youtubevanced.org Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://youtubevanced.org/
Submission: On December 09 via manual (December 9th 2023, 12:21:11 am UTC) from US — Scanned from NL

Summary HTTP 77 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 77 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is youtubevanced.org.
TLS certificate: Issued by GTS CA 1P5 on November 26th 2023. Valid for: 3 months.

This is the only time youtubevanced.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.109.87.209 23.109.87.209	7979 (SERVERS-COM) (SERVERS-COM)
12	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
3 14	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
6	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
77	12

13 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

youtubevanced.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.87.209 (Netherlands)

ASN7979 (SERVERS-COM, US)

drearlyknifes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	477 KB
14	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	119 KB
13	youtubevanced.org youtubevanced.org	312 KB
9	gstatic.com fonts.gstatic.com	140 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138	44 B
4	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	255 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	85 KB
1	drearlyknifes.com drearlyknifes.com	1 KB
77	10

	Domain	Requested by
18	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	googleads.g.doubleclick.net	3 redirects youtubevanced.org pagead2.googlesyndication.com googleads.g.doubleclick.net
13	youtubevanced.org	youtubevanced.org
12	pagead2.googlesyndication.com	youtubevanced.org pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
9	fonts.gstatic.com	fonts.googleapis.com
6	www.googleadservices.com	googleads.g.doubleclick.net
4	www.google.com	3 redirects tpc.googlesyndication.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	youtubevanced.org
1	drearlyknifes.com	youtubevanced.org
77	11

This site contains links to these domains. Also see Links.

Domain
github.com
play.google.com
apps.apple.com
www.virustotal.com

Subject Issuer	Validity	Valid
youtubevanced.org GTS CA 1P5	`2023-11-26` - `2024-02-24`	3 months	crt.sh
drearlyknifes.com R3	`2023-10-22` - `2024-01-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://youtubevanced.org/
Frame ID: 7B489F0861A771BA94B1DC7F57D22332
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1377852239732410&h=300&slotname=9093952817&w=360&rafmt=11&format=360x300&url=http://yo.fan/avempire&host=ca-host-pub-8726151893822553&
Frame ID: 68FFA42608402B25BDBECB94083D2DE7
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1377852239732410&h=300&slotname=9093952817&w=360&rafmt=11&format=360x300&url=http://yo.fan/avempire&host=ca-host-pub-8726151893822553&
Frame ID: BBC6DB9090B2DBBCD404E282DE99F8A6
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1377852239732410&h=300&slotname=9093952817&w=360&rafmt=11&format=360x300&url=http://yo.fan/avempire&host=ca-host-pub-8726151893822553&
Frame ID: F021A0059A801654DC4BDDF0057CF9F2
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Frame ID: 6CCD14EB8B6E42B805FBF91D7047405C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1077827836259849&output=html&adk=1812271804&adf=3025194257&lmt=1702073937&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fyoutubevanced.org%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702081266831&bpp=2&bdt=496&idt=217&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6965712838227&frm=20&pv=2&ga_vid=1056960685.1702081267&ga_sid=1702081267&ga_hid=597213788&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079759%2C31079924%2C44795921%2C31080037%2C95320885&oid=2&pvsid=3448264665886558&tmod=1647797552&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=235
Frame ID: 904BCB5AA9FAC468B349727CC20DF280
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3F6D272DE838EA559A27EF2C10E6E9D2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B7EF037BAB4921B63C688A98928FBC72
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 31D3C1C582A44B209DE3BB73D5CB0C8A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 760E0174EE1A2F92A97157FC6BC04CA9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: AEFDAA6B329173511026D95C77E30468
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: AE665A47F7413045D83C7C9E926C70BA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0F653AB4EFFECD956E298859CCA07866
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F4DDCF645E3C32E0DE62D2257BFA786D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Youtube Vanced APK Download (Updated) 18.46.43 Latest Version

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

77
Requests

95 %
HTTPS

82 %
IPv6

10
Domains

11
Subdomains

12
IPs

3
Countries

1137 kB
Transfer

2532 kB
Size

7
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/revanced/revanced-patches
Title: ReVanced Patches

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.google.android.youtube&hl=en&gl=US
Title: Google Play

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/youtube-watch-listen-stream/id544007664
Title: Apple Store

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/file/01dc0934f5dd5a7e7c9c5bb6f02c1ee056d918d965020d9907fca7d9877873fa/detection
Title: VirusTotal Scan results

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://googleads.g.doubleclick.net/pagead/adview?ai=CVXif8rJzZc_CKLKKjuwPl_aHMLrS-Jh0hMbihJASoYSM7pIOEAEgyYnenwFgkQSgAdOG55QpyAEGqQIxwi5KOwyyPqgDAcgDywSqBPIBT9CKubzQvNd6DgQ6N8l2WBBOL-LD6whgTG-hFIKjb-1tcjYLNCwm5cLOgm_IO3zo08zYj9KVYRe_0kq8uAe2SiE0cR8C0GK4RvOTr97k0vIGEb08FrY1sXk_19wmFB2UfbQqS2m3kfjMmOHHyTOLZIYmZFACpUyKWQJ-foHtcvPZYaDYw245ssgB39C532DPXw2lw2jiP4YObsTAnprqU4t6qEa1L5_5oEq9W--9b9Ez1bMY0mTVvlhN2XteFW70u7fCGLuBI1C1KzdcjkBvXHhM6gYk4fDjiUXAfvXDzkVQNovp5SuqI8dJlFIDbJMJO_nABOGfs5rGBIgF_fjMjU2SBQQIBBgBkgUECAUYBKAGN4AH07639AOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBD8uw_SCB8IgOGAcBABGB8yAusCOgKAQEi9_cE6WLPjnOqKgYMDmgkXaHR0cHM6Ly9zaG9mYXN0LmNvbS9kc3KACgHICwGiDBQqEgoQ5LSxAu61sQK1uLECrLqxAsITBhjThueUKdgTDNAVAYAXAbIXHAoaCAASFHB1Yi0xMzc3ODUyMjM5NzMyNDEwGAA&sigh=cTUcCp5g9EA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwDICaaNUrhXN4PDlk6lX854Cp34pTp0LKitXRgB&template_id=492&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218438207021070096644%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211049485139%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228213501707710881265%22}&andc=true

Request Chain 54

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 60

https://googleads.g.doubleclick.net/pagead/adview?ai=CkFAw8rJzZZmwKL_NjuwPu9S30Aq60viYdITG4oSQEqGEjO6SDhABIMmJ3p8BYJEEoAHThueUKcgBBqkCMcIuSjsMsj6oAwHIA8sEqgTyAU_Ql9Yqei6kotHls6rpPu-zoLDIdRYgFnMp9uzYlG52nY2qJkdPRQ5-Zc2xPLRZg7hZrD2T-cVcNoO_IlI6ngPFNshCaNNK1a8dWWm0AaBd8pKCtgYr_WTdXFT2r_ePFdqatBGjf3hAekzmltCBsZD2M4pVNJs7QQRZsQsKWOWUC8fw4ApSPhYmWxdc-Vz7htGd4n99wWAIfS2jWxO027cqA62_yynogM7kivmSU3h17vkDxrTOzotX1avQAvNN4e737oDL4zfy5nFU98wZZeKDCQzWmcHakDFVt2U5mGF5rTk4x4_AvgvhFf8U29zTLFTGwAThn7OaxgSIBf34zI1NkgUECAQYAZIFBAgFGASgBjeAB9O-t_QDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQtPYf0ggfCIDhgHAQARgfMgLrAjoCgEBIvf3BOljF1JzqioGDA5oJF2h0dHBzOi8vc2hvZmFzdC5jb20vZHNygAoByAsBogwUKhIKEOS0sQLutbECtbixAqy6sQLCEwYY04bnlCnYEwzQFQGAFwGyFxwKGggAEhRwdWItMTM3Nzg1MjIzOTczMjQxMBgAshgEEgLlWQ&sigh=xwCV1tarefw&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwDICaaNT8SoOPBUBYJ3oGf7Y9o_I-uTIWgpdhgB&template_id=492&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228878785680092932306%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211049485139%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211423250887232158017%22}&andc=true

Request Chain 61

https://googleads.g.doubleclick.net/pagead/adview?ai=CyJeG8rJzZYi7KLDOjuwP6omAwAG60viYdITG4oSQEqGEjO6SDhABIMmJ3p8BYJEEoAHThueUKcgBBqkCLwzsiboMsj6oAwHIA8sEqgTyAU_QH_p2Xs6BKZovNyGzLXNrJ11d-kgTkdspN1L0-VeRn9VWy8A8IlR_4MiSm-H26rJra1DZOJmPjgG4Tbs3cp5zX6e0ERknsBxwiM1toDVLCHDEd4zaFkIarqzN3E_-sxbfMJldr8S9JHlSQUMqcaFXb1fkNtuTZD2jeDvafZfcVAgfOA6qNSe5u7IEzeSmPx2Em3UcFDX1b2J31c0rDd84nTORL7VNeOeenmd9Dp6O9iTDGN5XliDyzQlVYOIrma_9CSPeKyle7gnS43ovlWz0ClffGeB-ATXWkVxaOnbkfym58YOiwXf829rKtbe450IQwAThn7OaxgSIBf34zI1NkgUECAQYAZIFBAgFGASgBjeAB9O-t_QDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ5-kc0ggfCIDhgHAQARgfMgLrAjoCgEBIvf3BOljN25zqioGDA5oJF2h0dHBzOi8vc2hvZmFzdC5jb20vZHNygAoByAsBogwUKhIKEOS0sQLutbECtbixAqy6sQLCEwYY04bnlCnYEwzQFQGAFwGyFxwKGggAEhRwdWItMTM3Nzg1MjIzOTczMjQxMBgA&sigh=RWNECeF1esI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwDICaaNBqLPdP_k0Vaq0blSdPVqctb8oYJ0ShgB&template_id=492&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223907589275064887254%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211049485139%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214714049157735600881%22}&andc=true

Request Chain 62

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 63

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

77 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
youtubevanced.org/ 116 KB
27 KB 927ms
550ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youtubevanced.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e44579a68c1a318c89bedb1562dc60ffa552a332ff37f4cd0b8354dd79deea7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 83291607b9706428-SJC
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 00:21:06 GMT
expires: Sat, 09 Dec 2023 00:21:06 GMT
last-modified: Fri, 08 Dec 2023 22:18:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fzoHQXCkP%2FO84hZFIlVKlPxclolqviVukDWdOLgCjJCd6mlGsJAoTVx4vbLPMYardeQKDcxQUkQwHEO3WsnGtqhGFQKvStWV7PY6xE8V27b1MzVEG2XPxp1KiaEcemdGdhIM2vhrfZeksakEqjP4oA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent

GET
H/1.1 200
OK 73067 Show response
drearlyknifes.com/rdEDKSMO1f9pihNw/ 0
1 KB 121ms
22ms Script
application/javascript 23.109.87.209
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://drearlyknifes.com/rdEDKSMO1f9pihNw/73067

Requested by

Host: youtubevanced.org
URL: https://youtubevanced.org/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.87.209 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://youtubevanced.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 00:21:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://youtubevanced.org
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=20
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires

GET
H2 200 5959d35cc5a0f760ec53c0704943f7e5.css
youtubevanced.org/wp-content/cache/min/1/ 223 KB
34 KB 190ms
190ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youtubevanced.org/wp-content/cache/min/1/5959d35cc5a0f760ec53c0704943f7e5.css
Requested by: Host: youtubevanced.org
URL: https://youtubevanced.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d59cf82055b6320e1fc440a76da01b348241cdb624254ae6f64aa031f02ae02

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://youtubevanced.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Dec 2023 18:40:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 179106
etag: W/"6570c000-37d79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkq9Kw7JOX%2FZZmB1eDRHUI1KfvUB2ho4%2BB8zDi5Gwbtl14p7wTHXpYirbilcLKwUZ25O9UR8L%2FLT05AqqTW6YCi3xExyD8UNhtfehgIiruSxMCO3l0saAeour5ZmSYOZ03mt%2Bda9FLvGR%2Fgr1Ofwew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8329160b2d2f6428-SJC
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 125ms
74ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1077827836259849

Requested by

Host: youtubevanced.org
URL: https://youtubevanced.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54143ff7e77a937962fa0dffc7b23690a4f71410f1836d5a6fd5c416246a1385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://youtubevanced.org/
Origin: https://youtubevanced.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51454
x-xss-protection: 0
server: cafe
etag: 13079501095431917750
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 00:21:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
85 KB 106ms
35ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N37JH8F5PS

Requested by

Host: youtubevanced.org
URL: https://youtubevanced.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

93fa63ba959e837f57615cdee7b932921c35ec78819ba7e355f2be9caf459caf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://youtubevanced.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86165
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 00:21:06 GMT

GET
H2 200 youtube-vanced-icon.webp
youtubevanced.org/wp-content/uploads/2023/05/ 10 KB
11 KB 223ms
223ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youtubevanced.org/wp-content/uploads/2023/05/youtube-vanced-icon.webp
Requested by: Host: youtubevanced.org
URL: https://youtubevanced.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 774812c1a229a34e4e7d374a2170aa889eaaebc5134a7772086e1677ac95f012

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://youtubevanced.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:06 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 17:41:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23129
etag: "64aee5d6-28a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=me%2BalcYbeiCKT1tJNML8pb9oLGclK5v5gbRtn3FF%2B%2BWN9LoIBGXKFFoHai%2FcCCm%2BAYygbTpTgh95JxQdq7hId8tRw9Vz1PXD03MxuTuiKJaGxpZOxEassVDymQTacDg7H7N%2F4yTIT8xhHsTuWV3ggA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8329160b4d516428-SJC
alt-svc: h3=":443"; ma=86400
content-length: 10406

GET
H2 200 YouTube-Vanced-Latest-Version.webp
youtubevanced.org/wp-content/uploads/2023/05/ 34 KB
34 KB 234ms
233ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youtubevanced.org/wp-content/uploads/2023/05/YouTube-Vanced-Latest-Version.webp
Requested by: Host: youtubevanced.org
URL: https://youtubevanced.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d673b6993caa6d81c7724ec0e95ef817e5617c6e802b66c6879221b9eb9afd16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://youtubevanced.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:06 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 17:41:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 625860
etag: "64aee5d6-8744"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tK3NBQ9XcuZd9DNgrkCt7iurCVocS%2BpSFx84fj%2Bssgaki5cahXUpmCenA9tXO0dK6EziZWK8F7JowpnDRaUwcC4qD%2FQfVd0GOhX083nk0NNVNUpQvxEibMquC5nDvWFxUjdTZpLtF7JNBqSuuf54%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8329160b5d5d6428-SJC
alt-svc: h3=":443"; ma=86400
content-length: 34628

GET
H3 200 YouTube-Vanced-Playing-Video-PIP-Mode.webp
youtubevanced.org/wp-content/uploads/2023/05/ 10 KB
10 KB 51ms
50ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youtubevanced.org/wp-content/uploads/2023/05/YouTube-Vanced-Playing-Video-PIP-Mode.webp
Requested by: Host: youtubevanced.org
URL: https://youtubevanced.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2825b5ccabfb762cf07f37dc0dac0340addd1b4fb7e5a45c970e159e77366115

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://youtubevanced.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:06 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 17:41:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 817824
etag: "64aee5d6-272e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdDB6bFHe04TBTN%2FjXgGyETtHaSlJAZyzPIVbhmaPilyZuaBhrXiwjFGzdzUZvGJu0w2GUX01kFFnVrEnCXLOBWbD5KmHQCXzqI96WJJ6AzP0cTl2TL4CVCe7KSkJ6DJ%2Fzgvi4mycgfHkac7yC5QrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8329160c3acf39bc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 10030

GET
H3 200 YouTube-Vanced-general-settings.webp
youtubevanced.org/wp-content/uploads/2023/05/ 15 KB
15 KB 52ms
50ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youtubevanced.org/wp-content/uploads/2023/05/YouTube-Vanced-general-settings.webp
Requested by: Host: youtubevanced.org
URL: https://youtubevanced.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6461f35dd109d07068ab401843f3c15840ed0b9dd4b7f56f95bf380250eecb3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://youtubevanced.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:06 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 17:41:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 817823
etag: "64aee5d6-3b1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHo5V9WFiZ97X0PnNFxb%2FbprRZaWNnvzfmRBLMlUwyZfTjLRkokO1v26Zihg28LeMwoAVQChLoFse7%2FXzIS%2Fg9iQPgOOiLZpo%2BC1woq5a6ENAvM8Jr2sK16dmKe0rHGf430YBXMob5bil4xVl1NcOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8329160c3ad239bc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15130

GET
H3 200 YouTube-Vanced-Data-Saving-Mode.webp
youtubevanced.org/wp-content/uploads/2023/05/ 10 KB
10 KB 70ms
69ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youtubevanced.org/wp-content/uploads/2023/05/YouTube-Vanced-Data-Saving-Mode.webp
Requested by: Host: youtubevanced.org
URL: https://youtubevanced.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f88081381301bcf61334897ea8c16e4628f8081c33ed8931a9087cbaeafbc04f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://youtubevanced.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:06 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 17:41:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 817824
etag: "64aee5d6-272e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B9Nitj3tm58X8y5bxOFuxKv7t3VB%2FWamFvmopOmr8SbyNg9HS2wG5QECSX%2FGTzEe%2FVdLSsbEYfEqjle0mjbj95d4%2BWr2QiRShCZiJI1wKWof2Gq1TtVIuaO9yDup1aND3eADy%2FhI3ACpGgsvPKGqog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8329160c3ad639bc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 10030

GET
H3 200 Return-YouTube-Dislike-in-YT-Vanced.webp
youtubevanced.org/wp-content/uploads/2023/05/ 9 KB
10 KB 88ms
87ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youtubevanced.org/wp-content/uploads/2023/05/Return-YouTube-Dislike-in-YT-Vanced.webp
Requested by: Host: youtubevanced.org
URL: https://youtubevanced.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c2327828d1009cda949e2e8ff0a16dbc61e3f1221e03cd9eed7bb07206d0cc5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://youtubevanced.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:06 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 17:41:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 817824
etag: "64aee5d6-2590"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8UEh2t3a3IVpK5XiiOd6qa9u44RuTWOhwNPHKWSjBJNnA%2Bi0zBr0ccoMYsp4qD%2Ffk%2B076pZ6xh4PtxNys%2BYyOzwE6lNHRWhJM9hz27ke0AB5gB5KwR5ldwtyoqxr%2FuB898C5a0zlpfkOCHw7zlGi5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8329160c3ad739bc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9616

GET
H3 200 Sponsor-Block-in-YT-Vanced.webp
youtubevanced.org/wp-content/uploads/2023/05/ 19 KB
20 KB 89ms
87ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youtubevanced.org/wp-content/uploads/2023/05/Sponsor-Block-in-YT-Vanced.webp
Requested by: Host: youtubevanced.org
URL: https://youtubevanced.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7ab7421fab82d984b181e701e958c624fc2a6a180980f81730284c677445245

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://youtubevanced.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:06 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 17:41:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 817824
etag: "64aee5d6-4cc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GO9vkjsBbQ1jrtg3DHBx8ae5Gy%2BPYE9aON70%2F3P6BkWFo5q%2BcibhNayUhO3Oak77Y4YFBY5xDQ63R6UF7rYYC1AzHWqyR%2B5Cl49kIO9A%2B81fNg11nxiYA4axPBX4sPXqO8qY7%2BSX3R9FRqseij%2F5fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8329160c3ad939bc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 19656

GET
H3 200 Latest-Vanced-Setting.webp
youtubevanced.org/wp-content/uploads/2023/05/ 7 KB
8 KB 89ms
88ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youtubevanced.org/wp-content/uploads/2023/05/Latest-Vanced-Setting.webp
Requested by: Host: youtubevanced.org
URL: https://youtubevanced.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0727cd047811282f58c64c6ba53cc4faf84fb20ba20fb5ed2241f214365d0306

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://youtubevanced.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:06 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 17:41:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 817824
etag: "64aee5d6-1dc4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQNqXLV2Pn52RmD0w23Qcq8OJVIyU0kRDa%2B6F8d1%2FOa6POltKmvGmsmCpd3rTaVBvjqaoMU%2FoeXJhOTgY5T%2FhMflE1GNPe%2Be1ZtSilJ4rnEJmLOVPFS0X4KZxNDhcldlAyMp0akVS3q4wms3CqdmOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8329160c3ada39bc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7620

GET
H3 200 Sponsor-Block-Vanced-YT.webp
youtubevanced.org/wp-content/uploads/2023/04/ 24 KB
25 KB 29ms
28ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youtubevanced.org/wp-content/uploads/2023/04/Sponsor-Block-Vanced-YT.webp
Requested by: Host: youtubevanced.org
URL: https://youtubevanced.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bf3a70121dbf6a2fdc4cdbafefebd112518b6951e4c8fdf205a33892b9a11c3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://youtubevanced.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 685301
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400
x-ezoic-excludewebp: false
response: 200
last-modified: Wed, 12 Jul 2023 17:41:42 GMT
server: cloudflare
etag: W/"64aee5d6-6042-gzip"
vary: Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQNKZVSZBHibNCqnI06fkDPtPzQpL%2Fo2xxXHCCCbFFhhZodrowNQvoHAm0GynTvmjOmkzBJfwfPtR4GLNbHuDklCgjHR5q2DsIjd53chMp%2FzewtVSYiawywqgnc9QjLOHUVR%2BWrAno%2FP8MQIB9dIww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
cf-ray: 8329160c3adb39bc-FRA

GET
H3 200 bd86ff1e4e2b7bc9ecd7d8014ce3351a.js Show response
youtubevanced.org/wp-content/cache/min/1/ 110 KB
38 KB 69ms
67ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youtubevanced.org/wp-content/cache/min/1/bd86ff1e4e2b7bc9ecd7d8014ce3351a.js
Requested by: Host: youtubevanced.org
URL: https://youtubevanced.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 680e621791cff1ba208af4f075e95958620d7448deb2af1bb2a1cd33a97519f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://youtubevanced.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Dec 2023 18:40:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 193248
etag: W/"6570c001-1b80a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vbk5%2Fz5nOCBwoRRv3yhb6QnE9m103nRWfX9VqehR%2BXiCbPXgtlwjxWhr96w%2BhADOZyUVM2BG0025qf%2BDT0RhSSZ8%2BT9mO9tyC5RKRXVCMDNY2sX3LEoUn4%2BdxE9paUfkfcFT7uHrLN3EpgDyE%2BCIWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8329160c3ad439bc-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 68FF 113 KB
38 KB 502ms
452ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1377852239732410&h=300&slotname=9093952817&w=360&rafmt=11&format=360x300&url=http://yo.fan/avempire&host=ca-host-pub-8726151893822553&

Requested by

Host: youtubevanced.org
URL: https://youtubevanced.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc2f524d19752e1b989db2b4f2b40b7a5735c247521b9318d82ac3ff39f0bc42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://youtubevanced.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38659
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 00:21:07 GMT
expires: Sat, 09 Dec 2023 00:21:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BBC6 113 KB
38 KB 444ms
396ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1377852239732410&h=300&slotname=9093952817&w=360&rafmt=11&format=360x300&url=http://yo.fan/avempire&host=ca-host-pub-8726151893822553&

Requested by

Host: youtubevanced.org
URL: https://youtubevanced.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63b498ffa8fa14a832dc6a1efab40286107f0b393b8f5b4a5d8cb3428c91f81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://youtubevanced.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38659
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 00:21:07 GMT
expires: Sat, 09 Dec 2023 00:21:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F021 113 KB
38 KB 408ms
361ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1377852239732410&h=300&slotname=9093952817&w=360&rafmt=11&format=360x300&url=http://yo.fan/avempire&host=ca-host-pub-8726151893822553&

Requested by

Host: youtubevanced.org
URL: https://youtubevanced.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b30ac05db8d7851552d8de3a414ebfe3ed91d4e18a75847959f06f3d8bf54c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://youtubevanced.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38368
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 00:21:06 GMT
expires: Sat, 09 Dec 2023 00:21:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1656966894322.webp
youtubevanced.org/wp-content/uploads/2022/07/ 69 KB
69 KB 82ms
81ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youtubevanced.org/wp-content/uploads/2022/07/1656966894322.webp
Requested by: Host: youtubevanced.org
URL: https://youtubevanced.org/wp-content/cache/min/1/5959d35cc5a0f760ec53c0704943f7e5.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b4abe298632ffc829d7d50d3ad69896b7e7a35e3c9f694df5c14391524fb422

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://youtubevanced.org/wp-content/cache/min/1/5959d35cc5a0f760ec53c0704943f7e5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:06 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 17:41:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 817824
etag: "64aee5d6-113b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7v%2FLY7bvYwoXAk1VwDyTRxl8mubFszyhQg1qrIVhOrq5GztEZ3Tew1vtd%2BB%2BxGFXc8uZnx8q8CEIx38pmGiYwgFBmIdkR0FzFChm1pb9CBfL2n0NW8U6ftLmWzuA2996nJUlUXxyIapp79oPt9ebw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8329160c4ae039bc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 70580

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 45ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N37JH8F5PS&gtm=45je3bt0v890401117&_p=1702081266586&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1056960685.1702081267&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702081266&sct=1&seg=0&dl=https%3A%2F%2Fyoutubevanced.org%2F&dt=Youtube%20Vanced%20APK%20Download%20(Updated)%2018.46.43%20Latest%20Version&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1374
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N37JH8F5PS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://youtubevanced.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 00:21:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://youtubevanced.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/ 399 KB
135 KB 116ms
77ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1077827836259849&plah=youtubevanced.org&bust=31080037

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1077827836259849

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1c385564ef577b0de748a2ea765b6decf6e47258c50799876e80aca6bce9c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://youtubevanced.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137971
x-xss-protection: 0
server: cafe
etag: 11894005921968070735
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 00:21:06 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame 6CCD 9 KB
4 KB 19ms
19ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1077827836259849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://youtubevanced.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 18322
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 19:15:44 GMT
etag: 5585625838579639069
expires: Fri, 22 Dec 2023 19:15:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 57ms
53ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=true&host_v=false&frequency=0.01&eid=44759876%2C44759927%2C31079759%2C31079924%2C44795921%2C31080037

Requested by

Host: youtubevanced.org
URL: https://youtubevanced.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://youtubevanced.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 00:21:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 79ms
78ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=abg::amalserr&status=tcto&guarding=true&timeout=50&rate=0.01&eid=44759876%2C44759927%2C31079759%2C31079924%2C44795921%2C31080037

Requested by

Host: youtubevanced.org
URL: https://youtubevanced.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://youtubevanced.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 00:21:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F021 6 KB
779 B 77ms
30ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1377852239732410&h=300&slotname=9093952817&w=360&rafmt=11&format=360x300&url=http://yo.fan/avempire&host=ca-host-pub-8726151893822553&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 00:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 23:29:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 00:21:07 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame F021 36 KB
14 KB 67ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b79d4d6d72dcec2dea5db6e19f49b49c9d08e01f278eef76a3d14dc4c377e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:00:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
server: cafe
etag: 17228781504935142183
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:00:09 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/3085075641641114612/ Frame F021 15 KB
16 KB 82ms
36ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3085075641641114612/14763004658117789537?w=400&h=209&tw=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6258c402ed360b19954c87de78acf705d46b08263fd94ff8afce8c806d70238e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 19:42:14 GMT
x-content-type-options: nosniff
age: 275933
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15812
x-xss-protection: 0
last-modified: Sun, 03 Sep 2023 16:27:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 04 Dec 2024 19:42:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame F021 24 KB
9 KB 21ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:52:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:52:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame F021 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 21:18:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame F021 20 KB
9 KB 64ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:33:10 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BBC6 6 KB
1 KB 41ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 00:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 22:37:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 00:21:07 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 53ms
52ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=1&tms=200&eid=44759876%2C44759927%2C31079759%2C31079924%2C44795921%2C31080037

Requested by

Host: youtubevanced.org
URL: https://youtubevanced.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://youtubevanced.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 00:21:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 904B 603 B
342 B 177ms
176ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1077827836259849&output=html&adk=1812271804&adf=3025194257&lmt=1702073937&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fyoutubevanced.org%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702081266831&bpp=2&bdt=496&idt=217&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6965712838227&frm=20&pv=2&ga_vid=1056960685.1702081267&ga_sid=1702081267&ga_hid=597213788&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079759%2C31079924%2C44795921%2C31080037%2C95320885&oid=2&pvsid=3448264665886558&tmod=1647797552&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=235

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1077827836259849&plah=youtubevanced.org&bust=31080037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://youtubevanced.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 00:21:07 GMT
expires: Sat, 09 Dec 2023 00:21:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame BBC6 36 KB
14 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b79d4d6d72dcec2dea5db6e19f49b49c9d08e01f278eef76a3d14dc4c377e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:00:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
server: cafe
etag: 17228781504935142183
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:00:09 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/3281493188459342685/ Frame BBC6 40 KB
40 KB 72ms
72ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3281493188459342685/14763004658117789537?w=400&h=209&tw=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e16195197b68b4b3cd3b015684003ae18c49c74eae8ebd86a1be5e7b5409be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:07 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41063
x-xss-protection: 0
last-modified: Sun, 03 Sep 2023 16:27:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Dec 2024 00:21:07 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame BBC6 24 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:52:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:52:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame BBC6 3 KB
1 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 21:18:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame BBC6 20 KB
8 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:33:10 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 68FF 6 KB
779 B 31ms
28ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 00:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 22:59:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 00:21:07 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3F6D 143 B
228 B 20ms
19ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1377852239732410&h=300&slotname=9093952817&w=360&rafmt=11&format=360x300&url=http://yo.fan/avempire&host=ca-host-pub-8726151893822553&
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 2561
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 23:38:26 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 68FF 36 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b79d4d6d72dcec2dea5db6e19f49b49c9d08e01f278eef76a3d14dc4c377e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:00:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
server: cafe
etag: 17228781504935142183
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:00:09 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/3281493188459342685/ Frame 68FF 40 KB
40 KB 45ms
44ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3281493188459342685/14763004658117789537?w=400&h=209&tw=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e16195197b68b4b3cd3b015684003ae18c49c74eae8ebd86a1be5e7b5409be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:07 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41063
x-xss-protection: 0
last-modified: Sun, 03 Sep 2023 16:27:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Dec 2024 00:21:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 68FF 24 KB
9 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:52:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:52:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 68FF 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 21:18:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 68FF 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:33:10 GMT

GET
DATA 200
OK truncated
/ Frame F021 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24846b266ce245f3baaf42920f71cac2bb346596c9d37c34b2a32826a47343c2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F021 16 KB
16 KB 70ms
23ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:55:14 GMT
x-content-type-options: nosniff
age: 15953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 19:55:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F021 15 KB
15 KB 102ms
55ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 03:15:52 GMT
x-content-type-options: nosniff
age: 335115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 03:15:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F021 15 KB
16 KB 65ms
18ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:59:57 GMT
x-content-type-options: nosniff
age: 19270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 18:59:57 GMT

GET
H3

200

/ Show response
www.googleadservices.com/pagead/ar-adview/ Frame F021
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CVXif8rJzZc_CKLKKjuwPl_aHMLrS-Jh0hMbihJASoYSM7pIOEAEgyYnenwFgkQSgAdOG55QpyAEGqQIxwi5KOwyyPqgDAcgDywSqBPIBT9CKubzQvNd6DgQ6N8l2WBBOL-LD6whgTG-hFIK...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218438207021070096644%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%...

0
22 B

96ms
54ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218438207021070096644%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211049485139%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228213501707710881265%22}&andc=true

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:07 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"18438207021070096644","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11049485139"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"8213501707710881265"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Dec 2023 00:21:07 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 00:21:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"18438207021070096644","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11049485139"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"8213501707710881265"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B7EF 143 B
166 B 20ms
19ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1377852239732410&h=300&slotname=9093952817&w=360&rafmt=11&format=360x300&url=http://yo.fan/avempire&host=ca-host-pub-8726151893822553&
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 2561
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 23:38:26 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BBC6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: efc850271f0543e896d18c322e99bcf7c9bcf4efb4b0a47bd2773c2452d88376

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BBC6 16 KB
16 KB 57ms
38ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:55:14 GMT
x-content-type-options: nosniff
age: 15953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 19:55:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BBC6 15 KB
15 KB 78ms
58ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 03:15:52 GMT
x-content-type-options: nosniff
age: 335115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 03:15:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BBC6 15 KB
15 KB 63ms
44ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:59:57 GMT
x-content-type-options: nosniff
age: 19270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 18:59:57 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3F6D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

47ms
47ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 00:21:07 GMT
expires: Sat, 09 Dec 2023 00:21:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 00:21:07 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 31D3 143 B
166 B 19ms
19ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1377852239732410&h=300&slotname=9093952817&w=360&rafmt=11&format=360x300&url=http://yo.fan/avempire&host=ca-host-pub-8726151893822553&
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 2561
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 23:38:26 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 68FF 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07acb8448114bca34ee970c58b0a27f30177f569f1a73a77f3bf7b998db1789d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 68FF 16 KB
16 KB 53ms
49ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:55:14 GMT
x-content-type-options: nosniff
age: 15953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 19:55:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 68FF 15 KB
15 KB 66ms
63ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 03:15:52 GMT
x-content-type-options: nosniff
age: 335115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 03:15:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 68FF 15 KB
15 KB 69ms
66ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:59:57 GMT
x-content-type-options: nosniff
age: 19270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 18:59:57 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame BBC6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CkFAw8rJzZZmwKL_NjuwPu9S30Aq60viYdITG4oSQEqGEjO6SDhABIMmJ3p8BYJEEoAHThueUKcgBBqkCMcIuSjsMsj6oAwHIA8sEqgTyAU_Ql9Yqei6kotHls6rpPu-zoLDIdRYgFnMp9uz...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228878785680092932306%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%2...

0
0

96ms
55ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228878785680092932306%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211049485139%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211423250887232158017%22}&andc=true

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:07 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"8878785680092932306","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11049485139"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"11423250887232158017"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Dec 2023 00:21:07 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 00:21:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8878785680092932306","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11049485139"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"11423250887232158017"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/ Show response
www.googleadservices.com/pagead/ar-adview/ Frame 68FF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CyJeG8rJzZYi7KLDOjuwP6omAwAG60viYdITG4oSQEqGEjO6SDhABIMmJ3p8BYJEEoAHThueUKcgBBqkCLwzsiboMsj6oAwHIA8sEqgTyAU_QH_p2Xs6BKZovNyGzLXNrJ11d-kgTkdspN1L...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223907589275064887254%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%2...

0
22 B

96ms
55ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223907589275064887254%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211049485139%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214714049157735600881%22}&andc=true

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:07 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"3907589275064887254","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11049485139"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"14714049157735600881"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Dec 2023 00:21:07 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 00:21:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3907589275064887254","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11049485139"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"14714049157735600881"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B7EF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

31ms
30ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 00:21:07 GMT
expires: Sat, 09 Dec 2023 00:21:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 00:21:07 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 31D3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

34ms
33ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 00:21:07 GMT
expires: Sat, 09 Dec 2023 00:21:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 00:21:07 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 140ms
53ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 00:21:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 95ms
54ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 00:21:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 95ms
54ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 00:21:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame 760E 50 KB
19 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 360709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 20:09:18 GMT

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame AEFD 50 KB
19 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 360709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 20:09:18 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 70ms
70ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66664d0f18aa190734483a1896d0bd66092d749314b4fd1d824d35ce79935982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://youtubevanced.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12204
x-xss-protection: 0

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame AE66 50 KB
19 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 360709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 20:09:18 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://youtubevanced.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 00:21:07 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0F65 13 KB
5 KB 21ms
19ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://youtubevanced.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 2335
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 23:42:12 GMT
expires: Sat, 07 Dec 2024 23:42:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F4DD 829 B
998 B 33ms
32ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c4840b056b9c80e6767a7f592b7c7388bfd6465cb216aff25acd08a7b71add26

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-j-xtiQp0bVoJQ8l-RCjNNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://youtubevanced.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-j-xtiQp0bVoJQ8l-RCjNNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 00:21:07 GMT
expires: Sat, 09 Dec 2023 00:21:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F65 39 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 22:01:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F4DD 0
0 54ms
53ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=3448264665886558&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0F65 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bViSHg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
56ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=3448264665886558&bg=!cXKlcj3NAAY3kmNgF5I7ADQBe5WfOFQ4iy3rEJXIbwvpg3hbTMIDLUUkRDspRpHGkN8guSvwnUqfTWEQIbtV9s1tuBBKAgAAAD1SAAAABGgBBwoAArFOmQLwJ2BrXFX_TAqsBTnpouyZdVqwRi1tJ2cb37TaSvNrGSXOQec-xkUEECWPdIWdipPh8LSDW2TeI0m6wT-CLimjUrFtszrjYNg9FKmd0TF7oPQsp8REVDQHY2z3pHoK8VsshqBtjBgN7leL_wy7oNj6fEKILsmv7v7hs6nLCceAUqOB3kPVXbWVFELYf0KcdBu-4JnhrvNOG32l3WPd1NlY-RHyplCXDI7_8TuiCY2Ltqb24FJefq5GclUkXbqiEdsStNM4PF7_kdoJW7DWjv0_tmOusRnsYSy08VRnD6Lm9KPsJLHE34qTHt7NZXmH1abPu9nDtmcBVXE2VXYxpui9Sg9WMLaAzO82uNUoxE6PTSlj0puPIGegLGV82Ic2P5QQcsNa8tZVu-miPEhebzgWoUPbwNSsNFqOXbq2wluiqrsQilI0D6Ge8MMx7QYd5zD4AFNxqSfSIROxRUyGYj06C8ePH3hdxv6ozTaXZBTVYGZVSyvnGGeavRkb0jjUW6e6_-AmmCjOdmhfnM9_49-41N4gUZXHdFgyQzXelBgBwT983oDhIwvy5rqNUSkfjSgjM_L4tDTmXM9UAi1JreJ75RaTJS2JCUzq2iW_gV_f9Rcg5N0GnRq1uqC6FkjNp8UVLmDSTvIqT4dDaqHU50dG_drmjoBhNUyfd21rJHBeEkBRv7wUTgyzSp9T4a1bC7MyP_HRaSTxBhwA4zmRFP2TKIJ5jpLbop-fa5nJedoJRRU08Kc2gwcBYQYmJcMGeM3FaH1AzBxwGDo9tFVVAHZ_aseCxUVKHQjG9Jznan5kHRDTGIMchVwiP_-0cK9UWaD6TydXtijMrpoLTo8Udmyhib7DsALZNghlbxTlhCjU_oRQ0cvxL8rI13PzPpplPF2yqamY8w_2SKkEjLD3ifBbRmkVWjPd-WObySRS8s4YUHtfRhmiwBJRWzCiaBkkeZzMSNeBjShdQyq98NJ3qn_WJCBmVE0Qpi8yUCZx6QD81Z4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://youtubevanced.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

POST collect
region1.google-analytics.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N37JH8F5PS&gtm=45je3bt0v890401117&_p=1702081266586&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1056960685.1702081267&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&_s=2&sid=1702081266&sct=1&seg=1&dl=https%3A%2F%2Fyoutubevanced.org%2F&dt=Youtube%20Vanced%20APK%20Download%20(Updated)%2018.46.43%20Latest%20Version&en=page_view&_ee=1&_et=2&tfd=6377

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
drearlyknifes.com/	1970-01-20 16:49:27	Name: GL_UI4 Value: eJw9jd1OhDAYRPln1QWdhAfwEWAXBC%2BND%2BEl%2BUoLWxfaTakQ397GRK%2FmZHIm43leUDzC35IY4Rc1eO6qkbqatQ115alm1L6wcy2alo918zqeK9zJtbfEZmEjHNaFjO3tFuE4CSWMHPpBc5HhyVl%2FzVXpXUWImSHFM8SLM%2BYMKTN6X4UpQkSKFoHk%2FWK0y3ihT20QVqfSsVSO%2FRKBXoswv0f6IRV3w%2FyIoCrzPPHwcJvJjtosveSJj3gyxAX8NxwGsmLS5hspF%2BvV6hugZ97%2F%2B7%2B%2F4V6VSLjY5ODOtb0I8wMQMk4t
drearlyknifes.com/	1970-01-20 16:49:27	Name: GL_GI10 Value: eJwVxL0KwjAUBtDcO1QEM3zYxa1PEEyW4uoPLuKoc2wvWtAkJEHw7dXhHKUUtwvwlKCddaY3zq6N7TegO3h%2FAA8Bs6Pklw8fUNbgHDRo%2BJmwOokvcpVbd5b6kPz0YSzd1lwMOBTMdzGnmH0VUGoIXOP%2FMrYK9G6WX227G%2Bk%3D
.youtubevanced.org/	1970-01-21 02:24:01	Name: _ga Value: GA1.1.1056960685.1702081267
.youtubevanced.org/	1970-01-21 02:24:01	Name: _ga_N37JH8F5PS Value: GS1.1.1702081266.1.1.1702081266.0.0.0
.doubleclick.net/	1970-01-21 02:09:37	Name: IDE Value: AHWqTUn9G1TtKfgj_RA02ETfk7AG3X_D3GI7bY6tE4YdEUABNN3WPj_RBt5_ePINsXc
.doubleclick.net/	1970-01-20 16:48:04	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 18:57:37	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

drearlyknifes.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
region1.google-analytics.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
youtubevanced.org
region1.google-analytics.com
2001:4860:4802:32::36
216.58.206.34
23.109.87.209
2a00:1450:4001:80b::2004
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:831::2001
2a06:98c1:3120::3
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0727cd047811282f58c64c6ba53cc4faf84fb20ba20fb5ed2241f214365d0306
07acb8448114bca34ee970c58b0a27f30177f569f1a73a77f3bf7b998db1789d
0b4abe298632ffc829d7d50d3ad69896b7e7a35e3c9f694df5c14391524fb422
0bf3a70121dbf6a2fdc4cdbafefebd112518b6951e4c8fdf205a33892b9a11c3
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d59cf82055b6320e1fc440a76da01b348241cdb624254ae6f64aa031f02ae02
1e44579a68c1a318c89bedb1562dc60ffa552a332ff37f4cd0b8354dd79deea7
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
24846b266ce245f3baaf42920f71cac2bb346596c9d37c34b2a32826a47343c2
2825b5ccabfb762cf07f37dc0dac0340addd1b4fb7e5a45c970e159e77366115
2c2327828d1009cda949e2e8ff0a16dbc61e3f1221e03cd9eed7bb07206d0cc5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
49e16195197b68b4b3cd3b015684003ae18c49c74eae8ebd86a1be5e7b5409be
54143ff7e77a937962fa0dffc7b23690a4f71410f1836d5a6fd5c416246a1385
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6258c402ed360b19954c87de78acf705d46b08263fd94ff8afce8c806d70238e
63b498ffa8fa14a832dc6a1efab40286107f0b393b8f5b4a5d8cb3428c91f81d
66664d0f18aa190734483a1896d0bd66092d749314b4fd1d824d35ce79935982
680e621791cff1ba208af4f075e95958620d7448deb2af1bb2a1cd33a97519f9
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
774812c1a229a34e4e7d374a2170aa889eaaebc5134a7772086e1677ac95f012
7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769
93fa63ba959e837f57615cdee7b932921c35ec78819ba7e355f2be9caf459caf
9b79d4d6d72dcec2dea5db6e19f49b49c9d08e01f278eef76a3d14dc4c377e8b
a6461f35dd109d07068ab401843f3c15840ed0b9dd4b7f56f95bf380250eecb3
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b30ac05db8d7851552d8de3a414ebfe3ed91d4e18a75847959f06f3d8bf54c3f
c4840b056b9c80e6767a7f592b7c7388bfd6465cb216aff25acd08a7b71add26
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
d673b6993caa6d81c7724ec0e95ef817e5617c6e802b66c6879221b9eb9afd16
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ab7421fab82d984b181e701e958c624fc2a6a180980f81730284c677445245
efc850271f0543e896d18c322e99bcf7c9bcf4efb4b0a47bd2773c2452d88376
f1c385564ef577b0de748a2ea765b6decf6e47258c50799876e80aca6bce9c53
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f88081381301bcf61334897ea8c16e4628f8081c33ed8931a9087cbaeafbc04f
fc2f524d19752e1b989db2b4f2b40b7a5735c247521b9318d82ac3ff39f0bc42

youtubevanced.org Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

77 Requests

95 %HTTPS

82 %IPv6

10 Domains

11 Subdomains

12 IPs

3 Countries

1137 kBTransfer

2532 kBSize

7 Cookies

4 Outgoing links

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

youtubevanced.org Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

95 %
HTTPS

82 %
IPv6

10
Domains

11
Subdomains

12
IPs

3
Countries

1137 kB
Transfer

2532 kB
Size

7
Cookies

77 HTTP transactions
3 data transactions