www.dedeoyun.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.dedeoyun.com/
Effective URL:
https://www.dedeoyun.com/
Submission: On October 29 via api (October 29th 2023, 2:31:39 pm UTC) from US — Scanned from NL

Summary HTTP 170 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 33 IPs in 2 countries across 21 domains to perform 170 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.dedeoyun.com.
TLS certificate: Issued by E1 on September 1st 2023. Valid for: 3 months.

This is the only time www.dedeoyun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20a... 2600:9000:20a0:ea00:c:d51b:4400:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	54.197.98.98 54.197.98.98	14618 (AMAZON-AES) (AMAZON-AES)
1	52.20.250.67 52.20.250.67	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3 18	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	107.20.147.136 107.20.147.136	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1 43	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
6	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
6 9	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
4 8	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.66.147.91 18.66.147.91	16509 (AMAZON-02) (AMAZON-02)
1	178.63.52.121 178.63.52.121	24940 (HETZNER-AS) (HETZNER-AS)
1 5	176.9.26.250 176.9.26.250	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	85.114.131.235 85.114.131.235	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
170	33

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.dedeoyun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.dedeoyun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20a0:ea00:c:d51b:4400:21 (United States)

ASN16509 (AMAZON-02, US)

dsms0mj1bbhn4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

m9m6e2w5.stackpathcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.197.98.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-98-98.compute-1.amazonaws.com

www.shareaholic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.250.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-250-67.compute-1.amazonaws.com

analytics.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.20.147.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-147-136.compute-1.amazonaws.com

partner.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

api.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.130 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.64.151.101 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.172.123 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-91.fra60.r.cloudfront.net

tag.researchnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.63.52.121 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.121.52.63.178.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 176.9.26.250 (Berlin, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de

hal900014.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.131.235 (Mossingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21039.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	889 KB
28	dedeoyun.com 1 redirects www.dedeoyun.com	206 KB
27	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439	275 KB
9	gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com	189 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	4 KB
7	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181 www.googleadservices.com — Cisco Umbrella Rank: 145	605 B
6	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 38186 hal900014.redintelligence.net — Cisco Umbrella Rank: 286354	11 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	5 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	354 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 ajax.googleapis.com — Cisco Umbrella Rank: 364	34 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	116 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
2	shareaholic.com analytics.shareaholic.com — Cisco Umbrella Rank: 23934 partner.shareaholic.com — Cisco Umbrella Rank: 30621	646 B
2	stackpathcdn.com m9m6e2w5.stackpathcdn.com — Cisco Umbrella Rank: 24392	79 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	145 KB
1	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 88526	34 KB
1	researchnow.com tag.researchnow.com — Cisco Umbrella Rank: 2316	444 B
1	pinterest.com api.pinterest.com — Cisco Umbrella Rank: 3132	323 B
1	shareaholic.net www.shareaholic.net — Cisco Umbrella Rank: 23313	2 KB
1	cloudfront.net dsms0mj1bbhn4.cloudfront.net	5 KB
170	21

	Domain	Requested by
43	tpc.googlesyndication.com	1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.dedeoyun.com
29	pagead2.googlesyndication.com	www.dedeoyun.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com googleads.g.doubleclick.net
28	www.dedeoyun.com	1 redirects www.dedeoyun.com
18	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net www.dedeoyun.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	www.googleadservices.com	googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net www.dedeoyun.com
5	hal900014.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900014.redintelligence.net
4	www.gstatic.com	googleads.g.doubleclick.net
3	s0.2mdn.net	tpc.googlesyndication.com googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
2	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	m9m6e2w5.stackpathcdn.com	dsms0mj1bbhn4.cloudfront.net
2	www.googletagmanager.com	www.dedeoyun.com www.googletagmanager.com
1	cdn.contentspread.net	hal900014.redintelligence.net
1	ajax.googleapis.com	hal900014.redintelligence.net
1	hal9000.redintelligence.net	googleads.g.doubleclick.net
1	tag.researchnow.com
1	googleads4.g.doubleclick.net	www.dedeoyun.com
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	api.pinterest.com	m9m6e2w5.stackpathcdn.com
1	partner.shareaholic.com	m9m6e2w5.stackpathcdn.com
1	region1.google-analytics.com	www.googletagmanager.com
1	analytics.shareaholic.com	m9m6e2w5.stackpathcdn.com
1	www.shareaholic.net	dsms0mj1bbhn4.cloudfront.net
1	dsms0mj1bbhn4.cloudfront.net	www.dedeoyun.com
170	33

This site contains links to these domains. Also see Links.

Domain
www.facebook.com

Subject Issuer	Validity	Valid
dedeoyun.com E1	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.stackpathcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-04` - `2024-05-30`	a year	crt.sh
*.shareaholic.net R3	`2023-10-01` - `2023-12-30`	3 months	crt.sh
shareaholic.com Amazon RSA 2048 M02	`2023-05-16` - `2024-06-12`	a year	crt.sh
*.shareaholic.com R3	`2023-10-26` - `2024-01-24`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.researchnow.com Amazon RSA 2048 M03	`2023-09-13` - `2024-10-11`	a year	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
contentspread.net R3	`2023-10-23` - `2024-01-21`	3 months	crt.sh

This page contains 26 frames:

Primary Page: https://www.dedeoyun.com/
Frame ID: 722D81731D2FD3AE68EBF650DC95DFD3
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/zrt_lookup.html
Frame ID: 0009F5F1036C8125B4D26260F77C7230
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1016383332489375&output=html&h=90&slotname=2067384745&adk=2444206786&adf=1477197835&pi=t.ma~as.2067384745&w=728&lmt=1698586293&format=728x90&url=https%3A%2F%2Fwww.dedeoyun.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698589892884&bpp=3&bdt=333&idt=356&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&correlator=821585725316&frm=20&pv=2&ga_vid=756255355.1698589893&ga_sid=1698589893&ga_hid=474503055&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=516&ady=77&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079079%2C31079084%2C44805932%2C44806921%2C44806737%2C31078297%2C31079248&oid=2&pvsid=357335387441526&tmod=1816953483&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h8Vb78GNeM&p=https%3A//www.dedeoyun.com&dtd=381
Frame ID: D256121F48E340C55C374B0496B659A3
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1016383332489375&output=html&h=600&slotname=8872643852&adk=3699011343&adf=3132389021&pi=t.ma~as.8872643852&w=160&lmt=1698586293&format=160x600&url=https%3A%2F%2Fwww.dedeoyun.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698589892887&bpp=2&bdt=336&idt=388&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=821585725316&frm=20&pv=1&ga_vid=756255355.1698589893&ga_sid=1698589893&ga_hid=474503055&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079079%2C31079084%2C44805932%2C44806921%2C44806737%2C31078297%2C31079248&oid=2&pvsid=357335387441526&tmod=1816953483&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lzOXTn3YLA&p=https%3A//www.dedeoyun.com&dtd=393
Frame ID: 295EE33E8891B72C57EE825295FE5EE1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1016383332489375&output=html&adk=1812271804&adf=3025194257&lmt=1698586293&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fwww.dedeoyun.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=1&asacwct=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698589892904&bpp=2&bdt=352&idt=390&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C160x600&nras=1&correlator=821585725316&frm=20&pv=1&ga_vid=756255355.1698589893&ga_sid=1698589893&ga_hid=474503055&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079079%2C31079084%2C44805932%2C44806921%2C44806737%2C31078297%2C31079248&oid=2&pvsid=357335387441526&tmod=1816953483&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=456
Frame ID: AC4F939CDEE8E82ABA0DFF506C861712
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CC0C1636EE06F344AFEDEEF7D4EB741C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 84DB6F1214B8669957A93348BB3D09A6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17012469280101164520/728x90/728x90C.html
Frame ID: F170FE1F85AE3C6F9FF693F8BA5A8C38
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3CA40B5E4253085E6D091E46567FA825
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3381756031240795982/120x600/120x600C.html
Frame ID: 7CF017705EAF252645F36E2F159170A0
Requests: 9 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227974467552468851732%22,%22debug_reporting%22:true,%22destination%22:%22https://sleiderink.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22992142082%22],%224%22:[%2210-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229834943299572143425%22}&andc=true
Frame ID: 695F8B41F6BD3A67E91F6AB77549014E
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8F40CC4B0F1029AA62DF76150096291C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6DABAA0462768A6D8657C26B3C6F4962
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Frame ID: B74592A522C62B647B998686103F0C4C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Frame ID: 88D32E2F2CEA28D41574F26CB7E25AD9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Frame ID: 20CFE525C1841D716E2E828A52113A60
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGKb0s-cBMAE&v=APEucNVSoezVe3TJ-oCiITpwnvQksP3jUMVEixC3GTxLTeKK2yzrOvbrcADkYWAwpA3XPw168Jxxdk7zW1pAKyanZuBhSF6qfClEt84dnUhCcJdqByD7pscAhA-MSDfKhvXqdOf2-kydFoMTLF-XzZ2v9S3SrktoyTdissoPLnzbkJ1-QpmGtDQ
Frame ID: 3EF5721028878562EE41D51FF7A0D9AD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite_fy2021.js
Frame ID: 35A081515D3256AA75E67619D88A44B6
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjtyrvGATAB&v=APEucNWUW4R9od_N3_mKNJZ_OOiXm31mMDzyqIpu1aFX9WiZ1vdfcmcU_lyf8MGChPQsW-TfnRXgq69GPjUdFn4kkYrjmpl7hfE3S3BzFjgEqnyGFYngQdh8Wm_AdghkEub-fxxXNI-5G1fhlFWTX54RTJ4-xO9ky-Au3apsH1dayhHyCz3npXQ
Frame ID: 68004903F4821001FEB3AE547554C246
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: F7CB43CAC070F0FF3D05FC02D09907FC
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D3070C3673FE299479F12AA92A5A95B5
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: 100B1B69E6611D2ACAA5E1C8657A50E1
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yki7wq91PsU7DdxfmXKOQxU4B1wmfJmh9h09t8sJadc.js
Frame ID: BA4AC97BF0095042011F1B43534A9603
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yki7wq91PsU7DdxfmXKOQxU4B1wmfJmh9h09t8sJadc.js
Frame ID: 3F1EDF82C4057ACF16DB03026895D1E1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 95FC9757DF3D4157BE68ABE35F7712F9
Requests: 3 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=95476100061973104444452012492014&a=8dc09be1
Frame ID: 34BEC8D0508D1EAE8B7ADAA323ADD7BE
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dede Oyun - En Yeni Oyunlar

Page URL History Show full URLs

http://www.dedeoyun.com/ HTTP 301
https://www.dedeoyun.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

170
Requests

92 %
HTTPS

61 %
IPv6

21
Domains

33
Subdomains

33
IPs

2
Countries

2361 kB
Transfer

5851 kB
Size

16
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/dedeoyunlar/
Title: Facebook Sayfamız

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.dedeoyun.com/ HTTP 301
https://www.dedeoyun.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 66

https://googleads.g.doubleclick.net/pagead/adview?ai=CBqZQxWw-ZfvOF4in_tMP0ZW54A6u27qqZ7HlvtqiCez1u87KDRABIIu-ygZgkQSgAYLGi9kDyAEJqQK00IIZf7mxPqgDAcgDSKoE0gFP0Nyj2Hy5FhVsU9U8ZgSu4SScksAtLrEREBZ4GE_T6YFNuMSf7ha5ikRyHdLlvNlteW8paGeJhY4jiUDIKZwGSR_RoxxAMtY-VRULnK6b2CBIDbTiPfxs7cvnpgkKliBvvYC_AynYAuyDZsIi3z8CM0_Sgk3NfLWjpATm4y8JeIeHSE3er0GJ1poyg14HRHAz6d8jE-ZUfG8Z8IRwhtiM53R-g-65IFC7YXZ-kZUJJeyDF3e3rKmchcEMNBE9S86AnAB6KTXLGAYQPWKcshixkDDABO3Ol664AYgFzvXrgQSgBi6AB-a59CaoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQkN4D0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJGmh0dHBzOi8vd3d3LnNsZWlkZXJpbmsubmwvgAoByAsBogwMKgoKCOS0sQLutbEC2BMD0BUBgBcBshccChoIABIUcHViLTEwMTYzODMzMzI0ODkzNzUYAA&sigh=6nkep30W_PA&uach_m=[UACH]&ase=2&cid=CAQSSwDICaaNcxXMX3LoBk4ukgwOTzW-LyKrqntGN1Q4Nt8KJhe4GBhOYxvqkMJ7y4ApZQ1ZN2H9caK1OhPuYa3RhkHN9mXbw1xQtNqnLRgB&template_id=531&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227974467552468851732%22,%22debug_reporting%22:true,%22destination%22:%22https://sleiderink.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22992142082%22],%224%22:[%2210-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229834943299572143425%22}&andc=true

Request Chain 79

https://googleads.g.doubleclick.net/pagead/adview?ai=CpF25xWw-ZYSdF4LUiQPTkJ3wDq7buqpnme2-2qIJ7PW7zsoNEAEgi77KBmCRBKABgsaL2QPIAQmpArTQghl_ubE-qAMByANIqgTPAU_Qz-cD9rh2QN1cbMiF-s36sM_TtbgoS-hjPnTRTcftEeZUFbXlVTaxQ6mADsLGdXtUSci_RohM_NeKVOqhm2OoGC59Xd1P1Oxnkcwh_tKOL3vRMEATRrzqUDFLd5KCHprcbJVSn9QwAkGnFAXNYmYrr34lFb-o16WYHCnCczKX1B1TPhXe61vnOoiZilgbj5osQUbHEfs4WHEyofgVwFTgSGkYnlWXT9T2kDgo5_8gMxfR0zzKpYw9Y99UlfOfh7j1MYSIVxjQZviQdCmnQMAE7c6XrrgBiAXO9euBBKAGLoAH5rn0JqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBC4nAXSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkaaHR0cHM6Ly93d3cuc2xlaWRlcmluay5ubC-ACgHICwGiDAwqCgoI5LSxAu61sQLYEwPQFQGAFwGyFxwKGggAEhRwdWItMTAxNjM4MzMzMjQ4OTM3NRgA&sigh=UZIKPTKtO-4&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNfVMqAlQD611_I6eF713sjSwa0--xB8yKPYXrG9N2rv50qvoPZkDlzjn7AMf6qH1lZJ9ZnB1hzx2dJDTwVN8Cd0F17EovWecYAQ&template_id=531&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225846069992653576847%22,%22debug_reporting%22:true,%22destination%22:%22https://sleiderink.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22992142082%22],%224%22:[%2210-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226563886470145846289%22}&andc=true

Request Chain 80

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 117

https://googleads.g.doubleclick.net/pagead/adview?ai=CIlhRxWw-ZenkHOCf18cP7921sA-u27qqZ-q_2J7GCez1u87KDRABIIu-ygZgkQSgAYLGi9kDyAEJqQK00IIZf7mxPqgDAcgDywSqBNEBT9D9aF2oi93Q1tJF1dNrufRhBc7s-emah48tnIA2o4W2gqbmLsNEga9YViCwko9OHwGjkIAC_X_22Te9sYKBqEl1KdhVEn9f8CBsnX8B8tCFVQtKnPf9PiNnrqyZBe8GAaOEH2qRw7zbv09kP37uQ9lm_e2IHz1FCh49V1A6e7ZA_B1Qw15DDndsHi-nC55wKduYHQDjWIsh0LkpMv_8C1p96rbmE7YppqINkAZDHlImWYTyUBU7DBnW-xn-4Nvu8krteSfvYRgPFWMBFe8hkkbABO3Ol664AYgFzvXrgQSgBi6AB-a59CaoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQi6kF0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJGWh0dHBzOi8vd3d3LnNsZWlkZXJpbmsubmyACgHICwHYEwOIFAPQFQGAFwGyFxwKGggAEhRwdWItMTAxNjM4MzMzMjQ4OTM3NRgA&sigh=wEx5tRmwPks&uach_m=[UACH]&ase=2&cid=CAQSSwDICaaN1JGvoZVpo_RQ_I8Q4M4Q4Sd5wj7XpjmVJTuHAz50sJpEQ9e_iTOd_2JQRU2m4fb1Z5eofLtOo7HEIlH8sSyMP6x2VYhrGhgB&template_id=494&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213806077711748844565%22,%22debug_reporting%22:true,%22destination%22:%22https://sleiderink.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22992142082%22],%224%22:[%2210-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221013200830421435377%22}&andc=true

Request Chain 128

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCHkIqG2wEQ8QQY8AQyCHCXNwXCmSGr HTTP 301
https://tpc.googlesyndication.com/simgad/11039925474816115258

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqDNkt8wtO3Nf4zBEANLK8&google_cver=1

Request Chain 131

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZT5sxi-UDj2LoOP34ZcoVwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqDNkt8wtO3Nf4zBEANLK8&google_cver=1

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGfxCEbul8hU3C7qdiIv-Rw&google_cver=1

Request Chain 133

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMwMjE5ODI3OTAzMDQ0NDkyNA%3D%3D

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqDNkt8wtO3Nf4zBEANLK8&google_cver=1

Request Chain 142

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZT5sxnUFnAaPLfM.BLAVjQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqDNkt8wtO3Nf4zBEANLK8&google_cver=1&google_hm=2

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGfxCEbul8hU3C7qdiIv-Rw&google_cver=1

Request Chain 144

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA0MDkxNTg1NDE0NjQ1OTgxOA%3D%3D

Request Chain 161

https://hal900014.redintelligence.net/request.php?zone=1fk3zv56z3i8&nw=20&renderingType=javascript&namespace=374ae518a4&subid=&uid=17628464c0898518&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYiyexWw-ZejkHOCf18cP7921sA_M-Yagacuwx__3D_AuEAEgi77KBmCRBMgBCakCtNCCGX-5sT6oAwHIA5sEqgTsAU_QLXG6hwO3jc1a0itR3jSHc6jRY1t59I4tPYkUW3ob6iak54e--xOKtZuHe3aYkXt1axNn8NSdhS-BhPJQkiAy27yeylHPSMMbt51nJtWrJ4NYvxNRXvtddcFt4l5WruQhPo7xWOEO8p4PYUGBrLOk_u2hWa-efx7HBnLatva108exwR4ipddwQeGEL_iRWQdCmBwbjQbjphDGoBiseGUUDBbkIM69EZum44tLGgA2ZwN5iS3iKV3h7sspxHk43tZWNh5nnlKbvv-o6_0PCR9X8dciPNnpHVBu-9479y8ALWQP5qvqEy8xLewOwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CTkywE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDICaaN1JGvoZVpo_RQ_I8Q4M4Q4Sd5wj7XpjmVJTuHAz50sJpEQ9e_iTOd_2JQRU2m4fb1Z5eofLtOo7HEIlH8sSyMP6x2VYhrGhgB%26sig%3DAOD64_0_oLHFwake_t6O3MQOoevaEAhGrQ%26client%3Dca-pub-1016383332489375%26dbm_c%3DAKAmf-CnzxYQRt3wIZPIsKhJqX1YhIzYOfOl4W7-8uxPsnxMruXRzGX4Nl--aLIF3sCXCFYjNfXIfKvMAEpPTF_JHsAgea9Q62HNn45RTYVZPNSt71JhYbnqWtCHFTTz0DX_WKenvy91zwd7JzaY5u3cOExSTP5RML2yO9pkMIc6Tjd7l4W3z_c%26cry%3D1%26dbm_d%3DAKAmf-CA5VPfpQIEaEjwK27INM9r032Y5nY6HAwO2EisCJM8FURKikCnfPYbZOC_bWdpeoEZlfSzT6lfuJHj86B_GKsntE437U6duPAsdZmwXm6dgal7zgCDKhqA4_f9EpUohHGkRFi3MaRMU-xjjybuDyTixrXx1MCOcuGkltu7zWuUHasOBA3VZRbJH3gXNfSgd8Twq826qQWtfVSv66LshlPoMjmpQifFClnogSFhZS5odDAXfSmKch61P0HtmUQa-ja6yphfQgZdg4cEKk0uemkwW6Gos4v4r1VDEHLS84NzDKt1rfOnvHMaPHHtM3QeEtqQHzLQ6d324vLTDMb98D-3zPthdPu7jZlxfOs8Mhqrx5SAXo1L5vEmZymhELJf-lwtF-lRf2QFuDwfQd-HfgfK97jCuxOzHeltIYTbz4SsG-jZhRfNgH_7_0ysxtEU11PKWD4G4phNxeOtzpEt8OPJN-ZzhbJ0VCPMYWvpyM4pE_EWjmY-wFPUomncDqiDQXS_ai36MLcoSnnx-yVymhucmLM5NTSZcAvyWhk2LZU0GRZexUg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231025%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-1016383332489375%26fa%3D4%26ifi%3D6%26uci%3Da!6%26btvi%3D2%26xpc%3DQJaXWtTklP%26p%3Dhttps%253A%2F%2Fwww.dedeoyun.com&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.dedeoyun.com&random=2152963442558&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal900014.redintelligence.net/request.php?zone=1fk3zv56z3i8&nw=20&renderingType=javascript&namespace=374ae518a4&subid=&uid=17628464c0898518&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYiyexWw-ZejkHOCf18cP7921sA_M-Yagacuwx__3D_AuEAEgi77KBmCRBMgBCakCtNCCGX-5sT6oAwHIA5sEqgTsAU_QLXG6hwO3jc1a0itR3jSHc6jRY1t59I4tPYkUW3ob6iak54e--xOKtZuHe3aYkXt1axNn8NSdhS-BhPJQkiAy27yeylHPSMMbt51nJtWrJ4NYvxNRXvtddcFt4l5WruQhPo7xWOEO8p4PYUGBrLOk_u2hWa-efx7HBnLatva108exwR4ipddwQeGEL_iRWQdCmBwbjQbjphDGoBiseGUUDBbkIM69EZum44tLGgA2ZwN5iS3iKV3h7sspxHk43tZWNh5nnlKbvv-o6_0PCR9X8dciPNnpHVBu-9479y8ALWQP5qvqEy8xLewOwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CTkywE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDICaaN1JGvoZVpo_RQ_I8Q4M4Q4Sd5wj7XpjmVJTuHAz50sJpEQ9e_iTOd_2JQRU2m4fb1Z5eofLtOo7HEIlH8sSyMP6x2VYhrGhgB%26sig%3DAOD64_0_oLHFwake_t6O3MQOoevaEAhGrQ%26client%3Dca-pub-1016383332489375%26dbm_c%3DAKAmf-CnzxYQRt3wIZPIsKhJqX1YhIzYOfOl4W7-8uxPsnxMruXRzGX4Nl--aLIF3sCXCFYjNfXIfKvMAEpPTF_JHsAgea9Q62HNn45RTYVZPNSt71JhYbnqWtCHFTTz0DX_WKenvy91zwd7JzaY5u3cOExSTP5RML2yO9pkMIc6Tjd7l4W3z_c%26cry%3D1%26dbm_d%3DAKAmf-CA5VPfpQIEaEjwK27INM9r032Y5nY6HAwO2EisCJM8FURKikCnfPYbZOC_bWdpeoEZlfSzT6lfuJHj86B_GKsntE437U6duPAsdZmwXm6dgal7zgCDKhqA4_f9EpUohHGkRFi3MaRMU-xjjybuDyTixrXx1MCOcuGkltu7zWuUHasOBA3VZRbJH3gXNfSgd8Twq826qQWtfVSv66LshlPoMjmpQifFClnogSFhZS5odDAXfSmKch61P0HtmUQa-ja6yphfQgZdg4cEKk0uemkwW6Gos4v4r1VDEHLS84NzDKt1rfOnvHMaPHHtM3QeEtqQHzLQ6d324vLTDMb98D-3zPthdPu7jZlxfOs8Mhqrx5SAXo1L5vEmZymhELJf-lwtF-lRf2QFuDwfQd-HfgfK97jCuxOzHeltIYTbz4SsG-jZhRfNgH_7_0ysxtEU11PKWD4G4phNxeOtzpEt8OPJN-ZzhbJ0VCPMYWvpyM4pE_EWjmY-wFPUomncDqiDQXS_ai36MLcoSnnx-yVymhucmLM5NTSZcAvyWhk2LZU0GRZexUg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231025%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-1016383332489375%26fa%3D4%26ifi%3D6%26uci%3Da!6%26btvi%3D2%26xpc%3DQJaXWtTklP%26p%3Dhttps%253A%2F%2Fwww.dedeoyun.com&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.dedeoyun.com&random=2152963442558&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

170 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.dedeoyun.com/
Redirect Chain

http://www.dedeoyun.com/
https://www.dedeoyun.com/

14 KB
3 KB

525ms
145ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dedeoyun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 15f814626f437d2e675a7001d14d4bc0838a4f95e8b018010c029e69477bda94

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81dc1f6b9cf54d37-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 29 Oct 2023 14:31:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTZwAjEc9eb8ZHIh49yYesj8KBrmpBgbFxzHG1NZYoRrlrm79kwzr8eupb0sFJ%2BHjO7G7vS2aIJfDGzdtk3k7mbMeYR2jpNdhAVbj3oRU%2Bsq4ebPZEgwk9FM4bLjq0dqeridiJWQaY3sy9q%2BQwe5"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 81dc1f68ce701e62-FRA
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 29 Oct 2023 14:31:32 GMT
Location: https://www.dedeoyun.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwr9VjPTE4fCYUyJ7Jxs69gs0UiwkzQ04npe4RmG2mApIOdQPb4hKZU7DdcxXvIRSaRuDGBESIAKmZn5ryvrLcVt46vsNF8y7aDOPkSF6z81l3whUTyMPz8x4eeG4OOqtxI9DlbqIRK1O1olJbh5"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
www.dedeoyun.com/ 9 KB
3 KB 61ms
59ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dedeoyun.com/style.css?ver=1.0
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5eefbd1a362d7b1f5bad390a9c7d3db992da694596a6c1685021eb7abe0a77b1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1768546
cf-polished: origSize=11531
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
x-powered-by-plesk: PleskWin
cf-bgj: minify
last-modified: Wed, 25 Sep 2019 20:27:54 GMT
server: cloudflare
etag: W/"b0f5d9b5df73d51:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2P8wRSHycnyRwTSTkRMJ0JyZWdBCoaCZOZqDKj64XSZ0Ed2nTCKtuonlG9kVP0dfA9Y0Ph%2FHEcE3lWKopW%2BwsGhVJdQPf7mupesYeF2NPv%2F8S5EIjf4hRaWa%2BLtlwcEkHrrQiOkgLdgChawOLWC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=8640000
cf-ray: 81dc1f6c8e4c4d37-FRA

GET
H2 200 shareaholic.js Show response
dsms0mj1bbhn4.cloudfront.net/assets/pub/ 10 KB
5 KB 89ms
21ms Script
application/javascript 2600:9000:20a0:ea00:c:d51b:4400:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dsms0mj1bbhn4.cloudfront.net/assets/pub/shareaholic.js
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:ea00:c:d51b:4400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d6f73f573858aa835c15bcf30e3f574102f35d9276869780578510d9cb6b1624

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:28:11 GMT
content-encoding: gzip
via: 1.1 24f924c22589fd0429b4463876b2c576.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
age: 201
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
alt-svc: h3=":443"; ma=86400
content-length: 4287
last-modified: Fri, 27 Oct 2023 17:26:56 GMT
server: nginx
etag: "5456c2a3f543e8b782294fb829d1c2f4"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1200, public
accept-ranges: bytes
x-amz-cf-id: CI-4PYH1N4A7zzhOykBjVh1PKB25XjRpklXu6Z7RhvGHyXZRphC1GQ==

GET
H2 200 dede-oyun.png
www.dedeoyun.com/img/ 13 KB
13 KB 43ms
42ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dedeoyun.com/img/dede-oyun.png
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 377e431fb4789c4cc2309955ad4b74bf3f3da3c28f83fdbef38c5734df22b2ad

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2739089
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 13256
x-powered-by-plesk: PleskWin
last-modified: Mon, 30 Oct 2017 20:16:35 GMT
server: cloudflare
etag: "1cc01afcbb51d31:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMuK%2BvniNF0oGQbtznfrTSn9SQ9Zg7bIAuWecR6%2FzqoaHxYLscT8Ia2dR1mAE%2BWHkqzsW8k7at5txjX3i9GuJ9qOe3B4KZpQA6d3ufjZOrivs1NPGqweHGLA0UyQmRfUQl7UxQ2%2B%2FD3phqXXtBqc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=8640000
accept-ranges: bytes
cf-ray: 81dc1f6c8e4f4d37-FRA

GET
H2 200 boks-yildizi.jpg
www.dedeoyun.com/resim/150/ 9 KB
10 KB 39ms
38ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dedeoyun.com/resim/150/boks-yildizi.jpg
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dc9ca51c2cc3f9491b9740e7396c5a95132b34050df291d5ca0cd6edfadbee76

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192100
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 9368
x-powered-by-plesk: PleskWin
last-modified: Thu, 26 Oct 2023 23:11:48 GMT
server: cloudflare
etag: "20c49cc618da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUYLjliufe2OcRWuu4Mkw6GfmAqvxSzam1rjVugvVUdabQH29PdreLSke4lGRR8j%2BBeDrgHNC7TpIc4chwIF6A7oRpPVQqBci60y6kmfzGnlNL96H6ZE%2F5%2F3ij6FWljzpMYpp2t9faE%2BWwMVh7zv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=8640000
accept-ranges: bytes
cf-ray: 81dc1f6c8e504d37-FRA

GET
H2 200 tirmanma.jpg
www.dedeoyun.com/resim/150/ 9 KB
9 KB 44ms
40ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dedeoyun.com/resim/150/tirmanma.jpg
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c38bccf9c98ec680a65cb33b84103548c58f8e7525177b3f537fff2852b05504

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192100
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 9058
x-powered-by-plesk: PleskWin
last-modified: Mon, 23 Oct 2023 23:51:14 GMT
server: cloudflare
etag: "779e9eceb6da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNWUgYVE6FYwBRUqDKI15kMpAYno6Q9CKPw6eQy99Kn62r0piiHTKkQaTmO156v3YVDlRZuhfYj9nKZ2htPn2Q04Kq%2F4MI1OJkES%2B0l9HDqCG1vSsWm6aIA57rW5cU6Wuz57ZpPuzY3%2BDCwK6KjA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=8640000
accept-ranges: bytes
cf-ray: 81dc1f6cae6e4d37-FRA

GET
H2 200 reyon-duzenleme.jpg
www.dedeoyun.com/resim/150/ 12 KB
13 KB 42ms
37ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dedeoyun.com/resim/150/reyon-duzenleme.jpg
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5f85a304638cb039fb585851030f8c62b2e4448bce1c915a58532ebebe4aefe5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192100
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 12744
x-powered-by-plesk: PleskWin
last-modified: Tue, 10 Oct 2023 00:16:24 GMT
server: cloudflare
etag: "901a511ffbd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inN4UBEoLpg5IwsNkz54%2FkG5YottMrMMOz%2B%2Fzj4edxBmXMk3b0qnxOVPDyjwf3iBuN3U%2BSvLCsGheNqnWnt3%2Fn3H%2Bvgm3Tgv%2FLEGvJnG10q%2FTwtiW2NwMhhrruwHzRSYdvz9p8YBtFkqaPy38SqR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=8640000
accept-ranges: bytes
cf-ray: 81dc1f6cae6f4d37-FRA

GET
H2 200 zorlu-traktor-yolu-2.jpg
www.dedeoyun.com/resim/150/ 8 KB
9 KB 43ms
39ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dedeoyun.com/resim/150/zorlu-traktor-yolu-2.jpg
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4895247d2cc6219f35f9f44d1f48266dab962c44ec67bc0318ca740bd2f8813f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192100
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 8594
x-powered-by-plesk: PleskWin
last-modified: Tue, 26 Sep 2023 00:46:01 GMT
server: cloudflare
etag: "e3a9aad212f0d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BpkRo1%2FM1Upp9oUiwQeq6olImgM%2B1UkzTuS%2F90%2BXrrpkudZNkDHOF0ixLgRI2bmBqsU8FycJLbgqamI0vpacFrCZIDiv0Ydjxdj3CQPo7Yz8Ew0xGVJEVs%2FivDdJp128We6J3T4w9zJMyrYo8aM2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=8640000
accept-ranges: bytes
cf-ray: 81dc1f6cae714d37-FRA

GET
H2 200 temizlik-arabasi-surme.jpg
www.dedeoyun.com/resim/150/ 8 KB
9 KB 42ms
38ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dedeoyun.com/resim/150/temizlik-arabasi-surme.jpg
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 69f452b260d6020091ee2f48b226d39644a2d2aa374478c03f38b0fed0d52526

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1725397
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 8558
x-powered-by-plesk: PleskWin
last-modified: Thu, 21 Sep 2023 00:39:33 GMT
server: cloudflare
etag: "7015f1724ecd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1WbGHiLEiaHgo2Y9IPOTQJFy%2BttBNczoURxvHWc1lcgVdq1brrrxPgO%2BRZIeaRxLLRgMv9TCFhEMJPyoKTftgHUzD1AdoBI%2FcYdFZy8baT3S6zG2K3%2Bwv4Q8mRh4tVLXIYRpi9Q6wTw7WDoCeHx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=8640000
accept-ranges: bytes
cf-ray: 81dc1f6cae764d37-FRA

GET
H2 200 bomb-it-8.jpg
www.dedeoyun.com/resim/150/ 9 KB
10 KB 65ms
61ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dedeoyun.com/resim/150/bomb-it-8.jpg
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 91781f622b7f15b841217d7bfcb478708d802d0b04982b1dbedbb2b6b281c35d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192100
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 9449
x-powered-by-plesk: PleskWin
last-modified: Mon, 18 Sep 2023 23:59:21 GMT
server: cloudflare
etag: "c85c5a248cead91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=io%2Bo83PX7tZzvZwvm%2BwA5QnJAuXA5hw%2BbSSFmjT8%2Bo%2F87hQBSP9i0%2BH0d8CxwRDuQod%2FvNgaev5OL4qC0rid7xoCjmVyuZxF1kq%2FPOFMJKUxAw96x9OZt4RRuQajJsCYaaFxPMq38draFMJpQXdf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=8640000
accept-ranges: bytes
cf-ray: 81dc1f6cae784d37-FRA

GET
H2 200 klasik-nonogram.jpg
www.dedeoyun.com/resim/150/ 7 KB
7 KB 61ms
56ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dedeoyun.com/resim/150/klasik-nonogram.jpg
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b1392a01deab711efdfc011d890de4f01a4ec11302244c86e92530534af491d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192100
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 7291
x-powered-by-plesk: PleskWin
last-modified: Wed, 13 Sep 2023 22:31:10 GMT
server: cloudflare
etag: "f92e9afe91e6d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYP42HY2lG8bo6Efm8j4JGSoeHRbVRqItCz1%2FqMR1QklfIsJnOGVEIIUR01Gf1FDpJgQqY8Dz%2F%2FUv%2BEh1IpOmr9JwqMbN7igYa3D%2F5xFHa7bT36d8l0trBf%2BtN86xfXTZ1aFTC8i%2FEqLLT%2FePbTp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=8640000
accept-ranges: bytes
cf-ray: 81dc1f6cae794d37-FRA

GET
H2 200 hizli-kacis.jpg
www.dedeoyun.com/resim/150/ 9 KB
9 KB 40ms
36ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dedeoyun.com/resim/150/hizli-kacis.jpg
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 908c11490b7d370b4ac2ebbb0973af0241d3917a9a65cf176e58d0a6790b3394

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192100
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 9264
x-powered-by-plesk: PleskWin
last-modified: Sun, 10 Sep 2023 23:49:08 GMT
server: cloudflare
etag: "276f1f6441e4d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZLXsEHlD%2FkLckNSwmLwTNpgxalRLNAX8KM%2B6D7cAmBRJ3zTjLO6MCVr1SlQb4TNN6RQ8zHsEh3Rn0zFYKXYEIwe91k54VWpleCWT1PseqAgsW09DtIwA2jnKPEv5y8JrGaLm2dX1bgLTLFn3F0Z"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=8640000
accept-ranges: bytes
cf-ray: 81dc1f6cae7b4d37-FRA

GET
H2 200 cilgin-ogretmen.jpg
www.dedeoyun.com/resim/150/ 9 KB
9 KB 66ms
62ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dedeoyun.com/resim/150/cilgin-ogretmen.jpg
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5b2fe38dfe62400cc6c88ed3834d9dc6aefda3dd01144a1461f3a383660cd7f0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192100
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 8927
x-powered-by-plesk: PleskWin
last-modified: Thu, 07 Sep 2023 04:57:18 GMT
server: cloudflare
etag: "2ca53ec747e1d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRXuFbohACBNeiQCCsO%2Bhy33V162xKPKPiGAd9RwUfJ%2BTnBglZeIQEx%2FKRIYlir9EaqbZGSh0nCoA5oHZx7lkMNxOLzNQK5iGMN4ewJh506aGcKAJDWBjgEGzeKVR005zFKWrzwjexV2UZ5aziEd"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=8640000
accept-ranges: bytes
cf-ray: 81dc1f6cbe894d37-FRA

GET
H2 200 hill-climb-racing-2.jpg
www.dedeoyun.com/resim/150/ 9 KB
9 KB 44ms
40ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dedeoyun.com/resim/150/hill-climb-racing-2.jpg
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 14e48d1452475a4616d64d30efc4f29b49359ff32d851f6ceb6e7b1f3abd5695

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192100
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 8833
x-powered-by-plesk: PleskWin
last-modified: Sun, 03 Sep 2023 21:27:35 GMT
server: cloudflare
etag: "7c86ad74added91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5cBl2L0TsQixyJFLKZC0bQx9tvzuPENmn8rxOvs3IBG1RCJMFep9QmqJb6vnqhVJvvgqkzSKNib0GxwfpuGlzYQQMsxxNFARUNmlqm24WONLftN%2B0qze5km%2FCUiWUUDTMTJ7LTBPGTM%2BOyy8W4cV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=8640000
accept-ranges: bytes
cf-ray: 81dc1f6cbe8b4d37-FRA

GET
H2 200 love-tester.jpg
www.dedeoyun.com/resim/150/ 6 KB
6 KB 67ms
64ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dedeoyun.com/resim/150/love-tester.jpg
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9baaf7c5d7204b6d06a839288f497c118129fc6d7658419bfe9bb99fb9f02d65

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255623
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 5999
x-powered-by-plesk: PleskWin
last-modified: Sun, 14 Feb 2021 18:29:55 GMT
server: cloudflare
etag: "82ebb064ff2d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSubXqsxbdfSPwz74UKDl82L0OKx%2FWzTHyNpTqNCqezFaVOJgtHz8trwtgf6k2Vn%2FsJLa5LSHxygJH0g2D09EUKbh1SV21gIzDnnA9z3Lrra4XCRl2LxUjGCBie9%2FC2ysx%2FPHYheD59e68TOk30E"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=8640000
accept-ranges: bytes
cf-ray: 81dc1f6cbe8c4d37-FRA

GET
H2 200 turk-damasi.jpg
www.dedeoyun.com/resim/150/ 7 KB
8 KB 60ms
57ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dedeoyun.com/resim/150/turk-damasi.jpg
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c7e104e6d449c2536057c5ac2c0ae124800e079cf5c584a11804f64988f2e9fc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192100
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 7678
x-powered-by-plesk: PleskWin
last-modified: Thu, 31 Mar 2022 00:01:14 GMT
server: cloudflare
etag: "1ab217709244d81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhZCdjic5UdBMpijmF9smSLDORMzALOYLidV20%2F0lbAWnWDoJgEbfJoZol4HoiumHghYPvRVIr6dJ5hY%2BoXRI70dbQKiWfgWdBvDgTJXwsDJdbmRKzuDBExGZojRhAvPMSvXXQHlmij8%2Bc%2BQW13Y"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=8640000
accept-ranges: bytes
cf-ray: 81dc1f6cbe914d37-FRA

GET
H2 200 caglar-boyu-savas-1-turkce.jpg
www.dedeoyun.com/resim/150/ 7 KB
7 KB 65ms
62ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dedeoyun.com/resim/150/caglar-boyu-savas-1-turkce.jpg
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9be69b781f3e36335ba7bfb3b6bab606529474452e8c33d12a3d2f4f0c1ffa99

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192100
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 6918
x-powered-by-plesk: PleskWin
last-modified: Mon, 30 Oct 2017 20:46:08 GMT
server: cloudflare
etag: "faaa1cc051d31:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0bJmNAOPHZIvJQLfyaSIS2dFsI3bc9HmC4%2BHYJyU9ba2uKWXGwFpHr3YNaa3blII7NMd%2FQ%2Fh%2BoP8IsZI1QP5dcgGHQJV4DSeVvrwp%2B8yc2LdtXaMkeTYKncSqkOLrc%2BQ%2F3XMlYQR3herSjN%2FfEa"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=8640000
accept-ranges: bytes
cf-ray: 81dc1f6cbe924d37-FRA

GET
H2 200 neseli-dondurmalar-1.jpg
www.dedeoyun.com/resim/150/ 8 KB
8 KB 67ms
64ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dedeoyun.com/resim/150/neseli-dondurmalar-1.jpg
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6169fc8f8d80e925491c8a3b78da5829751642018eea9f2d14fa3c4251871401

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192100
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 8238
x-powered-by-plesk: PleskWin
last-modified: Sun, 29 Oct 2017 18:38:04 GMT
server: cloudflare
etag: "64d63aee550d31:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71vuAWmXgFZIxNPucsQcR9P9cF5x0cBTQUQIFotQ2riumW3xmvjG8hESQpkGCofaU4v%2BCEdC1kRJ8%2Fmac%2FCDlH5ElnsfPaDGObPp%2FARNcY4KqqpvFOJCyfbb3fNth2mSg5%2FnprqwNl7hDJrBzIcM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=8640000
accept-ranges: bytes
cf-ray: 81dc1f6cbe944d37-FRA

GET
H2 200 renkli-toplar.jpg
www.dedeoyun.com/resim/150/ 9 KB
9 KB 65ms
63ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dedeoyun.com/resim/150/renkli-toplar.jpg
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3c75b16d32ba8bc5eb16928ee66f90548f0d68c575fce39f595ecae48a3901c6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192100
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 8736
x-powered-by-plesk: PleskWin
last-modified: Thu, 19 Sep 2019 14:01:18 GMT
server: cloudflare
etag: "235152b5f26ed51:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4xqXcX4YT7rEozoh3cT8cEQIpLhB4B%2FqAmwuNBuGnR2GKdKl3W1MznLuay9PGByer04a2t4N0TE5rjtZJI5zMICgDet%2BbgePz7yrXnFmF1Dd3pqr7i1scqTg5PCxYgLmHQsYhNA66139kh9r99m"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=8640000
accept-ranges: bytes
cf-ray: 81dc1f6cbe954d37-FRA

GET
H2 200 klasik-tavla.jpg
www.dedeoyun.com/resim/150/ 8 KB
8 KB 65ms
62ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dedeoyun.com/resim/150/klasik-tavla.jpg
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 799488cd962f7efc725ca2571265b61f6584430fab56c2ee95f0eff8106bc61a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 472860
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 7853
x-powered-by-plesk: PleskWin
last-modified: Sat, 06 Jun 2020 01:04:11 GMT
server: cloudflare
etag: "bc9b7639e3bd61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0KOprsfR884USDpcvguQOOYXByhvtiiWcZf45JPYJbtT4NHFHo1GMeqgw4ido5%2Bqqoo4GrvoN5aOLNjquDCtaAar8yjs7ylYqYvSc%2Fif3%2FRCvxx1ugnXx9rbop9YfFya9wQmHtUFIkgb1Ynlt3Y"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=8640000
accept-ranges: bytes
cf-ray: 81dc1f6cbe964d37-FRA

GET
H2 200 kizma-birader.jpg
www.dedeoyun.com/resim/150/ 8 KB
9 KB 63ms
60ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dedeoyun.com/resim/150/kizma-birader.jpg
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9f861cee3d5e3b0a73412a3359ef9c3bf73bdb27f984a0f945b11122fc1f9853

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192100
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 8476
x-powered-by-plesk: PleskWin
last-modified: Sat, 15 Jun 2019 20:19:50 GMT
server: cloudflare
etag: "872e62afb723d51:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0qx85i4ZA%2Fv2cuJd%2FPT%2F9Bn52GC1oIp8qBfEk%2FhSyZorG9ogKdsFT1VChNMeKKxyDLbJmON7VFOg4pwmk3ycPPpPbwMhe0%2BnPOX%2FAtBiK5u4jj%2BNpVG5QeB9OocZ3uGr8H3XT9jJedD5RoBIWMi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=8640000
accept-ranges: bytes
cf-ray: 81dc1f6cbe994d37-FRA

GET
H2 200 hirsiz-kardesler-1.jpg
www.dedeoyun.com/resim/150/ 9 KB
10 KB 64ms
62ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dedeoyun.com/resim/150/hirsiz-kardesler-1.jpg
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7a6e241051eed96e88b160b9fefa002d60b1c59127f33f7ebb278023299d4306

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192100
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 9466
x-powered-by-plesk: PleskWin
last-modified: Sun, 29 Oct 2017 18:38:03 GMT
server: cloudflare
etag: "9892cee550d31:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iwRE0ysGyWPtPtfVlUxSolWb%2BipQlKLfoz%2B8Rew39bXDihknBHoj3NtQNCr4D7xZ%2BcfIldBhgWH3pAOubDmQ9xM4kDC5iy%2BjZZlFagl24tuoXJEHxjXoxbRuP8j7lTOK1daVTB3psK2hUzRkQ2v6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=8640000
accept-ranges: bytes
cf-ray: 81dc1f6cbe9b4d37-FRA

GET
H2 200 gta-5.jpg
www.dedeoyun.com/resim/150/ 9 KB
9 KB 64ms
61ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dedeoyun.com/resim/150/gta-5.jpg
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a91b54e64cb2610d8a3b03397100c3fed49ad0e7fd07a7085371f5b5b66c9217

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192100
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 9136
x-powered-by-plesk: PleskWin
last-modified: Sun, 23 Feb 2020 19:23:12 GMT
server: cloudflare
etag: "6fe94b07eead51:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rlZZp9o46gwy3LfSEhFt2Ccz1IUgee1Txi0jiLUq4%2BrivIXwBMT15zrm9BGEV%2FtzVLYnH8Jbgy9WSKaHa4YhWJoS3uSU3F6wM%2B9E05TQjX1xn8lx3mdIQOlSK26fHztC6nIABgSFlTSuZHOryjzq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=8640000
accept-ranges: bytes
cf-ray: 81dc1f6cbe9d4d37-FRA

GET
H2 200 aptallik-testi.jpg
www.dedeoyun.com/resim/150/ 9 KB
9 KB 63ms
61ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dedeoyun.com/resim/150/aptallik-testi.jpg
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dff64968628de02d0c55cc141a1fc5ead96cb005fce212ed7201e2d8ba6924e2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192100
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 8706
x-powered-by-plesk: PleskWin
last-modified: Tue, 20 Nov 2018 19:26:33 GMT
server: cloudflare
etag: "8d4260f2681d41:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCwAAXDzm8iWGo9u9qi6WctRW5a5qVstU1RJ9OwRqWVGYxo95%2BSixCmLkkLA1CtF%2F%2FGvN4mShcUTMi0D%2BL4ORhCraaaU4QRhH8bkYa0r2Y0b0rs3p1XoXl3w%2Fc1NylAG4lhYwy0DmcwnAacUWcnh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=8640000
accept-ranges: bytes
cf-ray: 81dc1f6cbea14d37-FRA

GET
H2 200 rocket-loader.min.js Show response
www.dedeoyun.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 42ms
40ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dedeoyun.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Oct 2023 17:54:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"653804c3-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIDA2ttKmP%2BOXM6%2Fh%2FlrxVFe%2BSl%2FDJp1x4gcydCn%2B1Tbq4fIvA0TnSBsgHsfrWJJJXgerApuxkylM5QGn2H57JcXxJeNwhmQh815Jdwgs2ALt3O5dITVazdLKFnPVwMzQzd8MFtnYAIY91zhmtnR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 81dc1f6cbea34d37-FRA
expires: Tue, 31 Oct 2023 14:31:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 114ms
34ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-155989915-1

Requested by

Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d13eb8a017ffb3f90dff10b1914de7caa75587bc3b595a1f1db70ad326eaa2cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68730
x-xss-protection: 0
last-modified: Sun, 29 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 29 Oct 2023 14:31:32 GMT

GET
H3 200 oyun.js Show response
www.dedeoyun.com/js/ 3 KB
2 KB 110ms
108ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dedeoyun.com/js/oyun.js
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d34fbbd67825a46bf1a21896d6d511a0c88137f3c4c3d43a967c1ba3cde4f8f5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Sun, 29 Oct 2023 14:31:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 10 Apr 2017 19:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8faca4f131b2d21:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rstqZXCckhk8V6MVLyG30AMkogdVZD9V7VWUywPZWKe%2FXI%2FGonaDHMSh1bQ84pP30d9WhV%2Fih3WgICeuomEcYDv6OTXkf%2FC7YAV89rlW3ZjfJraAAwLRITJAcOrLnvydun9SfuMW3EK4VYkZs3jA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=8640000
cf-ray: 81dc1f6d08ce8fd6-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 172ms
93ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

980550a1ac17982df287b2e31e06003f180b85cc137352c5481a69fc78f04925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51738
x-xss-protection: 0
server: cafe
etag: 11033144312458712551
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 14:31:32 GMT

GET
H3 200 search.png
www.dedeoyun.com/img/ 439 B
986 B 45ms
45ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dedeoyun.com/img/search.png
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/style.css?ver=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c7953994112c5897c6cb94b9340c67c8c2dc3837dc2ab4af08375baf1c51e88a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/style.css?ver=1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167418
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 439
x-powered-by-plesk: PleskWin
last-modified: Fri, 30 Sep 2016 21:46:14 GMT
server: cloudflare
etag: "f868811641bd21:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=js7uSugcPDAHznlqG1xxNgCnxDlmJNvTwRHfpeDmvr6tgoogUua7c9h1mZehD%2F%2BCJEzqYmDS0vGr%2FfWzEyfGHfA1TopHaULP66v5BEE%2FECoj9N29u7sQEmWjXsoqKF2n%2FaVgZQzKMt4RlljYMpxp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=8640000
accept-ranges: bytes
cf-ray: 81dc1f6d08d18fd6-FRA

GET
H3 200 bg-button1.png
www.dedeoyun.com/img/ 3 KB
3 KB 105ms
104ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dedeoyun.com/img/bg-button1.png
Requested by: Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/style.css?ver=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 00d97776d00cb7919b2805d008b52b462f01eb17d81dddf0b75d78a2b7bf6891

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/style.css?ver=1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 2803
x-powered-by-plesk: PleskWin
last-modified: Fri, 11 Jan 2019 15:14:02 GMT
server: cloudflare
etag: "5bf8749c0a9d41:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8WKg2%2BokIocuIqyefnYjCtuzbSUe43ooOyl4kCSIEljA6mzXT62oRY8E1Y4sxYur0rzbwy%2BNhd%2FHYDgUnGmFYAvg8kalDmhBg3JQVlX9wYUNvIFQTvtZxtABFT65GWl2hqkrvCwgS2PRB%2FCl4MR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=8640000
accept-ranges: bytes
cf-ray: 81dc1f6d08d38fd6-FRA

GET
H/1.1 200
OK main.js Show response
m9m6e2w5.stackpathcdn.com/v2/c24b2b89/ 148 KB
41 KB 78ms
17ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/c24b2b89/main.js
Requested by: Host: dsms0mj1bbhn4.cloudfront.net
URL: https://dsms0mj1bbhn4.cloudfront.net/assets/pub/shareaholic.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: efa66c11ec2a5f1c2324d0bc9b0fda9ab006ae65f898ee2b9c96c2497e6de77a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Sun, 29 Oct 2023 14:31:32 GMT
Content-Encoding: gzip
x-amz-request-id: H7XBBZ3W9S08X5R8
x-amz-server-side-encryption: AES256
X-Hello-Human: Join the fun! Apply at www.shareaholic.com/jobs
Connection: keep-alive
Content-Length: 41719
x-amz-id-2: 8/6a5oTh5arWZTbLkvP/vcb/3x4YqvnWAO1i3QBul/P+5K01ayRh02vMtkBPzO1jvU24m89t/O4=
Last-Modified: Fri, 27 Oct 2023 17:26:53 GMT
Server: nginx
ETag: "87fd51273fdf6dfd1d6888c7a824ba68"
X-HW: 1698589892.cds280.am5.hn,1698589892.cds300.am5.c
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes

GET
H2 200 81a92e8648e567da1a7b43fd949c8151.json Show response
www.shareaholic.net/config/ 5 KB
2 KB 332ms
105ms XHR
application/json 54.197.98.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shareaholic.net/config/81a92e8648e567da1a7b43fd949c8151.json
Requested by: Host: dsms0mj1bbhn4.cloudfront.net
URL: https://dsms0mj1bbhn4.cloudfront.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.197.98.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-98-98.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 59015c7013a910e80925513c8c37963dd5c060fdef0134252a1db5939b15b8d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-client-geo-country: NL,Netherlands
date: Sat, 28 Oct 2023 18:49:45 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0)
x-client-geo-metrocode
content-length: 1605
x-client-geo-region
server: nginx
etag: W/"59015c7013a910e80925513c8c37963d"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
x-varnish: 548427847 535416434
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Etag, Access-Control-Allow-Origin, x-client-geo-latlong, x-client-geo-country, x-client-geo-city, x-client-geo-zip, x-client-geo-region, x-client-geo-metrocode
cache-control: max-age=3, public, must-revalidate
x-client-geo-city
x-client-geo-zip
access-control-max-age: 2000
accept-ranges: bytes
access-control-allow-headers: *
x-client-geo-latlong: 52.382400,4.899500

POST
H2 200 e
analytics.shareaholic.com/ 43 B
381 B 354ms
113ms Ping
image/gif 52.20.250.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.shareaholic.com/e

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/c24b2b89/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.20.250.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-250-67.compute-1.amazonaws.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Content-Security-Policy	referrer always

Request headers

Referer: https://www.dedeoyun.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:33 GMT
content-security-policy: referrer always
vary: Origin
content-type: image/gif
access-control-allow-origin: https://www.dedeoyun.com
p3p: CP="OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
referer-policy: unsafe-url
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 39ms
36ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HGK04MYWHC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-155989915-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

06978737b7e257a1323b1bdafb878dd74edade41e80c99912864878584b7f424

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78937
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 29 Oct 2023 14:31:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 101ms
31ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-155989915-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 29 Oct 2023 13:51:32 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2400
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 29 Oct 2023 15:51:32 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/ 398 KB
135 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1016383332489375&plah=www.dedeoyun.com&bust=31079248

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c77e69ba45c1282daaf4e0775d41d9bc257589d5cbba51ce214b42279f6e82dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138067
x-xss-protection: 0
server: cafe
etag: 4750655337444371307
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 14:31:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/ Frame 0009 10 KB
5 KB 73ms
22ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dedeoyun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 4788
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 13:11:44 GMT
etag: 4569948109300706969
expires: Sun, 12 Nov 2023 13:11:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
246 B 62ms
23ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HGK04MYWHC&gtm=45je3ap0v9109862532&_p=474503055&gcd=11l1l1l1l1&cid=756255355.1698589893&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1698589892&sct=1&seg=0&dl=https%3A%2F%2Fwww.dedeoyun.com%2F&dt=Dede%20Oyun%20-%20En%20Yeni%20Oyunlar&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HGK04MYWHC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dedeoyun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
207 B 39ms
38ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=474503055&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dedeoyun.com%2F&ul=en-us&de=UTF-8&dt=Dede%20Oyun%20-%20En%20Yeni%20Oyunlar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=644681639&gjid=846446843&cid=756255355.1698589893&tid=UA-155989915-1&_gid=1640951615.1698589893&_r=1&gtm=457e3ap0&gcd=11l1l1l1l1&jsscut=1&z=2071908739

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dedeoyun.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dedeoyun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK buttons.js Show response
m9m6e2w5.stackpathcdn.com/v2/c24b2b89/ 179 KB
38 KB 19ms
18ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/c24b2b89/buttons.js
Requested by: Host: dsms0mj1bbhn4.cloudfront.net
URL: https://dsms0mj1bbhn4.cloudfront.net/assets/pub/shareaholic.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: a0ddcaf000190e6f47f2042119948a5cf9866664f02aada0bbb76582fcd3bec4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Sun, 29 Oct 2023 14:31:33 GMT
Content-Encoding: gzip
x-amz-request-id: H7X5VK8K9W9P6SJA
x-amz-server-side-encryption: AES256
X-Hello-Human: Join the fun! Apply at www.shareaholic.com/jobs
Connection: keep-alive
Content-Length: 37945
x-amz-id-2: QDna3fr9TUIiWpDG8DPbZOOqtsWYZCG1lu0VmjOF+ypEoDpiAfmfUB8g+dhilIlYbrHAuvlrJlY=
Last-Modified: Fri, 27 Oct 2023 17:26:53 GMT
Server: nginx
ETag: "2a86afb27d13548c2e9e8c32e6935329"
X-HW: 1698589893.cds280.am5.hn,1698589893.cds148.am5.c
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes

GET
H2 200 partners.js Show response
partner.shareaholic.com/ 0
265 B 358ms
108ms Script
application/javascript 107.20.147.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.shareaholic.com/partners.js?location=https%3A%2F%2Fwww.dedeoyun.com%2F&cl=tr-TR&id_sync=3c9867b3-9441-4de0-8921-a87dc6324563&pvs=1&site=81a92e8648e567da1a7b43fd949c8151
Requested by: Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/c24b2b89/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.147.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-147-136.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:33 GMT
vary: Accept-Encoding, User-Agent
p3p: CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated
/ 492 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4299f2aaa46eea61cff7da0f945e26cf0ace8a35ea912182e7df2a9958db8e10

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 count.json Show response
api.pinterest.com/v1/urls/ 56 B
323 B 172ms
127ms Script
application/javascript 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.dedeoyun.com%2F&callback=JSONP_481

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/c24b2b89/buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

486758874a6b570cd2a2e7e3eba2200c510279e2ba9da28f76390f0064933334

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:33 GMT
x-content-type-options: nosniff
x-cdn: fastly
age: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 4480264547592524
content-length: 56
expires: Sun, 29 Oct 2023 14:46:33 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
605 B 88ms
28ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.dedeoyun.com&callback=_gfp_s_&client=ca-pub-1016383332489375

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1016383332489375&plah=www.dedeoyun.com&bust=31079248

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6b9d2d47597af64730648cf97c2feb38236e296616a4084fd33ea2c40fe7703

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D256 148 KB
52 KB 589ms
586ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1016383332489375&output=html&h=90&slotname=2067384745&adk=2444206786&adf=1477197835&pi=t.ma~as.2067384745&w=728&lmt=1698586293&format=728x90&url=https%3A%2F%2Fwww.dedeoyun.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698589892884&bpp=3&bdt=333&idt=356&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&correlator=821585725316&frm=20&pv=2&ga_vid=756255355.1698589893&ga_sid=1698589893&ga_hid=474503055&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=516&ady=77&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079079%2C31079084%2C44805932%2C44806921%2C44806737%2C31078297%2C31079248&oid=2&pvsid=357335387441526&tmod=1816953483&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h8Vb78GNeM&p=https%3A//www.dedeoyun.com&dtd=381

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7c9d49b5581685a28989632294891bced41a8d7cbc266318163b8b162bcf267

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17012469280101164520/728x90/728x90C.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17012469280101164520/728x90/728x90C.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMST27m8m4IDFQJqYgodU0gH7g&gqi=xWw-Zf2GEt6B1fAP1Ii40Ag&layout=/sadbundle/%24csp%253Der3%24/17012469280101164520/728x90/728x90C.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dedeoyun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 52303
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17012469280101164520/728x90/728x90C.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17012469280101164520/728x90/728x90C.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMST27m8m4IDFQJqYgodU0gH7g&gqi=xWw-Zf2GEt6B1fAP1Ii40Ag&layout=/sadbundle/%24csp%253Der3%24/17012469280101164520/728x90/728x90C.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 14:31:33 GMT
expires: Sun, 29 Oct 2023 14:31:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 138ms
93ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231025&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71e99106ff360de11bc14a501e4cdf117c1e9f707e4735f80531c85e80052796

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12166
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 295E 168 KB
53 KB 717ms
716ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1016383332489375&output=html&h=600&slotname=8872643852&adk=3699011343&adf=3132389021&pi=t.ma~as.8872643852&w=160&lmt=1698586293&format=160x600&url=https%3A%2F%2Fwww.dedeoyun.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698589892887&bpp=2&bdt=336&idt=388&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=821585725316&frm=20&pv=1&ga_vid=756255355.1698589893&ga_sid=1698589893&ga_hid=474503055&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079079%2C31079084%2C44805932%2C44806921%2C44806737%2C31078297%2C31079248&oid=2&pvsid=357335387441526&tmod=1816953483&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lzOXTn3YLA&p=https%3A//www.dedeoyun.com&dtd=393

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbddc0f1044a52d5ef1cb3aa1060026761ca668f76b7a9739a3b6e7891a21c2c

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3381756031240795982/120x600/120x600C.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3381756031240795982/120x600/120x600C.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLvF27m8m4IDFYiTfwQd0UoO7A&gqi=xWw-ZaXgEsy71fAPztaggAQ&layout=/sadbundle/%24csp%253Der3%24/3381756031240795982/120x600/120x600C.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dedeoyun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 53195
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3381756031240795982/120x600/120x600C.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3381756031240795982/120x600/120x600C.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLvF27m8m4IDFYiTfwQd0UoO7A&gqi=xWw-ZaXgEsy71fAPztaggAQ&layout=/sadbundle/%24csp%253Der3%24/3381756031240795982/120x600/120x600C.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 14:31:33 GMT
expires: Sun, 29 Oct 2023 14:31:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AC4F 575 KB
134 KB 1131ms
1125ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1016383332489375&output=html&adk=1812271804&adf=3025194257&lmt=1698586293&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fwww.dedeoyun.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=1&asacwct=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698589892904&bpp=2&bdt=352&idt=390&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C160x600&nras=1&correlator=821585725316&frm=20&pv=1&ga_vid=756255355.1698589893&ga_sid=1698589893&ga_hid=474503055&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079079%2C31079084%2C44805932%2C44806921%2C44806737%2C31078297%2C31079248&oid=2&pvsid=357335387441526&tmod=1816953483&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=456

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdd999eec7b1c791a6921a24eb2caac8dbae68fb07a0e9b13bd8b66b357eab69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dedeoyun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 136762
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 14:31:34 GMT
expires: Sun, 29 Oct 2023 14:31:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 112ms
60ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 Oct 2023 14:31:33 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CC0C 13 KB
5 KB 66ms
29ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dedeoyun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 5184
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 13:05:09 GMT
expires: Mon, 28 Oct 2024 13:05:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 84DB 829 B
1 KB 258ms
38ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a65cabba92aa15ab26bc1a66bc5d8b692f11549c13e8da14f1fe2c1702f33962

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WSZ99uUXYgxi5aJDyQePDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dedeoyun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-WSZ99uUXYgxi5aJDyQePDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 14:31:33 GMT
expires: Sun, 29 Oct 2023 14:31:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame CC0C 38 KB
15 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:16:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Oct 2024 08:16:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 84DB 0
0 124ms
124ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231025&jk=357335387441526&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 728x90C.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17012469280101164520/728x90/ Frame F170 4 KB
2 KB 21ms
20ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17012469280101164520/728x90/728x90C.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1016383332489375&output=html&h=90&slotname=2067384745&adk=2444206786&adf=1477197835&pi=t.ma~as.2067384745&w=728&lmt=1698586293&format=728x90&url=https%3A%2F%2Fwww.dedeoyun.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698589892884&bpp=3&bdt=333&idt=356&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&correlator=821585725316&frm=20&pv=2&ga_vid=756255355.1698589893&ga_sid=1698589893&ga_hid=474503055&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=516&ady=77&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079079%2C31079084%2C44805932%2C44806921%2C44806737%2C31078297%2C31079248&oid=2&pvsid=357335387441526&tmod=1816953483&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h8Vb78GNeM&p=https%3A//www.dedeoyun.com&dtd=381

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f78c3978e6ccedeaf5eedf6308f974424c885274a91ce350b727a355b8c2ea5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 95565
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1666
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 11:58:48 GMT
expires: Sun, 27 Oct 2024 11:58:48 GMT
last-modified: Wed, 13 Mar 2019 07:43:12 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/ Frame D256 23 KB
9 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 13:05:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 13:05:09 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3CA4 143 B
166 B 32ms
28ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1016383332489375&output=html&h=90&slotname=2067384745&adk=2444206786&adf=1477197835&pi=t.ma~as.2067384745&w=728&lmt=1698586293&format=728x90&url=https%3A%2F%2Fwww.dedeoyun.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698589892884&bpp=3&bdt=333&idt=356&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&correlator=821585725316&frm=20&pv=2&ga_vid=756255355.1698589893&ga_sid=1698589893&ga_hid=474503055&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=516&ady=77&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079079%2C31079084%2C44805932%2C44806921%2C44806737%2C31078297%2C31079248&oid=2&pvsid=357335387441526&tmod=1816953483&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h8Vb78GNeM&p=https%3A//www.dedeoyun.com&dtd=381
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1290
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 14:10:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame D256 3 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 13:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5407
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 13:01:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame D256 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 02:48:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 02:48:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D256 187 KB
59 KB 142ms
78ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Oct 2023 14:31:34 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame F170 6 KB
3 KB 22ms
19ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17012469280101164520/728x90/728x90C.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:19:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 30 Oct 2023 08:19:57 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F170 34 KB
13 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17012469280101164520/728x90/728x90C.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 13:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 30 Oct 2023 13:31:21 GMT

GET
H2 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame F170 186 KB
48 KB 124ms
38ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17012469280101164520/728x90/728x90C.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Oct 2023 14:31:34 GMT

GET
H3 200 728x90C.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17012469280101164520/728x90/ Frame F170 31 KB
9 KB 25ms
24ms Script
application/x-javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17012469280101164520/728x90/728x90C.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17012469280101164520/728x90/728x90C.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3091b67185aace7fe8eef02b0bd4d0bf7a4ee171bc5aa7d6008fc74f8ed270a0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 27 Oct 2023 09:48:01 GMT
age: 189812
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9215
x-xss-protection: 0
last-modified: Wed, 13 Mar 2019 07:43:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Oct 2024 09:48:01 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CC0C 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GRuWLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ Frame D256 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d71227fc3def221520b1086f6873be2c0b147e84560ab9b89af526372793b50

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3CA4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

29ms
28ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 14:31:34 GMT
expires: Sun, 29 Oct 2023 14:31:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 14:31:34 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 120x600C.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3381756031240795982/120x600/ Frame 7CF0 4 KB
2 KB 25ms
22ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3381756031240795982/120x600/120x600C.html

Requested by

Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de0262e618d5ad8217b174bbbbf8265c003f3e65c1ca4c5b3ac6c29d573c6147

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 102112
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1669
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 10:09:42 GMT
expires: Sun, 27 Oct 2024 10:09:42 GMT
last-modified: Wed, 13 Mar 2019 07:43:11 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 695F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CBqZQxWw-ZfvOF4in_tMP0ZW54A6u27qqZ7HlvtqiCez1u87KDRABIIu-ygZgkQSgAYLGi9kDyAEJqQK00IIZf7mxPqgDAcgDSKoE0gFP0Nyj2Hy5FhVsU9U8ZgSu4SScksAtLrEREBZ4GE_...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227974467552468851732%22,%22debug_reporting%22:true,%22destination%22:%22https://sleiderink.nl%22,%22event_report_window%22:...

0
0

108ms
53ms

Fetch
text/css

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227974467552468851732%22,%22debug_reporting%22:true,%22destination%22:%22https://sleiderink.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22992142082%22],%224%22:[%2210-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229834943299572143425%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1016383332489375&output=html&h=600&slotname=8872643852&adk=3699011343&adf=3132389021&pi=t.ma~as.8872643852&w=160&lmt=1698586293&format=160x600&url=https%3A%2F%2Fwww.dedeoyun.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698589892887&bpp=2&bdt=336&idt=388&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=821585725316&frm=20&pv=1&ga_vid=756255355.1698589893&ga_sid=1698589893&ga_hid=474503055&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079079%2C31079084%2C44805932%2C44806921%2C44806737%2C31078297%2C31079248&oid=2&pvsid=357335387441526&tmod=1816953483&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lzOXTn3YLA&p=https%3A//www.dedeoyun.com&dtd=393

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:34 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"7974467552468851732","debug_reporting":true,"destination":"https://sleiderink.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["992142082"],"4":["10-29"],"6":["true"]},"priority":"500","source_event_id":"9834943299572143425"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Oct 2023 14:31:34 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 29 Oct 2023 14:31:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7974467552468851732","debug_reporting":true,"destination":"https://sleiderink.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["992142082"],"4":["10-29"],"6":["true"]},"priority":"500","source_event_id":"9834943299572143425"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/ Frame 695F 23 KB
9 KB 29ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 13:05:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 13:05:09 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8F40 143 B
166 B 27ms
23ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1016383332489375&output=html&h=600&slotname=8872643852&adk=3699011343&adf=3132389021&pi=t.ma~as.8872643852&w=160&lmt=1698586293&format=160x600&url=https%3A%2F%2Fwww.dedeoyun.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698589892887&bpp=2&bdt=336&idt=388&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=821585725316&frm=20&pv=1&ga_vid=756255355.1698589893&ga_sid=1698589893&ga_hid=474503055&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079079%2C31079084%2C44805932%2C44806921%2C44806737%2C31078297%2C31079248&oid=2&pvsid=357335387441526&tmod=1816953483&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lzOXTn3YLA&p=https%3A//www.dedeoyun.com&dtd=393
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1291
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 14:10:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 695F 3 KB
1 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 13:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 13:01:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 695F 20 KB
8 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 02:48:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 02:48:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 695F 187 KB
59 KB 99ms
95ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Oct 2023 14:31:34 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 7CF0 6 KB
3 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3381756031240795982/120x600/120x600C.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:19:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 30 Oct 2023 08:19:57 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7CF0 34 KB
13 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3381756031240795982/120x600/120x600C.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 13:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 30 Oct 2023 13:31:21 GMT

GET
H2 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7CF0 186 KB
48 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3381756031240795982/120x600/120x600C.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Oct 2023 14:31:34 GMT

GET
H3 200 120x600C.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3381756031240795982/120x600/ Frame 7CF0 31 KB
9 KB 24ms
22ms Script
application/x-javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3381756031240795982/120x600/120x600C.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3381756031240795982/120x600/120x600C.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1149528e11cac1770bd5b7185a4df571a24708259458ffef675178a82053f0fc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 28 Oct 2023 10:09:43 GMT
age: 102111
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9214
x-xss-protection: 0
last-modified: Wed, 13 Mar 2019 07:43:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 27 Oct 2024 10:09:43 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 110ms
55ms Preflight
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 29 Oct 2023 14:31:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 695F 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 965b0e9a05c72471e089e0b9cd0408a694e9f4322265513ee5a76293bb92fbc3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bg336.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17012469280101164520/728x90/ Frame F170 22 KB
22 KB 23ms
20ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17012469280101164520/728x90/bg336.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44195b9b227add0423806d975b7406ac2f9041248f43e16742a26d812b9be00e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 27 Oct 2023 09:48:01 GMT
x-content-type-options: nosniff
age: 189813
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22926
x-xss-protection: 0
last-modified: Wed, 13 Mar 2019 07:43:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Oct 2024 09:48:01 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame D256
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CpF25xWw-ZYSdF4LUiQPTkJ3wDq7buqpnme2-2qIJ7PW7zsoNEAEgi77KBmCRBKABgsaL2QPIAQmpArTQghl_ubE-qAMByANIqgTPAU_Qz-cD9rh2QN1cbMiF-s36sM_TtbgoS-hjPnTRTcf...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225846069992653576847%22,%22debug_reporting%22:true,%22destination%22:%22https://sleiderink.nl%22,%22event_report_window%22:...

0
0

60ms
58ms

Fetch
text/css

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225846069992653576847%22,%22debug_reporting%22:true,%22destination%22:%22https://sleiderink.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22992142082%22],%224%22:[%2210-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226563886470145846289%22}&andc=true

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:34 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5846069992653576847","debug_reporting":true,"destination":"https://sleiderink.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["992142082"],"4":["10-29"],"6":["true"]},"priority":"500","source_event_id":"6563886470145846289"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Oct 2023 14:31:34 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 29 Oct 2023 14:31:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5846069992653576847","debug_reporting":true,"destination":"https://sleiderink.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["992142082"],"4":["10-29"],"6":["true"]},"priority":"500","source_event_id":"6563886470145846289"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8F40
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

35ms
34ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 14:31:34 GMT
expires: Sun, 29 Oct 2023 14:31:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 14:31:34 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Yki7wq91PsU7DdxfmXKOQxU4B1wmfJmh9h09t8sJadc.js Show response
pagead2.googlesyndication.com/bg/ Frame F170 38 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yki7wq91PsU7DdxfmXKOQxU4B1wmfJmh9h09t8sJadc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6248bbc2af753ec53b0ddc5f99728e431538075c267c99a1f61d3db7cb0969d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15080
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 18:16:58 GMT

GET
H3 200 locatie.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17012469280101164520/728x90/ Frame F170 34 KB
34 KB 23ms
23ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17012469280101164520/728x90/locatie.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b91b857941dde90b60505226fd8531d737ad19483274b492ab751cf48c5c041c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 27 Oct 2023 09:48:01 GMT
x-content-type-options: nosniff
age: 189813
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34690
x-xss-protection: 0
last-modified: Wed, 13 Mar 2019 07:43:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Oct 2024 09:48:01 GMT

GET
H3 200 bg600.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3381756031240795982/120x600/ Frame 7CF0 27 KB
27 KB 22ms
20ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3381756031240795982/120x600/bg600.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28aae6127b7e4353b1f97c28e15d23d0695d8f3b7343263069bfdddd09692c51

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 27 Oct 2023 12:12:15 GMT
x-content-type-options: nosniff
age: 181159
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28015
x-xss-protection: 0
last-modified: Wed, 13 Mar 2019 07:43:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Oct 2024 12:12:15 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 55ms
53ms Preflight
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 29 Oct 2023 14:31:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 materialen.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17012469280101164520/728x90/ Frame F170 65 KB
65 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17012469280101164520/728x90/materialen.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be2659ef78a30587b8103d9a2046f1ad419c101d1fbc10882b6e20e6c223a22a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 27 Oct 2023 09:48:02 GMT
x-content-type-options: nosniff
age: 189812
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66146
x-xss-protection: 0
last-modified: Wed, 13 Mar 2019 07:43:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Oct 2024 09:48:02 GMT

GET
H3 200 Yki7wq91PsU7DdxfmXKOQxU4B1wmfJmh9h09t8sJadc.js Show response
pagead2.googlesyndication.com/bg/ Frame 7CF0 38 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yki7wq91PsU7DdxfmXKOQxU4B1wmfJmh9h09t8sJadc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6248bbc2af753ec53b0ddc5f99728e431538075c267c99a1f61d3db7cb0969d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15080
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 18:16:58 GMT

GET
H3 200 locatie.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3381756031240795982/120x600/ Frame 7CF0 34 KB
34 KB 25ms
24ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3381756031240795982/120x600/locatie.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b91b857941dde90b60505226fd8531d737ad19483274b492ab751cf48c5c041c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 27 Oct 2023 12:12:15 GMT
x-content-type-options: nosniff
age: 181159
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34690
x-xss-protection: 0
last-modified: Wed, 13 Mar 2019 07:43:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Oct 2024 12:12:15 GMT

GET
H3 200 materialen.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3381756031240795982/120x600/ Frame 7CF0 65 KB
65 KB 25ms
24ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3381756031240795982/120x600/materialen.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be2659ef78a30587b8103d9a2046f1ad419c101d1fbc10882b6e20e6c223a22a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 27 Oct 2023 12:12:15 GMT
x-content-type-options: nosniff
age: 181159
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66146
x-xss-protection: 0
last-modified: Wed, 13 Mar 2019 07:43:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Oct 2024 12:12:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 137ms
136ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231025&jk=357335387441526&bg=!pqWlperNAAbo5yKYyOc7ADQBe5WfOOVpsHOEul2oPUw4c0lJM8L_zNfIo4wdG8IXPP540J51sjbgx6k-b-0vIOjV67BbAgAAAJdSAAAAA2gBBwoAXZUcp51XlFM3EhVCceJrvUWmFzPt7MTFQXwyXQu4zce8a4l3CBTvE2wpVNYbp2vs6tQr7QZWduxrbIGskvC91l-wNQiNxpwothVDnc4R1JVeKLDxkzLz7a7mGM0b6JkCsEcH5nB2xW98XbB8l_JeqexBPCTWMpmHn3X9xVdauMtQVeOTIawEhUHMKo_PK2YWDJE-gQS_bl5qQDIBEO6u0NHj2uPmMfXFA9gbSSU-SfMBOQEdHy5APC7Awh69nb8Xts89kM37Ysna5G8oRSUOp7C4BLM6n3rkfGrtfcjqlTDk78LRe8ry0pHqo0LWAYlFuE67--6-Rq4qh289RdYsy5eRBoQUQNcYaOZAO6GBUjwpDjzU-eOK8vtNghsfIbq2hw1tzsKz8ts2CdhCmAnmlbOgQsvhRpmRphG1W4zEdDZYvdP1K7iDHAuqbvT37t_T6Q5hlMPir-VjxppO_SHfpq_kxE-8VQ3FXQS0hLew_eaOI_ht7OVNNqcj7MHsiDjVWd4E0yWJSzwfWxTj2N_MRYCzAaNC35mw9U_aGHh5-BMMBsg8vMk8xCJVJu-eSXU4AF75PIJYX6XqjClDVvZwe7N-cHUIofrzpyLPSmtvRe6-kmmUCQYCLE7AHD8KEuJpZrIUyBe6d-JVjFXoybjOnWHVqskZBO9j_ql15V4UttEDgHtgpJCJ4_K5-QrWVfMK5_HT809n-wqBSsl00dX-ppOafs43GitzxYIMyqELM-KiK9rGOqooVsr5gwGI3CIzXDupkAw6L8p0x6uOa6rFmWoL5UtmvbEAImR3JBxdXoCtAAjxpXfowQCVv98AqsLNuuwcFgK3kFGjeJ751X0xLaCuWHhEqEHcHa5v_N47rEU_P2wGyu9SahTZwOkVWXmBr6u5qr10uPFu7xfwFHv_O9vwuC8Pmlc2wJOok5f9br1Rp7nKKhNqK1NUQBIV7ZeX3i6nKv0Rp1yWOuCp6jEVQezwPbJfD4Tp86BNWxH1laV5KBC-qh_TCIb0Y6zBUg2YBYWmJZTF1GcN0rrnexX49DQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/ 160 KB
55 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/reactive_library_fy2021.js?bust=31079248

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2c50c8c6b70955f8374ad2ffe663bf9c8458920427087860d923a0abfd91381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dedeoyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55811
x-xss-protection: 0
server: cafe
etag: 5309547812748611107
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 14:31:34 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/ Frame 6DAB 10 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dedeoyun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 68479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 19:30:15 GMT
etag: 4569948109300706969
expires: Sat, 11 Nov 2023 19:30:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/ Frame B745 10 KB
4 KB 19ms
18ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dedeoyun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 68479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 19:30:15 GMT
etag: 4569948109300706969
expires: Sat, 11 Nov 2023 19:30:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/ Frame 88D3 10 KB
4 KB 20ms
18ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dedeoyun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 68479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 19:30:15 GMT
etag: 4569948109300706969
expires: Sat, 11 Nov 2023 19:30:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/ Frame 20CF 10 KB
4 KB 20ms
19ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dedeoyun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 68479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 19:30:15 GMT
etag: 4569948109300706969
expires: Sat, 11 Nov 2023 19:30:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 6DAB 4 KB
1 KB 128ms
26ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Oct 2023 14:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 29 Oct 2023 13:04:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 Oct 2023 14:31:34 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6DAB 205 B
296 B 105ms
5ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 02:28:25 GMT
x-content-type-options: nosniff
age: 216189
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 26 Oct 2024 02:28:25 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6DAB 604 B
1 KB 104ms
4ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 11:17:16 GMT
x-content-type-options: nosniff
age: 270858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 25 Oct 2024 11:17:16 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/ Frame 6DAB 15 KB
7 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25bb559beb57a681fbcd6b749ea0c17ecf3939efc5127ac756520f819f0c8f9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 16:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6638
x-xss-protection: 0
server: cafe
etag: 5714928435844906340
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 16:32:55 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/ Frame 6DAB 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 16:20:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8598
x-xss-protection: 0
server: cafe
etag: 10300645532664441910
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 16:20:49 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3EF5 624 B
245 B 73ms
72ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGKb0s-cBMAE&v=APEucNVSoezVe3TJ-oCiITpwnvQksP3jUMVEixC3GTxLTeKK2yzrOvbrcADkYWAwpA3XPw168Jxxdk7zW1pAKyanZuBhSF6qfClEt84dnUhCcJdqByD7pscAhA-MSDfKhvXqdOf2-kydFoMTLF-XzZ2v9S3SrktoyTdissoPLnzbkJ1-QpmGtDQ

Requested by

Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 14:31:34 GMT
expires: Sun, 29 Oct 2023 14:31:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231025/r20110914/ Frame 35A0 23 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite_fy2021.js

Requested by

Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 11:45:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 11:45:38 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/ Frame 35A0 7 KB
3 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 16:19:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 16:19:45 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 35A0 41 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 302948
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 02:22:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 35A0 3 KB
1 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 13:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 13:01:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 35A0 20 KB
8 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 02:48:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 02:48:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 35A0 187 KB
59 KB 99ms
98ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Oct 2023 14:31:34 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 35A0 42 B
63 B 120ms
119ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CrmFMI5C0fRqP2guUeZQ9KFIvExKyKIAvUZYeTiThrWlHoJunEfDQMHSf4JAA9ThUNhSh3-ZG8MQmk7DeLlvtTVtNqViltYiKuCYgb0vVckgnyTJ4

Requested by

Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 11447508629039149190
s0.2mdn.net/simgad/ Frame 35A0 19 KB
19 KB 48ms
48ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11447508629039149190

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eef8e23801cc13c6ecdde36dafb161c3149c6f82b88bc7204f4bb51e395d94c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 13:57:42 GMT
x-content-type-options: nosniff
age: 434032
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19711
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 20:50:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Oct 2024 13:57:42 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6800 624 B
245 B 81ms
71ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjtyrvGATAB&v=APEucNWUW4R9od_N3_mKNJZ_OOiXm31mMDzyqIpu1aFX9WiZ1vdfcmcU_lyf8MGChPQsW-TfnRXgq69GPjUdFn4kkYrjmpl7hfE3S3BzFjgEqnyGFYngQdh8Wm_AdghkEub-fxxXNI-5G1fhlFWTX54RTJ4-xO9ky-Au3apsH1dayhHyCz3npXQ

Requested by

Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 14:31:34 GMT
expires: Sun, 29 Oct 2023 14:31:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F7CB 89 KB
31 KB 96ms
85ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 14:31:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame F7CB 3 KB
1 KB 48ms
38ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 13:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 13:01:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame F7CB 20 KB
8 KB 49ms
39ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 02:48:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 02:48:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F7CB 187 KB
59 KB 112ms
101ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Oct 2023 14:31:34 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F7CB 42 B
63 B 135ms
124ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AV6GkCRLe6rY3d-EEoSPgTxIeuetwxqOfgEiBr6yuw6lV78cJrwGbmN7MNEWLPyijmB-lQwgVm7Nk6j3EMAb3qynptxbu7inG8fJMksxkMw9fOw6s

Requested by

Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F7CB 0
20 B 141ms
122ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13571479365048572803&x=1&ct=77

Requested by

Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 20CF 2 KB
834 B 51ms
22ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 16:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 16:14:43 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 20CF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CIlhRxWw-ZenkHOCf18cP7921sA-u27qqZ-q_2J7GCez1u87KDRABIIu-ygZgkQSgAYLGi9kDyAEJqQK00IIZf7mxPqgDAcgDywSqBNEBT9D9aF2oi93Q1tJF1dNrufRhBc7s-emah48tnIA...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213806077711748844565%22,%22debug_reporting%22:true,%22destination%22:%22https://sleiderink.nl%22,%22event_report_window%22...

0
0

54ms
53ms

Fetch
text/css

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213806077711748844565%22,%22debug_reporting%22:true,%22destination%22:%22https://sleiderink.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22992142082%22],%224%22:[%2210-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221013200830421435377%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:35 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13806077711748844565","debug_reporting":true,"destination":"https://sleiderink.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["992142082"],"4":["10-29"],"6":["true"]},"priority":"500","source_event_id":"1013200830421435377"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Oct 2023 14:31:35 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 29 Oct 2023 14:31:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13806077711748844565","debug_reporting":true,"destination":"https://sleiderink.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["992142082"],"4":["10-29"],"6":["true"]},"priority":"500","source_event_id":"1013200830421435377"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/ Frame 20CF 23 KB
9 KB 64ms
29ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 13:05:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 13:05:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 20CF 3 KB
1 KB 64ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 13:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 13:01:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 20CF 20 KB
8 KB 64ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 02:48:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 02:48:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 20CF 187 KB
59 KB 106ms
72ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Oct 2023 14:31:34 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame 20CF 36 KB
15 KB 72ms
26ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 17:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 16:29:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 17:04:13 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 20CF 14 KB
15 KB 176ms
71ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR81ctfK_d5PFIH_kQl15U3_kBa5cVHIIuhsuybo5WwGt4l8Lyh3_ppNn-RAUI&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d4defaba412706e1cef5cabdd958d2b391375fe0ea17384d83c40194a8d59bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 16 Apr 2023 08:26:38 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14842
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 28 Oct 2024 14:31:34 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 20CF 40 KB
41 KB 132ms
23ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRPK9EwBL0ESC6XZdwlS6cg2NuuJYL60u2lG6-k9oNTfHRhtqiot8g4JYIaMQU&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a73fb63c0032360a054ed24dce8f626d48b32ed607640bf1c7ac1228619d7bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:42:03 GMT
x-content-type-options: nosniff
age: 172171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40943
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 06:26:15 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 26 Oct 2024 14:42:03 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 20CF 44 KB
44 KB 126ms
21ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTbe2H0xdpC4VGVXfn3jBenheSEmaqBnMgi6p0Of68u1Gcd8Hvd7AitJtMDUN8&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb3bc1d4a3d39269b6d8f89126270dcce9f08c34711b2e40a688a69fefdbda7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 10:09:43 GMT
x-content-type-options: nosniff
age: 102111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44997
x-xss-protection: 0
last-modified: Tue, 22 Dec 2020 01:05:15 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 27 Oct 2024 10:09:43 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 20CF 43 KB
43 KB 146ms
43ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQnAHy3Vaeg3msjfPUTqKgV1KT0oQs2e0LfBSR1eemAQkzQggf3WqwyS_bgItE&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b118f8204d0e47269e3f7cb3dbb71d683c1ad2e20a8c5ddc7d54f9495e92cf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 00:14:03 GMT
x-content-type-options: nosniff
age: 137851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43581
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 10:59:51 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 27 Oct 2024 00:14:03 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 20CF 14 KB
15 KB 120ms
21ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcShquR8zN-piA3O1gR7jhLyjDUgre4KOvk9viI_4LS6bbQyflyIrcGNcejosdY&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4b1cdb55911ecf1527d37002d5b3125ad299eb803130f080eecc358abd1c79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:21:32 GMT
x-content-type-options: nosniff
age: 90602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14635
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 17:11:15 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 27 Oct 2024 13:21:32 GMT

GET
H3

200

11039925474816115258
tpc.googlesyndication.com/simgad/ Frame 20CF
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCHkIqG2wEQ8QQY8AQyCHCXNwXCmSGr
https://tpc.googlesyndication.com/simgad/11039925474816115258

17 KB
17 KB

28ms
25ms

Image
image/png

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11039925474816115258

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5513df92fe2b99e2ecae31672897613adda6b512cc16628ee1184ec4998d37cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:27:01 GMT
x-content-type-options: nosniff
age: 360273
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17786
x-xss-protection: 0
last-modified: Tue, 14 May 2019 07:57:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Oct 2024 10:27:01 GMT

Redirect headers

date: Sun, 29 Oct 2023 09:14:34 GMT
x-content-type-options: nosniff
server: cafe
age: 19020
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/11039925474816115258
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 28 Nov 2023 09:14:34 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame D307 38 KB
13 KB 51ms
31ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 195468
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 08:13:46 GMT
expires: Sat, 26 Oct 2024 08:13:46 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 3EF5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqDNkt8wtO3Nf4zBEANLK8&google_cver=1

43 B
348 B

43ms
42ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqDNkt8wtO3Nf4zBEANLK8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGKb0s-cBMAE&v=APEucNVSoezVe3TJ-oCiITpwnvQksP3jUMVEixC3GTxLTeKK2yzrOvbrcADkYWAwpA3XPw168Jxxdk7zW1pAKyanZuBhSF6qfClEt84dnUhCcJdqByD7pscAhA-MSDfKhvXqdOf2-kydFoMTLF-XzZ2v9S3SrktoyTdissoPLnzbkJ1-QpmGtDQ
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gz9LmBbOe%2Fb%2F%2FG8GiFK6cBLI4m%2FGdthwXhQS6cKhBZbzgeMtZ1vcB3%2FZjqTFIVkUrh5Fa%2BEAeL7t9qJ1pr1OvsN%2BVfVnT1xUi61PJd%2BBDH0VaPlbGcyyQ%2BFx4PumEhcdTdFVbD%2Bte%2BTn5A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81dc1f7b6be0664e-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqDNkt8wtO3Nf4zBEANLK8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3EF5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZT5sxi-UDj2LoOP34ZcoVwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqDNkt8wtO3Nf4zBEANLK8&google_cver=1

43 B
738 B

44ms
43ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqDNkt8wtO3Nf4zBEANLK8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGKb0s-cBMAE&v=APEucNVSoezVe3TJ-oCiITpwnvQksP3jUMVEixC3GTxLTeKK2yzrOvbrcADkYWAwpA3XPw168Jxxdk7zW1pAKyanZuBhSF6qfClEt84dnUhCcJdqByD7pscAhA-MSDfKhvXqdOf2-kydFoMTLF-XzZ2v9S3SrktoyTdissoPLnzbkJ1-QpmGtDQ
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHeRmvTpzhA3XYpXoNSgHgH3k%2FozMfQnffBbJd66%2BfeoAzjiMXVRuP1Z4%2B%2FC21pzcEfcePapxc9g%2BN0QIUgkHOkaUiLBUSYNMEpdU5ZCCrp9TrIBdYeEdq1niEG%2B78B%2F5ZRe1g7%2Ftltcvw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81dc1f7bfe380e31-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqDNkt8wtO3Nf4zBEANLK8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 3EF5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGfxCEbul8hU3C7qdiIv-Rw&google_cver=1

43 B
845 B

41ms
41ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGfxCEbul8hU3C7qdiIv-Rw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGKb0s-cBMAE&v=APEucNVSoezVe3TJ-oCiITpwnvQksP3jUMVEixC3GTxLTeKK2yzrOvbrcADkYWAwpA3XPw168Jxxdk7zW1pAKyanZuBhSF6qfClEt84dnUhCcJdqByD7pscAhA-MSDfKhvXqdOf2-kydFoMTLF-XzZ2v9S3SrktoyTdissoPLnzbkJ1-QpmGtDQ

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:34 GMT
an-x-request-uuid: af976ab5-f17b-48a5-a218-04c9b73ac68d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 95.211.199.131; 95.211.199.131; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGfxCEbul8hU3C7qdiIv-Rw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3EF5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMwMjE5ODI3OTAzMDQ0NDkyNA%3D%3D

170 B
243 B

29ms
29ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMwMjE5ODI3OTAzMDQ0NDkyNA%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:34 GMT
an-x-request-uuid: 74bc30aa-eb73-4dbd-94fd-f3447e837471
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMwMjE5ODI3OTAzMDQ0NDkyNA%3D%3D
x-proxy-origin: 95.211.199.131; 95.211.199.131; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 100B 2 KB
553 B 32ms
28ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Oct 2023 14:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 29 Oct 2023 14:14:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 Oct 2023 14:31:34 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 100B 2 KB
834 B 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 16:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 16:14:43 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/ Frame 100B 23 KB
9 KB 26ms
22ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 13:05:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 13:05:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 100B 3 KB
1 KB 27ms
23ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 13:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 13:01:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 100B 20 KB
8 KB 27ms
23ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 02:48:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 02:48:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 100B 187 KB
59 KB 67ms
64ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Oct 2023 14:31:34 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame 100B 36 KB
15 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 17:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 16:29:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 17:04:13 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 6800
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqDNkt8wtO3Nf4zBEANLK8&google_cver=1

43 B
328 B

53ms
52ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqDNkt8wtO3Nf4zBEANLK8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjtyrvGATAB&v=APEucNWUW4R9od_N3_mKNJZ_OOiXm31mMDzyqIpu1aFX9WiZ1vdfcmcU_lyf8MGChPQsW-TfnRXgq69GPjUdFn4kkYrjmpl7hfE3S3BzFjgEqnyGFYngQdh8Wm_AdghkEub-fxxXNI-5G1fhlFWTX54RTJ4-xO9ky-Au3apsH1dayhHyCz3npXQ
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlnYiFGZTWS7%2FXnaG4fo9L0rMz6Y%2FLXarJU%2Fbs5J8V3J9Fy4VzhA%2BHbs3rkjvTyQvXP27IwNrLQ042LgcxECVhDd4RzgNydK8oTCdQ9MIKaVyfXCk04gPp9yZ6fZbD4Gbz20NJqqa0vs7A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81dc1f7b8c05664e-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqDNkt8wtO3Nf4zBEANLK8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6800
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZT5sxnUFnAaPLfM.BLAVjQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqDNkt8wtO3Nf4zBEANLK8&google_cver=1&google_hm=2

43 B
764 B

42ms
41ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqDNkt8wtO3Nf4zBEANLK8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjtyrvGATAB&v=APEucNWUW4R9od_N3_mKNJZ_OOiXm31mMDzyqIpu1aFX9WiZ1vdfcmcU_lyf8MGChPQsW-TfnRXgq69GPjUdFn4kkYrjmpl7hfE3S3BzFjgEqnyGFYngQdh8Wm_AdghkEub-fxxXNI-5G1fhlFWTX54RTJ4-xO9ky-Au3apsH1dayhHyCz3npXQ
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1ua8rZSxJVSPR93zsovhvaAaLVaeQL6fAp5VQCF5LIHcuqlxzZttPxkai0Jpz%2F3hASHwVGcGSUL9S0ta2zgKGicNn2Uz0vaR4m0RlGCGRZhYNjlW1GjYV85rWPGZeQb12XdnzIy1YCEQA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81dc1f7bfe360e31-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqDNkt8wtO3Nf4zBEANLK8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 6800
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGfxCEbul8hU3C7qdiIv-Rw&google_cver=1

43 B
845 B

79ms
78ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGfxCEbul8hU3C7qdiIv-Rw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjtyrvGATAB&v=APEucNWUW4R9od_N3_mKNJZ_OOiXm31mMDzyqIpu1aFX9WiZ1vdfcmcU_lyf8MGChPQsW-TfnRXgq69GPjUdFn4kkYrjmpl7hfE3S3BzFjgEqnyGFYngQdh8Wm_AdghkEub-fxxXNI-5G1fhlFWTX54RTJ4-xO9ky-Au3apsH1dayhHyCz3npXQ

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:35 GMT
an-x-request-uuid: d0c49e32-072a-4625-b41a-d9059ead9dbe
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 95.211.199.131; 95.211.199.131; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGfxCEbul8hU3C7qdiIv-Rw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6800
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA0MDkxNTg1NDE0NjQ1OTgxOA%3D%3D

170 B
232 B

33ms
30ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA0MDkxNTg1NDE0NjQ1OTgxOA%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:34 GMT
an-x-request-uuid: 98d30e4c-66c5-40a9-beaa-9b6360bad059
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA0MDkxNTg1NDE0NjQ1OTgxOA%3D%3D
x-proxy-origin: 95.211.199.131; 95.211.199.131; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 55ms
54ms Preflight
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 29 Oct 2023 14:31:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F7CB 0
20 B 126ms
125ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5499317924883&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F7CB 0
20 B 124ms
124ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5499317924883&version=m202309260101&ct=77&x=1&cor=13571479365048572000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F7CB 16 KB
12 KB 194ms
193ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsVO7OiA_X2NfAC67V6_LD8UZEtYhdRkrjQjJq-27CizIrchevhbzt4yGAu9KtAgTcwH970HNK31v8i4MdNDpkOfZy-0rVmUyWzEjpXtCNkCnOEdcdO_nvCuDdBV1QLB-8mifU7B-AAFYxev16jz_C26OKbYNsm1a561Q4E7pmoIk49Vc&cry=1&dbm_d=AKAmf-CxN1vo_dD-7oIyuXjopCG0mhPasfUaGPO5PyR-y5gd3u72Lf5Hc8oF4izvq9jaPeAkOKHLv9saQVOfJ40aSTbuPeWSjRsWy7srtjFxlZn0gBLLYSFYKAUQEkcsU6VxhILQLdTxXLABk9kbvn_nS-3O2BhlYBkQpmH4sdChUB5j13hunMZ-cTdpdwd1Fb21xgCF-7I8hv1yWJbqTGKTb56ts6PhxG3RGTW8emWW_SQi1jIa_ihNeIOStG69g3jkkg04XR4ynMDOUB_AQ3CNKokD2rYHqr37dh4gdQO95Pgowj5ol2FmzgKgExqdfhCs15w6tUI4UZCR3aLKLL1xDKQEp9pkjNUedkE4yu41PU_oS7Tj7CoIKnls3OaXmfofV0wDuQlKalvGtjLYFUyhS4NHDfgtf7H910QsyJAwAsYpe1VeMe9pn9qMAmTgypjz8crtoCmsuh4LVmET931SQJi_vUi6HCqVUs-zYtV9rGcxbQyREY9pQz3XluDvQuIqt2WnvUou4hKSYRZaHmnZjfAEt7grZj4nx-XR0egR-tXHrUymF_yDi86--aUXiC4NXGBmKKC-TRzycIaiNv9F7Ld4aFRRQojtYQJNljtrgEPjceva1Ww0soZO_XaCCfohRdJdEzU_ORWub5acFmLuPPke7zOAjbcuyh93pZQC-Xh5hdG20ox8t0TdxKHpIfNsFUw8JE9du2U1t4KytmwMWX9YV66RKRaTViJRgOQdn7WzNUV_OH_wLhoZZsTFbQ911sDs8hyHAdiAmP-M6EULexNkBnJ_NdJaM09GTCFm7f-BdBFgEjbo4Qm65v-PN0dd_2EJrMx1p5m_GsqUJjIiKVNNF1HygnMotXNXWpQP84wF2BWxTuQ3G_F1IxMfZlHUW16GW9A0qVJnROeLVvvXeJeAb-fxfYtJPXnFJBx9PuI57bukqt2Vww-65qNgW2Fz-7aS-lBMe5d-7AJNjA88RHp08n0FDVKi74OYZm0rc98tSh_KAdbUOEH-G8CzzCFGs8yauS2ZJIylmt6PC5lWRF3HIyYuHcEPF_xUhxARvJTOuODhChauVSMonSXj5AD6zu_MUxcKXDfvkJsJJVt7htXYVraydG6SemOksrrkdFYOUnbLftvyi50Ag74uLoSRRANGAod9hMgVSZiR-UKZVtiF8UIFbjqIlJqV8YF_7BTKyzFjzzjgMWZtOpqHWo-YkB6057tMYKB8nv_ORe-5zJpVBrYLvh-iJaHT6yApiVIVLaHYQKmn1xPIepMu6-FjWC6TFMzvncbi-H9vjd0FIKKMw4e-TuOsxswZ7HUOMt-NEQXIB9F8T9qInQll_EqV78AWYwT-zKz1xycq6eerhza4ktlZkmgFjAoxGCFtHmq-cpOUHTz21KyFS20xmJF6gslj72uqixV13oN2tVJQgEKC7Iz2eYjeRw7xvd3Q07u__50GMvbftCHtdvT5xRyOGTKwODnfDgoh9QM9Sw6xfER0Rz7PUpLZiF_4biKmSaEmpycprXpMbqIWfNXh0nTJsALEg-hlyjmNL9ghwN2TgNCRw-WyvhtEyLfeJlYTqGhdLEMT8xtNPr_84ETYsBfl2ePSbhJ0iUm0JSn7eaW0K-QLVvMeS3QAaEueGXHlavF2Czqe_vWFtloQVrNg5BSBYKVTgc-kWZ7XhsNmmP2NL6rJUl_Xwzi9yX34IR8GqUtp3EicwrV90DcbmRGhLqTTwe4gumbP3LwyFLpXSrP19mEpT3DOIPfxjlC4M8MSLc4NmeRejl3KrjDZkAD559dS38sct0qOVy0JX0RUZC6uQ_UIxUsXl2ZDpBaf_IRCkdqj-1YFvUtF8kyqAQSp4wbBwNUwkMjsjTs_zyWUA6cgT79MzfweK85LVky0c3uZKvXPPnRTlnRrL65hqlj3dN-lOl6eTFnXpFWQkmz1IX37tP8MpD-X6GkFT7RxAA8zudJMt2DNBlrVSnNDWwkcJd-p2ctcEEXVtQQ8rnBowJU4kXnrKJ1RAkCnJElcEyC2hL04IU9zyn_sYbNQ9o81pcm4V9u0A4gmNffT5_XWHR1jeCPi97MgfVi8_0YCXh6RUmd1DpmJt0tu_HP0qozncgEItn3SX3_QUjWAnxUnJYZUXq4NIPMFGUAPaDkx_oHf3Cjk_3wV--FaPwrEDbZIYKU6kxAmbmvR0nCTBCoYbQO3hMTg_S9ReIgq3-LbJpalIdrRd74cqy6vIjfOU5Q79zVjWJO4awLENyFHcl496vjK6nh7GgCpVou3K6aQg-YK39hv9CKVOg51N5m7yhIT6rbX4QTMqX0YEAdnMxKeCuxKy6hSkbIcrAOG5bPMpQOKl2HV_DyBeDCT7dgtyYiIa4Lx85gKiEzKJdOTO57C_n9aaLC6M2s-YqBsELHoez3qfzlZc92ld6_156_l2oPrk8e4h00d5UN7Ea1dhcYO2vjKYW09Yv6G0j9Kqhsi94EHnonUq4I1TrbRj5cJ8AKgdCNRAEQ5FgGJr6_9ecZR8DbLsY_HKCQpI8Q1AZpFo_86XQHpFDnLn3RqfieXjE2nzmGAAFYVx6vQ9zxw0EPE0Q7qhgYRgHBDYPw9Nx5U8us8cu4a2Fqcxhldk0082zLi4tY9JvnfEY2lWTO6L5gcs71Chq5U11AFwgbOot6KrZhmFu6yCAg8NTX1ESZDPijBeFh1PubF7Y3D-h1DJiLKmVusxClM7kE7QnIYDIqPZnoReb-ycAi5LDpAvaTnxPEYKDGahARq8A1u72Q8dWHwJzRw61zTK4Sj7Rwtr7T2bxa-SuZRIPU9qdo_Usq0haloMgt5GJgCGvC3qnQmKMQ7kDC3VdYqHwytk3RGuKAikU2_Jipvy0Wr-vcRAEFN1zB0onV7i7-b5j5PnZdU8vYgUTJ_1ZypIh_8zWA-rzfzGgbB7D6EsgXIckUes-lun-REmIjiHpwVcylVTGaSHP93Eb4gDtbivTEhnC6Cdp1c3cPthExUpY9EDhzufkvy9l7mC0Y54gXWZGGWPm74xP0HEOKS53x_s86pzKNgbAtbwhdsP2vuLrrPrnQ53BSQlHKGxDGzTCR5x8ChMyAFEEBWgHuMptfYkU66rbTDoT6tC32C59FD7_RQ2Tts_Os4Ktm1aOFLnDhaCRCOnsz9ZbOAPHCb51-NMYrINAOCGO8gjaRHBoBZ6Ux3MQptiBCuXvQRpBdLu8JaM0ngWeb2AOi_JNc_1clVoYsart7Wfg9IWSEa8bltQnV43UjZ1Pj53s4UzEhK_NHfXSkDCcKQgczAHYFl0S80DgoTWnndI1XRot4W_Ud5lVbV9oYMoSlCal9tRRMNb5Q0QpBlWuo3oigl7AzQIjLEFwU74slksm4tIaGvSjB6hceAONuXTSEa5qlNtU5qXM8HS-Y2wJX9wzZ5Kk2D3uqkeQeQE_PlVfB2gwL2AvXmfElciDHjd8owuGmMOGrImstcJS4I6xXpk6k7AtHwqWTWJtQdb_cITxNz_g-S15NfpuTWxvRSjh4oYXbFGRXNTCTQHCyscZ9ferpUdqS5gMrJCbdYW6sTo-KtiPMGbcuGoOrDLtnz9PhSHhfc-xauJwTjceMUXodUmsVKjkAYUVz45oRqZYMYv1I6pDct_8oF2KHFsFP6LaoHUSceLrGatTdE7vvP8QEJgQtUBgSJrssLKBA6bwOKkMUI4laoK-kYKjzGvtn9W57dJZ-yT4S94hvUZ2t9D3boJtvqmT4iP-iW3p2m9SICu7OBb4JWjqcKSKrWevM&cid=CAQSSwDICaaN1JGvoZVpo_RQ_I8Q4M4Q4Sd5wj7XpjmVJTuHAz50sJpEQ9e_iTOd_2JQRU2m4fb1Z5eofLtOo7HEIlH8sSyMP6x2VYhrGhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.dedeoyun.com%2F&ds=l&xdt=1&iif=1&cor=13571479365048572000&adk=929882891&idt=102&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a093f9880e1d7ff3379ae665e3cba8805b08b826293944fb850bfc68b7a07230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12407
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 20CF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fed68a8f6de67b537343be830dff1f449fe64198812f12e3ae1f1e0bf491507

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame D307 38 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:16:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Oct 2024 08:16:49 GMT

GET
H3 200 Yki7wq91PsU7DdxfmXKOQxU4B1wmfJmh9h09t8sJadc.js Show response
pagead2.googlesyndication.com/bg/ Frame BA4A 38 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yki7wq91PsU7DdxfmXKOQxU4B1wmfJmh9h09t8sJadc.js

Requested by

Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6248bbc2af753ec53b0ddc5f99728e431538075c267c99a1f61d3db7cb0969d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15080
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 18:16:58 GMT

GET
H3 200 Yki7wq91PsU7DdxfmXKOQxU4B1wmfJmh9h09t8sJadc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F1E 38 KB
15 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yki7wq91PsU7DdxfmXKOQxU4B1wmfJmh9h09t8sJadc.js

Requested by

Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6248bbc2af753ec53b0ddc5f99728e431538075c267c99a1f61d3db7cb0969d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15080
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 18:16:58 GMT

GET
DATA 200
OK truncated
/ Frame 35A0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc35ad92a95e748d4f77c4949dd90df0a8f2771b22fe9305a620f82bf6ef1dc9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 35A0 0
0 82ms
65ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_BeYXe42ewduIMcCdYGBjIlqS8j27ck09o69J26Epo9T92Rp7b9Q5ehGmPoxC3qIHT-TQWA7oqU3Cr41nwACwTYJadqL3pJeHEtENO-pVJY5Fm4JWZTiGVV8RpFn5N0kBBOAzEuV1utBd_pzV-InesR7o136fNRAGbdKNRLUj0pKwsJVFKyDmV7UG3TLSwC_Wdfb7YMRa4IZaAtHUwqCgbMjdA-sHxxbr3uGd-ftHQlFyv2jL-96d8ZeDSi0kN0joqhZBNvg7dP1W6bXlYKYj4TGdlkIB8f07MDLkCd5rXjVPZjKKGWyITx5nvnRflC46Z-d6eTenhpTAQ-NWD8IbqQ4oqGkBVlWLiymt8w0QF1hKJukJDJihor_l9eMqg6a088Ps1-ZMAa0_pY9zh6Lvqy_SAujj4vc1bUWnwXOfRWai6Hdhk4fQOxi04-uaRiUvggxexiMD2D9NxflNa-AbeLMLzANGIC5flcI-3n1YBNIFcdSa4XiRazLZJIyWvrCGVHbOzxYBGlAWwhGgb72TYELxZTqCJlZ9WQ1Z2NCfNucKqL2OQSkdSQgt4eLLMigI9Cz8035yUxPcIGL-vR745gNfhndyD7ThFjv4LcD0TtDuGF3Fu866sS10WXa1-aqO-0ixtIXYz68gwfKFR2b0HpWDxV7TvA0wlQrxgOqPrxzXk1HXzkLrothvXUf6QoL0AQlZv1YkNukYHN6F7NkVoPrfGM9mB-tMrBxrkpbEygvom-AokKP6KNF1VJ3MTSXzlCKu4WiC55L1Y-JaPmwY_wvt7tezKz06u1arSA_1DmxsQsaLuXv5CKl8-R4qmRYEJdbGS0W-m2STaqh08KiGqyfqlznBGaflNgwhDuYYGfwwoG77UBtdhwMtWwFmxMyt-tNLaU16lCiXiQ5q3T77TPPsCQ5qzfN1_Zu1bn8aIFuS8t3fNkWTs-WSmQj9PF3r0Es2GgTgckM4dowUTIHuCwQJ6R-sZHJQjPj-F78EiN5Ycw-njrg-RKIes_TWQaJzXdgvht5AkdMDLhTKzzO6f0wifAlxe1b9lDrsvMlcjyRmincZk7eYM5qD576GIY7kiodZRP2p_RzLLgDc_o_YRaxkGtnu5clfQ2NknrIP6vwi4s_cHV_ZTyK6Or3fUl0b968kz2JrzKVChwLM0_n4kS-1SYf-bB4cP0xuIkBq7d3XDAiTHR-ibZqi4iNzhM6HvScppVK9gA&sai=AMfl-YQhr5T5RoIYEjwGIfs4S9jg7dpZnHIYpBkPsYTyqw78G796g82MKqRIE-z6IQARjsjvA2cF7Qm6JZQ6lSmrUqIf_NFvPIuzqSzIYAE80LgqjHDv2IZw1u-81E5lrtfmXCG8d7zrbEWbfNdN0jKcfKdflI_WN0y6FUCtf21ejcsFWIzoylAo6CqFioMl2F16UxQmdCKHuSwLNH4bPjHAO5rTddUxT8S7pvmF6-21URJ4V6c9Sh3UhEv9N9HDH08s4yI_9dgRchJZI9-6WoZ5qqCOVy-i4WJa4wcV9n9-gedekENowuX8NGoJvU32WPAzltjJm154ys_selKuVF0Bc_VWak36FRLODDSoQI9tnc2uNGllcui5Y41vbeeKDe_lNEr2-2Xt0HjEpWu_QWT9jAb1kC8_iuP6xLDivlbP_krglMh5UhQu1VYFRM_hRSZLT-nYrfDUMUrH-iR1NpojszaLhGVrEE4blXjot4DK&sig=Cg0ArKJSzBcU8RcEzFT-EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=409&cbvp=2&dett=2&cstd=1&cisv=r20231025.72414&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.dedeoyun.com
URL: https://www.dedeoyun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 29 Oct 2023 14:31:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 beacon
tag.researchnow.com/t/ Frame 35A0 42 B
444 B 105ms
21ms Image
image/gif 18.66.147.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.researchnow.com/t/beacon?pr=288231&adn=3&ca=29702965&si=3554638&pl=364988180&cr=191021523&did=ADID&ord=348306594&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-91.fra60.r.cloudfront.net
Software: Apache/2.4.57 () / PHP/7.2.34
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 13:33:00 GMT
via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
server: Apache/2.4.57 ()
x-amz-cf-pop: FRA60-P4
age: 3515
x-powered-by: PHP/7.2.34
x-cache: Hit from cloudfront
content-type: image/gif
p3p: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 42
x-amz-cf-id: Co4pmOXwgrPLaN6Gz5_trna6uPui7vX2cOsJUPF0jW9V1mGuNxwVWw==
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D256 42 B
64 B 133ms
133ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstD-lANwjZwbn_WyPPOVn514znaXNolBbmIfbnTQAecYQ5TygSWQnpY3v5gUNrrR_jrsUWIOEPHB_HWqwjsbLh-Q8BAC0ZZnL779d3rrbUsZ7l4lc2-GY47T-dYSYIuEfspMgWEujfuNC9LWaP_ul0Ht9VMIsFSBzqyq3aUDC1lNRc44bo_61BvOGvwhLPXQZtTe9Gp1IeTI5kpjkspEEwF9tLVbYKCxhSl-W_5RC_0eeDKYq1awU05r0ToMS69lsnW_FvAiI-gKLjCebftaqWqp_OobxcrPZMAMqc1E8fCySSox6o5gAS-I3im4MXEiWUcIeIorrv1OFo9wURIYduPAClhmNJAx4LYaH6dgmRSlfgx9H97cAoXkgaZbw32vXZ5eTTtqEas3Y_vQWTnzI2BKDZlmiURrP8GU2d2_v5DG1S4JS_8xApFhbKqjZdb4tJWk50VI0AguTEMPhsqO2K5BwYNyFseDX1RO7NesFQ9Gd4xRn5Uv8M_Y0D9ETdTYX-eNDizArOxQ26dgcri_dtDkx3tajR4rU2LzlZUodyf8x-WVgK2i3PHpNbG1ammzNlx-8DlRh0P9O06VFJ07gyX0nMWPZjCbqFcQDAEhdsFYAdzT5VWZ3nNrgiVuhliWLvv1U0f4wLaVTKu5NdJzjyaPt3QF_0Reltt6aRBhqxhs7SQNmqW9UYuwphcm93b5bh4Z9GqKHxXIxNt6Yu0UEZN8DXf4bvpyAbXpb3S0tVdMp1n2MsHrp89bJNXxBWe8DTDoh0z_-iiLesaNDQZxXpshj48iqowWzRuW1bJ774IgeTbR_Ieej5uq4aQavBj9r_2_18MxlE03j8MUaglIOKa6xHmYUBQL2AZAI2NVrVufxSlRGPxO4LyFvq6JE6AngKhmd4cP8dctP569pjJn3Gg9uL6Ry_tjra8J1-zivG93rC27w-z7KTU6RSP8L2ZH4sXqIJGZxGfZR03wHJSr2s1O1SCl-so0lcGlLGzFXR84eqcsyCHgcs5Q8YhJk852ZEVpSydSxs_HI4fyn6N9p1sLDKlvjPF8o00PV3YMgiMZbZEQKd4aabqdg&sai=AMfl-YTOshRfTdPLx5NYN4naLICBCB0wvUUwxPIn0yLRNJ6FbgeTEryOb5NOqF63R9CSv-VTcMDxKmcitNT8NMYGyVnekcyhKPq9Clb2jJ_8ti3QOcZztIXjye8oYnXL-M9Eqei6WYLqF0Obp7ThCAkgd-clfx3fq33Yojc&sig=Cg0ArKJSzA0VX3rSI2RVEAE&cid=CAQSTADICaaNfVMqAlQD611_I6eF713sjSwa0--xB8yKPYXrG9N2rv50qvoPZkDlzjn7AMf6qH1lZJ9ZnB1hzx2dJDTwVN8Cd0F17EovWecYAQ&id=lidar2&mcvt=1006&p=0,0,90,728&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2444206786&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698589893267&rpt=865&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame F7CB 41 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsVO7OiA_X2NfAC67V6_LD8UZEtYhdRkrjQjJq-27CizIrchevhbzt4yGAu9KtAgTcwH970HNK31v8i4MdNDpkOfZy-0rVmUyWzEjpXtCNkCnOEdcdO_nvCuDdBV1QLB-8mifU7B-AAFYxev16jz_C26OKbYNsm1a561Q4E7pmoIk49Vc&cry=1&dbm_d=AKAmf-CxN1vo_dD-7oIyuXjopCG0mhPasfUaGPO5PyR-y5gd3u72Lf5Hc8oF4izvq9jaPeAkOKHLv9saQVOfJ40aSTbuPeWSjRsWy7srtjFxlZn0gBLLYSFYKAUQEkcsU6VxhILQLdTxXLABk9kbvn_nS-3O2BhlYBkQpmH4sdChUB5j13hunMZ-cTdpdwd1Fb21xgCF-7I8hv1yWJbqTGKTb56ts6PhxG3RGTW8emWW_SQi1jIa_ihNeIOStG69g3jkkg04XR4ynMDOUB_AQ3CNKokD2rYHqr37dh4gdQO95Pgowj5ol2FmzgKgExqdfhCs15w6tUI4UZCR3aLKLL1xDKQEp9pkjNUedkE4yu41PU_oS7Tj7CoIKnls3OaXmfofV0wDuQlKalvGtjLYFUyhS4NHDfgtf7H910QsyJAwAsYpe1VeMe9pn9qMAmTgypjz8crtoCmsuh4LVmET931SQJi_vUi6HCqVUs-zYtV9rGcxbQyREY9pQz3XluDvQuIqt2WnvUou4hKSYRZaHmnZjfAEt7grZj4nx-XR0egR-tXHrUymF_yDi86--aUXiC4NXGBmKKC-TRzycIaiNv9F7Ld4aFRRQojtYQJNljtrgEPjceva1Ww0soZO_XaCCfohRdJdEzU_ORWub5acFmLuPPke7zOAjbcuyh93pZQC-Xh5hdG20ox8t0TdxKHpIfNsFUw8JE9du2U1t4KytmwMWX9YV66RKRaTViJRgOQdn7WzNUV_OH_wLhoZZsTFbQ911sDs8hyHAdiAmP-M6EULexNkBnJ_NdJaM09GTCFm7f-BdBFgEjbo4Qm65v-PN0dd_2EJrMx1p5m_GsqUJjIiKVNNF1HygnMotXNXWpQP84wF2BWxTuQ3G_F1IxMfZlHUW16GW9A0qVJnROeLVvvXeJeAb-fxfYtJPXnFJBx9PuI57bukqt2Vww-65qNgW2Fz-7aS-lBMe5d-7AJNjA88RHp08n0FDVKi74OYZm0rc98tSh_KAdbUOEH-G8CzzCFGs8yauS2ZJIylmt6PC5lWRF3HIyYuHcEPF_xUhxARvJTOuODhChauVSMonSXj5AD6zu_MUxcKXDfvkJsJJVt7htXYVraydG6SemOksrrkdFYOUnbLftvyi50Ag74uLoSRRANGAod9hMgVSZiR-UKZVtiF8UIFbjqIlJqV8YF_7BTKyzFjzzjgMWZtOpqHWo-YkB6057tMYKB8nv_ORe-5zJpVBrYLvh-iJaHT6yApiVIVLaHYQKmn1xPIepMu6-FjWC6TFMzvncbi-H9vjd0FIKKMw4e-TuOsxswZ7HUOMt-NEQXIB9F8T9qInQll_EqV78AWYwT-zKz1xycq6eerhza4ktlZkmgFjAoxGCFtHmq-cpOUHTz21KyFS20xmJF6gslj72uqixV13oN2tVJQgEKC7Iz2eYjeRw7xvd3Q07u__50GMvbftCHtdvT5xRyOGTKwODnfDgoh9QM9Sw6xfER0Rz7PUpLZiF_4biKmSaEmpycprXpMbqIWfNXh0nTJsALEg-hlyjmNL9ghwN2TgNCRw-WyvhtEyLfeJlYTqGhdLEMT8xtNPr_84ETYsBfl2ePSbhJ0iUm0JSn7eaW0K-QLVvMeS3QAaEueGXHlavF2Czqe_vWFtloQVrNg5BSBYKVTgc-kWZ7XhsNmmP2NL6rJUl_Xwzi9yX34IR8GqUtp3EicwrV90DcbmRGhLqTTwe4gumbP3LwyFLpXSrP19mEpT3DOIPfxjlC4M8MSLc4NmeRejl3KrjDZkAD559dS38sct0qOVy0JX0RUZC6uQ_UIxUsXl2ZDpBaf_IRCkdqj-1YFvUtF8kyqAQSp4wbBwNUwkMjsjTs_zyWUA6cgT79MzfweK85LVky0c3uZKvXPPnRTlnRrL65hqlj3dN-lOl6eTFnXpFWQkmz1IX37tP8MpD-X6GkFT7RxAA8zudJMt2DNBlrVSnNDWwkcJd-p2ctcEEXVtQQ8rnBowJU4kXnrKJ1RAkCnJElcEyC2hL04IU9zyn_sYbNQ9o81pcm4V9u0A4gmNffT5_XWHR1jeCPi97MgfVi8_0YCXh6RUmd1DpmJt0tu_HP0qozncgEItn3SX3_QUjWAnxUnJYZUXq4NIPMFGUAPaDkx_oHf3Cjk_3wV--FaPwrEDbZIYKU6kxAmbmvR0nCTBCoYbQO3hMTg_S9ReIgq3-LbJpalIdrRd74cqy6vIjfOU5Q79zVjWJO4awLENyFHcl496vjK6nh7GgCpVou3K6aQg-YK39hv9CKVOg51N5m7yhIT6rbX4QTMqX0YEAdnMxKeCuxKy6hSkbIcrAOG5bPMpQOKl2HV_DyBeDCT7dgtyYiIa4Lx85gKiEzKJdOTO57C_n9aaLC6M2s-YqBsELHoez3qfzlZc92ld6_156_l2oPrk8e4h00d5UN7Ea1dhcYO2vjKYW09Yv6G0j9Kqhsi94EHnonUq4I1TrbRj5cJ8AKgdCNRAEQ5FgGJr6_9ecZR8DbLsY_HKCQpI8Q1AZpFo_86XQHpFDnLn3RqfieXjE2nzmGAAFYVx6vQ9zxw0EPE0Q7qhgYRgHBDYPw9Nx5U8us8cu4a2Fqcxhldk0082zLi4tY9JvnfEY2lWTO6L5gcs71Chq5U11AFwgbOot6KrZhmFu6yCAg8NTX1ESZDPijBeFh1PubF7Y3D-h1DJiLKmVusxClM7kE7QnIYDIqPZnoReb-ycAi5LDpAvaTnxPEYKDGahARq8A1u72Q8dWHwJzRw61zTK4Sj7Rwtr7T2bxa-SuZRIPU9qdo_Usq0haloMgt5GJgCGvC3qnQmKMQ7kDC3VdYqHwytk3RGuKAikU2_Jipvy0Wr-vcRAEFN1zB0onV7i7-b5j5PnZdU8vYgUTJ_1ZypIh_8zWA-rzfzGgbB7D6EsgXIckUes-lun-REmIjiHpwVcylVTGaSHP93Eb4gDtbivTEhnC6Cdp1c3cPthExUpY9EDhzufkvy9l7mC0Y54gXWZGGWPm74xP0HEOKS53x_s86pzKNgbAtbwhdsP2vuLrrPrnQ53BSQlHKGxDGzTCR5x8ChMyAFEEBWgHuMptfYkU66rbTDoT6tC32C59FD7_RQ2Tts_Os4Ktm1aOFLnDhaCRCOnsz9ZbOAPHCb51-NMYrINAOCGO8gjaRHBoBZ6Ux3MQptiBCuXvQRpBdLu8JaM0ngWeb2AOi_JNc_1clVoYsart7Wfg9IWSEa8bltQnV43UjZ1Pj53s4UzEhK_NHfXSkDCcKQgczAHYFl0S80DgoTWnndI1XRot4W_Ud5lVbV9oYMoSlCal9tRRMNb5Q0QpBlWuo3oigl7AzQIjLEFwU74slksm4tIaGvSjB6hceAONuXTSEa5qlNtU5qXM8HS-Y2wJX9wzZ5Kk2D3uqkeQeQE_PlVfB2gwL2AvXmfElciDHjd8owuGmMOGrImstcJS4I6xXpk6k7AtHwqWTWJtQdb_cITxNz_g-S15NfpuTWxvRSjh4oYXbFGRXNTCTQHCyscZ9ferpUdqS5gMrJCbdYW6sTo-KtiPMGbcuGoOrDLtnz9PhSHhfc-xauJwTjceMUXodUmsVKjkAYUVz45oRqZYMYv1I6pDct_8oF2KHFsFP6LaoHUSceLrGatTdE7vvP8QEJgQtUBgSJrssLKBA6bwOKkMUI4laoK-kYKjzGvtn9W57dJZ-yT4S94hvUZ2t9D3boJtvqmT4iP-iW3p2m9SICu7OBb4JWjqcKSKrWevM&cid=CAQSSwDICaaN1JGvoZVpo_RQ_I8Q4M4Q4Sd5wj7XpjmVJTuHAz50sJpEQ9e_iTOd_2JQRU2m4fb1Z5eofLtOo7HEIlH8sSyMP6x2VYhrGhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.dedeoyun.com%2F&ds=l&xdt=1&iif=1&cor=13571479365048572000&adk=929882891&idt=102&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 302949
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 02:22:26 GMT

GET
H/1.1 200
OK 1fk3zv56z3i8 Show response
hal9000.redintelligence.net/zone/ Frame F7CB 11 KB
4 KB 90ms
24ms Script
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/1fk3zv56z3i8?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYiyexWw-ZejkHOCf18cP7921sA_M-Yagacuwx__3D_AuEAEgi77KBmCRBMgBCakCtNCCGX-5sT6oAwHIA5sEqgTsAU_QLXG6hwO3jc1a0itR3jSHc6jRY1t59I4tPYkUW3ob6iak54e--xOKtZuHe3aYkXt1axNn8NSdhS-BhPJQkiAy27yeylHPSMMbt51nJtWrJ4NYvxNRXvtddcFt4l5WruQhPo7xWOEO8p4PYUGBrLOk_u2hWa-efx7HBnLatva108exwR4ipddwQeGEL_iRWQdCmBwbjQbjphDGoBiseGUUDBbkIM69EZum44tLGgA2ZwN5iS3iKV3h7sspxHk43tZWNh5nnlKbvv-o6_0PCR9X8dciPNnpHVBu-9479y8ALWQP5qvqEy8xLewOwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CTkywE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDICaaN1JGvoZVpo_RQ_I8Q4M4Q4Sd5wj7XpjmVJTuHAz50sJpEQ9e_iTOd_2JQRU2m4fb1Z5eofLtOo7HEIlH8sSyMP6x2VYhrGhgB%26sig%3DAOD64_0_oLHFwake_t6O3MQOoevaEAhGrQ%26client%3Dca-pub-1016383332489375%26dbm_c%3DAKAmf-CnzxYQRt3wIZPIsKhJqX1YhIzYOfOl4W7-8uxPsnxMruXRzGX4Nl--aLIF3sCXCFYjNfXIfKvMAEpPTF_JHsAgea9Q62HNn45RTYVZPNSt71JhYbnqWtCHFTTz0DX_WKenvy91zwd7JzaY5u3cOExSTP5RML2yO9pkMIc6Tjd7l4W3z_c%26cry%3D1%26dbm_d%3DAKAmf-CA5VPfpQIEaEjwK27INM9r032Y5nY6HAwO2EisCJM8FURKikCnfPYbZOC_bWdpeoEZlfSzT6lfuJHj86B_GKsntE437U6duPAsdZmwXm6dgal7zgCDKhqA4_f9EpUohHGkRFi3MaRMU-xjjybuDyTixrXx1MCOcuGkltu7zWuUHasOBA3VZRbJH3gXNfSgd8Twq826qQWtfVSv66LshlPoMjmpQifFClnogSFhZS5odDAXfSmKch61P0HtmUQa-ja6yphfQgZdg4cEKk0uemkwW6Gos4v4r1VDEHLS84NzDKt1rfOnvHMaPHHtM3QeEtqQHzLQ6d324vLTDMb98D-3zPthdPu7jZlxfOs8Mhqrx5SAXo1L5vEmZymhELJf-lwtF-lRf2QFuDwfQd-HfgfK97jCuxOzHeltIYTbz4SsG-jZhRfNgH_7_0ysxtEU11PKWD4G4phNxeOtzpEt8OPJN-ZzhbJ0VCPMYWvpyM4pE_EWjmY-wFPUomncDqiDQXS_ai36MLcoSnnx-yVymhucmLM5NTSZcAvyWhk2LZU0GRZexUg%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: a10d68225c229e14ae7fd1440ee78e916ab0b33cb7b223dfecbc1c5de2fd2760

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Sun, 29 Oct 2023 14:31:35 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4117
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 695F 42 B
64 B 127ms
126ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstuxpUbYqV1mxmn_7zPOwgqY5w0S8rAEfu_ctMW0FbCxvk3BJfUMR51mdom-gsTRmL5tvSLgqM_x_3ZHVheEdleNwV8ZAjheBl_NDKuGPcxj60PZiKYqNcIFKMPF9O8AzbeoowelXZNzMlHBgl6ZYmUghM4g1XdFkqe1j2yOhJcKC08gs21DQK3ifs7sMMof7T94oaJK1hUa5hUDhz8ko5HmMIpgGe__hEC0rp_co7IVw4fFQsO3z--zVLcoHWSV8qGyQla9sv519J1FxD6IAnJy4qEfwL6F9RS9Szw1ZDhZ5GURop443iL86CN6I8uEwd115jRBiON69xrOcPp_gE8es85IRTE2kQeYat3O7XSJ7D6AmYzB4TwJ9YMtTOjfCxQzgaRyZvWloshnHJ7rBkA_CeIoG6PHneMjeQecjEBfMCZB9Oe5B1KNSBCa-vhYhFOfZKA-zN1XYPMtBkD5TtVS1WJaXTzmdK_qPGnFb0cbiG7UoJkvq6Ly5QG01KxfCUqhXxWpQ1yhOavlrPWMttL7Qcu80XYI0i2nZz11q3I5STYTAvbOx-2lFmQx9idfmlJoUi9oLz7gdHjts2GHVx_DKaR-5olpfp9cYcVr4a1GjF3w0uKazSV1_9rAIXC5gLzYewQb-d8k1I4zSR-PTP9bgaDL202Eo_k55rKyDyxk-PRfZxc-EgWsjfh5MFnWX8FeIcJGXrAiCbSaBxZFzxx3zyKahzDeaM4VGnuJklpEf5WNCliBwEHzABTQseo4r7rp9LI9zmYTy5DnJvN2Pfq4CAmObe_Nz98PM2N41OyV_db0e1bGnThnsGXcomcWNaKOqSgr3uumRXAo_U4Zwgql5UIHlGLPVJM5_iWJDFzuiv2v1nQv7hqp0RkZZWJDCjb4AUlNzy5EFlkD37ZKc5vVIEphDI4lbMy0l3dE8Os6xrvXqEAp8VrRomcbGea9KOqUJAy5kRYa3-AKZa4RjOgnJo9AGG69Z6mG_vMWb4lY4VIbip-aLjemGCcndain5gGK4mCrHLytgYD2xRNsBeVngkLcxmyfAe-GoVBrFMCMBsvT7M6WQi6mTPno83bpA&sai=AMfl-YSgJpQHGkyoPmdcbbhjd9jFhzYju5pvK36tGpEfnhDGe_QhiX6DVIBvV62Kl2KfZyS3X_-xGqyQTBEkFemv4j-pwKqlYFEuUzyRV8eBThnaIPlNuN8edKDqk4mALwjtIVJlV1YwdUUdkW9PVNREJd5NsvBWCXxk1Q&sig=Cg0ArKJSzMMVtmVk3vPYEAE&cid=CAQSSwDICaaNcxXMX3LoBk4ukgwOTzW-LyKrqntGN1Q4Nt8KJhe4GBhOYxvqkMJ7y4ApZQ1ZN2H9caK1OhPuYa3RhkHN9mXbw1xQtNqnLRgB&id=lidar2&mcvt=1040&p=0,0,600,120&mtos=1040,1040,1040,1040,1040&tos=1040,0,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3699011343&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698589894016&rpt=191&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 95FC 38 KB
13 KB 22ms
22ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 195469
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 08:13:46 GMT
expires: Sat, 26 Oct 2024 08:13:46 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal900014.redintelligence.net/ Frame F7CB
Redirect Chain

https://hal900014.redintelligence.net/request.php?zone=1fk3zv56z3i8&nw=20&renderingType=javascript&namespace=374ae518a4&subid=&uid=17628464c0898518&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900014.redintelligence.net/request.php?zone=1fk3zv56z3i8&nw=20&renderingType=javascript&namespace=374ae518a4&subid=&uid=17628464c0898518&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

611 B
935 B

139ms
91ms

Script
application/x-javascript

176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request.php?zone=1fk3zv56z3i8&nw=20&renderingType=javascript&namespace=374ae518a4&subid=&uid=17628464c0898518&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYiyexWw-ZejkHOCf18cP7921sA_M-Yagacuwx__3D_AuEAEgi77KBmCRBMgBCakCtNCCGX-5sT6oAwHIA5sEqgTsAU_QLXG6hwO3jc1a0itR3jSHc6jRY1t59I4tPYkUW3ob6iak54e--xOKtZuHe3aYkXt1axNn8NSdhS-BhPJQkiAy27yeylHPSMMbt51nJtWrJ4NYvxNRXvtddcFt4l5WruQhPo7xWOEO8p4PYUGBrLOk_u2hWa-efx7HBnLatva108exwR4ipddwQeGEL_iRWQdCmBwbjQbjphDGoBiseGUUDBbkIM69EZum44tLGgA2ZwN5iS3iKV3h7sspxHk43tZWNh5nnlKbvv-o6_0PCR9X8dciPNnpHVBu-9479y8ALWQP5qvqEy8xLewOwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CTkywE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDICaaN1JGvoZVpo_RQ_I8Q4M4Q4Sd5wj7XpjmVJTuHAz50sJpEQ9e_iTOd_2JQRU2m4fb1Z5eofLtOo7HEIlH8sSyMP6x2VYhrGhgB%26sig%3DAOD64_0_oLHFwake_t6O3MQOoevaEAhGrQ%26client%3Dca-pub-1016383332489375%26dbm_c%3DAKAmf-CnzxYQRt3wIZPIsKhJqX1YhIzYOfOl4W7-8uxPsnxMruXRzGX4Nl--aLIF3sCXCFYjNfXIfKvMAEpPTF_JHsAgea9Q62HNn45RTYVZPNSt71JhYbnqWtCHFTTz0DX_WKenvy91zwd7JzaY5u3cOExSTP5RML2yO9pkMIc6Tjd7l4W3z_c%26cry%3D1%26dbm_d%3DAKAmf-CA5VPfpQIEaEjwK27INM9r032Y5nY6HAwO2EisCJM8FURKikCnfPYbZOC_bWdpeoEZlfSzT6lfuJHj86B_GKsntE437U6duPAsdZmwXm6dgal7zgCDKhqA4_f9EpUohHGkRFi3MaRMU-xjjybuDyTixrXx1MCOcuGkltu7zWuUHasOBA3VZRbJH3gXNfSgd8Twq826qQWtfVSv66LshlPoMjmpQifFClnogSFhZS5odDAXfSmKch61P0HtmUQa-ja6yphfQgZdg4cEKk0uemkwW6Gos4v4r1VDEHLS84NzDKt1rfOnvHMaPHHtM3QeEtqQHzLQ6d324vLTDMb98D-3zPthdPu7jZlxfOs8Mhqrx5SAXo1L5vEmZymhELJf-lwtF-lRf2QFuDwfQd-HfgfK97jCuxOzHeltIYTbz4SsG-jZhRfNgH_7_0ysxtEU11PKWD4G4phNxeOtzpEt8OPJN-ZzhbJ0VCPMYWvpyM4pE_EWjmY-wFPUomncDqiDQXS_ai36MLcoSnnx-yVymhucmLM5NTSZcAvyWhk2LZU0GRZexUg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231025%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-1016383332489375%26fa%3D4%26ifi%3D6%26uci%3Da!6%26btvi%3D2%26xpc%3DQJaXWtTklP%26p%3Dhttps%253A%2F%2Fwww.dedeoyun.com&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.dedeoyun.com&random=2152963442558&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Protocol: HTTP/1.1
Server: 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 72c6a341e7e79866f051c7f88a09ed61e9dffeea9c5fec2fb260066da7cc51ad

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Oct 2023 14:31:35 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 95476100061973104444452012492014
Connection: close
Content-Length: 329
Expires: Sun, 29 Oct 2023 14:31:35 +0100

Redirect headers

Pragma: no-cache
Date: Sun, 29 Oct 2023 14:31:35 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=1fk3zv56z3i8&nw=20&renderingType=javascript&namespace=374ae518a4&subid=&uid=17628464c0898518&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYiyexWw-ZejkHOCf18cP7921sA_M-Yagacuwx__3D_AuEAEgi77KBmCRBMgBCakCtNCCGX-5sT6oAwHIA5sEqgTsAU_QLXG6hwO3jc1a0itR3jSHc6jRY1t59I4tPYkUW3ob6iak54e--xOKtZuHe3aYkXt1axNn8NSdhS-BhPJQkiAy27yeylHPSMMbt51nJtWrJ4NYvxNRXvtddcFt4l5WruQhPo7xWOEO8p4PYUGBrLOk_u2hWa-efx7HBnLatva108exwR4ipddwQeGEL_iRWQdCmBwbjQbjphDGoBiseGUUDBbkIM69EZum44tLGgA2ZwN5iS3iKV3h7sspxHk43tZWNh5nnlKbvv-o6_0PCR9X8dciPNnpHVBu-9479y8ALWQP5qvqEy8xLewOwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CTkywE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDICaaN1JGvoZVpo_RQ_I8Q4M4Q4Sd5wj7XpjmVJTuHAz50sJpEQ9e_iTOd_2JQRU2m4fb1Z5eofLtOo7HEIlH8sSyMP6x2VYhrGhgB%26sig%3DAOD64_0_oLHFwake_t6O3MQOoevaEAhGrQ%26client%3Dca-pub-1016383332489375%26dbm_c%3DAKAmf-CnzxYQRt3wIZPIsKhJqX1YhIzYOfOl4W7-8uxPsnxMruXRzGX4Nl--aLIF3sCXCFYjNfXIfKvMAEpPTF_JHsAgea9Q62HNn45RTYVZPNSt71JhYbnqWtCHFTTz0DX_WKenvy91zwd7JzaY5u3cOExSTP5RML2yO9pkMIc6Tjd7l4W3z_c%26cry%3D1%26dbm_d%3DAKAmf-CA5VPfpQIEaEjwK27INM9r032Y5nY6HAwO2EisCJM8FURKikCnfPYbZOC_bWdpeoEZlfSzT6lfuJHj86B_GKsntE437U6duPAsdZmwXm6dgal7zgCDKhqA4_f9EpUohHGkRFi3MaRMU-xjjybuDyTixrXx1MCOcuGkltu7zWuUHasOBA3VZRbJH3gXNfSgd8Twq826qQWtfVSv66LshlPoMjmpQifFClnogSFhZS5odDAXfSmKch61P0HtmUQa-ja6yphfQgZdg4cEKk0uemkwW6Gos4v4r1VDEHLS84NzDKt1rfOnvHMaPHHtM3QeEtqQHzLQ6d324vLTDMb98D-3zPthdPu7jZlxfOs8Mhqrx5SAXo1L5vEmZymhELJf-lwtF-lRf2QFuDwfQd-HfgfK97jCuxOzHeltIYTbz4SsG-jZhRfNgH_7_0ysxtEU11PKWD4G4phNxeOtzpEt8OPJN-ZzhbJ0VCPMYWvpyM4pE_EWjmY-wFPUomncDqiDQXS_ai36MLcoSnnx-yVymhucmLM5NTSZcAvyWhk2LZU0GRZexUg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231025%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-1016383332489375%26fa%3D4%26ifi%3D6%26uci%3Da!6%26btvi%3D2%26xpc%3DQJaXWtTklP%26p%3Dhttps%253A%2F%2Fwww.dedeoyun.com&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.dedeoyun.com&random=2152963442558&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sun, 29 Oct 2023 14:31:35 +0100

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 95FC 38 KB
15 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 08:16:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Oct 2024 08:16:49 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D307 0
20 B 125ms
124ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BOdYjxWw-ZefkHOCf18cP7921sA8AAAAAOAHgBAI&bg=!IiGlIW7NAAbo5yKYyOc7ADQBe5WfOGeo8iDxcO2X82IsgtgULvVh3yRL2seZfHctnrP3YvOjeOPtiYHKOp6KzyBMZ1bOAgAAAMtSAAAAA2gBBwoAa4toalW8Mn1q-v6zpSVxyuNLcPYpML6Au2HYhNg6aEY_GLF4qqkBfvB-KiPccAu5dy8wFJaip0-RDrAN7BkW_ViCoh5ubqWxGto73j3JSJWGulhZDLUp-Y3DnBvSuSy38gVVQTiI286zs7iYmQMUkrwoaChbl76O_vKA-AutPOcdgjKy9-aNnaHPy_4nW1DZl5zB9pqZXOXqj14hPcASigySmFqNVaVmnHSAEwieCFqo_tW2XFfP2gVFPbkPEoj1kV595mGU0Fl95D1J7p1K6SB4kVNuzllFmVoj7XhdD0sqVpha97c3TPoLg63wDepdeDyxkBFI3mmk1iTCOOzG1e-SRkOm08Y7PbFxE4xCL2VZw6-Qug-Oz1RZW5jVkDns19IVxsopLafZdVIY_p-CVFYZcpH6sIY5gYeuoHOoZ4Inu2-LjgvAvkDN0CQqR9VhQMJhAfiBBdIXZvRN4dj05wpdhgatgewmv5D0RdjCE1JYqzYVttTLew4wG7wde94mnTTOMc78RzjmmoqMN_U25o_68kva7_6Mig3kc9IePcP4J5n2CroaPjLL1rp8wPHknW_nygug48Jy0_qbcmXe7JDzyVBsKIpX821lRBQg8sxAnsCvSkFv29y3B_jlHtikMllDC6YlU-hJ7uRHi6JXVf8RXxZhqZmDf-QTYLSrqdny9-QE6fyy6xLosBDYwuLdGB8iZ2g0cCiT_3bI70Ky1bESA-TE-KlF1cWTWTiwwbqvyOMu3TURMhviI9ECdFF6Gtr7CJXL7zxTl3z0gvysX5ySQ9mK2LHm-aiD7yfwRe49JvjHGIJKopfAgnn5NGovh8wAEakkoaG094fg_-o2rVYB0GseNQCpDGEbog2VQPBrktRTBHp3dciUhuh_-cflNkrysYxiordGr2tWGbsH69WZ-C37H8y14F8QrrOpBrbLlODDCcLGlrzseaSfalLIPt5BM2Ph3OCkq1EgNGEZTpDtwDQNyiKPWqXQbwXI1Epw8w0F1HArHYg2hcdl7e05ukhB-ly7BeK0ndPNjtiPHExoWSRFKaKH0GGwKwWBOX8s42VhIuUFIZytBti3xurCLh6unha6t_WKCyJfCp0qFvmi2FhkEK5YQaVFwuLmnowoGNnlM5z_Qd4gvjB0i6nJo6up_57YkcEvrSYh9UqIs0_MKTdiWtEUsOvVjzTIjn_-6js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 95FC 0
20 B 126ms
125ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B4-XXxmw-ZYeTPOKMjuwPko6pUAAAAAA4AeAEAg&bg=!FhWlFVrNAAbo5yKYyOc7ADQBe5WfOLPJUBOv0PI8oITIZXbBJ8MAkCR_hNJUYT6CMBnezdHTkXYuTfW0CGvMApnxHut-AgAAAF5SAAAAA2gBBwoAgqSYOHf4sJCLUPu1J4bCw7cuN5-YhAfbTM89Z2OrWHKgMpvBO0av7u065Mc1XmIOBDlzj7PJbpiLy5tStPEtRrRAqSffOgTZQLCtpEZl4NTNEHOw7eOOVYd304-tG_0W6zZ0Zcl85e7Epr0qKfRa2aCBd5AmbGTm6AfzcLRoHcHfxWOZAwqbI-q0EI3MgyDYOfAeVadDqXZyR3MESbOIZYNkpX9uBlUIqOidNwVWNUAfSSzwmKVpwbtqDwitl6DeHRt9EOFNSlw1hE5nTtSv5vseOwrTLjK0nkJKOZz8feHCLYpjBTgiKVoXJ4p9o0NfCNQbHk_zW2kPu3f-7loBIsnWldZwpku6dfwx02k1CJUzSBAhqv1yhkK4EFUMCWe3m4Hix2SbVRQjh6sdS3yaO_e3gx-DbcmhA6JStkmcD0c_Mu-xtjByKkEdO_2rzWWQtoChqt2kgzCHjIjDUrsRDqGUBqy38AMcwLM5li2YwFH80sp82TnGJRddHl8jqHXB6RmUKkkZDtykzMO0IW_SmNF3SAjRCm2ZeEY7SYQr_DzfJ0BD6ZJukwIUu24EFPiHGZl3lI71kZppeihr10Y5aXi7tpCbtRpOs0mGtUT2IxmQutRuXraF0FzrJ6-B6YrAzH329ILUBe14Sgm0Fz_BFuK3Q5ClV2VcTfEOy0b5aFXCpLJJzdgj7kl-_QVdbIrlK0k9GvtSezeMqa3n7sab_x1z1qPsUzv6YOJ_OU5sgObd-YazeAMSIsor7DgEaR59mlg2EuviVRhg9CkJ_qfBC-bYoMUoVk0D2FfjoRwEigqm3IaS-qgckm4u42LUD-qjc8OjeWKzZKy3oPrzJowoxN5BvT3A78-629ZXtBUWl0N1X3cQUPj4EgpqWrl7xB-iDFCccysHHyE-EvMmZjT34SfxrKiZRE7WMIsTKGE25_Fj8AG7GWt51ZprUt1YxY3l4ZS8jbqd1d2iHDry6ZFjWVVXiMbwSWxQdAqMOtNjzaL0t4yL0c2eDaQ8UqSua1yEcAjMf46yLpuUOG9TZ6F2J5QTAM0IBELDtZ09v5PCnsb8W34YE_mtKUrOmMLlZOF92bG3zxRisLIhHr8VITwendvuiPNl9RhZd0h3zn17OTs-7AjMcutSYYBE0ragwGafZ3Obtschou7hBuXTyBOZEFD0CsBBD-QsY2tSt3WgZKFurzhtTTescnpNVRy9Uq5k

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900014.redintelligence.net/ Frame 34BE 7 KB
3 KB 71ms
24ms Document
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request_content.php?s=95476100061973104444452012492014&a=8dc09be1
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=1fk3zv56z3i8&nw=20&renderingType=javascript&namespace=374ae518a4&subid=&uid=17628464c0898518&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYiyexWw-ZejkHOCf18cP7921sA_M-Yagacuwx__3D_AuEAEgi77KBmCRBMgBCakCtNCCGX-5sT6oAwHIA5sEqgTsAU_QLXG6hwO3jc1a0itR3jSHc6jRY1t59I4tPYkUW3ob6iak54e--xOKtZuHe3aYkXt1axNn8NSdhS-BhPJQkiAy27yeylHPSMMbt51nJtWrJ4NYvxNRXvtddcFt4l5WruQhPo7xWOEO8p4PYUGBrLOk_u2hWa-efx7HBnLatva108exwR4ipddwQeGEL_iRWQdCmBwbjQbjphDGoBiseGUUDBbkIM69EZum44tLGgA2ZwN5iS3iKV3h7sspxHk43tZWNh5nnlKbvv-o6_0PCR9X8dciPNnpHVBu-9479y8ALWQP5qvqEy8xLewOwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CTkywE-CbzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwDICaaN1JGvoZVpo_RQ_I8Q4M4Q4Sd5wj7XpjmVJTuHAz50sJpEQ9e_iTOd_2JQRU2m4fb1Z5eofLtOo7HEIlH8sSyMP6x2VYhrGhgB%26sig%3DAOD64_0_oLHFwake_t6O3MQOoevaEAhGrQ%26client%3Dca-pub-1016383332489375%26dbm_c%3DAKAmf-CnzxYQRt3wIZPIsKhJqX1YhIzYOfOl4W7-8uxPsnxMruXRzGX4Nl--aLIF3sCXCFYjNfXIfKvMAEpPTF_JHsAgea9Q62HNn45RTYVZPNSt71JhYbnqWtCHFTTz0DX_WKenvy91zwd7JzaY5u3cOExSTP5RML2yO9pkMIc6Tjd7l4W3z_c%26cry%3D1%26dbm_d%3DAKAmf-CA5VPfpQIEaEjwK27INM9r032Y5nY6HAwO2EisCJM8FURKikCnfPYbZOC_bWdpeoEZlfSzT6lfuJHj86B_GKsntE437U6duPAsdZmwXm6dgal7zgCDKhqA4_f9EpUohHGkRFi3MaRMU-xjjybuDyTixrXx1MCOcuGkltu7zWuUHasOBA3VZRbJH3gXNfSgd8Twq826qQWtfVSv66LshlPoMjmpQifFClnogSFhZS5odDAXfSmKch61P0HtmUQa-ja6yphfQgZdg4cEKk0uemkwW6Gos4v4r1VDEHLS84NzDKt1rfOnvHMaPHHtM3QeEtqQHzLQ6d324vLTDMb98D-3zPthdPu7jZlxfOs8Mhqrx5SAXo1L5vEmZymhELJf-lwtF-lRf2QFuDwfQd-HfgfK97jCuxOzHeltIYTbz4SsG-jZhRfNgH_7_0ysxtEU11PKWD4G4phNxeOtzpEt8OPJN-ZzhbJ0VCPMYWvpyM4pE_EWjmY-wFPUomncDqiDQXS_ai36MLcoSnnx-yVymhucmLM5NTSZcAvyWhk2LZU0GRZexUg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231025%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-1016383332489375%26fa%3D4%26ifi%3D6%26uci%3Da!6%26btvi%3D2%26xpc%3DQJaXWtTklP%26p%3Dhttps%253A%2F%2Fwww.dedeoyun.com&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.dedeoyun.com&random=2152963442558&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: eb84fc41f0bcad839fbd2994174d99f9f60e169c083f27237cd9dfda02918a28

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2284
Content-Type: text/html; charset=utf-8
Date: Sun, 29 Oct 2023 14:31:35 GMT
Expires: Sun, 29 Oct 2023 14:31:35 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 34BE 89 KB
32 KB 67ms
19ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=95476100061973104444452012492014&a=8dc09be1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:57:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 17:57:22 GMT

GET
H/1.1 200
OK S-120x600.gif
cdn.contentspread.net/24i/content/soberfb/EN/ Frame 34BE 33 KB
34 KB 94ms
30ms Image
image/gif 85.114.131.235
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/EN/S-120x600.gif
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=95476100061973104444452012492014&a=8dc09be1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.235 Mossingen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21039.dus4.fastwebserver.de
Software: nginx /
Resource Hash: dd19ea9b3efe6312e282ae1f7f119b0f8b1324484e27aba9e79d32209c34aa77

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Sun, 29 Oct 2023 14:31:35 GMT
Last-Modified: Mon, 23 Jul 2018 15:20:13 GMT
Server: nginx
ETag: "5b55f22d-851c"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 34076

GET
H/1.1 200
OK viewability Show response
hal900014.redintelligence.net/ Frame 34BE 0
150 B 72ms
25ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/viewability?s=95476100061973104444452012492014&a=0a891d3a&vb=m
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=95476100061973104444452012492014&a=8dc09be1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900014.redintelligence.net/request_content.php?s=95476100061973104444452012492014&a=8dc09be1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Sun, 29 Oct 2023 14:31:35 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 34BE 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame F7CB 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2fae112eec7224c9a6cdc860b1f73a352ef785a3b7cfdb4ad16c00bb7e2fd85

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 20CF 42 B
64 B 134ms
133ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst358rWX5F8DU7WigZIDnOwGOlCLmQBcXNzmhhh8y7DAiDe0aq308PETF6QzX-aPWfO5kCfoYtRb8Q6cs5uhv1U3g8LHmvVjACIcwztAuoTZmbMiUtNfteRjqWjIxf83DRUxUwmFQGzCZGp-roOUXBiNoheN3cz8fAPc7U3ZHil91Tv9gVAjBFhGKmSbk9biDQbs3R_DxfWUTpKUaEs5RAxuYTp3pH9GULNjNJJMDYkZYOFCw2FW2mYuW-m16i2pCa-TLridZUPC8AHY2skOmVpIJ2lt9uhn_2jEe8GABXXmtTpmKmsocINrnxdO9tymmbhuPsdcerDBtuynPBF7J2cBJDYLmfsSGfAiyrqcZUyEvwHdsPPtKaIewX98HgY2HGFmkO45R08radREZ3GHNd7V5mQwTKXouBkZVF7zpQgqwIRgzusdXbf7QmONv9uPZujd9AN4XktcC4RjjVaP1AMh2NswgKORizqeSIZXZijL4LxLQzAT8c15YzZXR-7aQQIcp57fNUeXh1aNK_bMGn8KFVLUJG5OmnIbv7S561XhUe3EGfjWjYqYOi3H43UOjdIQNm718eBfep0R64voY5bEh2GfQiPP0z4kVXlKM1Jw-wOT1m8cH0sxgdLvJ84Gz7jiMe5J4MCtYHBEfzEJmNTbrtuGhPm_psyw-OeT8mBDh7q_YWtaW9zqIIQiz-5Zi0EVW9MSdvf1tDAzp1krxxnCelQiPjxrjQTwFP3EGl_npue6kwmY-TTrwWiPPkchMuEbCaTHdHiPYxOYK93LInojZUJUCCe2N6OYqn289Hb_du1Xy2Qex8XZ7VB4izN7jTvXI6fNDspUF-KnVvCcQ2dL6Q1EGOxlpn_dJnUc-QSt6cGpXxfOxivd9U7ZEPbYE-NzNdNXPsv46vYaTR_lFgCK8jGgZh7sq534BFmkRWZL8YkgtkCZAkyuOSNKxEecLZ_Q9rdyODL4Ue25jVo1a07uPlF9smyqWTrsNwxpgp4yXCt76XD_uILLJ2nXVb0QOiPBS8IUq811-H3a4MOB0GqZPx7EQBcsAk0tCVP&sai=AMfl-YRuMp8310mmywGFwv2WhCjFVBDFHhzYKOtLj5Txy0ph6E7u_bUdgj4KuRgHd9-xlfx2Pb6XONnjuDrSeaqgqG3N66i3u4FVT2gyVxPaHweY_ckg3GJsk1XbMArZsEK73oDggbD0nGqdFP7Fk2JHmM_lB5ystL9egA&sig=Cg0ArKJSzBQLIIwbyeaWEAE&cid=CAQSSwDICaaN1JGvoZVpo_RQ_I8Q4M4Q4Sd5wj7XpjmVJTuHAz50sJpEQ9e_iTOd_2JQRU2m4fb1Z5eofLtOo7HEIlH8sSyMP6x2VYhrGhgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=155,833,1000,1000,1000&tos=155,678,167,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698589894678&rpt=434&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 35A0 42 B
64 B 138ms
127ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstN3VJO8bfERETgcj5np3jnll0D_RPHSNmDn_D4YTOfmgn4RO2KqDo1a7LUbpXsdwSMmjvBELfUZij0W7H2IlWbHOX0qrr-qzx3L_xuBr-IGQKq472NV2jcAKkLfJcpSrUnNueUcPqlNo40&sai=AMfl-YSQPusT4BJSL5Elx5A52KmsRt-WtGQPlKOrtG9dO_ndSSAwPX-1m9D7d5dDb5UhynXvEx8PUHpFeUfjoBvUpYaaJSvDJQubB-dNTBNGLFiGpchr4DdcguLQaDtErOy-L8ifN01sfZdencJO&sig=Cg0ArKJSzCN93Ed4BQhnEAE&cid=CAQSSwDICaaN1JGvoZVpo_RQ_I8Q4M4Q4Sd5wj7XpjmVJTuHAz50sJpEQ9e_iTOd_2JQRU2m4fb1Z5eofLtOo7HEIlH8sSyMP6x2VYhrGhgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698589894730&rpt=388&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F7CB 0
20 B 120ms
120ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5499317924883&version=m202309260101&ct=77&x=1&cor=13571479365048572000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F7CB 42 B
64 B 127ms
126ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvn5dlghFEL2SKK7Z0Ypz-Gb29tubmmDTWOenZuSJH2iTJG7DmhLTliTku03-zYmd6LINy4OjbmHNEFwDJJ_dxmj5eo1NeQNK_P4zqHPG54Y-88Vj9DgNPTdtv_2GG1u0w&sai=AMfl-YSxVkhZ1sANddljfN29JEXlDrkNEcsmvkMNLSXJ9qwlA9ctR3zdOCuyzeJKJ3d8C6QdSq8f8qQpF7Xb8Q-YCjZmXlZT_Rq5bLxNtvkJf7m-C3-Hb4rhe5D2C_Qw-rbxrZsSajR8ybZUji0e&sig=Cg0ArKJSzAja-AEw06__EAE&cid=CAQSSwDICaaN1JGvoZVpo_RQ_I8Q4M4Q4Sd5wj7XpjmVJTuHAz50sJpEQ9e_iTOd_2JQRU2m4fb1Z5eofLtOo7HEIlH8sSyMP6x2VYhrGhgB&id=lidar2&mcvt=1008&p=0,0,600,120&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698589894759&rpt=804&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Oct 2023 14:31:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900014.redintelligence.net/ Frame 34BE 0
150 B 78ms
24ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/viewability?s=95476100061973104444452012492014&a=0a891d3a&vb=v
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=95476100061973104444452012492014&a=8dc09be1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900014.redintelligence.net/request_content.php?s=95476100061973104444452012492014&a=8dc09be1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Sun, 29 Oct 2023 14:31:36 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dedeoyun.com/	1970-01-21 01:25:49	Name: _ga_HGK04MYWHC Value: GS1.1.1698589892.1.0.1698589892.0.0.0
.dedeoyun.com/	1970-01-21 01:25:49	Name: _ga Value: GA1.2.756255355.1698589893
.dedeoyun.com/	1970-01-20 15:51:16	Name: _gid Value: GA1.2.1640951615.1698589893
.dedeoyun.com/	1970-01-20 15:49:49	Name: _gat_gtag_UA_155989915_1 Value: 1
.dedeoyun.com/	1970-01-21 01:11:25	Name: __gads Value: ID=cf401ed4054556ad:T=1698589893:RT=1698589893:S=ALNI_Maj13MScvz3WXGyZXY4xxJw5Mp1Sg
.dedeoyun.com/	1970-01-21 01:11:25	Name: __gpi Value: UID=00000cc53d9bfacc:T=1698589893:RT=1698589893:S=ALNI_MZanbwcSUORZD6S6ezOvuPQC9n7PQ
.doubleclick.net/	1970-01-20 15:49:53	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 01:11:25	Name: IDE Value: AHWqTUmnJqHoADQNdlVOt3s8l5FYmlx8IaPBwstfWdeIZypiUs1hIu7NExWK9wg7GAk
.googleadservices.com/	1970-01-20 17:59:25	Name: ar_debug Value: 1
.casalemedia.com/	1970-01-20 17:59:25	Name: CMPS Value: 5197
.casalemedia.com/	1970-01-21 00:35:25	Name: CMID Value: ZT5sxi-UDj2LoOP34ZcoVwAA
.casalemedia.com/	1970-01-20 17:59:25	Name: CMPRO Value: 5197
.adnxs.com/	1970-01-20 17:59:25	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hb>vAE2A!@wnfH8K6pQK`!5=E<L5?%KF]mwfO[EQ]B/PpF!bN^a_Z6@ZBnBH'X1EWCbpRzqF1`b`KADvQ.
.adnxs.com/	1970-01-20 17:59:25	Name: uuid2 Value: 2040915854146459818
.doubleclick.net/	1970-01-20 20:09:01	Name: APC Value: AfxxVi6zUfX2xjFY4AWkxOr8OX6jLWgGac06wxA10ic5WBfaj5C63A
.redintelligence.net/	1970-01-20 17:59:25	Name: 8lcfmzhxc8d6_uid Value: e8a080c4a1c067d1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.shareaholic.com
api.pinterest.com
cdn.contentspread.net
cm.g.doubleclick.net
dsms0mj1bbhn4.cloudfront.net
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900014.redintelligence.net
ib.adnxs.com
m9m6e2w5.stackpathcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.shareaholic.com
region1.google-analytics.com
s0.2mdn.net
tag.researchnow.com
tpc.googlesyndication.com
www.dedeoyun.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.shareaholic.net
107.20.147.136
142.250.185.194
142.250.186.130
151.101.128.84
151.139.128.10
172.64.151.101
176.9.26.250
178.63.52.121
18.66.147.91
2001:4860:4802:34::36
2600:9000:20a0:ea00:c:d51b:4400:21
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2006
2a00:1450:4001:811::200e
2a00:1450:4001:812::200a
2a00:1450:4001:813::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a06:98c1:3120::3
2a06:98c1:3121::3
37.252.172.123
52.20.250.67
54.197.98.98
85.114.131.235
00d97776d00cb7919b2805d008b52b462f01eb17d81dddf0b75d78a2b7bf6891
06978737b7e257a1323b1bdafb878dd74edade41e80c99912864878584b7f424
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1149528e11cac1770bd5b7185a4df571a24708259458ffef675178a82053f0fc
14e48d1452475a4616d64d30efc4f29b49359ff32d851f6ceb6e7b1f3abd5695
15f814626f437d2e675a7001d14d4bc0838a4f95e8b018010c029e69477bda94
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
25bb559beb57a681fbcd6b749ea0c17ecf3939efc5127ac756520f819f0c8f9b
28aae6127b7e4353b1f97c28e15d23d0695d8f3b7343263069bfdddd09692c51
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d71227fc3def221520b1086f6873be2c0b147e84560ab9b89af526372793b50
3091b67185aace7fe8eef02b0bd4d0bf7a4ee171bc5aa7d6008fc74f8ed270a0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
377e431fb4789c4cc2309955ad4b74bf3f3da3c28f83fdbef38c5734df22b2ad
3c75b16d32ba8bc5eb16928ee66f90548f0d68c575fce39f595ecae48a3901c6
3d4defaba412706e1cef5cabdd958d2b391375fe0ea17384d83c40194a8d59bc
3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0
4299f2aaa46eea61cff7da0f945e26cf0ace8a35ea912182e7df2a9958db8e10
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44195b9b227add0423806d975b7406ac2f9041248f43e16742a26d812b9be00e
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
486758874a6b570cd2a2e7e3eba2200c510279e2ba9da28f76390f0064933334
4895247d2cc6219f35f9f44d1f48266dab962c44ec67bc0318ca740bd2f8813f
4a73fb63c0032360a054ed24dce8f626d48b32ed607640bf1c7ac1228619d7bb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
4f78c3978e6ccedeaf5eedf6308f974424c885274a91ce350b727a355b8c2ea5
4fed68a8f6de67b537343be830dff1f449fe64198812f12e3ae1f1e0bf491507
5513df92fe2b99e2ecae31672897613adda6b512cc16628ee1184ec4998d37cd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
59015c7013a910e80925513c8c37963dd5c060fdef0134252a1db5939b15b8d2
5b2fe38dfe62400cc6c88ed3834d9dc6aefda3dd01144a1461f3a383660cd7f0
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5eefbd1a362d7b1f5bad390a9c7d3db992da694596a6c1685021eb7abe0a77b1
5f85a304638cb039fb585851030f8c62b2e4448bce1c915a58532ebebe4aefe5
6169fc8f8d80e925491c8a3b78da5829751642018eea9f2d14fa3c4251871401
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6248bbc2af753ec53b0ddc5f99728e431538075c267c99a1f61d3db7cb0969d7
69f452b260d6020091ee2f48b226d39644a2d2aa374478c03f38b0fed0d52526
6b4b1cdb55911ecf1527d37002d5b3125ad299eb803130f080eecc358abd1c79
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
71e99106ff360de11bc14a501e4cdf117c1e9f707e4735f80531c85e80052796
72c6a341e7e79866f051c7f88a09ed61e9dffeea9c5fec2fb260066da7cc51ad
799488cd962f7efc725ca2571265b61f6584430fab56c2ee95f0eff8106bc61a
7a6e241051eed96e88b160b9fefa002d60b1c59127f33f7ebb278023299d4306
8b118f8204d0e47269e3f7cb3dbb71d683c1ad2e20a8c5ddc7d54f9495e92cf1
908c11490b7d370b4ac2ebbb0973af0241d3917a9a65cf176e58d0a6790b3394
91781f622b7f15b841217d7bfcb478708d802d0b04982b1dbedbb2b6b281c35d
965b0e9a05c72471e089e0b9cd0408a694e9f4322265513ee5a76293bb92fbc3
980550a1ac17982df287b2e31e06003f180b85cc137352c5481a69fc78f04925
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9baaf7c5d7204b6d06a839288f497c118129fc6d7658419bfe9bb99fb9f02d65
9be69b781f3e36335ba7bfb3b6bab606529474452e8c33d12a3d2f4f0c1ffa99
9f861cee3d5e3b0a73412a3359ef9c3bf73bdb27f984a0f945b11122fc1f9853
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a093f9880e1d7ff3379ae665e3cba8805b08b826293944fb850bfc68b7a07230
a0ddcaf000190e6f47f2042119948a5cf9866664f02aada0bbb76582fcd3bec4
a10d68225c229e14ae7fd1440ee78e916ab0b33cb7b223dfecbc1c5de2fd2760
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
a65cabba92aa15ab26bc1a66bc5d8b692f11549c13e8da14f1fe2c1702f33962
a6b9d2d47597af64730648cf97c2feb38236e296616a4084fd33ea2c40fe7703
a91b54e64cb2610d8a3b03397100c3fed49ad0e7fd07a7085371f5b5b66c9217
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
b1392a01deab711efdfc011d890de4f01a4ec11302244c86e92530534af491d2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2fae112eec7224c9a6cdc860b1f73a352ef785a3b7cfdb4ad16c00bb7e2fd85
b91b857941dde90b60505226fd8531d737ad19483274b492ab751cf48c5c041c
bb3bc1d4a3d39269b6d8f89126270dcce9f08c34711b2e40a688a69fefdbda7f
be2659ef78a30587b8103d9a2046f1ad419c101d1fbc10882b6e20e6c223a22a
c38bccf9c98ec680a65cb33b84103548c58f8e7525177b3f537fff2852b05504
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c77e69ba45c1282daaf4e0775d41d9bc257589d5cbba51ce214b42279f6e82dc
c7953994112c5897c6cb94b9340c67c8c2dc3837dc2ab4af08375baf1c51e88a
c7e104e6d449c2536057c5ac2c0ae124800e079cf5c584a11804f64988f2e9fc
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
d13eb8a017ffb3f90dff10b1914de7caa75587bc3b595a1f1db70ad326eaa2cb
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d2c50c8c6b70955f8374ad2ffe663bf9c8458920427087860d923a0abfd91381
d34fbbd67825a46bf1a21896d6d511a0c88137f3c4c3d43a967c1ba3cde4f8f5
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d6f73f573858aa835c15bcf30e3f574102f35d9276869780578510d9cb6b1624
dc35ad92a95e748d4f77c4949dd90df0a8f2771b22fe9305a620f82bf6ef1dc9
dc9ca51c2cc3f9491b9740e7396c5a95132b34050df291d5ca0cd6edfadbee76
dd19ea9b3efe6312e282ae1f7f119b0f8b1324484e27aba9e79d32209c34aa77
de0262e618d5ad8217b174bbbbf8265c003f3e65c1ca4c5b3ac6c29d573c6147
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dff64968628de02d0c55cc141a1fc5ead96cb005fce212ed7201e2d8ba6924e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
e7c9d49b5581685a28989632294891bced41a8d7cbc266318163b8b162bcf267
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb84fc41f0bcad839fbd2994174d99f9f60e169c083f27237cd9dfda02918a28
eef8e23801cc13c6ecdde36dafb161c3149c6f82b88bc7204f4bb51e395d94c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa66c11ec2a5f1c2324d0bc9b0fda9ab006ae65f898ee2b9c96c2497e6de77a
fbddc0f1044a52d5ef1cb3aa1060026761ca668f76b7a9739a3b6e7891a21c2c
fdd999eec7b1c791a6921a24eb2caac8dbae68fb07a0e9b13bd8b66b357eab69
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

www.dedeoyun.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

170 Requests

92 %HTTPS

61 %IPv6

21 Domains

33 Subdomains

33 IPs

2 Countries

2361 kBTransfer

5851 kBSize

16 Cookies

1 Outgoing links

Page URL History

Redirected requests

170 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.dedeoyun.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

170
Requests

92 %
HTTPS

61 %
IPv6

21
Domains

33
Subdomains

33
IPs

2
Countries

2361 kB
Transfer

5851 kB
Size

16
Cookies

170 HTTP transactions
7 data transactions