQQIBRgEoAYugAfknd84qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQx8oK0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJPmh0dHBzOi8vZHJmb25lLndvbmRlcnNoYXJlLm5ldC9hZC9hbmRyb2lkLWxvY2stZnJwLWJ5cGFzcy5odG1sgAoByAsBuBPkA9gTAogUAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xODM5MzE1MzYyNDk3NDQ4GAA&sigh=_r7vMCA2cqA&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNwWKYXslf-qB04LKg32znLu5el4Dl_8Ll1cIxABOc97slSxCdSG9j-rcLQYvJSdvSA2T5TcX7aNMUSW4-RhYNfu7G4tyUZOoYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227977093457870809561%22,%22debug_reporting%22:true,%22destination%22:%22https://wondershare.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22956455813%22],%224%22:[%2210-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217743142303530080257%22}&andc=true
Request Chain 151
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxeWy9rv-GDwShqxIL59X0&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxeWy9rv-GDwShqxIL59X0&google_cver=1&C=1
Request Chain 152
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSAw6qpY3tdcFrOD8Cf2SwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxeWy9rv-GDwShqxIL59X0&google_cver=1
Request Chain 153
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGWMAXAE2spvyQx70jTqPoM&google_cver=1
Request Chain 154
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE0Mzc0NDkzMzMzMTY4NjEzMw%3D%3D
Request Chain 184
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

185 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
samfw.com/
87 KB
19 KB
Document
General
Full URL
https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c818427359affcab39802bda46d7aa2592b49207b2ec4b2bdfe36c954ffabf7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
811f294948f7b73a-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 06 Oct 2023 16:08:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjvPOpM%2FdDiae7fS9rXdlFbO7Xe6xAK%2BTZi33LHNuIOyRBfQPoMha06WRku1QZZEtnJIenuYpvkeMoH7ztwRrbJWK9WWYYZS5jjQ5HlWj%2F1GJPGvAQmgeltnupR8w%2B8zELn5KqqvJKs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
bootstrap.min.css
samfw.com/assets/vendor/bootstrap/
152 KB
24 KB
Stylesheet
General
Full URL
https://samfw.com/assets/vendor/bootstrap/bootstrap.min.css?v=4
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b27a73fe72c5c4ba18484e7717a330ca08b5bf1e126a51570b066b3de727b9ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
26346
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 08 Mar 2023 19:28:48 GMT
server
cloudflare
etag
W/"6408e1f0-260e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ea7N1vYa0eguD8ZjGHP%2FQyZwvGkTkIBLb8K0om8umK4oPaM72V1hMvztslhzPNBiLrCSfXmkJR1bJ7Y7FmqjOsesOCpXQtC%2FlCZuBRIekIaNlWr3RypQun%2BlzZnIbBbWNkJhDZCgWew%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
811f294d8c65b73a-AMS
expires
Fri, 06 Oct 2023 20:49:02 GMT
lazy.css
samfw.com/assets/css/
47 KB
8 KB
Stylesheet
General
Full URL
https://samfw.com/assets/css/lazy.css
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6bc7c9009a7c835800ccb44258f197a071804b177f7ccf506c5be4e586a451d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33795
cf-polished
origSize=47866
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 01 Oct 2020 11:20:26 GMT
server
cloudflare
etag
W/"5f75bb7a-bafa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWd3AZhLswkbkCN%2FVSp91ISfeNye0n1Rm5GMfWbeSOQ6N12aW50ZBzwNcIg8TUTfGGxk7lKFaYq%2BvMWR3kUbUBFe5%2Br2GHBwsV2xqPs6r0ciwcQMwA2EomTcMdwYNhUZORzR%2BMZVz%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
811f294d8c66b73a-AMS
expires
Fri, 06 Oct 2023 18:44:53 GMT
demo.css
samfw.com/assets/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://samfw.com/assets/css/demo.css
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
726868fb1e3a84e3fcdfa52630aa9e70f6328750b335438a96fad8c5738b104d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33795
cf-polished
origSize=5604
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 29 Mar 2021 05:58:40 GMT
server
cloudflare
etag
W/"60616c90-15e4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjXw0aazl8bjmIUE49onlU9ydfExBy4s6phxM%2FwykcA9J8WC9AthuyQMMqSxO1ZmSoLDzXnpLnFeqoZWpv%2Fo0F7xM2hphTdX5Km%2B87d86%2BUDSAwJfmHyHFBlfmy4QSnLtD9KkC53p7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
811f294d8c6bb73a-AMS
expires
Fri, 06 Oct 2023 18:44:53 GMT
autocomplete.css
samfw.com/assets/css/
658 B
611 B
Stylesheet
General
Full URL
https://samfw.com/assets/css/autocomplete.css
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c601c5cd461b4bfe66c31b39c6dfc040f4da907c942230c2d4bf09d86604e939
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33795
cf-polished
origSize=1019
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 27 Oct 2019 17:00:00 GMT
server
cloudflare
etag
W/"5db5cd10-3fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17UX%2F4HL6nujOAHaIf7XC4la0U9DbMbea3aM0y5CkzddLkI61Vg4B%2F8PYi9%2FM%2BYf1gonIexdjRtOiD8kN8UhPx022PoIqlyr3Sv9xLLdd12oZlItJa01fy8GiEmFvWKpu3TcyweUF40%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
811f294d8c6cb73a-AMS
expires
Fri, 06 Oct 2023 18:44:53 GMT
flags.css
samfw.com/assets/css/
10 KB
2 KB
Stylesheet
General
Full URL
https://samfw.com/assets/css/flags.css
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abc50021338ab4551b32de53540e77bf1f970e00d8d8c569780adacbf46a18a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
26346
cf-polished
origSize=10321
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 06 Oct 2020 10:08:42 GMT
server
cloudflare
etag
W/"5f7c422a-2851"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvErK3IJZLzhB0yrnJxzx%2F8zmszGxyEZDGqIopSUqEUlaeE5egY%2BkVX8fzTQU%2Fyj11%2FB1evFy%2FD%2FegGk9Isr5dN4XHIHusB8AKsVdFxHVLdkWJv8pPV6C6elqOK%2FbfXpfmcLe4rd5aM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
811f294d8c6db73a-AMS
expires
Fri, 06 Oct 2023 20:49:02 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/
100 KB
19 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://samfw.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
285056
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18752
last-modified
Mon, 27 Mar 2023 17:46:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6421d693-4940"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2Eocq%2FK7dE6w90PKYTUCg9jP8IaKirf853gLsj1jcGqd4QSv4cA%2FGKLOWuJxjSK7bwGKzawOlSLVN55uLTtvWdfjH%2B9TojmY07H%2FZOA9lHpi9VRgj2CYyIp0FCwvgW8YdYT0rOESZv7O19bsFbkcQjy"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
811f294ddd210c69-AMS
expires
Wed, 25 Sep 2024 16:08:08 GMT
font-awesome-animation.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome-animation/0.2.1/
18 KB
2 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome-animation/0.2.1/font-awesome-animation.min.css
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a4b03a6c128b46647ca81421d1b1db2577751a66b09c13677c8d753cac18c7a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
24950638
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1424
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-47d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ky%2BwTqV57Ax4eAL8k6Lp%2BQJMHVtjdWpo51nBdzysO0gL6P%2FaPcS1JOppPuhspwBoiqlEfdA86oZDXDtPctFB2th9oew0HdvWCqiKKR3DsS%2FJyGzsDhMBZCo89LzIDy30erTfXUSL1xWtDyVR7VclISuM"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
811f294f3eba0bbf-AMS
expires
Wed, 25 Sep 2024 16:08:08 GMT
toastr.min.css
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/
7 KB
3 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.css
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://samfw.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1965054
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2672
last-modified
Mon, 04 May 2020 16:17:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffe-1a55"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYa%2F%2FXfKCsQgHvl%2FkRWcOVC4fE3QERrST7Im81%2Fw55LWtKlOQIpWfqOIb6eCwhkt%2FuX%2BYOVgSHPFui6miS1r1elUYJyym3FtBOfSKFlqLbAjQR1CGlmiOOuvEE8yGUkQ7iQOPa5%2Btu6%2BFGVtc4vrTatr"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
811f294ddd220c69-AMS
expires
Wed, 25 Sep 2024 16:08:08 GMT
js
www.googletagmanager.com/gtag/
186 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-163898725-1
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8836a1925c6a72b1235c90baec2a02cee738e8d7f3858c58c9a88beb6892b4fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69090
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 06 Oct 2023 16:08:09 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
144 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff9eb26aa931f54f9b055269ce3cf07e2966f98195a760448129c7e9581fb81d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50913
x-xss-protection
0
server
cafe
etag
8475082176468401906
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 16:08:09 GMT
in-view.min.js
cdn.jsdelivr.net/npm/in-view@0.6.1/dist/
5 KB
3 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/in-view@0.6.1/dist/in-view.min.js
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
372354
x-jsd-version
0.6.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230030-FRA, cache-jnb7023-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"14be-WmlQIO/ElIG9SfA/X8UgGV8u+ls"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2%2F1MypGfsFuEor87yD5idwSHu%2B9Nv5XEACKUwtxHvTA4n3UTVqWlUVq8z%2Fb%2BSqgdcJOjw26IuS7hLcmEU73bjQ4y848vI8fnzPdw%2F%2ByNe0UTXldPbddcjxI6VkppLcL5CK5Guk0PDr5lSJed1E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
811f294dfa980ea9-AMS
gpt.js
securepubads.g.doubleclick.net/tag/js/
100 KB
30 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b721fd8bd518c20e3afd2833790fa0d1a1990477b5e97ddfb5f2aa47e164d49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29928
x-xss-protection
0
server
cafe
etag
178 / 19636 / 31078611 / config-hash: 7682450070620400040
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 16:08:09 GMT
3171
stpd.cloud/saas/
402 KB
116 KB
Script
General
Full URL
https://stpd.cloud/saas/3171
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f7397958344e6d070fd1cad99333a207905ca6096a646edc285d57de52d2f79

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Fri, 06 Oct 2023 20:08:09 GMT
date
Fri, 06 Oct 2023 16:08:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 06 Oct 2023 16:07:29 GMT
server
cloudflare
age
40
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
811f29504a3b0a70-AMS
stpdhash
cache
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b20397ea7160ee66e9a6723fd50926d2f729a351f2cb06434667767ce98b874a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://samfw.com/
Origin
https://samfw.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 06 Oct 2023 16:08:09 GMT
content-md5
H0UtkqN3PX2R3Pyl2Uajzw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-debug
ulXi8/lW0jZg00CuCE9SJG+dSomagCP40PvHOpfg1R+8MvquucwJPI5ycSmmQ0fngkEm+DmaOFcokhMGN2j51Q==
x-fb-content-md5
26965f7c06fecc44e518fa92f5ddb8eb
cross-origin-opener-policy
same-origin-allow-popups
etag
"72153053730c137ce25425672cba910a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 06 Oct 2023 16:12:40 GMT
logo.png
samfw.com/assets/img/
15 KB
15 KB
Image
General
Full URL
https://samfw.com/assets/img/logo.png
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9963f5b0e2cf0df9868755d53be44f5a1b39e88bd59ced041131ae48a8e0ed6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2485609
alt-svc
h3=":443"; ma=86400
content-length
14971
last-modified
Sun, 27 Oct 2019 17:00:00 GMT
server
cloudflare
etag
"5db5cd10-3a7b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HfveW8NzBpZv8O2CP5CZseB8keQGWYj7yAl2vBgvuHiddVaU1RBAHyoScoP729uH2k7JijR3u6bMowyd94Z0EifR4Aceez4Dst2P33ukrlJYxXZsEirAASPausXnLwY%2Fy1EWlIJFFF4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
811f294fd945b92a-AMS
priority
u=3,i
expires
Sat, 07 Oct 2023 21:41:19 GMT
logo.png
mifirm.net/assets/img/
9 KB
10 KB
Image
General
Full URL
https://mifirm.net/assets/img/logo.png
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:4f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / LarVPS
Resource Hash
f821113c24955a956a7d286d0e753bf11e1c00db8a2c7281c043777d8a88489a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15806403
x-powered-by
LarVPS
alt-svc
h3=":443"; ma=86400
content-length
9222
x-xss-protection
1; mode=block
last-modified
Wed, 01 Apr 2020 16:03:34 GMT
server
cloudflare
etag
"5e84bb56-2406"
x-download-options
noopen
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KbOuK3DjJaekhhVOYXhSIlpaWUkJV6yaEZYM7d4bUPnPRdgdx7xer0zbEIRaj8xJ5dpVZLDhjRVIqIrn6hSkYDOUaBuzc690MlH2zMeRsr2iIdF6rxLTypMmLg3on9CEHDeD8fcxyrMB"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811f295058c50b3c-AMS
expires
Fri, 05 Apr 2024 17:28:05 GMT
fav.png
ipsw.pro/assets/images/
13 KB
14 KB
Image
General
Full URL
https://ipsw.pro/assets/images/fav.png
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91bb0dbfeabaada68e709bced9418d0d8cd4f40cbaa27f3ffbce0c39d7426d77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:09 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2257479
alt-svc
h3=":443"; ma=86400
content-length
13714
last-modified
Thu, 16 Mar 2023 05:46:26 GMT
server
cloudflare
etag
"6412ad32-3592"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mK1dLiX73OArOqUFgOu6m4ZKKW18Lux1lwDeW%2FcjEF1LGIc1N51pMJs6S%2FkahGgVL7o8YXEyDKzwK7%2BafpCCD2VXLRYOBjGpFUPqpzBw1HFa2h9FIVGu0FtwuiWwhT2oBiir1p19kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
811f29508e5a0b48-AMS
expires
Tue, 10 Oct 2023 13:03:30 GMT
favicon.png
lgrom.com/assets/media/logos/
429 B
967 B
Image
General
Full URL
https://lgrom.com/assets/media/logos/favicon.png
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b55fb4a75d471d1914c00f5c4cf157d3671edf76592e80883966507cf041b41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:09 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1435
alt-svc
h3=":443"; ma=86400
content-length
429
last-modified
Wed, 16 Dec 2020 09:56:48 GMT
server
cloudflare
etag
"5fd9d9e0-1ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4WqzCFdABbV1rBPRBMi8PfSp5DMa%2Bq%2BksZl%2BDKcKAHxvGN0ZXvfnye%2FkMJ7oxL0kOiaB0WPITkza%2FnADQlnyOfJOvWCvm1Ipdc0QZAA2vA9vBISFhF0jJOhXi6OaGaWElI697q7WpNA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
811f29504e4eb7f5-AMS
expires
Sun, 05 Nov 2023 15:44:13 GMT
logo.png
iccid.info/img/
3 KB
4 KB
Image
General
Full URL
https://iccid.info/img/logo.png
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5379e3d4fc3e0416a9b1253dd32124d108ff548e3674f290bf7777934288726e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:09 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1715952
alt-svc
h3=":443"; ma=86400
content-length
3226
last-modified
Sun, 27 Mar 2022 11:05:02 GMT
server
cloudflare
etag
"624044de-c9a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4QyE2HO69i74QnwaQdKpuu6g74VHjqPG1jM3ojn1sKdAUFvEEq3nErrMLOdEw1UKfpv6uc88YMuP4Qif%2BNDphoOe6wezSuUKAxf1xGmtNJPC%2B4qodUECrVuueaXh0%2FJDSai07CbCixn"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
811f29505ef2b731-AMS
expires
Mon, 16 Oct 2023 19:28:57 GMT
logo.svg
vanced.me/assets/img/
5 KB
3 KB
Image
General
Full URL
https://vanced.me/assets/img/logo.svg
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:1746 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbed8abf9faeb3ec7ddab4e5c02e0633eb56b96cfbfc83ed93d8d5e7eab5bfab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:09 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Aug 2021 08:25:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4592
etag
W/"611237f2-133d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2t886gEzbRLIIKSgtcazb%2FuozX50I7D21Rl3zMe%2BG3fz5wbqvDkVIxt1xRnN7daiJoUhaY%2B%2FjwSdydtO9%2FBgKfpbM8s8sEJDYWfpX99Bzc9xW58nq6WxqON1VOec%2BrA384M4Kam2iVE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
811f29504feeb719-AMS
alt-svc
h3=":443"; ma=86400
logo_spin.gif
samfw.com/assets/img/
21 KB
21 KB
Image
General
Full URL
https://samfw.com/assets/img/logo_spin.gif
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25304f55e96bc18514a5a0de5068ff792983017e85e2ce5ca7052bef0bcf166b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
293319
alt-svc
h3=":443"; ma=86400
content-length
21351
last-modified
Tue, 19 Nov 2019 17:00:00 GMT
server
cloudflare
etag
"5dd41f90-5367"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibah4x6tmYbWIMptuP6x7oaz6tw9vAAYAw5Kyy2adiVhuzeDpqct1dZghucdljo5dtbM%2BHxT8zkNUbVnnaXF4p0TqDY3Sg4zOo%2BDNJU7TPYswE5y5pcIJJIUpjl5gAKM4Qea%2FnTkR3w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
811f294fd949b92a-AMS
priority
u=3,i
expires
Thu, 02 Nov 2023 06:39:29 GMT
default.jpg
samfw.com/blog_images/the-fastest-way-to-transfer-esim-between-galaxy-devices/
14 KB
15 KB
Image
General
Full URL
https://samfw.com/blog_images/the-fastest-way-to-transfer-esim-between-galaxy-devices/default.jpg
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f464536ca13da5d6281826053e32d33ea678265aea5218bdb213e53772434ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7622
alt-svc
h3=":443"; ma=86400
content-length
14526
last-modified
Thu, 05 Oct 2023 15:53:43 GMT
server
cloudflare
etag
"651edc07-38be"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5A9caPeVZg%2BBAMaXceDd%2FIMKbF84vNdpxrOjxRmCmIuRWHAdFsyQ6UijuSSL3JOwQbkzoXQNyTWtPIPSC1zmUsQUHEiK%2BYQoVSZkN2HGZHI2E83VUM9AuzcYP49Ym21TI5fystue7rI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
811f294fd94cb92a-AMS
priority
u=3,i
expires
Sun, 05 Nov 2023 14:01:05 GMT
default.jpg
samfw.com/blog_images/galaxy-smarttag-2-officially-launched-with-a-more-beautiful-design-and-many-new-features/
11 KB
11 KB
Image
General
Full URL
https://samfw.com/blog_images/galaxy-smarttag-2-officially-launched-with-a-more-beautiful-design-and-many-new-features/default.jpg
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6959b28c73758076e9854d8f17c43f8f06365fdbb8a699bdb2cd49e3094034f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50842
alt-svc
h3=":443"; ma=86400
content-length
10951
last-modified
Thu, 05 Oct 2023 15:37:24 GMT
server
cloudflare
etag
"651ed834-2ac7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xaW19Vaak743q3sO3sDwXaNJ15XomjuH01QHlqVmMJFkowQPjelhFHsejjmAG%2FkrwbgJgUeytqcsf%2FYIJXegCEG4APZEl%2B%2Bgf5ApfHXKFZBTaWFbBKDtLajuUJhoY6Ca45llsbm%2BaMk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
811f294fd94db92a-AMS
priority
u=3,i
expires
Sun, 05 Nov 2023 02:00:46 GMT
default.jpg
samfw.com/blog_images/how-to-automatically-delete-otp-messages-on-samsung-phones/
12 KB
13 KB
Image
General
Full URL
https://samfw.com/blog_images/how-to-automatically-delete-otp-messages-on-samsung-phones/default.jpg
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f659e022190fefa86da1770ffc78a43b3bdcdda37dcb1757c300dca2224e200c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
93932
alt-svc
h3=":443"; ma=86400
content-length
12640
last-modified
Wed, 04 Oct 2023 07:02:55 GMT
server
cloudflare
etag
"651d0e1f-3160"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6g1sCZ75tIob9%2BKxKi6FgU6%2FiRXb1zlcn2q9%2BH5nXhDiNBuuvRqfNSpkR4j1LBfKoMX4ZjkuZo5Jw1g8UNOeBlNAyJvWO0O0%2FxvCUFIheJW8iP1v2u2tF3P7NlAuZntCyhVa7vhg3M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
811f294fd94eb92a-AMS
priority
u=3,i
expires
Sat, 04 Nov 2023 14:02:36 GMT
default.jpg
samfw.com/blog_images/galaxy-s23-fe-will-be-supported-with-updates-to-android-17/
13 KB
13 KB
Image
General
Full URL
https://samfw.com/blog_images/galaxy-s23-fe-will-be-supported-with-updates-to-android-17/default.jpg
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee0c40b1ef8c07782ff317e6e1bcc310954bb4a7a117e3f04b36f8db6e7cfa30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
134055
alt-svc
h3=":443"; ma=86400
content-length
13014
last-modified
Wed, 04 Oct 2023 07:02:55 GMT
server
cloudflare
etag
"651d0e1f-32d6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRAxk%2B8bwIG2qSIc2JgRuvoU2t5ift6L8ZyJIxfiS%2Fav9hw3DxRsK6IiGj8cbVdYtp4F9JsfV0FAdHXK8zWoecXLxx2sTl10BkIMrwvOOUTgkqsEZ%2BPYLEhzzWB9rvODnPiwIaQ9%2Bzo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
811f294fd951b92a-AMS
priority
u=3,i
expires
Sat, 04 Nov 2023 02:53:53 GMT
sunlock.png
samfw.com/assets/img/supporter/
42 KB
42 KB
Image
General
Full URL
https://samfw.com/assets/img/supporter/sunlock.png
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
560dfcac42ead6985d2e72778b5d4f548427fcf1e5aa439b8c4edda4ca09c5d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
283421
alt-svc
h3=":443"; ma=86400
content-length
42616
last-modified
Wed, 05 Jul 2023 08:22:37 GMT
server
cloudflare
etag
"64a5284d-a678"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1kqsDUx2XxaVxqucpOSIYyd20CoqEb2RpzVJJmUUgrCTSs4sReqVO6q6ruDMZsajunveO6LzN8RbdzeCD9Gbn1lX7St7bQKQLfx8XAEvPH8hBLQsWQn9c71FGlNtCdT3NYHjto384w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
811f294fd952b92a-AMS
priority
u=3,i
expires
Thu, 02 Nov 2023 09:24:26 GMT
email-decode.min.js
samfw.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://samfw.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Oct 2023 12:54:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"651eb1ec-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lNU%2FrrNHz5ueChp4wDWuICeUx7vVw7clYMZRGqE7bc3%2FlF5LmyQOpYbEhJXzL6deFezUsYVhLq0Lv6DCgf4J0VwPOZd%2BaraRcanmGbrjHQWrspcMIc2FypC4bWhIZffPNx%2BFeqHkVo4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
811f294e8fc1b92a-AMS
expires
Sun, 08 Oct 2023 16:08:08 GMT
dmca-badge-w150-5x1-08.png
images.dmca.com/Badges/
3 KB
4 KB
Image
General
Full URL
https://images.dmca.com/Badges/dmca-badge-w150-5x1-08.png?ID=cf9a563f-9d66-4f15-8c75-9e3ec086657e
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 / ASP.NET
Resource Hash
ce784660775c196b3eaae5369bab374896a97a682531863832d64b8249d9ac14

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
cdn-edgestorageid
1080
x-powered-by
ASP.NET
cdn-cachedat
09/12/2023 22:49:55
cdn-pullzone
1574055
content-length
3498
last-modified
Mon, 25 Jul 2016 19:39:16 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"fadaf3aace6d11:0"
content-type
image/png
cdn-cache
HIT
cdn-uid
c136c664-112d-4533-8247-f90f6849ab39
cache-control
public, max-age=31536000
cdn-requestid
3409001af7513316ae9acf7a731f629c
accept-ranges
bytes
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True
DMCABadgeHelper.min.js
images.dmca.com/Badges/
465 B
762 B
Script
General
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 / ASP.NET
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
content-encoding
br
cdn-edgestorageid
1080
x-powered-by
ASP.NET
cdn-cachedat
09/12/2023 22:47:45
cdn-pullzone
1574055
last-modified
Fri, 21 Jun 2019 20:14:34 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"26b181f16d28d51:0"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
c136c664-112d-4533-8247-f90f6849ab39
cache-control
public, max-age=31536000
cdn-requestid
36269a1dfdb08e49f47b2fe82ab2cfde
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/
20 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
https://samfw.com/
Origin
https://samfw.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:09 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
811f2950d82cb8a3-AMS
jquery.min.js
samfw.com/assets/vendor/jquery/
85 KB
31 KB
Script
General
Full URL
https://samfw.com/assets/vendor/jquery/jquery.min.js
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0023a4d99a8085630d1430b58a1fd920d4411830aff093c59abba26aec04ef3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13113
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 27 Oct 2019 17:00:00 GMT
server
cloudflare
etag
W/"5db5cd10-1528b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8apZhM30tfBnX7tnqcXcrUcT3YPYPk%2BYWctfz8aOLaUljB4N0pxwSBhfI0eGulfQo052BsH5Nqs3GtEomHIwYoK%2BCj2T0GvWR1c31fgRokxXq%2B50Yis1aDwMy0TO38sl9qq1zBObLuU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
811f294f98f0b92a-AMS
priority
u=2,i=?0
expires
Sat, 07 Oct 2023 00:29:35 GMT
jquery.autocomplete.js
samfw.com/assets/js/
18 KB
6 KB
Script
General
Full URL
https://samfw.com/assets/js/jquery.autocomplete.js
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2f0bb5eaf3291039f5d4e6b22b6baf0600e71a4c51aa15425d0e200d8ed18db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8897
cf-polished
origSize=35614
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 27 Oct 2019 17:00:00 GMT
server
cloudflare
etag
W/"5db5cd10-8b1e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfbMmI%2FvSx4SFCt7HeepnJ%2F7zhfDewlpOGTalJ%2FA6OW1ZcTlfxLa4NTKZW%2FYBPpccf03oITAxALVKiWU0dc%2BC4%2BjP8K%2F8R0V4JZ93ZFjgASvJTHfexyG9aP0LkIavSL1fYkAbisfMCY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
811f294fa902b92a-AMS
priority
u=2,i=?0
expires
Sat, 07 Oct 2023 01:39:51 GMT
popper.min.js
samfw.com/assets/vendor/popper/
19 KB
7 KB
Script
General
Full URL
https://samfw.com/assets/vendor/popper/popper.min.js
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e32a2f0e2ef0d4105ee9762f91294140bebf5d74b2af1412906f475aaad270
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13577
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 27 Oct 2019 17:00:00 GMT
server
cloudflare
etag
W/"5db5cd10-4a3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cV84Yn0E1znOtK%2BzhCDBrgAbBtQztPZIFYfy86TajcC8yqYXNBsYcKEsarJCTw34VX9eW7SFbPBTvKuKeiQPTbOmBJJyFZAOGs%2BvyVeMzhSN1p5QlFKANYpYHrF4HrRzvyiKyv8%2Bs1E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
811f294fc935b92a-AMS
priority
u=2,i=?0
expires
Sat, 07 Oct 2023 00:21:51 GMT
bootstrap.min.js
samfw.com/assets/vendor/bootstrap/
57 KB
16 KB
Script
General
Full URL
https://samfw.com/assets/vendor/bootstrap/bootstrap.min.js
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
822e92296b8a874756bbf9de9dee0c5bb11978797cb862158e30f63f0b7db0ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40308
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 27 Oct 2019 17:00:00 GMT
server
cloudflare
etag
W/"5db5cd10-e2e4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1gj11cBtGIsSpjQCFCeWgRUY0iZq2%2BfNfKYd182RaxQ73eZ0cwjuWYELB1Dx%2BUwWtpJss%2FcsyN5JSf2nyGEIQDB%2BKc6Xkn5GxCG3wruxPetk0NMzP4G3TKq4huklNH%2BYM1jrZ14yYk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
811f294fd93fb92a-AMS
priority
u=2,i=?0
expires
Fri, 06 Oct 2023 16:56:19 GMT
lazy.js
samfw.com/assets/js/
1 KB
969 B
Script
General
Full URL
https://samfw.com/assets/js/lazy.js
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f35b3d521d98fb8e2ee632e7b6a6893bab0eb99cf4173d463b8c9e8f5bf857b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23989
cf-polished
origSize=2107
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 27 Oct 2019 17:00:00 GMT
server
cloudflare
etag
W/"5db5cd10-83b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upHrKVGHUc6ycSCYSVTgddcD2Fz4cauLHpkdYQrXk8yEQfOiPCybFk83nzBurwW5w1WiP7dEpaT3oXO557CJ3MqfLMdSC%2FAnvhj%2Fdi4KUxJa8Ui1%2F%2BpvnSBIbyYtKi81rSvx0MWpyR8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
811f294fd953b92a-AMS
priority
u=3,i=?0
expires
Fri, 06 Oct 2023 21:28:19 GMT
toastr.min.js
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/
5 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.js
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://samfw.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5008806
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1884
last-modified
Thu, 22 Jun 2023 11:20:50 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942e92-75c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oQ06C536nz6sT0FJWq%2F4tN01Azx4nHKLPWrfB4TVd89Lo4r%2F1iaNgEEsuid0pco3iDzGArJFrth13kqQIsY088myVwv9lT3no%2BO1tK%2FA%2Bp9jVIkbsaNgKeFXu6MnCS3XkB1gJ6rg%2ByjKj7T7akkavmU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
811f294fde190c69-AMS
expires
Wed, 25 Sep 2024 16:08:08 GMT
script.js
samfw.com/js/
762 B
935 B
Script
General
Full URL
https://samfw.com/js/script.js
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53e8ed68b305a1407569e8bb5257f0c9bce42b5e854254c0c9d915964d91c5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30636
cf-polished
origSize=999
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 12 Apr 2021 13:40:17 GMT
server
cloudflare
etag
W/"60744dc1-3e7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuN7YVOOj6Fe06CGOrnVAgPDlQQtPVzHwshebEms4qtwBtOcgNILyOKC6x8KHm42WHcK64U3pffwmI3TVl16Mp4Bda%2BrWy9zOA1YD0kIraBrRfC2p07JcCpTkqeyx87cnc9MqowfCTw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
811f294fd941b92a-AMS
priority
u=2,i=?0
expires
Fri, 06 Oct 2023 19:37:32 GMT
removed.png
i.imgur.com/
Redirect Chain
  • https://i.imgur.com/yIOeX2Z.jpg
  • https://i.imgur.com/removed.png
503 B
727 B
Image
General
Full URL
https://i.imgur.com/removed.png
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:09 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
49018976
x-cache
HIT, HIT
content-length
503
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230086-FRA
last-modified
Wed, 14 May 2014 05:44:36 GMT
server
cat factory 1.0
x-timer
S1696608489.170846,VS0,VE0
etag
"d835884373f4d6c8f24742ceabe74946"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
23848, 1097208

Redirect headers

x-cache-hits
0, 2
date
Fri, 06 Oct 2023 16:08:09 GMT
strict-transport-security
max-age=300
server
cat factory 1.0
age
111
x-timer
S1696608489.130843,VS0,VE0
x-cache
HIT, HIT
access-control-allow-methods
GET, OPTIONS
location
https://i.imgur.com/removed.png
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-iad-kiad7000075-IAD, cache-fra-eddf8230086-FRA
removed.png
i.imgur.com/
Redirect Chain
  • https://i.imgur.com/3hlryrq.jpg
  • https://i.imgur.com/removed.png
503 B
579 B
Image
General
Full URL
https://i.imgur.com/removed.png
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:09 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
49018976
x-cache
HIT, HIT
content-length
503
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230086-FRA
last-modified
Wed, 14 May 2014 05:44:36 GMT
server
cat factory 1.0
x-timer
S1696608489.170875,VS0,VE0
etag
"d835884373f4d6c8f24742ceabe74946"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
23848, 1097209

Redirect headers

x-cache-hits
0, 2
date
Fri, 06 Oct 2023 16:08:09 GMT
strict-transport-security
max-age=300
server
cat factory 1.0
age
313
x-timer
S1696608489.130821,VS0,VE0
x-cache
HIT, HIT
access-control-allow-methods
GET, OPTIONS
location
https://i.imgur.com/removed.png
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-iad-kjyo7100076-IAD, cache-fra-eddf8230086-FRA
removed.png
i.imgur.com/
Redirect Chain
  • https://i.imgur.com/RvgYHYp.gif
  • https://i.imgur.com/removed.png
503 B
566 B
Image
General
Full URL
https://i.imgur.com/removed.png
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:09 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
49018976
x-cache
HIT, HIT
content-length
503
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230086-FRA
last-modified
Wed, 14 May 2014 05:44:36 GMT
server
cat factory 1.0
x-timer
S1696608489.170671,VS0,VE0
etag
"d835884373f4d6c8f24742ceabe74946"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
23848, 1097208

Redirect headers

x-cache-hits
0, 2
date
Fri, 06 Oct 2023 16:08:09 GMT
strict-transport-security
max-age=300
server
cat factory 1.0
age
553
x-timer
S1696608489.130822,VS0,VE0
x-cache
HIT, HIT
access-control-allow-methods
GET, OPTIONS
location
https://i.imgur.com/removed.png
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-iad-kiad7000039-IAD, cache-fra-eddf8230086-FRA
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway:300,400,500,600,700
Requested by
Host: samfw.com
URL: https://samfw.com/assets/css/lazy.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fc6fb52e9e93dce55fae9ed4a5eeeb5cda0a2ddd01aa6f50e524b7fc0123c0de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 06 Oct 2023 16:08:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 14:39:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 06 Oct 2023 16:08:08 GMT
log.js
u.heatmap.it/
27 KB
11 KB
Script
General
Full URL
https://u.heatmap.it/log.js
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
008702ed20b35006a694d4dc03dbb3f38c759a7db77b016857bd3641e7b54ce7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 12:41:04 GMT
content-encoding
br
last-modified
Wed, 29 Mar 2023 17:53:13 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
51.254.41.128/25
etag
"64247b09-6b2b"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=3600
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
10532
x-request-id
382436491
expires
Mon, 02 Oct 2023 13:41:04 GMT
flags_responsive.png
samfw.com/assets/img/
88 KB
88 KB
Image
General
Full URL
https://samfw.com/assets/img/flags_responsive.png
Requested by
Host: samfw.com
URL: https://samfw.com/assets/css/flags.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15956e953fd36bd7f4d2f1f77dfad5a3741db9e52b094f80c6cef4f78eb6a779
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/assets/css/flags.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
290985
alt-svc
h3=":443"; ma=86400
content-length
89978
last-modified
Sat, 22 Jan 2022 05:28:42 GMT
server
cloudflare
etag
"61eb960a-15f7a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exl3gNGts6KFQmHPttLCIsT2Uq2JsHj7neV7vhStqkudCjk1JpM9igPZXO5eq4xl9eUPG8iMBi%2FBjd%2BK8YAftzePkGAoxY49rAjY1yxh%2FnDmCE%2B08MAkyKWqXIyn6SIatwLwoyihnY4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
811f294fd955b92a-AMS
priority
u=3,i
expires
Thu, 02 Nov 2023 07:18:23 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/
147 KB
147 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698bbc8e78a9779802bf27a1b15e980cdf98ddc765366da65f97e3b7e29340a5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Origin
https://samfw.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
215730
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
150124
last-modified
Mon, 27 Mar 2023 17:46:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6421d693-24a6c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RHR0RAhyPzVxAjVmzgkUcASH83nyw3UqQ8JoGJ11MI6v90zOrj1lxpgmdagFH%2F5Mvf%2BRQxvZvjuwx%2BKvzhOmFk7ObOVkizjftoRsTkTGv5MRGL4y3dczxNiZFxLjDcwndXzCfi5u1muyzA73%2FX5C1JK"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
811f294fde1b0c69-AMS
expires
Wed, 25 Sep 2024 16:08:08 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/
105 KB
106 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
662f711374c816d7f44d93cecc0fd557871ab1363a446c07e59701f9dde9fe0a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Origin
https://samfw.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1810802
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
108020
last-modified
Mon, 27 Mar 2023 17:46:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6421d693-1a5f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dv%2FOfGiPlXI7X6mBLJV8wakyaBhKZ0UXTN5gb1IjoKWozIpxdHgJLXGaE2WERGKO2eGwVib8ODrTRBkjFoahLBv6KbyOZ4s1pCbTbYrug1%2F9TapuFjVMomR39WUqCOxr%2FcytVD3DjXOIUSmyt3EAwNTx"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
811f294fde1c0c69-AMS
expires
Wed, 25 Sep 2024 16:08:08 GMT
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/
24 KB
25 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a66b4ae9ce616cf8a5742535c7b3cdc8ca82635698c84e87b5914683c5f039d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Origin
https://samfw.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:08 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1372551
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
24948
last-modified
Mon, 27 Mar 2023 17:46:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6421d693-6174"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AISHjF9f0tm0wKxXg%2F2MyoggTE0CLz0bzN9qmHLa49pPgAQJIQcmR79M1cR0TLfk4IbdOfSroJtMcJo95W0Yc2%2F4UqQJDYEZC1Es2naEZ9irvyimjNQNIiJYbCEMw%2FjzOlSIbsJQDI%2BPk2mgk%2B5ax%2BPK"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
811f294fde1d0c69-AMS
expires
Wed, 25 Sep 2024 16:08:08 GMT
firebase-app.js
www.gstatic.com/firebasejs/9.6.3/
50 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/9.6.3/firebase-app.js
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a931199a7636f282b78d5e1f32c849405a8223edf81542df7fa3852c545b49b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://samfw.com/
Origin
https://samfw.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 16:42:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
516361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10846
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 23:09:55 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Sep 2024 16:42:08 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/9.6.3/
98 KB
18 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/9.6.3/firebase-messaging.js
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27fe14c1052c779159f67004401580b64274333cfcac43fd426e9049f291eb90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://samfw.com/
Origin
https://samfw.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 14:33:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
264863
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18242
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 23:10:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 14:33:46 GMT
sdk.js
connect.facebook.net/en_US/
299 KB
85 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=4e8f78bf66b40ecb5923be94fa629937
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e98570c5f30e35bd02e653dfedf00fe5fdf4678859ac59112620ce2cbd62ba30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://samfw.com/
Origin
https://samfw.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 06 Oct 2023 16:08:09 GMT
content-md5
X3gTIVCuvH/GjBdJweqT7Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86667
x-fb-debug
9MUpKeAmWdwYWrzokoV5ZEoGoFPOfkRHi5AhbEaAzlwZHapjEdaHEYj0j6nt3n8LsEM/xD9uHhFUXM8MMx0+fw==
x-fb-content-md5
1b6320b7e57f37413f3a322350ec1715
cross-origin-opener-policy
same-origin-allow-popups
etag
"44f9d80b2578ce9cf10d6cca8a93fa0b"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 05 Oct 2024 12:25:56 GMT
js
www.googletagmanager.com/gtag/
275 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JF7Y9R03YP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-163898725-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d974b22922581a46bfead32ea7959ceb98b01586393417b62bcf3419b81df4c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93567
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 06 Oct 2023 16:08:09 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-163898725-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 06 Oct 2023 15:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1107
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 06 Oct 2023 17:49:42 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/
389 KB
132 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1839315362497448&plah=samfw.com&bust=31078488
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac90a3bda0678fcf9206f9649a5272e6d8b97ad558a13c748c191663209bc34d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135179
x-xss-protection
0
server
cafe
etag
14335734409210099989
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 16:08:09 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame 69C9
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://samfw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
7891
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 13:56:38 GMT
etag
2603938475786422795
expires
Fri, 20 Oct 2023 13:56:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
samfw.com.js
u.heatmap.it/conf/
44 B
303 B
Script
General
Full URL
https://u.heatmap.it/conf/samfw.com.js
Requested by
Host: u.heatmap.it
URL: https://u.heatmap.it/log.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
89326fd9977c508a288273744eda8382a94861fd0acb9121e1369786ebb1a523

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:07:29 GMT
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
51.254.41.128/25
content-type
text/javascript;charset=UTF-8
cache-control
max-age=300
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
49
x-request-id
521798726
expires
Fri, 06 Oct 2023 16:12:29 GMT
collect
region1.google-analytics.com/g/
0
250 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JF7Y9R03YP&gtm=45je3a40&_p=1831616635&cid=1446662622.1696608489&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1696608489&sct=1&seg=0&dl=https%3A%2F%2Fsamfw.com%2F&dt=Samsung%20Firmware%20Download%20-%20Lastest%20official%20firmware%20update&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JF7Y9R03YP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://samfw.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/
419 KB
132 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078611
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ebcd7bdb5554e57888241a02b80e12230b08db50cffa39d16002b3726a55806
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 10:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
19899
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134827
x-xss-protection
0
server
cafe
etag
8968824880815585736
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 05 Oct 2024 10:36:30 GMT
pv
eu8.heatmap.it/log/
0
212 B
Image
General
Full URL
https://eu8.heatmap.it/log/pv?pid=116489&u=https%3A%2F%2Fsamfw.com%2F&tpl=.&pt=Samsung%20Firmware%20Download%20-%20Lastest%20official%20firmware%20update&t=897327
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.202.77.192 , France, ASN16276 (OVH, FR),
Reverse DNS
eu8.heatmap.it
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/gif
Date
Fri, 06 Oct 2023 16:08:09 GMT
Cache-Control
no-cache
Server
nginx
Connection
keep-alive
Content-Length
0
Expires
Fri, 06 Oct 2023 16:08:08 GMT
cookie.js
partner.googleadservices.com/gampad/
385 B
601 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=samfw.com&callback=_gfp_s_&client=ca-pub-1839315362497448
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1839315362497448&plah=samfw.com&bust=31078488
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8fc88908ef80131a8d940089b1939c03687cc9df761156783f401693e04659ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 953B
0
188 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&adk=1812271804&adf=3025194257&lmt=1696601289&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsamfw.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489162&bpp=3&bdt=620&idt=226&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1697707701026&frm=20&pv=2&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=246
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1839315362497448&plah=samfw.com&bust=31078488
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://samfw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 16:08:09 GMT
expires
Fri, 06 Oct 2023 16:08:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=aside_left&cls=aside_left&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 43CF
36 KB
13 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=8063287263&adk=2260652161&adf=1436199206&pi=t.ma~as.8063287263&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489165&bpp=1&bdt=622&idt=248&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y55ghy3Tf5&p=https%3A//samfw.com&dtd=253
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1839315362497448&plah=samfw.com&bust=31078488
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
59a7e778c0abafb60331cfb8234139db1efa4b9412267f4f8978e3b1fb02eb7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://samfw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
13002
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 16:08:10 GMT
expires
Fri, 06 Oct 2023 16:08:10 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7044
113 KB
39 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=4246061066&adk=2985700671&adf=2272196671&pi=t.ma~as.4246061066&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489166&bpp=1&bdt=624&idt=256&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=tujg1n4uuX&p=https%3A//samfw.com&dtd=259
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1839315362497448&plah=samfw.com&bust=31078488
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a826c6a6145d1641ade94ac82651ed653d2ad694a9859aefb9d6117492a3b58f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://samfw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
39372
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 16:08:09 GMT
expires
Fri, 06 Oct 2023 16:08:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/
1 B
202 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1831616635&t=pageview&_s=1&dl=https%3A%2F%2Fsamfw.com%2F&ul=en-us&de=UTF-8&dt=Samsung%20Firmware%20Download%20-%20Lastest%20official%20firmware%20update&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1180509946&gjid=1923779026&cid=1446662622.1696608489&tid=UA-163898725-1&_gid=1406037787.1696608489&_r=1&gtm=457e3a40&jsscut=1&z=1153540151
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://samfw.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://samfw.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 56DE
114 KB
39 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=280&slotname=9436650906&adk=163764764&adf=1542529960&pi=t.ma~as.9436650906&w=1200&fwrn=4&fwrnh=100&lmt=1696601289&rafmt=1&format=1200x280&url=https%3A%2F%2Fsamfw.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489167&bpp=1&bdt=625&idt=270&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C970x90&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=pgkLfYSrQt&p=https%3A//samfw.com&dtd=274
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1839315362497448&plah=samfw.com&bust=31078488
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd30addf0535602cee81c55f1b90501327817c441518ec660cbd6cbf88254d19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://samfw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
39661
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 16:08:09 GMT
expires
Fri, 06 Oct 2023 16:08:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsamfw.com%2F&domain=samfw.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://samfw.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://samfw.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 06 Oct 2023 16:08:08 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
215082
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
op.js
tagan.adlightning.com/setupad-hai/
16 KB
7 KB
Script
General
Full URL
https://tagan.adlightning.com/setupad-hai/op.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eaf77a2af5543ace4f32c5f5eb1ef39b87486ed717d3e44ac4acc245a2d7b8a9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
yVemLb9_YJMy8cUtAtNqe2c1_dkLBbdJ
content-encoding
gzip
via
1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
date
Fri, 06 Oct 2023 15:45:21 GMT
x-amz-cf-pop
FRA60-P4
age
1368
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
7059
x-amz-meta-git_commit
935e2f1
last-modified
Thu, 05 Oct 2023 18:18:14 GMT
server
AmazonS3
etag
"14a4ced74b47d39c290336db66866eca"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
_fMf9Zc0XQDBX3dxk-0Ol6en4Kg9TOBSXEAAZEJAbxy_8XxM2XcIYQ==
apstag.js
c.amazon-adsystem.com/aax2/
255 KB
63 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.87.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-87-107.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 15:09:37 GMT
content-encoding
gzip
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront), 1.1 fe36c7f30c8ef2853edecc43f320092c.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 19:43:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, MUC50-C1
age
3513
x-amz-server-side-encryption
AES256
etag
W/"e1caada96468a3b669d0d0cc6ec9a23c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
qYbAHWacAO_W6vHp73o23LGnnzLY-XlwSAL529VO75cg7S6y1b2Q0w==
prebid
id5-sync.com/api/config/
135 B
410 B
XHR
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
7c2589f966c01479236dda131a4942c70ba281e3be202cc12d56680f86977a54
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://samfw.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://samfw.com
date
Fri, 06 Oct 2023 16:08:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
json
gum.criteo.com/sid/
2 B
368 B
XHR
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsamfw.com%2F&domain=samfw.com&cw=1&lsw=1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://samfw.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:09 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://samfw.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
213329
expires
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
2 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231006
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
267c52339b51b10f1694420961e8d3d1bd17f75dd055add53629c26f28e1393d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://samfw.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 16:08:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
436
x-jsd-version
1.0.1835
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-jnb7023-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"640-6wjSDAwpbK7sfm+4iViHcAJd9Lk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fs4TpVVSzkp78zIGGC3e3oQ2%2B0a%2FIFau7jfsIs%2FYiohVlDa7VNrcmpOXTjO4ZEvpJZuFCi4MjgzlmTIPYqww8T6%2FQuu%2BcKAkKfaYHAjyGQ2qgeol4H55bGFi5JB%2BpP72paChdoTs4C98noi8PbY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
811f2953cd710bea-AMS
localstore.js
script.4dex.io/
4 KB
2 KB
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Fri, 06 Oct 2023 16:08:09 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 02 Oct 2023 15:19:34 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
348325
ETag
W/"4689fed115ceb1ec0446e336376eed1e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TmXoDHxG0EHPUmjaqMNJOeejgDgrdxPYeh1D2%2BdIxw5FpTGboCpe1SVB6CiJwKJERFQMOZHeuypSZU8KwEkuc5w2sObQF0oSCIm%2BipbReNflUOW0qWjFV%2BhXaL6vpxosVIyR3keft6DPbsHy"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
811f2954080ab8a0-AMS
22405468785
fundingchoicesmessages.google.com/i/
157 KB
52 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/22405468785?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078611
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
814a5119c16b021a23e43ebd29173ac8564cbac368a4755090fa0642b51fdaa4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GCaXmVZN_rOy2ohxSPr9Rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:09 GMT
content-security-policy
script-src 'report-sample' 'nonce-GCaXmVZN_rOy2ohxSPr9Rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
cookie_sync
prebid-stag.setupad.net/
42 B
548 B
XHR
General
Full URL
https://prebid-stag.setupad.net/cookie_sync
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf

Request headers

Referer
https://samfw.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtEb0YD8jp4WHxlWKX2NpGDIGyw4oqYFcZ9vVgiEvUj3PBByibnPhSmebnNDGQFOOtall1Arss04x5leKb9blIf%2FHZ01KERLd92625JE5t33Nl%2Fi%2Fv5Atat9PAhJTLzIdKIbaf%2BfxqHn"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://samfw.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
811f29547febb7eb-AMS
content-length
42
expires
0
auction
prebid-stag.setupad.net/openrtb2/
12 KB
4 KB
XHR
General
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5428c0b296c5ffb079f351a54b2c997064051bdb312a9602d562d9bc9a8a086

Request headers

Referer
https://samfw.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-prebid
pbs-go/0.234.0-3-gde6ed827
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erInPob5sbTz0vDDdMBPSP4mAoWByIZjHqvET44mXT4yCrMUAdWKCG6vHGpiYJvrfIxh2R961l%2BzOd19JsiZYhIkvwreayYn5P8F%2FLmmKwOzOeVMpJlCxYEy%2BO%2BSJlmTf%2By3g5495I2j"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://samfw.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
811f29547fecb7eb-AMS
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://samfw.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://samfw.com
date
Fri, 06 Oct 2023 16:08:09 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
mp.4dex.io/
60 B
658 B
XHR
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://samfw.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Fri, 06 Oct 2023 16:08:09 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: samfw.com_245x600_sidebar_desktop, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: samfw.com_728x90_responsive_1, Process Floors. 6 inventory rules not found for mediatype: banner and adUnitCode: samfw.com_1000x100_sticky_anchorad_responsive
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://samfw.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
811f29548984b7a2-AMS
expires
0
/
ghb.adtelligent.com/v2/auction/
11 KB
1 KB
XHR
General
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
4ae648a6d90f5eb8cc1e20fd05fb05567349ef4669264d09c46b8c2a09c10def

Request headers

Referer
https://samfw.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 06 Oct 2023 16:08:08 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://samfw.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1184
cdb
bidder.criteo.com/
0
188 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.27.0&cb=64267812170&lsavail=1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://samfw.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://samfw.com
date
Fri, 06 Oct 2023 16:08:09 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
arj
setupad-d.openx.net/w/1.0/
73 B
373 B
XHR
General
Full URL
https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsamfw.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=eb8b7e93-5d10-4bf8-8f1e-e85998da870f%2C522498cf-1bc1-4733-a121-0ad23667d629%2C3cfa1789-c9a1-422a-9129-04682d67c799%2Ce1a7ee36-b1b7-4c6c-bbdc-c31dc3515422%2C6b0da3d6-d5be-4d8e-b691-62cbdc020ee4&nocache=1696608489596&pubcid=ac06a26c-da0e-4d0f-9116-2efc0d749ff7&schain=1.0%2C1!setupad.com%2C1065%2C1%2C%2C%2C&aus=240x600%2C160x600%2C120x600%2C200x600%7C728x90%2C468x60%7C1000x100%2C970x90%2C728x90%2C990x90%2C970x50%2C960x90%2C950x90%2C980x90%7C160x600%2C120x600%7C160x600%2C120x600&divids=samfw.com_245x600_sidebar_desktop%2Csamfw.com_728x90_responsive_1%2Csamfw.com_1000x100_sticky_anchorad_responsive%2Csamfw_com_160x600_siderbar_desktop_left%2Csamfw_com_160x600_siderbar_desktop_right&aucs=%2C%2C%2C%2C&auid=544104384%2C544104375%2C557928247%2C558908215%2C558908217
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
896325b4409fdcedf88b523eaa4dd3b3bcb3c1e3e9814cecd647053b376fa6fa

Request headers

Referer
https://samfw.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:09 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://samfw.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/
19 B
539 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.27.0&referrer=https%3A%2F%2Fsamfw.com%2F&tmax=800
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.195.173.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-173-93.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://samfw.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:09 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://samfw.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
c
prebid.a-mo.net/a/
0
166 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://samfw.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 06 Oct 2023 16:08:09 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://samfw.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
openrtb
adx.adform.net/adx/
0
528 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://samfw.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://samfw.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/
13 KB
6 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
54d9c8b49b40cb101d82169ab8b44d44005283a51983abeb268ec2ba389db52f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://samfw.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:09 GMT
content-encoding
gzip
an-x-request-uuid
5150fd58-d5d8-477f-80e2-2f555c780983
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://samfw.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
31.204.150.149; 31.204.150.149; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
script.js
cadmus.script.ac/dahhc4ozyvjm6/
3 B
434 B
Script
General
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:09 GMT
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
server
cloudflare
age
0
etag
W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
cf-ray
811f2954bf3bb7de-AMS
content-length
3
adagio.js
script.4dex.io/
75 KB
24 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Fri, 06 Oct 2023 16:08:09 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
348285
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 02 Oct 2023 15:19:33 GMT
Server
cloudflare
ETag
W/"0680a0a53dae661d4707e1cc0f6bc95a"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTG70tfoeQLczgNYedjq5zGc081YUWgPL%2BmEZKSWw3XKMg4U%2FOsssToFCP28JydKfxGrppOaIJyi1GNQlX%2F4omfpeiwEjQhO08V9%2BxLDdSpyCI7sx3h8M8CS7elB5CH3p3yTIs584orOX9Wj"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
811f29549d9e6561-AMS
b-935e2f1-d3df8881.js
tagan.adlightning.com/setupad-hai/
70 KB
27 KB
Script
General
Full URL
https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18478ed8e022b1dafea066b54657927860919a8ab2db2b37ae9527894482117a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 14:26:25 GMT
content-encoding
gzip
via
1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-version-id
ewraV.NlWrAuI1ITNHYKI6qCHBKA8Mbc
x-amz-cf-pop
FRA60-P4
age
265305
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27316
x-amz-meta-git_commit
935e2f1
last-modified
Tue, 03 Oct 2023 14:26:13 GMT
server
AmazonS3
etag
"64ca92e55d25ac355c394baedd21198b"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_reki7AiAZ8PIrFbtR1A04HtIZwm8f1DsckXyczwVQ_pk4HGLeKnCA==
bl-935e2f1-aca6b23a.js
tagan.adlightning.com/setupad-hai/
55 KB
24 KB
Script
General
Full URL
https://tagan.adlightning.com/setupad-hai/bl-935e2f1-aca6b23a.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da661a32c1ad27e80e128590b4b2a013d1b010171a0556e983d9ef4eef2fc378

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 18:38:14 GMT
content-encoding
gzip
via
1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-version-id
AWLFNO1EdPYcU0R3GCxCD3WB8d2zA4Ux
x-amz-cf-pop
FRA60-P4
age
77396
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
23617
x-amz-meta-git_commit
935e2f1
last-modified
Thu, 05 Oct 2023 18:17:32 GMT
server
AmazonS3
etag
"4a51cdf1f66d08a640817b6ef9f86df9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
CADUaYT9pwgryd_8HodNJyzxqRiVFYyI-FoTPCiBeSIKVIs_9Zm3Gg==
v1
lb.eu-1-id5-sync.com/lb/
33 B
269 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
d3364ce0001f3007b23d00ef06369c70472a74d6d949f0a79af5bd838f508407
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://samfw.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://samfw.com
date
Fri, 06 Oct 2023 16:08:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
config.aps.amazon-adsystem.com/configs/
537 B
812 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-122.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
3b6a0bc64b57795c068b088a566c677bf0b51effbcfb2ff6746ce3068962c384

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 15:31:33 GMT
via
1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-P2
age
2196
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
PoIS3j0UlWt-j3LmVuhajBrAgY1s-JECtgUAkzwg1UOBiat_AhDvCA==
config
c.amazon-adsystem.com/cdn/prod/
4 KB
4 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsamfw.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.87.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-87-107.muc50.r.cloudfront.net
Software
Server /
Resource Hash
dad72ba1ea49fc0e2b309554b5212343e2f691ed8eb2b32df21d11a6d36356d8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:26:17 GMT
via
1.1 fe36c7f30c8ef2853edecc43f320092c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-C1
age
6111
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://samfw.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
3623
x-amz-cf-id
-tSC7_mZPJ5lcIyLGs_h1emTbvCyrBc_6FbuU_5kqmBIGw-v20EkXA==
bid
aax.amazon-adsystem.com/e/dtb/
23 B
460 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsamfw.com%2F&pid=01wxyTjNaR4aT&cb=0&ws=1600x1200&v=23.919.1525&t=800&slots=%5B%7B%22sd%22%3A%22samfw.com_245x600_sidebar_desktop%22%2C%22s%22%3A%5B%22240x600%22%2C%22160x600%22%2C%22120x600%22%2C%22200x600%22%5D%2C%22sn%22%3A%22%2F147246189%2C22405468785%2Fsamfw.com_245x600_sidebar_desktop%22%7D%2C%7B%22sd%22%3A%22samfw.com_728x90_responsive_1%22%2C%22s%22%3A%5B%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F147246189%2C22405468785%2Fsamfw.com_728x90_desktop_1%22%7D%2C%7B%22sd%22%3A%22samfw.com_1000x100_sticky_anchorad_responsive%22%2C%22s%22%3A%5B%221000x100%22%2C%22970x90%22%2C%22728x90%22%2C%22990x90%22%2C%22970x50%22%2C%22960x90%22%2C%22950x90%22%2C%22980x90%22%5D%2C%22sn%22%3A%22%2F147246189%2C22405468785%2Fsamfw.com_1000x100_sticky_anchorad_desktop%22%7D%2C%7B%22sd%22%3A%22samfw_com_160x600_siderbar_desktop_left%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F147246189%2C22405468785%2Fsamfw.com_160x600_siderbar_desktop_left%22%7D%2C%7B%22sd%22%3A%22samfw_com_160x600_siderbar_desktop_right%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F147246189%2C22405468785%2Fsamfw.com_160x600_siderbar_desktop_right%22%7D%5D&schain=1.0%2C1!setupad.com%2C1065%2C1%2C%2C%2C&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:09 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
JXGCD1GH235678B7YC1K
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://samfw.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
xyYKb9VzshcB64--3gT_7Hy2nT7lMZgjFIZzpXEA7iPSw6y3TFX78w==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.87.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-87-107.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 a19127e21dc5a939819061334abff380.cloudfront.net (CloudFront)
date
Fri, 06 Oct 2023 12:47:28 GMT
x-amz-cf-pop
MUC50-C1
age
42190
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
-mRvl2Sl8WwP1Pfmdz9SHcfhouF09ELfVDZoCZNq207gT_shWg3P7A==
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/
14 KB
5 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-22-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:09 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Fri, 06 Oct 2023 16:23:09 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-22-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:09 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 06 Oct 2023 16:23:09 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-27.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 19:10:11 GMT
content-encoding
gzip
via
1.1 349eb6985da057f318665aa6bde74732.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
75479
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
L7E_yzsXMJKMi6Keecny2gx9GYYyePiRQA1IKrYUQPJWiSxc5AtrJA==
hadron.js
cdn.hadronid.net/
55 KB
10 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fsamfw.com%2F&ref=&_it=amazon&partner_id=533
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:09 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907Z07N0H4YQRTZE
age
2605
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
811f2956481ab8fc-AMS
x-amz-id-2
FTX4uTVOoCJnlfZvtg3cS2GHfBFAI/wkwGXMvvfwDzP+hX8bS7Tqr3U+IhvV3h140Zc4iKtAHTg=
id5-api.js
cdn.id5-sync.com/api/1.0/
136 KB
29 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c96b67edd277b9d12add863bf157c68853eb1429929972195f629cddc8b6b48f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 10:57:30 GMT
server
cloudflare
x-amz-request-id
YEXJZ4CB3VDA048P
age
1515
etag
W/"7810b7b6142b3bdb32696e7b2987bc71"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
811f29563c110e18-AMS
x-amz-id-2
/DbtSI2J6OPLH756zM2RsV1yX/pqX47l1bCUgp4RQweEMbxLbOu+QRVJgxw/drv6apB+Jxxoot8=
481.json
id5-sync.com/g/v2/
276 B
551 B
XHR
General
Full URL
https://id5-sync.com/g/v2/481.json
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e89f8d549c30fe30e46f5ae89cabe2e1ee0e7163f7684beaab90846997fa0c76
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://samfw.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://samfw.com
date
Fri, 06 Oct 2023 16:08:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
AGSKWxUvw2wHoxRLz2WgoFVwIJcl_iKQ7wweZ7N0FppTFLt5Uxe1FP-q6aavbORpIt1HFe0D2nJajd5J6zHKuKcXm5Zpipc9iNjvXvrFJ9vbj0iwQcylJ-cGZjnI5DYQMJzYoS5OqyFgww==
fundingchoicesmessages.google.com/f/
293 KB
48 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUvw2wHoxRLz2WgoFVwIJcl_iKQ7wweZ7N0FppTFLt5Uxe1FP-q6aavbORpIt1HFe0D2nJajd5J6zHKuKcXm5Zpipc9iNjvXvrFJ9vbj0iwQcylJ-cGZjnI5DYQMJzYoS5OqyFgww==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk2NjA4NDg5LDkxODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zYW1mdy5jb20vIixudWxsLFtbOCwiZjVQOFN5VlU2aDQiXSxbOSwibmwiXSxbMTksIjEiXSxbMTcsIlswXSJdXV0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b619465b5025bfa8bfcdbf09a1a9eafbb31c630a45bc7c2d6a052f7febc70e5b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-29FMQpUfsIUtjBLzYH25VQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:10 GMT
content-security-policy
script-src 'report-sample' 'nonce-29FMQpUfsIUtjBLzYH25VQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 56DE
4 KB
767 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=280&slotname=9436650906&adk=163764764&adf=1542529960&pi=t.ma~as.9436650906&w=1200&fwrn=4&fwrnh=100&lmt=1696601289&rafmt=1&format=1200x280&url=https%3A%2F%2Fsamfw.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489167&bpp=1&bdt=625&idt=270&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C970x90&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=pgkLfYSrQt&p=https%3A//samfw.com&dtd=274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 06 Oct 2023 16:08:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 15:43:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 06 Oct 2023 16:08:09 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 56DE
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=280&slotname=9436650906&adk=163764764&adf=1542529960&pi=t.ma~as.9436650906&w=1200&fwrn=4&fwrnh=100&lmt=1696601289&rafmt=1&format=1200x280&url=https%3A%2F%2Fsamfw.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489167&bpp=1&bdt=625&idt=270&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C970x90&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=pgkLfYSrQt&p=https%3A//samfw.com&dtd=274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:36:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
9119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9151
x-xss-protection
0
server
cafe
etag
7930219084593097114
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:36:11 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 56DE
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=280&slotname=9436650906&adk=163764764&adf=1542529960&pi=t.ma~as.9436650906&w=1200&fwrn=4&fwrnh=100&lmt=1696601289&rafmt=1&format=1200x280&url=https%3A%2F%2Fsamfw.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489167&bpp=1&bdt=625&idt=270&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C970x90&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=pgkLfYSrQt&p=https%3A//samfw.com&dtd=274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
9121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:36:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 56DE
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=280&slotname=9436650906&adk=163764764&adf=1542529960&pi=t.ma~as.9436650906&w=1200&fwrn=4&fwrnh=100&lmt=1696601289&rafmt=1&format=1200x280&url=https%3A%2F%2Fsamfw.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489167&bpp=1&bdt=625&idt=270&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C970x90&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=pgkLfYSrQt&p=https%3A//samfw.com&dtd=274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
9121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:36:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 56DE
187 KB
59 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=280&slotname=9436650906&adk=163764764&adf=1542529960&pi=t.ma~as.9436650906&w=1200&fwrn=4&fwrnh=100&lmt=1696601289&rafmt=1&format=1200x280&url=https%3A%2F%2Fsamfw.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489167&bpp=1&bdt=625&idt=270&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C970x90&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=pgkLfYSrQt&p=https%3A//samfw.com&dtd=274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Oct 2023 16:08:10 GMT
f20a2b7dfb9062a0a08db52babdaa11c.js
www.gstatic.com/mysidia/ Frame 56DE
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=280&slotname=9436650906&adk=163764764&adf=1542529960&pi=t.ma~as.9436650906&w=1200&fwrn=4&fwrnh=100&lmt=1696601289&rafmt=1&format=1200x280&url=https%3A%2F%2Fsamfw.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489167&bpp=1&bdt=625&idt=270&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C970x90&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=pgkLfYSrQt&p=https%3A//samfw.com&dtd=274
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 15:26:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15586
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 15:26:24 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 7044
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=4246061066&adk=2985700671&adf=2272196671&pi=t.ma~as.4246061066&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489166&bpp=1&bdt=624&idt=256&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=tujg1n4uuX&p=https%3A//samfw.com&dtd=259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:36:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
9119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9151
x-xss-protection
0
server
cafe
etag
7930219084593097114
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:36:11 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 7044
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=4246061066&adk=2985700671&adf=2272196671&pi=t.ma~as.4246061066&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489166&bpp=1&bdt=624&idt=256&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=tujg1n4uuX&p=https%3A//samfw.com&dtd=259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
9121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:36:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 7044
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=4246061066&adk=2985700671&adf=2272196671&pi=t.ma~as.4246061066&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489166&bpp=1&bdt=624&idt=256&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=tujg1n4uuX&p=https%3A//samfw.com&dtd=259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
9121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:36:09 GMT
hadron.json
id.hadron.ad.gt/v1/
94 B
286 B
XHR
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=533&sync=0&domain=samfw.com&url=https://samfw.com/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fsamfw.com%2F&ref=&_it=amazon&partner_id=533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91f8efbff28fc7fe1d2a758f76bb70b74107adb25f3aa88c4ba6c01de4b71f60

Request headers

Referer
https://samfw.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 06 Oct 2023 16:08:10 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
811f29585ff61c9e-AMS
hadron.json
id.hadron.ad.gt/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=533&sync=0&domain=samfw.com&url=https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://samfw.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
811f29579ead1c9e-AMS
content-length
0
content-type
application/json
date
Fri, 06 Oct 2023 16:08:10 GMT
debug
OPTIONS block
expires
Sat, 05 Oct 2024 16:08:10 GMT
server
cloudflare
14763004658117789537
tpc.googlesyndication.com/simgad/3226480987852689365/ Frame 56DE
15 KB
15 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3226480987852689365/14763004658117789537?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=280&slotname=9436650906&adk=163764764&adf=1542529960&pi=t.ma~as.9436650906&w=1200&fwrn=4&fwrnh=100&lmt=1696601289&rafmt=1&format=1200x280&url=https%3A%2F%2Fsamfw.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489167&bpp=1&bdt=625&idt=270&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C970x90&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=pgkLfYSrQt&p=https%3A//samfw.com&dtd=274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
812fb3f4aa4310e286b7c80472cb5d53abedf3e22db53a76b99522f7bf372b72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 20:27:48 GMT
x-content-type-options
nosniff
age
330022
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15058
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:24:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 01 Oct 2024 20:27:48 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/2888702956663393056/ Frame 56DE
8 KB
9 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/2888702956663393056/14763004658117789537?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=280&slotname=9436650906&adk=163764764&adf=1542529960&pi=t.ma~as.9436650906&w=1200&fwrn=4&fwrnh=100&lmt=1696601289&rafmt=1&format=1200x280&url=https%3A%2F%2Fsamfw.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489167&bpp=1&bdt=625&idt=270&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C970x90&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=pgkLfYSrQt&p=https%3A//samfw.com&dtd=274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b1bc3fe012482d0a0f64729439fb31513ffaf475b1b23e7b21367ec606ab975
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 10:59:03 GMT
x-content-type-options
nosniff
age
277747
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8470
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 06:04:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 02 Oct 2024 10:59:03 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 56DE
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 17:26:14 GMT
x-content-type-options
nosniff
age
254516
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Oct 2024 17:26:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 56DE
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 16:12:51 GMT
x-content-type-options
nosniff
age
86119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 16:12:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7044
187 KB
59 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=4246061066&adk=2985700671&adf=2272196671&pi=t.ma~as.4246061066&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489166&bpp=1&bdt=624&idt=256&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=tujg1n4uuX&p=https%3A//samfw.com&dtd=259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Oct 2023 16:08:10 GMT
f20a2b7dfb9062a0a08db52babdaa11c.js
www.gstatic.com/mysidia/ Frame 7044
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=4246061066&adk=2985700671&adf=2272196671&pi=t.ma~as.4246061066&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489166&bpp=1&bdt=624&idt=256&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=tujg1n4uuX&p=https%3A//samfw.com&dtd=259
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 15:26:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15586
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 15:26:24 GMT
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/
49 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-22-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:10 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Fri, 06 Oct 2023 16:23:10 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/3226480987852689365/ Frame 7044
33 KB
33 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3226480987852689365/6592766407814317453
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=4246061066&adk=2985700671&adf=2272196671&pi=t.ma~as.4246061066&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489166&bpp=1&bdt=624&idt=256&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=tujg1n4uuX&p=https%3A//samfw.com&dtd=259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64c95d7e92b530e007d8543ea8000465ac858cbaea7c802c14758097629cbab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 07:23:53 GMT
x-content-type-options
nosniff
age
117857
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33460
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:24:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Oct 2024 07:23:53 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/2888702956663393056/ Frame 7044
8 KB
8 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/2888702956663393056/14763004658117789537?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=4246061066&adk=2985700671&adf=2272196671&pi=t.ma~as.4246061066&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489166&bpp=1&bdt=624&idt=256&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=tujg1n4uuX&p=https%3A//samfw.com&dtd=259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b1bc3fe012482d0a0f64729439fb31513ffaf475b1b23e7b21367ec606ab975
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 10:59:03 GMT
x-content-type-options
nosniff
age
277747
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8470
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 06:04:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 02 Oct 2024 10:59:03 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7044
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=4246061066&adk=2985700671&adf=2272196671&pi=t.ma~as.4246061066&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489166&bpp=1&bdt=624&idt=256&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=tujg1n4uuX&p=https%3A//samfw.com&dtd=259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 03:37:30 GMT
x-content-type-options
nosniff
age
131440
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 03:37:30 GMT
map
bcp.crwdcntrl.net/6/
60 B
330 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.80.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-80-122.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
aa4de699aa84e26aaa2cdee7b7a9979dfc2158b17393b0d875f97670b447b11c

Request headers

Referer
https://samfw.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:10 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://samfw.com
cache-control
no-cache
x-server
10.45.9.47
access-control-allow-credentials
true
content-length
60
expires
0
css
fonts.googleapis.com/
69 KB
4 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.f5P8SyVU6h4.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxgWXnj1pngDpyVmr07PAIw7Gy_aA/m=web_iab_tcf_v2_wall_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2cad1c8be3f8f84a05361f5b560fbd93895541c6da9de09b995ee742f0b4c6ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 06 Oct 2023 16:08:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 16:08:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 06 Oct 2023 16:08:10 GMT
mosNSeQNv0DSDFLmYJ7F95rLJOl6xNnZmmrLOCAgITAoxKKgCDs37VrggXqA4k_fGun9W7_9gziMgImtEoYZkk_owhvYu-OkGdfluBzeTQ_NE-MHHk3U=h60
lh3.googleusercontent.com/
4 KB
4 KB
Image
General
Full URL
https://lh3.googleusercontent.com/mosNSeQNv0DSDFLmYJ7F95rLJOl6xNnZmmrLOCAgITAoxKKgCDs37VrggXqA4k_fGun9W7_9gziMgImtEoYZkk_owhvYu-OkGdfluBzeTQ_NE-MHHk3U=h60
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
30aaa456d901fb23b747950622c7515c11dbc25e367fac0e22e499a1ddc082f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:07:53 GMT
x-content-type-options
nosniff
age
17
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4299
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 07 Oct 2023 16:07:53 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/
125 KB
126 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://samfw.com/
Origin
https://samfw.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 07:35:16 GMT
x-content-type-options
nosniff
age
30774
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Oct 2024 07:35:16 GMT
AGSKWxWjOiYf6ROD0o-nn9AkHPm_aGVII5RaZAAe6BaBM68jaLoN01aJ3HIAZb0Dqv_eZwsfdxz00nRdORZsISYmw9BbjkN4QGiuJ8ymjvLskVledhobJWO4H4ZerOWLUjdq_HHsJKggAw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWjOiYf6ROD0o-nn9AkHPm_aGVII5RaZAAe6BaBM68jaLoN01aJ3HIAZb0Dqv_eZwsfdxz00nRdORZsISYmw9BbjkN4QGiuJ8ymjvLskVledhobJWO4H4ZerOWLUjdq_HHsJKggAw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.f5P8SyVU6h4.es5.O/am=ggE/d=1/rs=AJlcJMxi-P_8Y3PwMKgjssCRuFtREo26tA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0_O22nMRdKQAkIsrloQqiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://samfw.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 16:08:10 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0_O22nMRdKQAkIsrloQqiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://samfw.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 7044
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d366242d2716fb96f2159ca39d231f79c980cac7fb1becdca708946f156e977

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/
190 B
393 B
XHR
General
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:10 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://samfw.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Fri, 06 Oct 2023 16:38:10 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://samfw.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 16:12:51 GMT
x-content-type-options
nosniff
age
86119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 16:12:51 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://samfw.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 11:32:51 GMT
x-content-type-options
nosniff
age
534919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Sep 2024 11:32:51 GMT
KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/
5 KB
6 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://samfw.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 07:44:06 GMT
x-content-type-options
nosniff
age
548644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5560
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Sep 2024 07:44:06 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://samfw.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 18:16:19 GMT
x-content-type-options
nosniff
age
78711
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 18:16:19 GMT
truncated
/ Frame 56DE
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5754f46c431343dc71aa2438bffdda84dcf16d405014aa0a55c9babdf61f3f4c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame 56DE
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C0A4S6TAgZa-VHpqcywW8urjQBMGV7tZe7L3Xgd0R8aPts-kYEAEg7Mj-a2CRhKCFjBigAYW3icgDyAEJqAMByAPLBKoExgFP0Nyaj9g4iVJXQ7ScXNq26ou0AvujyUztOAaVpWhw1Id8kKA...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211704969421432955968%22,%22debug_reporting%22:true,%22destination%22:%22https://wondershare.net%22,%22event_report_window%...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211704969421432955968%22,%22debug_reporting%22:true,%22destination%22:%22https://wondershare.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22956455813%22],%224%22:[%2210-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211936129582399720657%22}&andc=true
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:10 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"11704969421432955968","debug_reporting":true,"destination":"https://wondershare.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["956455813"],"4":["10-06"],"6":["true"]},"priority":"500","source_event_id":"11936129582399720657"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 06 Oct 2023 16:08:10 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 06 Oct 2023 16:08:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11704969421432955968","debug_reporting":true,"destination":"https://wondershare.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["956455813"],"4":["10-06"],"6":["true"]},"priority":"500","source_event_id":"11936129582399720657"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 7044
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CjvIk6TAgZaDgIO-j5LcPu8KdqAbBle7WXuy914HdEfGj7bPpGBABIOzI_mtgkYSghYwYoAGFt4nIA8gBCagDAcgDywSqBMQBT9Bgn1HSKzDZFqubqvY3mSaQkGjHgzJcrLLhZmTrkfIyT3Y...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227977093457870809561%22,%22debug_reporting%22:true,%22destination%22:%22https://wondershare.net%22,%22event_report_window%2...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227977093457870809561%22,%22debug_reporting%22:true,%22destination%22:%22https://wondershare.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22956455813%22],%224%22:[%2210-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217743142303530080257%22}&andc=true
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:10 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"7977093457870809561","debug_reporting":true,"destination":"https://wondershare.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["956455813"],"4":["10-06"],"6":["true"]},"priority":"500","source_event_id":"17743142303530080257"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 06 Oct 2023 16:08:10 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 06 Oct 2023 16:08:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7977093457870809561","debug_reporting":true,"destination":"https://wondershare.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["956455813"],"4":["10-06"],"6":["true"]},"priority":"500","source_event_id":"17743142303530080257"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
pagead2.googlesyndication.com/bg/ Frame 399D
38 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=280&slotname=9436650906&adk=163764764&adf=1542529960&pi=t.ma~as.9436650906&w=1200&fwrn=4&fwrnh=100&lmt=1696601289&rafmt=1&format=1200x280&url=https%3A%2F%2Fsamfw.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489167&bpp=1&bdt=625&idt=270&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C970x90&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=pgkLfYSrQt&p=https%3A//samfw.com&dtd=274
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 10:33:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
106496
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 10:33:14 GMT
bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
pagead2.googlesyndication.com/bg/ Frame 0506
38 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=4246061066&adk=2985700671&adf=2272196671&pi=t.ma~as.4246061066&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489166&bpp=1&bdt=624&idt=256&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=1129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=tujg1n4uuX&p=https%3A//samfw.com&dtd=259
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 10:33:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
106496
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 10:33:14 GMT
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/
223 KB
65 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-22-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:10 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 17:51:49 GMT
server
Apache
etag
"37c41-60386a6319d17-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
66128
expires
Fri, 06 Oct 2023 16:23:10 GMT
533
a.ad.gt/api/v1/u/matches/
12 KB
4 KB
Script
General
Full URL
https://a.ad.gt/api/v1/u/matches/533?_it=amazon
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70e7118ff194e44f4c49e90499926e3b05d2a0c16bd113bf5741090f6608b8a2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 06 Oct 2023 16:05:48 GMT
server
cloudflare
age
142
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
811f2959ca180e60-AMS
publishertag.prebid.132.js
static.criteo.net/js/ld/
89 KB
29 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.132.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:31 GMT
server
nginx
etag
W/"642e8db3-16298"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 07 Oct 2023 16:08:10 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211704969421432955968%22,%22debug_reporting%22:true,%22destination%22:%22https://wondershare.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22956455813%22],%224%22:[%2210-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211936129582399720657%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 06 Oct 2023 16:08:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227977093457870809561%22,%22debug_reporting%22:true,%22destination%22:%22https://wondershare.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22956455813%22],%224%22:[%2210-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217743142303530080257%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 06 Oct 2023 16:08:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.132.js
static.criteo.net/js/ld/
89 KB
29 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.132.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:31 GMT
server
nginx
etag
W/"642e8db3-16298"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 07 Oct 2023 16:08:10 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A0ED
624 B
245 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbMZBDDy8cCGNL6zvABMAE&v=APEucNVNACWOTF-lqidQZFeOBN96k7Y9ESO2IXlhfU5u4OBsrvKr01QThbN5PGOS7RIfWUhsZAawY2MGB4AVgtyMwnEym-EuLZbTlLHjuiw-39dC6siZGGZQ4la0CmY4IfxtqmxuuBEupiWcj1bv7tMv3JC7okxzCUXtbzM_7rDWEv9Q_eogBLE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=8063287263&adk=2260652161&adf=1436199206&pi=t.ma~as.8063287263&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489165&bpp=1&bdt=622&idt=248&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y55ghy3Tf5&p=https%3A//samfw.com&dtd=253
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=8063287263&adk=2260652161&adf=1436199206&pi=t.ma~as.8063287263&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489165&bpp=1&bdt=622&idt=248&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y55ghy3Tf5&p=https%3A//samfw.com&dtd=253
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 16:08:10 GMT
expires
Fri, 06 Oct 2023 16:08:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 442C
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=8063287263&adk=2260652161&adf=1436199206&pi=t.ma~as.8063287263&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489165&bpp=1&bdt=622&idt=248&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y55ghy3Tf5&p=https%3A//samfw.com&dtd=253
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 16:08:10 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 442C
2 KB
1 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=28319778&cmp=29231473&plc=371712462&sid=4005949&aufilter1=1648134&prr=1&ppid=103&autt=1&auevent=ABAjH0i2sQc9xsw-sJtum1QyAh-0&c1=1648134&auorder=1011093857&aucmp=19911384368&aucrtv=504610130&auxch=1&pltfrm=1&ausite=852928188913&turl=https://samfw.com/&aubndl=&dvregion=0&unit=728x90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=8063287263&adk=2260652161&adf=1436199206&pi=t.ma~as.8063287263&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489165&bpp=1&bdt=622&idt=248&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y55ghy3Tf5&p=https%3A//samfw.com&dtd=253
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Fri, 06 Oct 2023 16:08:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2023 09:51:44 GMT
Server
UploadServer
ETag
"56f95dec40f6402642b5537aa29ad91c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
932
Expires
Sat, 07 Oct 2023 16:08:10 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 442C
9 KB
4 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=8063287263&adk=2260652161&adf=1436199206&pi=t.ma~as.8063287263&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489165&bpp=1&bdt=622&idt=248&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y55ghy3Tf5&p=https%3A//samfw.com&dtd=253
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b5ffa81768670029d01777f59917b176b96b54740acc3d432be2215cfd3d77fc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Fri, 06 Oct 2023 16:08:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Oct 2023 09:41:56 GMT
Server
UploadServer
ETag
"182a72be22ed58ff71d810d74dc7cb7a"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3638
Expires
Fri, 06 Oct 2023 16:23:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 442C
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=8063287263&adk=2260652161&adf=1436199206&pi=t.ma~as.8063287263&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489165&bpp=1&bdt=622&idt=248&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y55ghy3Tf5&p=https%3A//samfw.com&dtd=253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
9121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:36:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 442C
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=8063287263&adk=2260652161&adf=1436199206&pi=t.ma~as.8063287263&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489165&bpp=1&bdt=622&idt=248&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y55ghy3Tf5&p=https%3A//samfw.com&dtd=253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
9121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:36:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 442C
187 KB
59 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=8063287263&adk=2260652161&adf=1436199206&pi=t.ma~as.8063287263&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489165&bpp=1&bdt=622&idt=248&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y55ghy3Tf5&p=https%3A//samfw.com&dtd=253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Oct 2023 16:08:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 442C
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AUDowoA5C_IYindL0kPVOek_OQBDHGFJ6JJ-KmpwB4NVmKqa9Amb2d5F_P2ZxOJFxBKreRHypfOODBSXpaHZGEvxiEvZ0QI0-90jiC5ifHJRj_mes
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=8063287263&adk=2260652161&adf=1436199206&pi=t.ma~as.8063287263&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489165&bpp=1&bdt=622&idt=248&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y55ghy3Tf5&p=https%3A//samfw.com&dtd=253
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 442C
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1240275866520706950&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=8063287263&adk=2260652161&adf=1436199206&pi=t.ma~as.8063287263&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489165&bpp=1&bdt=622&idt=248&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y55ghy3Tf5&p=https%3A//samfw.com&dtd=253
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A0ED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxeWy9rv-GDwShqxIL59X0&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxeWy9rv-GDwShqxIL59X0&google_cver=1&C=1
43 B
778 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxeWy9rv-GDwShqxIL59X0&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbMZBDDy8cCGNL6zvABMAE&v=APEucNVNACWOTF-lqidQZFeOBN96k7Y9ESO2IXlhfU5u4OBsrvKr01QThbN5PGOS7RIfWUhsZAawY2MGB4AVgtyMwnEym-EuLZbTlLHjuiw-39dC6siZGGZQ4la0CmY4IfxtqmxuuBEupiWcj1bv7tMv3JC7okxzCUXtbzM_7rDWEv9Q_eogBLE
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SMPAk%2FECs%2FjQhIhcDWErLHy3cU3UhRpBN5WDOBe%2F%2F9wSgIUQU%2F6LI2c4PAtn%2B5E4egSaBPvH3ePyG80fAWcnzxjwtK3s4Pb7Dqp4d5W%2FkbEn%2FTLV4Y%2BFrIAftyBz73UA%2FhMWkIcyuZZeZg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
811f295d0d60b76d-AMS
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tl4awA0STtGws5C5LGFig6vcjIwhRPCmCItR%2FU74P%2BH3eX7kh%2Brn%2BeMFzpK6jhzYKojRHQqQAzWmMUH6YttgowRwF%2F2ZUaoMe3shyCfM9t1ntqzK9CIbhrG%2Fm%2Bw%2B0ocIiIyueLEohZgpKw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESENxeWy9rv-GDwShqxIL59X0&google_cver=1&C=1
cache-control
no-cache
cf-ray
811f295caff20a4b-AMS
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame A0ED
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSAw6qpY3tdcFrOD8Cf2SwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxeWy9rv-GDwShqxIL59X0&google_cver=1
43 B
739 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxeWy9rv-GDwShqxIL59X0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbMZBDDy8cCGNL6zvABMAE&v=APEucNVNACWOTF-lqidQZFeOBN96k7Y9ESO2IXlhfU5u4OBsrvKr01QThbN5PGOS7RIfWUhsZAawY2MGB4AVgtyMwnEym-EuLZbTlLHjuiw-39dC6siZGGZQ4la0CmY4IfxtqmxuuBEupiWcj1bv7tMv3JC7okxzCUXtbzM_7rDWEv9Q_eogBLE
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X7%2FLW7EOCa4CpOuOrqEhsEzMLhULcw%2FR5Pe9WuqRlq9C1pAaXcSSWp%2FlLZNERjK6X4vrs678mFzl%2BO6qWIg1ot5%2BLnlbqvPrr8p3OXG5t18n6EeoZhXzW2AG%2B%2F00ZolYR6tT%2BgSsbIuBXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
811f295d5d92b76d-AMS
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxeWy9rv-GDwShqxIL59X0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A0ED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGWMAXAE2spvyQx70jTqPoM&google_cver=1
43 B
840 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGWMAXAE2spvyQx70jTqPoM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbMZBDDy8cCGNL6zvABMAE&v=APEucNVNACWOTF-lqidQZFeOBN96k7Y9ESO2IXlhfU5u4OBsrvKr01QThbN5PGOS7RIfWUhsZAawY2MGB4AVgtyMwnEym-EuLZbTlLHjuiw-39dC6siZGGZQ4la0CmY4IfxtqmxuuBEupiWcj1bv7tMv3JC7okxzCUXtbzM_7rDWEv9Q_eogBLE
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:10 GMT
an-x-request-uuid
3da4d0fe-5242-46f1-8e5c-92120195185e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
31.204.150.149; 31.204.150.149; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGWMAXAE2spvyQx70jTqPoM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A0ED
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE0Mzc0NDkzMzMzMTY4NjEzMw%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE0Mzc0NDkzMzMzMTY4NjEzMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIbMZBDDy8cCGNL6zvABMAE&v=APEucNVNACWOTF-lqidQZFeOBN96k7Y9ESO2IXlhfU5u4OBsrvKr01QThbN5PGOS7RIfWUhsZAawY2MGB4AVgtyMwnEym-EuLZbTlLHjuiw-39dC6siZGGZQ4la0CmY4IfxtqmxuuBEupiWcj1bv7tMv3JC7okxzCUXtbzM_7rDWEv9Q_eogBLE
Protocol
H2
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:10 GMT
an-x-request-uuid
101de3c1-1800-4510-aff8-e8c29c7351af
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE0Mzc0NDkzMzMzMTY4NjEzMw%3D%3D
x-proxy-origin
31.204.150.149; 31.204.150.149; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 442C
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=716702213251&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 442C
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=716702213251&version=m202309260101&ct=76&x=1&cor=1240275866520707000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 442C
16 KB
12 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AC_MQRaoUJLxB_T7rnZzaruUERxfu2KiMIMvsH9zR-22RWgWddw72hrl8SEQ4kzwwJIY2TnJB2Tdw8jemmuDFi28k7KVCCfAFTvZbGQFU-TwuaLT4kScWNHQfzI-qLkN17dhZRVCNFEo4nH3lFa9THvSIpr6-_Hn0-qBcNXPo3wZSk4gQ&cry=1&dbm_d=AKAmf-AZ-4H_VayBEYWWfX-ytiJ4muLq08CJDuxBAx0ZMbONDu9-cweTv4J4oJ5Qs6aK5abbQamXDm8ksN2NbUNfEt7nHFpTLkkvRfOWDDPgmM5eNZkim_tOhFNtNU1PEpVk-F3x_2Vnj_XC3z67QH4xkP5CciwgqsFs_t-pAHMg57rbMNZMTCYsTSvmHTfYEjpsdCvwCK4bVbp-4RdNtLiZvMdRj8R7twEqkrk_zs9zNvOBlhZtrRP8lN75nmV9P5VmdRdDvzPXmAbs_7WFjQ1Wsm4TG5eAskbottPRwQUAvfNFB5XBiWGVf_Sjxo2LUEPRld_DqewZ_SODDOJ_EbFeYQrD6YXt2OnuopuuQ41f8UaKDHIpumq1pWj2rz7P21eg4qkHZdKN4-eDYzeRMG-acs_A18QVtsRSVFtxoo2xJhqVZz8nrt9ZoU0Rr_tIiOGi6afX9WvzSuPoIQsX7f51ogWVNoc0Rd6N-nk3TEzFocEoXQGCNdRPsM5fgSN3Kd4NiO2F7nQlZ59nceuJRnqe42HkJ106wjVPsLBVOSkKk4OumI29HPltxuRhFbSOFvRr41AMJ0fNJIn-6QOey6hSXbrC1TT-m2dgMDIB7b2kq7YVun_LPNLdc7LGQDBMbHVfUQWwtAy5vNUtrsHiq3feybB9nvQgU3A6aEPj2N9LnBBttFYg1_XGR5HsYnuSxxNbSPVjDY5cbxlaZFLPDpB2aCOXoYD7Hd7UJsKG9WUYFS4iBvrZiIEQMxdejQaEGnYJDhIOpp6Xg9X4S0YXCe1imydaFgXgRm3kmfLct5lCk8pZLWniDdTR_v80sqbrEhrFFGoI7DCAOn_0dVlFSH3rsF46RCpnENKghEQVO1gpevafOy5STP6AS1Za8d8eJ7x3MaVGDoHGb-CZbydmpbIwmLCOUeN5E2vs4GtckUXvFYih8VDTFmc5qsUYF-x4awMt4-JoniqoGBw_zd28OSifWHVsWkZXB4l_vR5PpWuD4ozCQClXcAPJOrx9we_rumB58NytmcEbe3UEV5viD4YCh_H48--xQnw493x_Mf_btbOMzMp9dN962pbmIUHk0GMpUmrM0KuGqCaYsxmc6qj6W4FtJlsHXfpFGToceugyozc8V_QWJ7maQPiGmyoyZQoXSF4OtE00LY11wJOJK4ksu2f6qK-i_PYIXMmmYF4MvWK6xp-jhzlRqFEdjuCwABieM_jE2RgWtOk0aj_C2GLhC06tbHgRyJystDOCI4cVVm-cB5OD2l5nkJPwUjdm8ZQIMMIrKypUEawgLCYLr758Bd4fpab-LakQixs-OyAvUlZcZSLqArXDYsHthleibeIp8koedWujTionBcVoNSA9vSB62OFQernlgqsmddxV_y93JnRss9AcjVFvbt7BNUmaDaJMVOBUhhkYq_tOZvbCutXFP4wpOMewOuDzFd2jJ2vE0i3Eq3iKhdbd7WsFHOwrvvtrFvPOZbTOs_TTrexH4M0GULWo_qZNSfN0NL8Z89F73T0R8ytvJQGtA6k-oG9QN8z-jGCcHIFCWReyKAkWLlM8GvLj3bIr-LSkzyfhlcfeXZPpg4P7HhUzSb3daJDtBHlhbF7NbVj88ULBbY2pqY-XWtN8KUkCDsTrmuZrorJeMGTZpQG4oIE3mWtiGwuzQvHMUYD6lag1CUjNOEJTvweeBr4zYRoJs8JpOd-YHty8AZCQAvJ5lz-ef6zQNUEoBXHTHezmy0ZCGzEq7KPGjBRGx7HHOPC29Vs1VpogHmxXswd3oqFCrixYADkJDEjzkAAv2aw8pLdeosz_NUMYtaEY1y7XSRtdD9ZWGoclKmLb3woHG3ibeRPk5WmPbpj-L3GR4FOI54k4pWERg-HJ9J37R4tKpjWQsPPUc55cJFcggrmMjuRmn4O2Nbq0FcD0KPuigL6Gf3iEaSbIVRuPkTvlvQqx5C_NFd5FkU0FHunFuRukv7_ShPJCZ-Y_AghGWqbjkNAd-eorb4p2YGDvQ-mooprn-HnEomYK3ICveKRfbpx9dKkcPu0MumBp3DLEzQNOQ03xVrE5Iasq9q6ICKamIcs6Nq7q_QQsEbeGxMRUtCNXsJMPiZ0nAeHKKnebO2FqZHZIqDMhZXESCu0U6gLTDJ81ZUfgJq1LpVL-VQ4XCaOhkawGiyE450fnAlH9dMEMvbwDEDHTGTQDX9jjgpdUP16tS6_7-Jzc-MhkSd7bTMbFk015dRtbOol7pjWpCNBM3fFSaHmSzUP8IgQe1ycK2xB4su9F639ISeuuER7-LSLA8YkOkQX4Av5llFVPDnKvxeJ5jY595tBOxtaCHI9N-zEXjSQOJ61p34ZtPUidH1eJPvpFVrodikTisv2vfucchHYY4UzsCYB6MXwNzJ9ATuJTiNTkM2BLkTljmYfD3ih4QCuVeryR8NDynrYDH09AuPbWi4uxHHKq8GgXLLwHLiHHrkNMnk3bnNdmWOsVKhKCkGgZhcakDw4sup-UL8hZDuntxv5IpjqJIoX3D3Iq9p9zceVSiN6kz3TXGFLSbZpudG0daW5Z2-LjVW1JDxn4qrIPtXuuL1tF0hXndQqpDhXaG98r3jnI7qGbG5ptlBFjPW-ABgQAzDCPw1gf-cAUOGO7iHEmQqZSnSM6D5HWBNjsziRSQqEmM45-TJ6PDjJMc019jBS7atpCWXCcHbcLJ_KJ8Fzm9WZPVkKDUP9mX3NNU-qV1FPasA48Hmrg12RBd28wWPvdxu_fN4c8SGvEjfRRl586Zh4BqN6nISQvTGywn0-8qVHT7GvW-0sI1k9jaYO_kNEG3YE_G6Pmn4mk9rZnc83qZI9ap0xnL10jyXvu1HWj4w3ooQI85BLY50ocT8KJhxlXxab9IHmiFzip6YwyVk1jniM8UJwjy3WKP9Ur_gP8WXqJWM4Ev1Ro6tQT_LyMJlU1ZTOs_roahK789qjslncw9fiYEEjnq9mHbmT8Mw&cid=CAQSTADICaaNFFvLrrOnVzmzYUov8-SDM0h3t2LAAGEmSDu0eJIBQBEmVJkNWhP6qaPq8RFxuHW-8peh0EJAOS7Flbfk3AVDwOEHg8t0k6AYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsamfw.com%2F&ds=l&xdt=1&iif=1&cor=1240275866520707000&adk=2124396030&idt=183&cac=0&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46de6295c8d581c270e6f8f9e4949cb155096698177e4b0b02da2b4f0f371b3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=8063287263&adk=2260652161&adf=1436199206&pi=t.ma~as.8063287263&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489165&bpp=1&bdt=622&idt=248&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y55ghy3Tf5&p=https%3A//samfw.com&dtd=253
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12257
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 442C
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AC_MQRaoUJLxB_T7rnZzaruUERxfu2KiMIMvsH9zR-22RWgWddw72hrl8SEQ4kzwwJIY2TnJB2Tdw8jemmuDFi28k7KVCCfAFTvZbGQFU-TwuaLT4kScWNHQfzI-qLkN17dhZRVCNFEo4nH3lFa9THvSIpr6-_Hn0-qBcNXPo3wZSk4gQ&cry=1&dbm_d=AKAmf-AZ-4H_VayBEYWWfX-ytiJ4muLq08CJDuxBAx0ZMbONDu9-cweTv4J4oJ5Qs6aK5abbQamXDm8ksN2NbUNfEt7nHFpTLkkvRfOWDDPgmM5eNZkim_tOhFNtNU1PEpVk-F3x_2Vnj_XC3z67QH4xkP5CciwgqsFs_t-pAHMg57rbMNZMTCYsTSvmHTfYEjpsdCvwCK4bVbp-4RdNtLiZvMdRj8R7twEqkrk_zs9zNvOBlhZtrRP8lN75nmV9P5VmdRdDvzPXmAbs_7WFjQ1Wsm4TG5eAskbottPRwQUAvfNFB5XBiWGVf_Sjxo2LUEPRld_DqewZ_SODDOJ_EbFeYQrD6YXt2OnuopuuQ41f8UaKDHIpumq1pWj2rz7P21eg4qkHZdKN4-eDYzeRMG-acs_A18QVtsRSVFtxoo2xJhqVZz8nrt9ZoU0Rr_tIiOGi6afX9WvzSuPoIQsX7f51ogWVNoc0Rd6N-nk3TEzFocEoXQGCNdRPsM5fgSN3Kd4NiO2F7nQlZ59nceuJRnqe42HkJ106wjVPsLBVOSkKk4OumI29HPltxuRhFbSOFvRr41AMJ0fNJIn-6QOey6hSXbrC1TT-m2dgMDIB7b2kq7YVun_LPNLdc7LGQDBMbHVfUQWwtAy5vNUtrsHiq3feybB9nvQgU3A6aEPj2N9LnBBttFYg1_XGR5HsYnuSxxNbSPVjDY5cbxlaZFLPDpB2aCOXoYD7Hd7UJsKG9WUYFS4iBvrZiIEQMxdejQaEGnYJDhIOpp6Xg9X4S0YXCe1imydaFgXgRm3kmfLct5lCk8pZLWniDdTR_v80sqbrEhrFFGoI7DCAOn_0dVlFSH3rsF46RCpnENKghEQVO1gpevafOy5STP6AS1Za8d8eJ7x3MaVGDoHGb-CZbydmpbIwmLCOUeN5E2vs4GtckUXvFYih8VDTFmc5qsUYF-x4awMt4-JoniqoGBw_zd28OSifWHVsWkZXB4l_vR5PpWuD4ozCQClXcAPJOrx9we_rumB58NytmcEbe3UEV5viD4YCh_H48--xQnw493x_Mf_btbOMzMp9dN962pbmIUHk0GMpUmrM0KuGqCaYsxmc6qj6W4FtJlsHXfpFGToceugyozc8V_QWJ7maQPiGmyoyZQoXSF4OtE00LY11wJOJK4ksu2f6qK-i_PYIXMmmYF4MvWK6xp-jhzlRqFEdjuCwABieM_jE2RgWtOk0aj_C2GLhC06tbHgRyJystDOCI4cVVm-cB5OD2l5nkJPwUjdm8ZQIMMIrKypUEawgLCYLr758Bd4fpab-LakQixs-OyAvUlZcZSLqArXDYsHthleibeIp8koedWujTionBcVoNSA9vSB62OFQernlgqsmddxV_y93JnRss9AcjVFvbt7BNUmaDaJMVOBUhhkYq_tOZvbCutXFP4wpOMewOuDzFd2jJ2vE0i3Eq3iKhdbd7WsFHOwrvvtrFvPOZbTOs_TTrexH4M0GULWo_qZNSfN0NL8Z89F73T0R8ytvJQGtA6k-oG9QN8z-jGCcHIFCWReyKAkWLlM8GvLj3bIr-LSkzyfhlcfeXZPpg4P7HhUzSb3daJDtBHlhbF7NbVj88ULBbY2pqY-XWtN8KUkCDsTrmuZrorJeMGTZpQG4oIE3mWtiGwuzQvHMUYD6lag1CUjNOEJTvweeBr4zYRoJs8JpOd-YHty8AZCQAvJ5lz-ef6zQNUEoBXHTHezmy0ZCGzEq7KPGjBRGx7HHOPC29Vs1VpogHmxXswd3oqFCrixYADkJDEjzkAAv2aw8pLdeosz_NUMYtaEY1y7XSRtdD9ZWGoclKmLb3woHG3ibeRPk5WmPbpj-L3GR4FOI54k4pWERg-HJ9J37R4tKpjWQsPPUc55cJFcggrmMjuRmn4O2Nbq0FcD0KPuigL6Gf3iEaSbIVRuPkTvlvQqx5C_NFd5FkU0FHunFuRukv7_ShPJCZ-Y_AghGWqbjkNAd-eorb4p2YGDvQ-mooprn-HnEomYK3ICveKRfbpx9dKkcPu0MumBp3DLEzQNOQ03xVrE5Iasq9q6ICKamIcs6Nq7q_QQsEbeGxMRUtCNXsJMPiZ0nAeHKKnebO2FqZHZIqDMhZXESCu0U6gLTDJ81ZUfgJq1LpVL-VQ4XCaOhkawGiyE450fnAlH9dMEMvbwDEDHTGTQDX9jjgpdUP16tS6_7-Jzc-MhkSd7bTMbFk015dRtbOol7pjWpCNBM3fFSaHmSzUP8IgQe1ycK2xB4su9F639ISeuuER7-LSLA8YkOkQX4Av5llFVPDnKvxeJ5jY595tBOxtaCHI9N-zEXjSQOJ61p34ZtPUidH1eJPvpFVrodikTisv2vfucchHYY4UzsCYB6MXwNzJ9ATuJTiNTkM2BLkTljmYfD3ih4QCuVeryR8NDynrYDH09AuPbWi4uxHHKq8GgXLLwHLiHHrkNMnk3bnNdmWOsVKhKCkGgZhcakDw4sup-UL8hZDuntxv5IpjqJIoX3D3Iq9p9zceVSiN6kz3TXGFLSbZpudG0daW5Z2-LjVW1JDxn4qrIPtXuuL1tF0hXndQqpDhXaG98r3jnI7qGbG5ptlBFjPW-ABgQAzDCPw1gf-cAUOGO7iHEmQqZSnSM6D5HWBNjsziRSQqEmM45-TJ6PDjJMc019jBS7atpCWXCcHbcLJ_KJ8Fzm9WZPVkKDUP9mX3NNU-qV1FPasA48Hmrg12RBd28wWPvdxu_fN4c8SGvEjfRRl586Zh4BqN6nISQvTGywn0-8qVHT7GvW-0sI1k9jaYO_kNEG3YE_G6Pmn4mk9rZnc83qZI9ap0xnL10jyXvu1HWj4w3ooQI85BLY50ocT8KJhxlXxab9IHmiFzip6YwyVk1jniM8UJwjy3WKP9Ur_gP8WXqJWM4Ev1Ro6tQT_LyMJlU1ZTOs_roahK789qjslncw9fiYEEjnq9mHbmT8Mw&cid=CAQSTADICaaNFFvLrrOnVzmzYUov8-SDM0h3t2LAAGEmSDu0eJIBQBEmVJkNWhP6qaPq8RFxuHW-8peh0EJAOS7Flbfk3AVDwOEHg8t0k6AYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsamfw.com%2F&ds=l&xdt=1&iif=1&cor=1240275866520707000&adk=2124396030&idt=183&cac=0&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 23:39:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
145739
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Oct 2024 23:39:12 GMT
dvbs_src_internal122.js
cdn.doubleverify.com/ Frame 442C
60 KB
20 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src_internal122.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=28319778&cmp=29231473&plc=371712462&sid=4005949&aufilter1=1648134&prr=1&ppid=103&autt=1&auevent=ABAjH0i2sQc9xsw-sJtum1QyAh-0&c1=1648134&auorder=1011093857&aucmp=19911384368&aucrtv=504610130&auxch=1&pltfrm=1&ausite=852928188913&turl=https://samfw.com/&aubndl=&dvregion=0&unit=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b59e0c0d1cf93db01c65f1357aedb1b27cf41998f06af03d1039bb18e83b5f86

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Fri, 06 Oct 2023 16:08:11 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2023 09:51:46 GMT
Server
UploadServer
ETag
"676309fe6e3823d28d9b38e6462bb025"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19669
Expires
Sat, 05 Oct 2024 16:08:11 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame BFE7
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
46872
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 03:06:59 GMT
expires
Sat, 05 Oct 2024 03:06:59 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
verify.js
rtb0.doubleverify.com/ Frame 442C
677 B
712 B
Script
General
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_228538447471&jsTagObjCallback=__tagObject_callback_228538447471&num=6&ctx=28319778&cmp=29231473&plc=371712462&sid=4005949&advid=&adsrv=&unit=728x90&isdvvid=&uid=228538447471&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.50&dvpx_strhd=0.50&brid=3&brver=117&bridua=3&dup=null&ppid=103&auevent=ABAjH0i2sQc9xsw-sJtum1QyAh-0&aucmp=19911384368&aucrtv=504610130&auorder=1011093857&ausite=852928188913&auxch=1&pltfrm=1&aufilter1=1648134&autt=1&c1=1648134&turl=https://samfw.com/&chro=1&hist=2&winh=90&winw=970&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&prr=1&m1=13&noc=4&fcifrms=9&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=169&eparams=DC4FC%3Dl9EEADTbpTauTauD2%3E7H%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauD2%3E7H%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&dvp_exetime=12.60&aubndl=&callbackName=__verify_callback_228538447471
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
50a8f5a17ca137208dbd5ed2fb1a4b6f3794056e3301c84afff5e3180dc60a49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Oct 2023 16:08:11 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
10/05/2023 16:08:11
bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
pagead2.googlesyndication.com/bg/ Frame BFE7
38 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 10:33:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
106497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 10:33:14 GMT
DV_GlobalPassback_Update_728x90.jpg
cdn.pathtosuccess.global/ Frame 442C
104 KB
104 KB
Image
General
Full URL
https://cdn.pathtosuccess.global/DV_GlobalPassback_Update_728x90.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=8063287263&adk=2260652161&adf=1436199206&pi=t.ma~as.8063287263&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489165&bpp=1&bdt=622&idt=248&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y55ghy3Tf5&p=https%3A//samfw.com&dtd=253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:f600:19:8ca6:3640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af508645414a72d60c0221f01b376785d69cb7aab694cfe0a1f55877a11aea4a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 05:08:18 GMT
via
1.1 559b66bb8d6baca9fa30f875c62de1e6.cloudfront.net (CloudFront)
last-modified
Wed, 17 May 2023 17:51:42 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
age
39628
x-amz-server-side-encryption
AES256
etag
"502456f4087ff8bfd86fdda2ce32da93"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
106154
x-amz-cf-id
bMWx25mHN1TK3Y7kS4SaMcZ-aKDKzaMk8fPs1i_JklushucG7kj_2g==
dv-measurements4803.js
cdn.doubleverify.com/ Frame BF52
420 KB
99 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements4803.js
Requested by
Host: samfw.com
URL: https://samfw.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
bb09f6f5afc84a2d5c07b93504bd195710d337e66f0080f3d371ca6d4d13b06e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Fri, 06 Oct 2023 16:08:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Oct 2023 08:04:58 GMT
Server
UploadServer
ETag
"6e216fbcbcd9255ae84b27ab277cefe7"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
101040
Expires
Sat, 05 Oct 2024 16:08:11 GMT
truncated
/ Frame 442C
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a2c60ed9990e85e8aabd1d18938d860521a7d73a5a344b01a84dac07b49cd5b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame BFE7
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=ByTqd6jAgZbTlN9mejuwPiaKnkAwAAAAAOAHgBAI&bg=!bm2lbSLNAAYMG8UMLBs7ADQBe5WfOL2ZrCBcf3JAzy62_QAr7_B6usQdHIwnUhL_E_IOrf8gJeVGwLjKojnycGj-myz4AgAAAEpSAAAACGgBB5kDCg0mvTzfLpteIcaaXyuijtq8j0kfe4xdpFnVTAz8tIzCyy6h7_FA1BiAx5FyIYa-GbeJ4x321ovU_zqEVmqRqB8V1Yxeo3LSWXtTBFZe5AtRtk66BQzy7cvdb1o9luiTy-SvJhkFXWG_7hw6jT23ieAHPa2KZNIQmJTU88Qto-aNvukDPjexupYAmXMVEwNmFrdFLSi391vr6Fv72Sbv5MDVc66NS1FH6p4hA6GC5yOUvE_0Ue0Cxd-py_MrnhoJlAUvugWWVheTGz5-N0M2p_oY1D9wq9C8lyfeIMqlsSAjcf52RbExanXkrvFZoAyPsy1yGHgvE7ThMpckbtrM2I3DGulmxCx7PJPNaE86Ji0iCYsZfRU_GKN04GgClA1RqBOo2nLpLD0o0XsLn4FypGOtDXVxXZ8yXyPKfY_lV2-mT8ZfbGCnJIRQsPLt4prn5t5NAaAKyJPQ8ir1oMYw2UriWEK4bxHz-D9BwdKDTccBI-AEdd5DvW1qxF9xmKxlDqrIKKGG4vhUm0aHvWQrgtVp81PCql0XLXglzDatwVphs9us2jUyRGcPJ_mpEws4Q6ifxEbSfcPUhsk9HpegoJOQN1L6wdwtyN9kW9NEpIbPK3vxCbD2XTrfutQ0KbB5QrqkPvJup3D-Xc5dQ25eBhWQ0CWt9ZFLEXVLI4yAjDy7YHbKmmvyKzmQGOozB6Z-4EFMhJenLtblpVJa-wZMFND34AprR-rqW_vhWOZ7TU0eBVU-TD6lXk9nDapVC0padcaCwFsCpdFVXYY1ZyvKItZD5MYR6YuZ8ZjqzQ5pS5XNYVqmOLRHtdei1dlQCqn5ZIf6aQ2Ilc5fUX0JYkBvcZldQRHjvTP02JUJ80DdfYJaNasbxEV9V9AvTtjCu8kb7oBqesbr1TEAj-hWlg5yKLNr2nSVhh5XcBZGrQckddFtbwrsmZXcLytuFO6ifPt530_AYq7-ufpEggIRlt7Z1goWtKmfq3ZjkRUz5ZI2-LPHmoB4TKCZOE69FxjhfZuJNIaT-bjSM57J6HE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=90&slotname=8063287263&adk=2260652161&adf=1436199206&pi=t.ma~as.8063287263&w=970&lmt=1696601289&rafmt=12&format=970x90&url=https%3A%2F%2Fsamfw.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696608489165&bpp=1&bdt=622&idt=248&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1697707701026&frm=20&pv=1&ga_vid=1446662622.1696608489&ga_sid=1696608489&ga_hid=1831616635&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=392&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31076838%2C31078481%2C44804782%2C31078488%2C31078601&oid=2&pvsid=698922347395843&tmod=693181346&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y55ghy3Tf5&p=https%3A//samfw.com&dtd=253
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit.js
tps.doubleverify.com/ Frame BF52
694 B
731 B
Script
General
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=99&ttfrms=36&brid=3&brver=117.0.5938.149&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauD2%3E7H%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauD2%3E7H%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&uid=1696608491381658&jsCallback=dvCallback_1696608491381992&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.149%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4803&tgjsver=4803&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1839315362497448%26output%3Dhtml%26h%3D90%26slotname%3D8063287263%26adk%3D2260652161%26adf%3D1436199206%26pi%3Dt.ma~as.8063287263%26w%3D970%26lmt%3D1696601289%26rafmt%3D12%26format%3D970x90%26url%3Dhttps%253A%252F%252Fsamfw.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1696608489165%26bpp%3D1%26bdt%3D622%26idt%3D248%26shv%3Dr20231004%26mjsv%3Dm202310020101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D1697707701026%26frm%3D20%26pv%3D1%26ga_vid%3D1446662622.1696608489%26ga_sid%3D1696608489%26ga_hid%3D1831616635%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D392%26ady%3D294%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759837%252C44759926%252C31076838%252C31078481%252C44804782%252C31078488%252C31078601%26oid%3D2%26pvsid%3D698922347395843%26tmod%3D693181346%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D256%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DY55ghy3Tf5%26p%3Dhttps%253A%2F%2Fsamfw.com%26dtd%3D253&fcifrms=9&brh=2&dvp_epl=226&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://samfw.com/&c1=1648134&prr=1&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0i2sQc9xsw-sJtum1QyAh-0&aucmp=19911384368&aucrtv=504610130&auorder=1011093857&ausite=852928188913&auxch=1&pltfrm=1&aufilter1=1648134&autt=1&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=821932501.0739923&dvp_tukv=374718793.4801976&dvp_strhd=0.39999961853027344&dvpx_strhd=0.39999961853027344&dvp_tuid=1239048858477&jurtd=3064124275
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4803.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
9067ce44c30e6633988f094075db1d535f6259ee7bad5c1f8ef834cdc263a688

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Oct 2023 16:08:11 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
10/05/2023 16:08:11
activeview
pagead2.googlesyndication.com/pcs/ Frame 7044
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIGsx8q55BmivrMMEQi5LjIa6Ll28i4jBnmteQaoHhchEx1Q8yHzFyXEo0wYuIVIPLhylVo0ZYRKSyBiw_FLOCwAnhPc8HvPPCxQj5chkQK_Fjsrf6sG3jXeTM9esBUqZdObYsQHF9H2Tseunj67dwQvCwBHGtxjw75LwiRDB2&sai=AMfl-YR6Eb2dGRdk9ioGnHNXVEM33312xr1J-UZF-Fsjsfev1Ftahw0yv38VnRz6JvuchUyjyPPjxabPiL9I-_9CKrhrIz0iYCTMU8-LqmYnU6xC2y8FOFv-fQM__GfT6DJwD4Ifr5gffLyzWou_Qg&sig=Cg0ArKJSzIfC_Gbactc0EAE&cid=CAQSTADICaaNwWKYXslf-qB04LKg32znLu5el4Dl_8Ll1cIxABOc97slSxCdSG9j-rcLQYvJSdvSA2T5TcX7aNMUSW4-RhYNfu7G4tyUZOoYAQ&id=lidar2&mcvt=1107&p=0,0,90,970&mtos=0,1107,1107,1107,1107&tos=0,1107,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=0.79&if=1&vu=1&app=0&itpl=22&adk=2985700671&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696608489426&rpt=951&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1839315362497448&plah=samfw.com&bust=31078488
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b32d1ac9565c039d82cac3133a6a1889ada978fcb542e174534c1295ec3cd79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11999
x-xss-protection
0
rum
samfw.com/cdn-cgi/
0
137 B
XHR
General
Full URL
https://samfw.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://samfw.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type
application/json

Response headers

date
Fri, 06 Oct 2023 16:08:11 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://samfw.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
811f29606f9ab92a-AMS
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Oct 2023 16:08:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2B99
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://samfw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
117066
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 07:37:05 GMT
expires
Fri, 04 Oct 2024 07:37:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A16A
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cb63ec3d7ec12ea2979049117de3ec41d4291a03720c8bf6bc78d5cbe2fc526b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hh4oQef9TSZYjm2VIioBcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://samfw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-hh4oQef9TSZYjm2VIioBcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 16:08:11 GMT
expires
Fri, 06 Oct 2023 16:08:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame 2B99
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:29:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
9496
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 05 Oct 2024 13:29:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A16A
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=698922347395843&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 2B99
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?Ocqs4w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 16:08:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=698922347395843&bg=!PD-lP3DNAAbjlzx0w5c7ADQBe5WfOAAjjmPAzw-Upe2SJsnrTmPRsI-rirHMhol5JOYQnzfTif8Pkc-VEG-fA8z7-zLZAgAAAFNSAAAACGgBBwoACVDI0JYL_BwT1JkCulKcmleLrFozcbVJsQNz6FCrWsExnTDPQYfRkoQ4D4gZPuj5dd_jQ0d_QgBWgEY38gT0bUSjup33MoRBqjkDcuraOr2e5OEL3T2nbpkvCg6xmPs570fqD00_ha_oIHhU-DnPot5gpQSkQwwV0tXjEKLsTT0IeNQrnzPrjKuoFnZXOnKKFC0db6EDEYIlgZiEQ0Wog9ic5hBqX2FC40nd152yDgLG8JS0bO7bfe954-NTe4csczo0FpSD1JXok-2W8BRLKzgtYDEfaglQEObvksnXrTTnox_PmpOWyWdlDqWJVmgFKFwCh8UHy2Sk3QTbmVfYSCy_d-9F-3Vg7T9IXYEnURm-g8lbp19Qz_Dr1-MlHXYQA_SwK2ZUxduOb2k8f7M_fnq42QL11uODUDXkpHZUbe8TYFVqe8N8mJ2o2cLV88i0-uutOrp0XBbLGfU6jkdtqJp7c7M6cG5yPKrjZl8bQH2r8g-PnXTXVA5Bnpv6zETXrqJ7_pSD0LRYhm_6mOtgcDZgcbLY-fpH24IcFZCP3h7gowQKwOFcjevpKzqmCB4TVv-QQ1-5n63R8S80xwoHo2p8k0ZkZV3knvZPde6T427tejYVBPOd285KM94UeEQDoDf70Nvdr9iZNmFMojltcQpdnpaMz1FFB1N3FfyIqUHMyHkWLDk_XWKMmJqCoddSXQjWsNrGu9Ml56FdDdK1jip9uHIBvW0oUX60bTqiDbl5G8w_AnYbJkbZU-p-36wwJka_6gR9AV7iKhQOKyP5fklyoslAEFa1MSUt-0D-AnkZ3FtSdh8UrQfkfGenpLUgrL61bHkuRJK4jtRlWHl-ToDjog1IoBVkBzahpsgLSD7ftaYmw7rp1vXwWVdp_Ah5P5vskeuDxwu1ozd59c_5k0oZYg3_HZA3jlNOO23SVSgFEfM97FvP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://samfw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame 442C
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutolugilAKxDSLlFnGxKxaYwNsgEWZM414E1mqWIlTDCgRveaBupnFTBAdzBez1KI-E6QVKcE-V6qUXwUniLEDH6OZTDSFWHpgisURCX2manAY43nWS12jDQdu184nWYU&sai=AMfl-YS7q2rbTSS1TgReqoMTYU6kH0jnwxAEsVdM_4TzJdvMuBd9n1gSh08HrO_Dy6JFjrxDUjtvUZ1wPGaEn9L5gcnNxMDAxZQSHf6ND_Epv4be2o1aQYB1KQGH8zZ2kUb_53tsn2YhluItHOCxrQ&sig=Cg0ArKJSzLadcY9njFDgEAE&cid=CAQSTADICaaNFFvLrrOnVzmzYUov8-SDM0h3t2LAAGEmSDu0eJIBQBEmVJkNWhP6qaPq8RFxuHW-8peh0EJAOS7Flbfk3AVDwOEHg8t0k6AYAQ&id=lidar2&mcvt=1000&p=0,0,94,728&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=2260652161&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696608490669&rpt=850&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 442C
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=716702213251&version=m202309260101&ct=76&x=1&cor=1240275866520707000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
d
ic.tynt.com/r/ Frame 3243
0
0
Document
General
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D%26gpp%3D%5Breplace_me%5D%26gpp_sid%3D%5Breplace_me%5D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://samfw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Fri, 06 Oct 2023 16:08:13 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
sync.html
s.console.adtarget.com.tr/ Frame C723
74 B
346 B
Document
General
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=748067
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.69.26 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
d366284e51f60d64ace77e09c9ed8850d502fad18de3943638dfb64f06fe1f56

Request headers

Referer
https://samfw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://samfw.com
Connection
Keep-Alive
Content-Length
74
Content-Type
text/html; charset=UTF-8
Date
Fri, 06 Oct 2023 16:08:13 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync
eb2.3lift.com/ Frame BD03
37 B
140 B
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://samfw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 06 Oct 2023 16:08:13 GMT
pd
u.openx.net/w/1.0/ Frame C2E1
0
91 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://samfw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Fri, 06 Oct 2023 16:08:13 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
ads.us.e-planning.net/uspd/1/ Frame 2D5E
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
13 B
91 B
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3171
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Referer
https://samfw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-length
13
content-type
text/html
date
Fri, 06 Oct 2023 16:08:13 GMT
server
openresty
x-sid
AMS-919

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Fri, 06 Oct 2023 16:08:13 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-919
event.png
tpsc-ew1.doubleverify.com/ Frame BF52
0
308 B
Ping
General
Full URL
https://tpsc-ew1.doubleverify.com/event.png?impid=d57ce40b7a45438e9257417c68f95670&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_asmm=1&vdur=156&eoid=16&te_exec=0&msrjs=4803&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=0&tetms=7&msltms=80&vltms=156&sei=289&vetms=4&tuviims=135&tuviems=295&engms=1&engisel=1&dvp_dtcov=4&sim=3&msrcanlm=392&msrcannum=3&ee_dp_tmads=2297&ismms=56&isumms=55&nvr=6&isgmmims=56&isgmv4mims=56&elmtp=6&isbxdms=2256&b0=100&b11=2208&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&lftb=2308&sftb=2308&msrdp=1&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1056&isuiabvms=1056&isgmpims=162&isgmv4dpims=1056&ispmxpms=1056&engalms=54&engscrlms=162&dvp_pageEng=true&dvp_dpr=1&vstsz=737&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3195&cbust=1696608494551353
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4803.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Pragma
no-cache
Date
Fri, 06 Oct 2023 16:08:14 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-10-05T16:08:14
collect
region1.google-analytics.com/g/
0
45 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JF7Y9R03YP&gtm=45je3a40&_p=1831616635&cid=1446662622.1696608489&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&sid=1696608489&sct=1&seg=0&dl=https%3A%2F%2Fsamfw.com%2F&dt=Samsung%20Firmware%20Download%20-%20Lastest%20official%20firmware%20update&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JF7Y9R03YP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://samfw.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 16:08:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://samfw.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

254 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 function| gtag object| dataLayer object| adsbygoogle function| inView object| googletag function| check_and_replace_adsense function| aside_size function| aside_scroll function| $ function| jQuery function| Popper object| bootstrap object| toastr string| baseurl function| setCookie function| getCookie object| ssid undefined| responseCOM undefined| port object| connect1 object| connect2 function| connectSerial function| listenToPort function| getBw function| dismissAlert function| recheckAdblock function| hideHowTo function| showHowTo object| FB function| findCMP function| _defineProperty object| stpdChunk object| stpd object| _pbjsGlobals function| stpdPassback object| stpdSource object| ADAGIO string| clientContinent object| __stpdTags object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| __cfBeacon object| __buffer object| heatmap object| $btnShare function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| apstag object| aax function| stpdLog object| Criteo object| UWZnVo function| UWZnVy object| xop object| 17fp748nk5xc object| 16mdh4cax34 object| _aps boolean| apstagLOADED object| apscustom object| sas object| apntag object| _ADAGIO object| wiZUkt2 function| wiZUkt3 function| xblocker boolean| creativeVendorLibraryLoaded object| cnvr_launcher_options object| lotame_sync_16576 function| ha object| NCb0iv function| NCb0iM object| xblacklist object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MjI2NDBiODg1M2U2NDhmOGxvYWRlcl9qcw== string| MjI2NDBiODg1M2U2NDhmOGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| ID5 object| __id5_instances object| hadron boolean| __halo_loaded__ object| conversant function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| PublisherCommonId object| publink_options object| au object| coreid object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_132 object| Criteo_prebid_132 object| GoogleGcLKhOms

22 Cookies

Domain/Path Name / Value
samfw.com/ Name: XSRF-TOKEN
Value: eyJpdiI6InpQd1ljMmo1dEpUbnpoeHMycFN1TUE9PSIsInZhbHVlIjoiZHNhS2NKellBZ1U5cjhhc2dDL1ZLVE5TRXlqVjdQckxiQ05sb2EwT1F2OHNPWVhING11MURHZU94M1pFSXl2cExaVTRPK2FSTVpqS3l2Yy9GTlhPckthekFMSW91MzBSOU1takxaRUEvVGo3YXFucFh1L0RGRk84Z2pFRlpIU3AiLCJtYWMiOiIyNDY2NmU4ZGI4OGJiOTYwNWQzNTQzZWZlZWExNWRlMWYwYzlmYTk1NThmYjYxYWM5OGZlMjFmZDU4NGQxMjEwIn0%3D
samfw.com/ Name: samfw_session
Value: eyJpdiI6Imt2QW9TR3pqZEVPMmZZMDd1RHROcUE9PSIsInZhbHVlIjoiLzZlZVFEZElBZExDdnVEY1Bob3VNQzBqSVBhb3g5QkpNbHdjc0o2YlBVYld3eDkyN3F3TVpNb3dFNHYwQ1RkU0Faa0RNY0luU3oxclZEYU5KejNXalRhMlJDdGFCN3lMMjd1enc3VmZ5R2VJVk4vVzY4dnRXSDRTVDZ5ZnAvUjMiLCJtYWMiOiJlZDdkMjFhODBkNzU5NWJjZTE3YzJmMzZjNTI2NGZhYmNkNmQ5NGNjZTVmZjRkZmVmNDkzY2ZkMDUzOTFmMjRmIn0%3D
samfw.com/ Name: _ssid
Value: 1696608489026i2qgbc
samfw.com/ Name: stpdOrigin
Value: {"origin":"direct"}
.samfw.com/ Name: _ga
Value: GA1.2.1446662622.1696608489
.samfw.com/ Name: _gid
Value: GA1.2.1406037787.1696608489
.samfw.com/ Name: _gat_gtag_UA_163898725_1
Value: 1
samfw.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.script.ac/ Name: __cf_bm
Value: l2XUHSHlRTRIYiECz2NDyiY1qep.vgfSpewB1ltOKfQ-1696608489-0-AZyT2q3MBVh90hGn2Zo6a2Jz9iRs6yyYeridwZUh8w08updbu21uEuYw/dOQEG3IiZN5pnjzoTU6vo9WsO6Q84U=
.adnxs.com/ Name: icu
Value: ChgIuJJ8EAoYASABKAEw6eGAqQY4AUABSAEQ6eGAqQYYAA..
.adnxs.com/ Name: uuid2
Value: 7143744933331686133
.samfw.com/ Name: __gads
Value: ID=e5df7168ff18af93:T=1696608489:RT=1696608489:S=ALNI_MY3bAVpRwCYEgCdagBEs1RbLkK_Wg
.samfw.com/ Name: __gpi
Value: UID=00000c8fa67a0ffb:T=1696608489:RT=1696608489:S=ALNI_MZP8mIJpvEkzqFrOkAfeytGZ4ELTQ
.doubleclick.net/ Name: IDE
Value: AHWqTUnJgkp8CktVOMSYfZqJizjusgl44hf0pBnM3_lxRAelE1mRuiUC3CO7EiZn2nk
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: APC
Value: AfxxVi4Gs2gCmy6EMIBn2OzIrE-MHccBJm-5VfULfYhAdWuQMb8JdQ
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?bI<w8h!@wnfH8K6pQK`!5=E<*L5?%KFly.=yiJK5-X[FtUdZC:fYgIvOA8d[LP9_Uk%nugO%v4VB%nnLW*41'E
.casalemedia.com/ Name: CMPS
Value: 2214
.casalemedia.com/ Name: CMID
Value: ZSAw6qpY3tdcFrOD8Cf2SwAA
.casalemedia.com/ Name: CMPRO
Value: 1173
.samfw.com/ Name: _ga_JF7Y9R03YP
Value: GS1.1.1696608489.1.0.1696608491.0.0.0
ads.us.e-planning.net/ Name: CT
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aax.amazon-adsystem.com
ads.us.e-planning.net
adx.adform.net
bcp.crwdcntrl.net
bidder.criteo.com
c.amazon-adsystem.com
cadmus.script.ac
cdn.doubleverify.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.pathtosuccess.global
cdnjs.cloudflare.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connect.facebook.net
dsum-sec.casalemedia.com
eb2.3lift.com
eu8.heatmap.it
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
ghb.adtelligent.com
googleads.g.doubleclick.net
gum.criteo.com
i.imgur.com
ib.adnxs.com
ic.tynt.com
iccid.info
id.hadron.ad.gt
id5-sync.com
images.dmca.com
ipsw.pro
lb.eu-1-id5-sync.com
lgrom.com
lh3.googleusercontent.com
mifirm.net
mp.4dex.io
pagead2.googlesyndication.com
partner.googleadservices.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prebid.a-mo.net
proc.ad.cpe.dotomi.com
region1.google-analytics.com
rtb0.doubleverify.com
s.console.adtarget.com.tr
samfw.com
script.4dex.io
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
setupad-d.openx.net
static.cloudflareinsights.com
static.criteo.net
stpd.cloud
tagan.adlightning.com
tags.crwdcntrl.net
tlx.3lift.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
u.heatmap.it
u.openx.net
vanced.me
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.27.193
104.26.9.178
108.138.36.122
108.138.36.27
13.32.119.77
130.211.44.5
141.95.98.64
142.250.186.130
146.75.116.193
147.75.84.158
149.202.77.192
162.19.138.82
172.217.16.130
18.195.173.93
18.66.147.119
185.184.8.90
185.83.69.26
193.3.178.3
2001:4860:4802:34::36
23.215.22.18
2400:52e0:1e00::1082:1
2600:9000:26db:f600:19:8ca6:3640:93a1
2606:4700:10::6816:3556
2606:4700:10::6816:35ad
2606:4700:10::6816:445
2606:4700:20::681a:9a9
2606:4700:3030::6815:1746
2606:4700:3032::6815:4f6e
2606:4700::6810:3965
2606:4700::6810:5514
2606:4700::6811:190e
2606:4700::6812:1791
2606:4700::6812:1e31
2606:4700::6812:372
2a00:1450:4001:800::2004
2a00:1450:4001:806::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2008
2a00:1450:4001:81c::200e
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:d::d
2a02:26f0:3500:d::1732:83c8
2a02:fa8:8806:13::1460
2a03:2880:f084:d:face:b00c:0:3
2a06:98c1:3120::3
2a06:98c1:3121::3
2a06:98c1:3121::9
2a0c:5c87:5241::2
35.244.159.8
37.157.4.29
37.252.171.53
46.105.202.39
54.217.80.122
67.202.105.34
76.223.111.18
99.84.87.107
008702ed20b35006a694d4dc03dbb3f38c759a7db77b016857bd3641e7b54ce7
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f
15956e953fd36bd7f4d2f1f77dfad5a3741db9e52b094f80c6cef4f78eb6a779
18478ed8e022b1dafea066b54657927860919a8ab2db2b37ae9527894482117a
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e
25304f55e96bc18514a5a0de5068ff792983017e85e2ce5ca7052bef0bcf166b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
267c52339b51b10f1694420961e8d3d1bd17f75dd055add53629c26f28e1393d
27fe14c1052c779159f67004401580b64274333cfcac43fd426e9049f291eb90
2a2c60ed9990e85e8aabd1d18938d860521a7d73a5a344b01a84dac07b49cd5b
2b1bc3fe012482d0a0f64729439fb31513ffaf475b1b23e7b21367ec606ab975
2cad1c8be3f8f84a05361f5b560fbd93895541c6da9de09b995ee742f0b4c6ea
30aaa456d901fb23b747950622c7515c11dbc25e367fac0e22e499a1ddc082f6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3a4b03a6c128b46647ca81421d1b1db2577751a66b09c13677c8d753cac18c7a
3b6a0bc64b57795c068b088a566c677bf0b51effbcfb2ff6746ce3068962c384
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46de6295c8d581c270e6f8f9e4949cb155096698177e4b0b02da2b4f0f371b3b
4a66b4ae9ce616cf8a5742535c7b3cdc8ca82635698c84e87b5914683c5f039d
4ae648a6d90f5eb8cc1e20fd05fb05567349ef4669264d09c46b8c2a09c10def
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f464536ca13da5d6281826053e32d33ea678265aea5218bdb213e53772434ee
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
50a8f5a17ca137208dbd5ed2fb1a4b6f3794056e3301c84afff5e3180dc60a49
5379e3d4fc3e0416a9b1253dd32124d108ff548e3674f290bf7777934288726e
54d9c8b49b40cb101d82169ab8b44d44005283a51983abeb268ec2ba389db52f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
560dfcac42ead6985d2e72778b5d4f548427fcf1e5aa439b8c4edda4ca09c5d9
5754f46c431343dc71aa2438bffdda84dcf16d405014aa0a55c9babdf61f3f4c
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d
59a7e778c0abafb60331cfb8234139db1efa4b9412267f4f8978e3b1fb02eb7e
5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c
5d366242d2716fb96f2159ca39d231f79c980cac7fb1becdca708946f156e977
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
64c95d7e92b530e007d8543ea8000465ac858cbaea7c802c14758097629cbab6
662f711374c816d7f44d93cecc0fd557871ab1363a446c07e59701f9dde9fe0a
6959b28c73758076e9854d8f17c43f8f06365fdbb8a699bdb2cd49e3094034f2
698bbc8e78a9779802bf27a1b15e980cdf98ddc765366da65f97e3b7e29340a5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
6f7397958344e6d070fd1cad99333a207905ca6096a646edc285d57de52d2f79
70e7118ff194e44f4c49e90499926e3b05d2a0c16bd113bf5741090f6608b8a2
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
726868fb1e3a84e3fcdfa52630aa9e70f6328750b335438a96fad8c5738b104d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
7a931199a7636f282b78d5e1f32c849405a8223edf81542df7fa3852c545b49b
7c2589f966c01479236dda131a4942c70ba281e3be202cc12d56680f86977a54
812fb3f4aa4310e286b7c80472cb5d53abedf3e22db53a76b99522f7bf372b72
814a5119c16b021a23e43ebd29173ac8564cbac368a4755090fa0642b51fdaa4
822e92296b8a874756bbf9de9dee0c5bb11978797cb862158e30f63f0b7db0ec
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8836a1925c6a72b1235c90baec2a02cee738e8d7f3858c58c9a88beb6892b4fe
89326fd9977c508a288273744eda8382a94861fd0acb9121e1369786ebb1a523
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
896325b4409fdcedf88b523eaa4dd3b3bcb3c1e3e9814cecd647053b376fa6fa
8b32d1ac9565c039d82cac3133a6a1889ada978fcb542e174534c1295ec3cd79
8b55fb4a75d471d1914c00f5c4cf157d3671edf76592e80883966507cf041b41
8fc88908ef80131a8d940089b1939c03687cc9df761156783f401693e04659ed
9067ce44c30e6633988f094075db1d535f6259ee7bad5c1f8ef834cdc263a688
91bb0dbfeabaada68e709bced9418d0d8cd4f40cbaa27f3ffbce0c39d7426d77
91f8efbff28fc7fe1d2a758f76bb70b74107adb25f3aa88c4ba6c01de4b71f60
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
9963f5b0e2cf0df9868755d53be44f5a1b39e88bd59ced041131ae48a8e0ed6b
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
9b721fd8bd518c20e3afd2833790fa0d1a1990477b5e97ddfb5f2aa47e164d49
9ebcd7bdb5554e57888241a02b80e12230b08db50cffa39d16002b3726a55806
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a53e8ed68b305a1407569e8bb5257f0c9bce42b5e854254c0c9d915964d91c5e
a5428c0b296c5ffb079f351a54b2c997064051bdb312a9602d562d9bc9a8a086
a826c6a6145d1641ade94ac82651ed653d2ad694a9859aefb9d6117492a3b58f
aa4de699aa84e26aaa2cdee7b7a9979dfc2158b17393b0d875f97670b447b11c
abc50021338ab4551b32de53540e77bf1f970e00d8d8c569780adacbf46a18a6
ac90a3bda0678fcf9206f9649a5272e6d8b97ad558a13c748c191663209bc34d
af508645414a72d60c0221f01b376785d69cb7aab694cfe0a1f55877a11aea4a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b20397ea7160ee66e9a6723fd50926d2f729a351f2cb06434667767ce98b874a
b27a73fe72c5c4ba18484e7717a330ca08b5bf1e126a51570b066b3de727b9ba
b2f0bb5eaf3291039f5d4e6b22b6baf0600e71a4c51aa15425d0e200d8ed18db
b59e0c0d1cf93db01c65f1357aedb1b27cf41998f06af03d1039bb18e83b5f86
b5ffa81768670029d01777f59917b176b96b54740acc3d432be2215cfd3d77fc
b619465b5025bfa8bfcdbf09a1a9eafbb31c630a45bc7c2d6a052f7febc70e5b
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
bb09f6f5afc84a2d5c07b93504bd195710d337e66f0080f3d371ca6d4d13b06e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbed8abf9faeb3ec7ddab4e5c02e0633eb56b96cfbfc83ed93d8d5e7eab5bfab
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261
c601c5cd461b4bfe66c31b39c6dfc040f4da907c942230c2d4bf09d86604e939
c818427359affcab39802bda46d7aa2592b49207b2ec4b2bdfe36c954ffabf7b
c96b67edd277b9d12add863bf157c68853eb1429929972195f629cddc8b6b48f
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
cb63ec3d7ec12ea2979049117de3ec41d4291a03720c8bf6bc78d5cbe2fc526b
ce784660775c196b3eaae5369bab374896a97a682531863832d64b8249d9ac14
d2e32a2f0e2ef0d4105ee9762f91294140bebf5d74b2af1412906f475aaad270
d3364ce0001f3007b23d00ef06369c70472a74d6d949f0a79af5bd838f508407
d366284e51f60d64ace77e09c9ed8850d502fad18de3943638dfb64f06fe1f56
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d974b22922581a46bfead32ea7959ceb98b01586393417b62bcf3419b81df4c7
da661a32c1ad27e80e128590b4b2a013d1b010171a0556e983d9ef4eef2fc378
dad72ba1ea49fc0e2b309554b5212343e2f691ed8eb2b32df21d11a6d36356d8
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0023a4d99a8085630d1430b58a1fd920d4411830aff093c59abba26aec04ef3
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e89f8d549c30fe30e46f5ae89cabe2e1ee0e7163f7684beaab90846997fa0c76
e98570c5f30e35bd02e653dfedf00fe5fdf4678859ac59112620ce2cbd62ba30
eaf77a2af5543ace4f32c5f5eb1ef39b87486ed717d3e44ac4acc245a2d7b8a9
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee0c40b1ef8c07782ff317e6e1bcc310954bb4a7a117e3f04b36f8db6e7cfa30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35b3d521d98fb8e2ee632e7b6a6893bab0eb99cf4173d463b8c9e8f5bf857b2
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f659e022190fefa86da1770ffc78a43b3bdcdda37dcb1757c300dca2224e200c
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6bc7c9009a7c835800ccb44258f197a071804b177f7ccf506c5be4e586a451d
f821113c24955a956a7d286d0e753bf11e1c00db8a2c7281c043777d8a88489a
fc6fb52e9e93dce55fae9ed4a5eeeb5cda0a2ddd01aa6f50e524b7fc0123c0de
fd30addf0535602cee81c55f1b90501327817c441518ec660cbd6cbf88254d19
ff9eb26aa931f54f9b055269ce3cf07e2966f98195a760448129c7e9581fb81d