imbanasi.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://imbanasi.com/
Submission: On January 04 via api (January 4th 2024, 6:01:53 pm UTC) from US — Scanned from NL

Summary HTTP 195 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 45 IPs in 12 countries across 36 domains to perform 195 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is imbanasi.com.
TLS certificate: Issued by GTS CA 1P5 on January 3rd 2024. Valid for: 3 months.

This is the only time imbanasi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
43	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	178.236.246.109 178.236.246.109	210644 (AEZA-AS) (AEZA-AS)
15	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
11	67.23.116.141 67.23.116.141	40015 (MOVECLICKLLC) (MOVECLICKLLC)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2 14	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	51.89.155.117 51.89.155.117	16276 (OVH) (OVH)
1	52.31.131.200 52.31.131.200	16509 (AMAZON-02) (AMAZON-02)
1	65.9.95.19 65.9.95.19	16509 (AMAZON-02) (AMAZON-02)
1 2	192.173.29.77 192.173.29.77	13360 (TRITONDIG...) (TRITONDIGITAL)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	67.23.116.136 67.23.116.136	40015 (MOVECLICKLLC) (MOVECLICKLLC)
1	67.23.116.135 67.23.116.135	40015 (MOVECLICKLLC) (MOVECLICKLLC)
2 2	15.235.14.140 15.235.14.140	16276 (OVH) (OVH)
2	104.153.233.254 104.153.233.254	40401 (BACKBLAZE) (BACKBLAZE)
1 1	15.235.86.218 15.235.86.218	16276 (OVH) (OVH)
1	15.235.115.81 15.235.115.81	16276 (OVH) (OVH)
1	148.113.165.173 148.113.165.173	16276 (OVH) (OVH)
7	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1 25	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
5 8	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
6	208.80.55.239 208.80.55.239	13360 (TRITONDIG...) (TRITONDIGITAL)
2	2a00:1450:400... 2a00:1450:4006:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:ff0:1234... 2a00:ff0:1234:2::c	41494 (ASOCIATIA...) (ASOCIATIA-INTERLAN InterLAN Services)
2	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
4	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2 3	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3	18.158.12.89 18.158.12.89	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
1 1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1 1	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
1	107.23.145.95 107.23.145.95	14618 (AMAZON-AES) (AMAZON-AES)
1 1	216.200.232.253 216.200.232.253	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
1	217.182.178.229 217.182.178.229	16276 (OVH) (OVH)
195	45

43 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

imbanasi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.236.246.109 (Warsaw, Poland)

ASN210644 (AEZA-AS, GB)
PTR: goofy-control.aeza.network

ghost.blueecho88.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 67.23.116.141 (Fairfax, United States)

ASN40015 (MOVECLICKLLC, US)

zeno.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.155.117 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ns3157979.ip-51-89-155.eu

play.adtonos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.131.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-131-200.eu-west-1.compute.amazonaws.com

synchrobox.adswizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-19.prg50.r.cloudfront.net

cdn.adswizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.173.29.77 (Canada) 1 redirects

ASN13360 (TRITONDIGITAL, CA)

playerservices.live.streamtheworld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.23.116.136 (Fairfax, United States)

ASN40015 (MOVECLICKLLC, US)

zenoplay.zenomedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.23.116.135 (Fairfax, United States)

ASN40015 (MOVECLICKLLC, US)

editor.zenomedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.235.14.140 (Terrebonne, Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: dovh01.ca.zeno.fm

stream-tools.zenomedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.153.233.254 (United States)

ASN40401 (BACKBLAZE, US)
PTR: s3.us-west-001.backblazeb2.com

zenoimages.s3.us-west-001.backblazeb2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.235.86.218 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: dovh04.ca.zeno.fm

stream.zeno.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.235.115.81 (Canada)

ASN16276 (OVH, FR)
PTR: dovh51.ca.zeno.fm

stream-151.zeno.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.113.165.173 (Canada)

ASN16276 (OVH, FR)
PTR: dsovh10.ca.zeno.fm

api.zeno.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.206.34 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.153 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 208.80.55.239 (Canada)

ASN13360 (TRITONDIGITAL, CA)

yield-op-idsync.live.streamtheworld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.live.streamtheworld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4006:811::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:ff0:1234:2::c (Romania)

ASN41494 (ASOCIATIA-INTERLAN InterLAN Services, RO)

rr1---sn-pouxga5o-vu2l.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.158.12.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-12-89.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.233 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (Schiphol, Netherlands) 1 redirects

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.23.145.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-145-95.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.253 (Frederick, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.182.178.229 (France)

ASN16276 (OVH, FR)
PTR: ip229.ip-217-182-178.eu

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	imbanasi.com imbanasi.com	3 MB
40	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	609 KB
24	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 338 ad.doubleclick.net — Cisco Umbrella Rank: 199	234 KB
19	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com csi.gstatic.com	470 KB
14	zeno.fm 1 redirects zeno.fm — Cisco Umbrella Rank: 58205 stream.zeno.fm — Cisco Umbrella Rank: 70782 stream-151.zeno.fm — Cisco Umbrella Rank: 485789 api.zeno.fm	236 KB
8	streamtheworld.com 1 redirects playerservices.live.streamtheworld.com — Cisco Umbrella Rank: 29064 yield-op-idsync.live.streamtheworld.com — Cisco Umbrella Rank: 13193 idsync.live.streamtheworld.com — Cisco Umbrella Rank: 5188	7 KB
7	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 407	189 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	322 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	4 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 173
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 356	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194	2 KB
4	zenomedia.com 2 redirects zenoplay.zenomedia.com — Cisco Umbrella Rank: 417267 editor.zenomedia.com — Cisco Umbrella Rank: 979034 stream-tools.zenomedia.com	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1695	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	305 KB
3	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 590	436 B
3	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 1449 r.turn.com — Cisco Umbrella Rank: 6381	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 1001	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 594	297 B
2	backblazeb2.com zenoimages.s3.us-west-001.backblazeb2.com	215 KB
2	adswizz.com synchrobox.adswizz.com — Cisco Umbrella Rank: 15947 cdn.adswizz.com — Cisco Umbrella Rank: 31293	10 KB
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 1167	45 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 1321	187 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 2123	693 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 2030	35 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 2278	707 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 6	256 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 5728	104 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1348	464 B
1	googlevideo.com rr1---sn-pouxga5o-vu2l.googlevideo.com	1 MB
1	ytimg.com i1.ytimg.com — Cisco Umbrella Rank: 2361	12 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 395	2 KB
1	adtonos.com play.adtonos.com — Cisco Umbrella Rank: 315105	6 KB
1	blueecho88.com ghost.blueecho88.com — Cisco Umbrella Rank: 926804
0	adotmob.com Failed sync.adotmob.com Failed
0	targetspot.com Failed nodeny.targetspot.com Failed
195	36

	Domain	Requested by
43	imbanasi.com	imbanasi.com
25	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net imbanasi.com tpc.googlesyndication.com
15	pagead2.googlesyndication.com	imbanasi.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
14	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com imbanasi.com googleads.g.doubleclick.net
11	zeno.fm	imbanasi.com zeno.fm
8	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
7	s0.2mdn.net	imbanasi.com s0.2mdn.net googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net
5	yield-op-idsync.live.streamtheworld.com	playerservices.live.streamtheworld.com zeno.fm
5	www.googletagservices.com	googleads.g.doubleclick.net imbanasi.com
5	fonts.googleapis.com	imbanasi.com googleads.g.doubleclick.net
4	www.googleadservices.com	imbanasi.com googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.googletagmanager.com	imbanasi.com zeno.fm www.googletagmanager.com
3	x.bidswitch.net	googleads.g.doubleclick.net zeno.fm
3	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
3	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	c1.adform.net	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net zeno.fm
2	ad.turn.com	2 redirects
2	ad.doubleclick.net	imbanasi.com
2	csi.gstatic.com	www.gstatic.com
2	zenoimages.s3.us-west-001.backblazeb2.com	zeno.fm
2	stream-tools.zenomedia.com	2 redirects
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	playerservices.live.streamtheworld.com	1 redirects zeno.fm
1	ssbsync.smartadserver.com	zeno.fm
1	idsync.live.streamtheworld.com	zeno.fm
1	pixel-sync.sitescout.com	zeno.fm
1	sync.mathtag.com	1 redirects
1	rtb.adentifi.com	zeno.fm
1	ums.acuityplatform.com	1 redirects
1	www.google.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	r.turn.com	googleads.g.doubleclick.net
1	rr1---sn-pouxga5o-vu2l.googlevideo.com	googleads.g.doubleclick.net
1	i1.ytimg.com	googleads.g.doubleclick.net
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	api.zeno.fm	zeno.fm
1	stream-151.zeno.fm	zeno.fm
1	stream.zeno.fm	1 redirects
1	editor.zenomedia.com	zeno.fm
1	zenoplay.zenomedia.com	zeno.fm
1	cdnjs.cloudflare.com	zeno.fm
1	cdn.adswizz.com	zeno.fm
1	synchrobox.adswizz.com	zeno.fm
1	play.adtonos.com	zeno.fm
1	ghost.blueecho88.com	imbanasi.com
0	sync.adotmob.com Failed	zeno.fm
0	nodeny.targetspot.com Failed	zeno.fm
195	54

This site contains links to these domains. Also see Links.

Domain
swahilimusicnotes.com
www.facebook.com
api.whatsapp.com
www.instagram.com
telegram.me
zeno.fm
wordpress.org
www.candidthemes.com

Subject Issuer	Validity	Valid
imbanasi.com GTS CA 1P5	`2024-01-03` - `2024-04-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
ghost.blueecho88.com ZeroSSL ECC Domain Secure Site CA	`2023-12-24` - `2024-03-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.zeno.fm Sectigo RSA Domain Validation Secure Server CA	`2023-04-17` - `2024-05-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
api.adtonos.com R3	`2023-11-20` - `2024-02-18`	3 months	crt.sh
*.adswizz.com Amazon RSA 2048 M02	`2023-06-21` - `2024-07-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.zenomedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-15` - `2024-07-15`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.live.streamtheworld.com Go Daddy Secure Certificate Authority - G2	`2023-03-19` - `2024-04-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googlevideo.com GTS CA 1C3	`2023-12-12` - `2024-02-20`	2 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
adentifi.com Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://imbanasi.com/
Frame ID: 27210555A0128F9672E151804B83D3FE
Requests: 61 HTTP requests in this frame

Frame: https://zeno.fm/player/imbanasi
Frame ID: B9D1437D74CB5920DBE25166B6CF4AF0
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20190131/zrt_lookup_fy2021.html
Frame ID: FC105E5B5961696FEAB9B5F55261140D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3524306440520793&output=html&adk=1812271804&adf=3025194257&lmt=1704391306&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fimbanasi.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704391306266&bpp=2&bdt=4726&idt=248&shv=r20240102&mjsv=m202401040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8494102754206&frm=20&pv=2&ga_vid=1029109762.1704391307&ga_sid=1704391307&ga_hid=1626392404&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C31080236&oid=2&pvsid=3143642256741610&tmod=438028957&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=261
Frame ID: 7FF19AA2A56C5F403431252B38207AAC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3524306440520793&output=html&h=280&adk=618363986&adf=3418355587&pi=t.aa~a.3481235483~rp.4&w=368&fwrn=4&fwrnh=100&lmt=1704391308&rafmt=1&to=qs&pwprc=5058813217&format=368x280&url=https%3A%2F%2Fimbanasi.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704391308421&bpp=1&bdt=6881&idt=-M&shv=r20240102&mjsv=m202401040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8494102754206&frm=20&pv=1&ga_vid=1029109762.1704391307&ga_sid=1704391307&ga_hid=1626392404&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=1418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C31080236&oid=2&pvsid=3143642256741610&tmod=438028957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2
Frame ID: E81FC2D4D3C7E90F259AC46FFB9214C0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3524306440520793&output=html&h=280&adk=4084846023&adf=1974706903&pi=t.aa~a.2570693766~rp.4&w=368&fwrn=4&fwrnh=100&lmt=1704391308&rafmt=1&to=qs&pwprc=5058813217&format=368x280&url=https%3A%2F%2Fimbanasi.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704391308421&bpp=1&bdt=6881&idt=-M&shv=r20240102&mjsv=m202401040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C368x280&nras=3&correlator=8494102754206&frm=20&pv=1&ga_vid=1029109762.1704391307&ga_sid=1704391307&ga_hid=1626392404&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C31080236&oid=2&pvsid=3143642256741610&tmod=438028957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=20
Frame ID: 215BDD9DD847F43C064FE306A989B09A
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3524306440520793&output=html&h=280&adk=2801471196&adf=2077395797&pi=t.aa~a.3554082373~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1704391308&rafmt=1&to=qs&pwprc=5058813217&format=1200x280&url=https%3A%2F%2Fimbanasi.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704391308421&bpp=1&bdt=6881&idt=0&shv=r20240102&mjsv=m202401040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C368x280%2C368x280&nras=4&correlator=8494102754206&frm=20&pv=1&ga_vid=1029109762.1704391307&ga_sid=1704391307&ga_hid=1626392404&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C31080236&oid=2&pvsid=3143642256741610&tmod=438028957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=23
Frame ID: 4D9C670F3B200B29EE018D2071008C22
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 4929A9946AC7239384BFE5142E037463
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F88F8BCAC136C8FD2B0118DD6924CC6A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 987BD1335083A55CA01C1A083CEF55DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: BAB5B9D10F8B3698CE3A5E1B65E24786
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COTnywEQ-sP-ARjV-dXtATAB&v=APEucNWx5BkzVwC7j-Ejd7sKYu4bp-0PuVbKetpEk7YPxm3_rEdvyhzvm-r3MPEz7Fv9YTxmZXdUhElbGX-T5O594lNe1wWw3zECzLbb2Vp8j3GuP21TWtTFsbtoqag9r1FFfhLIhi7_IwJuXQ4TtSMjVaXFxWmTi5IqiERVASsomjdJB0QNs8Y
Frame ID: E1D9F204EEF0560F36DC29578F77ECEA
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: 4E8A304CB8EB9DFBEEFA112152847B28
Requests: 12 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Frame ID: 008CC7D964A365EAB3B657ABC83DFBC1
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F1D4A0EF9E5C1B9A3459D9B8DBFCFA94
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: DD5ED45643CB48D0D942DDD81514DCB1
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2472587881894301897/160x600.html?ev=01_250
Frame ID: 7121D23BF701C82D7563D9132F1E54D6
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 060805ED3BF67D6D1D56B564168156CD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B25469383772F80DA65AA41CBBCC35F8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9616189F3BA37216C34435BF08519EBC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 28384EF68987BE6E8B6804D375750694
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 92A0FDC66A13D6F087F142257261EB6C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TUIMBE NA TUSALI PAMOJA -

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

195
Requests

89 %
HTTPS

46 %
IPv6

36
Domains

54
Subdomains

45
IPs

12
Countries

6553 kB
Transfer

10714 kB
Size

30
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://swahilimusicnotes.com/
Title: MusicNotes (Nota)

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fimbanasi.com

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=TUIMBE%20NA%20TUSALI%20PAMOJA%20-%20-----------------------------------------------------%20https%3A%2F%2Fimbanasi.com

Search URL Search Domain Scan URL

URL: https://www.instagram.com/

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https%3A%2F%2Fimbanasi.com&text=TUIMBE%20NA%20TUSALI%20PAMOJA%20-%20-----------------------------------------------------

Search URL Search Domain Scan URL

URL: https://zeno.fm/
Title: A Zeno.FM Station

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

URL: http://www.candidthemes.com/
Title: Candid Themes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://playerservices.live.streamtheworld.com/api/idsync.js?stationId=118143 HTTP 302
https://playerservices.live.streamtheworld.com/api/idsync.js?stationId=118143&bounce=true

Request Chain 79

https://stream-tools.zenomedia.com/content/stations/cd7bb069-d208-4765-bb55-ea88564ba0d0/microsite/background_image/?keep=w&updated=1686989205000 HTTP 302
https://zenoimages.s3.us-west-001.backblazeb2.com/cd7bb069-d208-4765-bb55-ea88564ba0d0/images/background?keep=w&updated=1686989205000

Request Chain 80

https://stream-tools.zenomedia.com/content/stations/cd7bb069-d208-4765-bb55-ea88564ba0d0/image/?keep=w&lu=1686989205000&resize=350x350 HTTP 302
https://zenoimages.s3.us-west-001.backblazeb2.com/cd7bb069-d208-4765-bb55-ea88564ba0d0/images/logo?keep=w&resize=350x350

Request Chain 81

https://stream.zeno.fm/h3ewnbn9m3uuv HTTP 302
https://stream-151.zeno.fm/h3ewnbn9m3uuv?zs=0--smj3aRsy8UIY3nOKYvA

Request Chain 125

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCF0svLNRCwCRiwCTIIsINYDqFw07M HTTP 301
https://tpc.googlesyndication.com/simgad/5771625503872918031

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED_3cOneLVlkOIML1SUWyrE&google_cver=1

Request Chain 136

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZbyjLF1F2Kqza6BmYBD4wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED_3cOneLVlkOIML1SUWyrE&google_cver=1

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKZQAaaQeCBl8PAQDp9l5uI&google_cver=1

Request Chain 138

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE2MTA2NzE3MzYzODA2OTE%3D

Request Chain 150

https://googleads.g.doubleclick.net/pagead/adview?ai=CDH34ivKWZaLFLcTJs8IPiqS-4AP4squXdZKqhcKkEsv4lJWbDhABIPfAopEBYJGEoIWMGKABocCY8SjIAQmoAwHIA8uEgIAEqgT_AU_Qw7ELLlJrs5w2HocD80eF9Qxap7p1Sv8gePXhH7RJzVQ6EkuXmh8grQyWLu-aqpqE_p3CjUXROZk6s1kpSw8wNaLcidku_8PdMnKStj4UCX5O9NKV8sLCmxkUy94icaOpPIU-r0cJiLrtBsE-aHxp-wLDKZwhzgd5ROZDfIs6M8rZfVmFUXlO5BEviJgl2bkwI_SVagHzmKpfQS32-bivma2XT8QjKyATH7LChUnX-g2QMb-saQrQUOcOr6QMq1AL64QSWtiLE5a0ik5gnAs1MqL7PmxEJNhToDBoBiyLViANMuL2vkifwtkk7RQHeSkFvNeRIhN5Gghl0rL1BMAEpJjr_80EiAXUyo3cTZIFBAgEGAGSBQQIBRgEoAYugAePlr-cBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBC73A_SCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIf1i7OoxIMDmgmCAmh0dHBzOi8vd3d3LnRlbXUuY29tL25sL2t1aXBlci91bjEuaHRtbD9zdWJqPWZlZWQtdW4mX2JnX2ZzPTEmX3BfbWF0MV90eXBlPTEmX3BfanVtcF9pZD03MjUmX3hfdnN0X3NjZW5lPWFkZyZsb2NhbGVfb3ZlcnJpZGU9MTQxfm5sfkVVUiZnb29kc19pZD02MDEwOTk1MTg4NzA5NzUmX3BfcmZzPTEmX3hfYWRzX2NoYW5uZWw9Z29vZ2xlJl94X2Fkc19zdWJfY2hhbm5lbD1vdGhlciZfeF9iZ19hZGlkPWdkMTkwMDY2Ni0xJnRvcGljX2NsYXNzaWZ5PTEyNIAKAcgLAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxAtgTDNAVAYAXAbIXHAoaCAASFHB1Yi0zNTI0MzA2NDQwNTIwNzkzGAA&sigh=Qx0sDccPv5U&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_IzOmwvnJufYZ0SSW3j8SDWaK5DB4zmS1iM6ivJ830VGKi91oIs2hSI9Mx1uACpv_b6wDdIzDo7EM5C_oEuzD7Qmgt7xuSrPQ2VwYAQ&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222257970197579362343%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2201-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216145987985729377649%22}&andc=true

Request Chain 169

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFbPGfj7va7lgTvDD2649mQ&google_cver=1&google_push=AXcoOmRGqcN72kW3TJVEusnCAtQvtKOQ93SbDm5WeQvT5oVTN5w5P9MkRHhCA-gPsAxawqJPwCxsz8Ny-VNwVfsPMi7wfWbJjVe5XA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzYyODc5NzU5MzY5MzI4OTUwNA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFbPGfj7va7lgTvDD2649mQ&google_cver=1

Request Chain 175

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGqJN6FPSnFQw8YvnVHCoB8&google_cver=1&google_push=AXcoOmS0gyx58QoHIypiNIHKxsuUgWiHVdEjUCWPx6YeXoFW9owryocI9BZ8d_12kYgTbvDj-NTMDmIEN0OFCVZB6lPP10Lu05S5 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGqJN6FPSnFQw8YvnVHCoB8&google_cver=1&google_push=AXcoOmS0gyx58QoHIypiNIHKxsuUgWiHVdEjUCWPx6YeXoFW9owryocI9BZ8d_12kYgTbvDj-NTMDmIEN0OFCVZB6lPP10Lu05S5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjI2NTcyNDMyODQ0MDMxNTEwNw&google_push=AXcoOmS0gyx58QoHIypiNIHKxsuUgWiHVdEjUCWPx6YeXoFW9owryocI9BZ8d_12kYgTbvDj-NTMDmIEN0OFCVZB6lPP10Lu05S5

Request Chain 177

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 179

https://googleads.g.doubleclick.net/pagead/adview?ai=CD2ZsjPKWZc-RJ47lrQT6_rboC5Tx_pd19OKe_PsRtIq54LkoEAEg98CikQFgkYSghYwYoAG0rI_1AsgBAqgDAcgDyQSqBJYCT9AcBHFxWloLoVZthpSebh4WS_440rakzbhXfQ7uNfUc-ZeNP9OWNniQ85yB2jAe647NZbIAjEZ5xviDqw8_UraCtTf0TLdVjM5-mLIn4OAkX_qeoggI1OKWerY_AUsC9kWnZmtfffW3mulHzGu-5xGJKGb_t1mDGrcD0rrKHqcuMR6frQRDZrqtVZr71Afome7a1IHtq21Z_b7CsVBFDvbZrvqGHLX-r1ZFe0JWD0827V2ZrO092levqe3fVQ5g6_LnNSyEGA0a2kYXekZSG3MBDW1JAMSpFBM7M9KgBEfQyD2NnW7xP2GNhSkjGefBQYMxK3i4x2PmyorbAdxhl9POvB11CZtvTYtWytOmXFMCi5rTcovABPea0J7YBIgF0Iye-E2gBgKAB7TT8IoBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQkN4D0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljc5oC0qMSDA5oJFWh0dHBzOi8vdG9yYXJpY2EuY29tL4AKAcgLAaIMECoOCgzktLEC7rWxArW4sQLYEwPQFQGYFgGAFwGyFxwKGggAEhRwdWItMzUyNDMwNjQ0MDUyMDc5MxgA&sigh=Gc7XzVcnPM0&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_JlaJ4NejN52hL6ut4dbNo4zFinIR3Cx_GIkj07UmSVuGljh2RTminBt3K0IH_qy0nmNLH6gnHhgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211286667509824977953%22,%22debug_reporting%22:true,%22destination%22:%22https://torarica.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22782489140%22],%2222%22:[%22true%22],%224%22:[%2201-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216212632241252767617%22}&andc=true

Request Chain 183

https://ib.adnxs.com/getuid?https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=$UID&pubId=25053 HTTP 302
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=31610671736380691&pubId=25053

Request Chain 187

https://ums.acuityplatform.com/tum?umid=133&uid=0154b92a-bf64-4f39-bf49-b38900167d6c&rurl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dacu%26uid%3D___AUID___%26pubId%3D25053 HTTP 302
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=872695282980&pubId=25053

Request Chain 189

https://sync.mathtag.com/sync/img?mt_exid=70&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dmm%26uid%3D%5BMM_UUID%5D%26pubId%3D25053 HTTP 302
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=1fc76596-f28d-4300-a374-83f067f6b1f3&pubId=25053

Request Chain 191

https://cm.g.doubleclick.net/pixel?google_nid=triton&google_sc&google_cm&stn=ZenoAds HTTP 302
https://idsync.live.streamtheworld.com/pixel.gif?partner=dbm&uid=CAESEPjRR_4LOf_7t_nuBJbUZSc&stn=ZenoAds&google_cver=1

Request Chain 193

https://ad.turn.com/r/cs?pid=58&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Damb%26uid%3D%23USER_ID%23%26pubId%3D25053 HTTP 302
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=3628797593693289504&pubId=25053

195 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
imbanasi.com/ 85 KB
16 KB 544ms
434ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imbanasi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76cd0fa0dac3c8ce8bd2d5324a2e9bb553c595447f86d3070bd45283d271d36f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8405635ffa631ca2-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 04 Jan 2024 18:01:41 GMT
link: <https://imbanasi.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOUgBepENORPuj2QRamnQ1CAT6d8IYpZxA8mWAshV2d8SwWtlYr82McZw%2FJdUWgweRTNrcG6ltXXdWagRAKfL2M8p2pZ%2B5KA2O8l78nJekeklNes8fYvgpub7g2uC8nDK1nd7vPFzEYsgb0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit
x-turbo-charged-by: LiteSpeed

GET
H2 200 style.min.css
imbanasi.com/wp-includes/css/dist/block-library/ 107 KB
15 KB 627ms
625ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imbanasi.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 08 Nov 2023 02:20:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DmATpZLch7Q8yr2hkMnjECgijlp824aAmJNOpDO5SjHzm48NW36ZuRwfLn47M90mbhyohhEt8he6tDh%2B3wpr4gVeo9zgeF77Q8Nyi33DK2bwP3d3KyShrtjyBYdF3m2cLSqOqXc1WYuqHU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84056362be871ca2-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 18:01:41 GMT

GET
H2 200 styles.css
imbanasi.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 442ms
440ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imbanasi.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.4
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 16 Nov 2023 07:57:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMbexz3zNA6N0beARIEgO%2BEY1HZKOW34JYmM7AUdQuKFWgRDINhwd68ch222WO9toi2tSrqfWP6I1v2l6lyBKg%2FsZHc7Ur1D823Sdx0F4Glj1GMAeN8AkWA9Rrj%2Bo2yVPX16HyZMqndEc68%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84056362be8b1ca2-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 18:01:41 GMT

GET
H2 200 wpp.css
imbanasi.com/wp-content/plugins/wordpress-popular-posts/assets/css/ 2 KB
844 B 431ms
429ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imbanasi.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.3.4
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Nov 2023 23:29:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oai1tUdnfdZE%2F7rTjld4i872vKtwGjrEBtmtlFH3pitdypmDmA8R0JnDgRK3DLi58xD0r8h58yRu0TUY3TqLgH1ettc2zx6ccSBzvkry6v1fFuAVfoc41zyIb6z1MP4GuqIhGJElPuMAO6M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84056362be8e1ca2-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 18:01:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
934 B 193ms
68ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=6.4.2

Requested by

Host: imbanasi.com
URL: https://imbanasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2a7bcbb5506f763ad54a0432554627831d592ad24f13539d49688c5a757b2b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 Jan 2024 18:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 17:06:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Jan 2024 18:01:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
672 B 194ms
68ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A400%2C300%2C700&ver=6.4.2

Requested by

Host: imbanasi.com
URL: https://imbanasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8046e624b87d35265325e160609ed4f96a327756ededf8594798dadf20a2b24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 Jan 2024 18:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 16:25:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Jan 2024 18:01:41 GMT

GET
H2 200 font-awesome.min.css
imbanasi.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 30 KB
7 KB 445ms
444ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imbanasi.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 23 Apr 2023 15:22:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3IdlOK3ohg8PE1scpIiwZBqSUsV81wmEIkvejBQxOH8bMijwK5XaHa%2BBiCpCQyUUucrHSG3t%2BxPke2%2FfJMeY3qpoyafIHm8bNQ2HWZrBKrbM4Qr2ay9c7vFekHEXBIKdSUXFZt7QIFI6Gbw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84056362be921ca2-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 18:01:41 GMT

GET
H2 200 slick.css
imbanasi.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/ 2 KB
820 B 440ms
438ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imbanasi.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/slick.css?ver=1.3.7
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 18 Dec 2020 13:53:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uETpC0iwYqE2TN9ChJLqXM4rWO4IuRdmLB4gg8fkPSGXAyzG18DZ35r1MyTUKKELhnj8qT4Xfv1D9nI257gBY9nH0W%2FbrUXeYqmix05jrgAmcix6gGzFXWlNFxnfUAYD8c0Nb%2Bs81gRMaKg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84056362be941ca2-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 18:01:41 GMT

GET
H2 200 slick-theme.css
imbanasi.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/ 3 KB
1 KB 335ms
333ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imbanasi.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/slick-theme.css?ver=1.3.7
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597978bca0f97e5bb3f70452c24f8a0c93db7f7229433c2a54706b85cdd39aa6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 18 Dec 2020 13:53:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vly9ZXFTbWWKH8gv43R90N6M351pQibvDjTU1q4Z0mpHKyM325bY0Y109aCEA2k%2FRaIZhIVdWKr3TqokIIntqWGGwFiDkyZRYo1rTG8ua%2BunUUOrDmTkwlTF2UF%2FgTpw7gCDYpPwO%2BJx21s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84056362be961ca2-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 18:01:41 GMT

GET
H2 200 style.css
imbanasi.com/wp-content/themes/fairy/ 103 KB
19 KB 631ms
630ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imbanasi.com/wp-content/themes/fairy/style.css?ver=1.3.7
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9d61380220dc6557adf818615193db49999ec5af04e82d2a4be2970ebda389e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 07 Sep 2023 14:22:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7FHOB8vKYOauwkjKBiY7gafsLcY9uii0Dm%2FYgqbi9kLKd4DExRR2r6MoMjtmI40hah5QQ3v97p5p8sVhhrLhBrJY736R2Njw5yyakL19Q52CCJgMh44VVn3w5j1naS932Shx8cRs%2BKzg1Gk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84056362be981ca2-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 18:01:41 GMT

GET
H2 200 sassy-social-share-public.css
imbanasi.com/wp-content/plugins/sassy-social-share/public/css/ 10 KB
3 KB 373ms
372ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imbanasi.com/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.56
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c4ca119cf1bceba15e6b59d19c9a913dcfa12dd54b9ca0900890819adfae5e5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 11 Mar 2023 17:22:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5f0yukcfvwdIGwhgIrDSXqEmEIRyjvCj9%2FOqoj23pWb0o1%2BLs%2BIx0GpfOGxrREKKgLteZuVEhZE7VMaYsiqPjbqn4IDMzOqE%2BUV6gNL48UqKzdDHRRqoLeJUtw6M95TUAOPauTd0yFtbJV4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84056362be9a1ca2-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 18:01:41 GMT

GET
H2 200 wpp.min.js Show response
imbanasi.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 4 KB
2 KB 438ms
437ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imbanasi.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.3.4
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a85904e098cd1b968434e3bdcedd5a1465fec7d762b06d54348f334dc51bfc54

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Nov 2023 23:29:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZG1xMI%2BN%2FNO0jvwBxafCXARrB8YskQhkva3BzFNMX0ghGdpLgzSodLAibuwM5ShhOX4gsFeLTFCX0kYWtzlN7zxQKvxY5saGVvZBsilOhE47cTLc1NXGGnCEUhnMVxYsOaPdtEtIoEVYgYw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84056362be9b1ca2-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 18:01:41 GMT

GET
H2 200 jquery.min.js Show response
imbanasi.com/wp-includes/js/jquery/ 86 KB
31 KB 838ms
837ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imbanasi.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 08 Nov 2023 02:20:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kvr%2FhlPRox4ga0aSc9UbmiL80jJ88MWLAFkUJlxO5TZ4Z3yVKBvp7eajYeXvOWZQxYKH6hfQWLhEpJkmNe2PjCHj%2B4DLPijPe91eu6hFgSC0YZJoGeYV6O48U9JzKqYA00Ut3XrS2uaw4qw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84056362be9d1ca2-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 18:01:41 GMT

GET
H2 200 jquery-migrate.min.js Show response
imbanasi.com/wp-includes/js/jquery/ 13 KB
5 KB 479ms
478ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imbanasi.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 09 Aug 2023 02:30:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2BD7MIfhBmW%2F9pSUnzaJ5HHcdynT79uhhrzXqA%2BSy74d9hOuHLycwqsskF9eLHxJbz5XyX4czB5BJ92sc9ecov17%2FNS8QsTCnM55E%2BvOCTF2q4%2B%2Bm45YmkPTVId1YIEYIN7X3dqxglvvL1I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84056362eeef1ca2-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 18:01:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
69 KB 3886ms
338ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-220184477-1

Requested by

Host: imbanasi.com
URL: https://imbanasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

193cb7d341a7cd06154bd056f9bb1aa44d4c98f484f152cba52dc131f38f82d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69899
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jan 2024 18:01:46 GMT

GET
H2 404 pYkgct6rQxvBqxpAkroMUNbgRFCfvBNKlrwUXof7AkiH7VdQ2A==
ghost.blueecho88.com/ 0
0 6907ms
2937ms Script
text/html 178.236.246.109
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghost.blueecho88.com/pYkgct6rQxvBqxpAkroMUNbgRFCfvBNKlrwUXof7AkiH7VdQ2A==
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 178.236.246.109 Warsaw, Poland, ASN210644 (AEZA-AS, GB),
Reverse DNS: goofy-control.aeza.network
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 3543ms
3469ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3524306440520793&host=ca-host-pub-2644536267352236

Requested by

Host: imbanasi.com
URL: https://imbanasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ffaa9133b90171d600ad8a7d5e20c304f24129dce333a57d7c52a73490376f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imbanasi.com/
Origin: https://imbanasi.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51050
x-xss-protection: 0
server: cafe
etag: 877608171566192754
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 18:01:42 GMT

GET
H2 200 cropped-Untitled-1-1.png
imbanasi.com/wp-content/uploads/2022/03/ 13 KB
13 KB 387ms
387ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbanasi.com/wp-content/uploads/2022/03/cropped-Untitled-1-1.png
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5762b6219f50f2e10c20b675b7685d9de45070171473249b81a8c118736b43b7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:41 GMT
cf-cache-status: MISS
last-modified: Mon, 14 Mar 2022 10:10:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsSrVnErjc91Y7cjGK94kfR058drc%2BZG8MTyBpE38uUosuIFNIQINwhHuMt2wCxLE5mCy%2BACRFFPzKxvWSrv%2BRnmv1UKhzn9PqqZXY1jRqsjOEhriAS58FIk4Wn4KvuVUO3pNqLD9Px7ugI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84056362eef21ca2-AMS
alt-svc: h3=":443"; ma=86400
content-length: 13098
expires: Thu, 11 Jan 2024 18:01:41 GMT

GET
H2 200 Sequence-01.00_00_19_05.Still001.jpg
imbanasi.com/wp-content/uploads/2022/09/ 830 KB
831 KB 4397ms
4396ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbanasi.com/wp-content/uploads/2022/09/Sequence-01.00_00_19_05.Still001.jpg
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59c0e6792e27652db6c68b49c2df7dc21e767c99f70f023fe53cc2bee6b26961

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:42 GMT
cf-cache-status: MISS
last-modified: Wed, 28 Sep 2022 13:41:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yno0q0oSOXwuQM%2B0rkvXDgytX9qcyRq2hnuu2o59VPXo8xcgsZ3ORutbG0RbD%2B%2B4ZygojeeqMv3n52qgDHXy7cUanhfq4runVGMUm2yQzUgi1iRaaUxb6xNCnVTN3wAqeTk31EVyqeAvyto%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84056362eef11ca2-AMS
alt-svc: h3=":443"; ma=86400
content-length: 850069
expires: Thu, 11 Jan 2024 18:01:41 GMT

GET
H2 200 axresdefault-1.jpeg
imbanasi.com/wp-content/uploads/2022/09/ 239 KB
240 KB 4398ms
4397ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbanasi.com/wp-content/uploads/2022/09/axresdefault-1.jpeg
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80f3a4bc4c13cecc05eaf52a1d415bf4e5fb501ffb8ab47a0f2579423a6c7bf8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:42 GMT
cf-cache-status: MISS
last-modified: Wed, 28 Sep 2022 13:32:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMLfw2SxKelW83P4VYwe3HNXF744z7m8NHnv%2BMqWQTbsJDGzLa21vgxyvsYM6WAfRKZo2CISPQ5%2BpaiBQB9S8zSUFiU9Q0dxD8%2B%2BPlN0mJBybd2Z%2BnX2Lpagqiv9X6JTD6EwnAZARSUmk60%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84056362eef31ca2-AMS
alt-svc: h3=":443"; ma=86400
content-length: 244975
expires: Thu, 11 Jan 2024 18:01:41 GMT

GET
BLOB 200
OK b2688e78-58fc-44a0-b223-1dac8c724e5e
https://imbanasi.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://imbanasi.com/b2688e78-58fc-44a0-b223-1dac8c724e5e
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 IyjEZPYhCgs-HD.jpg
imbanasi.com/wp-content/uploads/2022/09/ 120 KB
121 KB 4013ms
4013ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbanasi.com/wp-content/uploads/2022/09/IyjEZPYhCgs-HD.jpg
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ed2c613655221946fd5539a4e49a662c0ab225efd2fc10231cd201305bde46d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:42 GMT
cf-cache-status: MISS
last-modified: Sun, 11 Sep 2022 09:53:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLelYJpT6S3BvX%2FYPpuAMydrrfz%2FT7QWKJ%2FMz3VQRtVNaaiLBKerZzO%2BRKihJzbv2lynyiQ0q5oo2%2FSukAfsizpqW4hF74zcrvaE%2BboRklxLfrKaaQ8s7Dfbt8PCBVHpWNJjoSERvHanKqk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8405636528c266e6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 123372
expires: Thu, 11 Jan 2024 18:01:42 GMT

GET
H3 200 wqI4z9drc8c-HD.jpg
imbanasi.com/wp-content/uploads/2022/09/ 174 KB
175 KB 3802ms
3801ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbanasi.com/wp-content/uploads/2022/09/wqI4z9drc8c-HD.jpg
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 318ad9c59143ac495dac58215eb17885efc744c523b444f7c1f82ff72197839a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:43 GMT
cf-cache-status: MISS
last-modified: Sun, 11 Sep 2022 09:47:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2zVtDkbm9QFmudABdJuu8xLKkT4BL0jmI7fFVhD7DKC7vsIrAUdsPKxtdAOPxjoRbj8ZGerEZaxvwVz1MUn5omb71uNh%2BIT70zMvkZfpdyCgHFWJY7Lg0nbpkGFLg4RJVLVpdNp2XeIuEI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 840563681f1866e6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 178374
expires: Thu, 11 Jan 2024 18:01:42 GMT

GET
H3 200 maxresdefault.jpg
imbanasi.com/wp-content/uploads/2022/03/ 165 KB
165 KB 40ms
39ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbanasi.com/wp-content/uploads/2022/03/maxresdefault.jpg
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee942f4a5ec260e449e5404657495b091d50c3286bf9805e7385f6cf2d73cf5d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55235
alt-svc: h3=":443"; ma=86400
content-length: 168564
last-modified: Thu, 31 Mar 2022 16:41:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWTRHwDmmQiEobtxVuX7ybVxJj%2BEmxm8pdqkgZfMO%2BQfEkEk5V1HjikF9xYxqO7faZUvH3aYIQ0agAE967S5E17S81IX4agYUWHP7qYQmiixt7e3HkyhALbXEfAkzpITiNPS%2FEIQpuRs5nQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 840563681f3066e6-AMS
expires: Thu, 11 Jan 2024 02:41:07 GMT

GET
H3 200 NENO-JEMA-2.jpg
imbanasi.com/wp-content/uploads/2022/03/ 320 KB
320 KB 3851ms
3850ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbanasi.com/wp-content/uploads/2022/03/NENO-JEMA-2.jpg
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3e5833597a13fd497d210e2c036317ae5b663fd443c3c778bcb7f1ade247a6a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55235
alt-svc: h3=":443"; ma=86400
content-length: 327476
last-modified: Thu, 31 Mar 2022 13:16:44 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqgMZEXp18jeZVUaZZUBjvbxk1EbaxUUBu91%2BCi6sgHdrjlmxOM8fyTGLIzsQl8hd0pwbvEmD%2BpO4lqz3FBarUIGcQA7Pw%2FChUbp5bEysfOphyp2QfqdM98nGNSCqBaQ9uruMcZZqp7DnvE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 840563681f3266e6-AMS
expires: Thu, 11 Jan 2024 02:41:07 GMT

GET
H3 200 sddefault-4.jpg
imbanasi.com/wp-content/uploads/2022/03/ 72 KB
73 KB 3876ms
3875ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbanasi.com/wp-content/uploads/2022/03/sddefault-4.jpg
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cf8b627b8de7c4cf224806c661d3c3e8d1a0c8f5b3a94233a24d83839a326b8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55236
alt-svc: h3=":443"; ma=86400
content-length: 74112
last-modified: Mon, 28 Mar 2022 18:30:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7BeeSGPK%2FFt0pHlWCo9Q6inA08kclzxOdAEdEGUhG4PkH4o%2FwQnzvisMr%2F3YJGSAida9o7sYGJUFO5x4UQOoXz69FWMDJQbIjKvL%2ByBk%2BkLQiS%2BamcU2cpTlwkQK3uIykxxyXwPkodTcY0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 840563681f3466e6-AMS
expires: Thu, 11 Jan 2024 02:41:06 GMT

GET
H3 200 maxresdefault-29.jpg
imbanasi.com/wp-content/uploads/2022/03/ 194 KB
195 KB 3877ms
3876ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbanasi.com/wp-content/uploads/2022/03/maxresdefault-29.jpg
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c241219c457169c627ad4b4fea6cadb2112b758b1ef9cd03f3de29d9286df492

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55236
alt-svc: h3=":443"; ma=86400
content-length: 198932
last-modified: Mon, 28 Mar 2022 18:22:05 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9DrxUoIeu8%2FI%2BxWu%2BRPwb6NcIiRmpyabnYdvgGl90yFB3a0%2BEqC7eS50v87b0%2BPHTAM5LFW9C%2FyGZg54DG6XSmU%2BBenbu4hppJsEIl6bLUs2%2Fhg5t6%2BEU8%2BrUZJIxFF4vSLbTdPM9Kr4FA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 840563681f3666e6-AMS
expires: Thu, 11 Jan 2024 02:41:06 GMT

GET
H3 200 maxresdefault-9.jpg
imbanasi.com/wp-content/uploads/2022/03/ 175 KB
176 KB 3880ms
3879ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbanasi.com/wp-content/uploads/2022/03/maxresdefault-9.jpg
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f05cc38ae1d7b80d813e164c4eb93e83f03f6eecbfd271d19d2e39386ff0fe7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:43 GMT
cf-cache-status: MISS
last-modified: Mon, 14 Mar 2022 14:50:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXfJxSGA5TquTm7ZVxlsMT7RsgDohk5tzK0HxWYXQ2XEFVYaJSGiEskH%2FqkBTRMxIh1iaESYd7zDaFnMkEtkEl2cS%2Fh6I4kkSIzg7%2FDJ4ibaCNGhPchowvRCClzZjdTK2T5EwmBexGdmUdA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 840563681f3766e6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 179556
expires: Thu, 11 Jan 2024 18:01:42 GMT

GET
H3 200 maxresdefault-28.jpg
imbanasi.com/wp-content/uploads/2022/03/ 112 KB
113 KB 3884ms
3883ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbanasi.com/wp-content/uploads/2022/03/maxresdefault-28.jpg
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 093f68fcb134f3e43cc714b86036c1bd9f2c2e448095ee81cbcea1775f020541

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:43 GMT
cf-cache-status: MISS
last-modified: Tue, 15 Mar 2022 19:57:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJTa9LOeh%2F99O4nhmG8WJncQ6y005XFJ6UbfPgxPevzOkq%2FAN9dLZBkC6YVcPTCUtDJcJGBVBAVkgXeVDrtqscFWmpz8mfBxFo9S3r9sPWu91luyOrV4wlRpyAjaLv7iuIywqjg3AV9gTUI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 840563681f3866e6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 114851
expires: Thu, 11 Jan 2024 18:01:42 GMT

GET
H3 200 index.js Show response
imbanasi.com/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
4 KB 3828ms
3826ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imbanasi.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.4
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 16 Nov 2023 07:57:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UeFGI%2B%2BmXqjdPOxd3cI8F8xxU5ZE3%2BLL1baAD05xD1lkKK%2BQB6DPbJWwfajhfFPyP1jSAycwUFAhmJwirDWHVKKsuOG5PSniftJIAzl2MLWENPPAuRYq5UtlK2hEzvl5ClNXt1n16BQxf5k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840563681f1e66e6-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 18:01:42 GMT

GET
H3 200 index.js Show response
imbanasi.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 3829ms
3827ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imbanasi.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.4
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 16 Nov 2023 07:57:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=881mdwTkIZN%2FEnt%2BFzq%2FWaYDx75URyxG5S17dz4G61iE1BvdQIoir4biZDyBf7%2FncXC%2BSdyWgDs5fSnOEtHi%2BgIEjJtl4VQirDsUnIWxKRmeelWXXXU2toAxM3dv79L7w%2FugmHpxONW5heo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840563681f2166e6-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 18:01:42 GMT

GET
H3 200 navigation.js Show response
imbanasi.com/wp-content/themes/fairy/js/ 3 KB
2 KB 3829ms
3827ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imbanasi.com/wp-content/themes/fairy/js/navigation.js?ver=1.3.7
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01d7c9a6f7c2b8c9290aba44c16c812337398880d14cfcbbb402fd7b153661b1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 22 Aug 2022 08:47:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y40XH5dbRo1dfRWzmbUinzs9WwUkCBRQtivdqk4y6%2F%2BbJw2y%2FDUL7NHmJ5T95%2FIJfWL7SgXY6YlfPsyapUmxUs19AqeFUWGr5%2F4No9yjH8Qil11%2BR6wmEatN9Eod1yk3hy7J9EpD9j5KFp0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840563681f2266e6-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 18:01:42 GMT

GET
H3 200 theia-sticky-sidebar.js Show response
imbanasi.com/wp-content/themes/fairy/candidthemes/assets/custom/js/ 16 KB
4 KB 3830ms
3828ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imbanasi.com/wp-content/themes/fairy/candidthemes/assets/custom/js/theia-sticky-sidebar.js?ver=1.3.7
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9aa067574acf4c7b8d7cef4f104ea80eeb6bd8af4d1e142015d029779dcdae3e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 22 Mar 2023 12:51:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FsnLa9CZoKBoq%2Byq5luI%2BKacVDv77bLVA90aCuc1zJ3dUoZi11Si74eJGYz40sSd%2BL2wS1yA%2FysHSANULKeyPwHSolIa7Yl380hn5UmD0Q43btcPBq6qvBHrIbI5Gl%2BgX0Pm3buNslTGfw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840563681f2366e6-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 18:01:42 GMT

GET
H3 200 slick.js Show response
imbanasi.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/ 90 KB
16 KB 3831ms
3829ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imbanasi.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/slick.js?ver=1.3.7
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6596a1e2c00a9382621eecdd04431e99c4638499a25fe64389d690a05d838a15

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 18 Dec 2020 13:53:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tm4bmf4mJBTv5S5iGHsXZgwS9n%2BfBpRuEZT30ac5cD1E67yLFXtHy9K47E4Pqncr4W9%2B%2FgyG7FZYzZEN8xUfyI3znP3pC52bi9ikM2eJpIOXjhsA8lJEUCMQNNea%2FsbMWhEkK5x9FdD%2BFdk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840563681f2466e6-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 18:01:42 GMT

GET
H3 200 imagesloaded.min.js Show response
imbanasi.com/wp-includes/js/ 5 KB
2 KB 3831ms
3830ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imbanasi.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 08 Nov 2023 02:20:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNbCKoj3tyPARVSKVuyGwo9UGPW6aGZT3DJ%2BJYXXqbxA1G8TsI0rGWMtQz1XqsHLvkoRaHhpOmGb6oqr9LZt8WwDcgRSBzLqQCXkgWPPk88%2FoMkf7LggjQWsiwwVbRTT9UbB3%2BMG30joynE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840563681f2666e6-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 18:01:42 GMT

GET
H3 200 masonry.min.js Show response
imbanasi.com/wp-includes/js/ 24 KB
8 KB 3832ms
3830ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imbanasi.com/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 14 Jun 2020 04:23:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5cvq5bLZCHkp28jsTyy7BTAy8SmZOaEyus%2F2sZSkXGuX1ggdFZhVH9pUbIPbxkRDXrX95HNs%2FKyGHH8UDD%2F0Ln45dYXIUk4C8rYqSWyykS%2FldO7hNTDcuMdcaxnDLtcMEriNiprMQCb3QlE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840563681f2866e6-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 18:01:42 GMT

GET
H3 200 custom.js Show response
imbanasi.com/wp-content/themes/fairy/candidthemes/assets/custom/js/ 7 KB
2 KB 3832ms
3831ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imbanasi.com/wp-content/themes/fairy/candidthemes/assets/custom/js/custom.js?ver=1.3.7
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b68491bcf04c1a52df469b4b19f9096588fba79f809c1e4617db63420e3c18c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 15 Aug 2022 20:18:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yt%2BkC4OwQdKaQBHyMMggFjP5836Vuoxg%2Bc8NFpIzzhjCowoCA7OAyh2RPu6%2BA7XYvRoCBo2WCiiZmP%2BdC5Jh7i5qTN9Hb0%2BwJ%2BEIJzFXH%2B1gHP%2BsOZsu7QOK8kcPh2alvkWgUi7vdOBQYaE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840563681f2a66e6-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 18:01:42 GMT

GET
H3 200 sassy-social-share-public.js Show response
imbanasi.com/wp-content/plugins/sassy-social-share/public/js/ 122 KB
41 KB 3833ms
3831ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imbanasi.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.56
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5fca0141fd1fba5d7ab36cc0b1c62d3ad22ef3f85f2464743d16b3499d5f7c9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 Nov 2023 14:39:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsZhCffs5ESRRkdi3%2B27ZD6uJfZ29HwVursMXy3NQUFx%2BhSYN%2BH7wqlG9V3oCnlNT2SR0zUnw8uH1np%2BKrBxdb3KMewCw9gGRuTi5U7w3yp7BE6uyIrdfUDmwBgQzn6hUvHbCKilz%2B8BWAM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840563681f2d66e6-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 18:01:42 GMT

GET
H2 200 imbanasi Show response
zeno.fm/player/ Frame B9D1 14 KB
4 KB 4021ms
113ms Document
text/html 67.23.116.141
MOVECLICKLLC

General

Check archive.org

Show headers Download Go to

Full URL

https://zeno.fm/player/imbanasi

Requested by

Host: imbanasi.com
URL: https://imbanasi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.23.116.141 Fairfax, United States, ASN40015 (MOVECLICKLLC, US),

Reverse DNS

Software

Apache /

Resource Hash

b96c11a823c801f31ceecbd089e2f22ec97efff585462d45f7dcd3b3c2f38bd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://imbanasi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 04 Jan 2024 18:01:46 GMT
etag: W/"362e-60a95d52c70bb"
expires: Fri, 03 Jan 2025 18:01:46 GMT
last-modified: Mon, 20 Nov 2023 13:55:03 GMT
pragma: public
referrer-policy: no-referrer-when-downgrade
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 bk1.jpg
imbanasi.com/wp-content/uploads/2022/03/ 153 KB
153 KB 3884ms
3883ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbanasi.com/wp-content/uploads/2022/03/bk1.jpg
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56392a29c6bd9c419f24fecd0326cef393e42ffa5cb7cd011b486f57f72e0fd6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:43 GMT
cf-cache-status: MISS
last-modified: Wed, 16 Mar 2022 21:15:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhkH5fjoQiJzCvZG8n9toFxGBasq6Zs6zoFx2eWUdp3vUFjn%2BSmCK6SYaudXXFvtQN8vaUSRuuuY8bmr8qQGfJ9KQDwlab99cF3UdPjL5u9Eig%2BPmCbg44TeKRH7MEoSOCXcId%2BNYuuS4aU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 840563681f3a66e6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 156192
expires: Thu, 11 Jan 2024 18:01:42 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 3787ms
3699ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://imbanasi.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 12:31:59 GMT
x-content-type-options: nosniff
age: 192586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 12:31:59 GMT

GET
H3 200 fontawesome-webfont.woff2
imbanasi.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/ 75 KB
76 KB 3893ms
3893ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imbanasi.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://imbanasi.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Origin: https://imbanasi.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:43 GMT
cf-cache-status: MISS
last-modified: Sun, 23 Apr 2023 15:22:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXsBHtNarkcFRZiIdJN%2BUFFwOho710xQwjOmqj42b%2FXqGqY%2FxvT3CNCBHYa8ImGMgywYqpl%2FMRJiKI9jfDA5QfyVrJlrKnIryF7ULAsQCdosRXpVPaa60RXlZJGK8qicGtNdLzO7VBAwAHY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 840563682f4566e6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 77160
expires: Thu, 11 Jan 2024 18:01:42 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 3801ms
3713ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://imbanasi.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 03:33:07 GMT
x-content-type-options: nosniff
age: 224918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 03:33:07 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v53/ 28 KB
28 KB 3990ms
3903ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C300%2C700&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://imbanasi.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 10:27:47 GMT
x-content-type-options: nosniff
age: 459238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28512
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:44:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Dec 2024 10:27:47 GMT

GET
H3 200 wp-emoji-release.min.js Show response
imbanasi.com/wp-includes/js/ 18 KB
5 KB 335ms
335ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imbanasi.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Mar 2023 02:19:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3ybiNr9OZe%2F%2FaS2bXSGy97Bp3kq5zkcOR0iftW6WgklLOroHXjxF47CjldoLXkhxD8AaMOFG62YVr3S7XtdHnZkqiCOPtFRmv2rtzFspI9yJHNUfRFvvZ8U3NDNuax%2FrO8hWaZL3UPisfw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 840563800d8566e6-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 18:01:46 GMT

GET
H3 200 2 Show response
imbanasi.com/wp-json/wordpress-popular-posts/v1/popular-posts/widget/ 7 KB
2 KB 340ms
340ms XHR
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://imbanasi.com/wp-json/wordpress-popular-posts/v1/popular-posts/widget/2?is_single=0

Requested by

Host: imbanasi.com
URL: https://imbanasi.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.3.4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3b043fd30878819c8b0286057c9a44ef1f6a4083fdbd850b40d69dad8407c66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://imbanasi.com/
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
X-WP-Nonce: c7daf36205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-litespeed-cache: hit
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"1670-1704284459;;;"
allow: GET
vary: Origin
content-type: application/json; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDiBHxv7nxZf7EYcOCoVRhCAZMI%2FcqAcDQ5CPQRLqtix5%2FMR%2BEn8dkc3a56VfbNe9sUE01%2BiyQm7l2YE8QeR58wMCoM163YsWdBwixX%2BBxjGUOIaYQciv1kQyBIXIeB3p2tY1mKG6DxTuvA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-turbo-charged-by: LiteSpeed
x-robots-tag: noindex
link: <https://imbanasi.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray: 840563800d8a66e6-AMS
x-wp-nonce: c7daf36205

GET
DATA 200
OK truncated
/ 234 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d7cd639c89358f19d898c0f407c362e22f9f3efb8f419bb35ede15d184daa71

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401040101/ 401 KB
136 KB 162ms
96ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3524306440520793&plah=imbanasi.com&bust=31080236

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3524306440520793&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6400a4fc8f8c759503f20139e4ab3addc6add1dacde51affc572af36498569b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139142
x-xss-protection: 0
server: cafe
etag: 12379807743153438957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 18:01:46 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240102/r20190131/ Frame FC10 9 KB
4 KB 188ms
60ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240102/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3524306440520793&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imbanasi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 72131
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 21:59:35 GMT
etag: 9219409622527106327
expires: Wed, 17 Jan 2024 21:59:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 main.min.css
zeno.fm/widget/assets/stylesheets/ Frame B9D1 109 KB
18 KB 438ms
437ms Stylesheet
text/css 67.23.116.141
MOVECLICKLLC

General

Check archive.org

Show headers Download Go to

Full URL

https://zeno.fm/widget/assets/stylesheets/main.min.css

Requested by

Host: zeno.fm
URL: https://zeno.fm/player/imbanasi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.23.116.141 Fairfax, United States, ASN40015 (MOVECLICKLLC, US),

Reverse DNS

Software

Apache /

Resource Hash

ff6b729c340fa5eae226367b2a2aea16a4e1ff19071d141ef73e81160ce7e3af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/player/imbanasi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Thu, 04 Jan 2024 18:01:46 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Thu, 01 Sep 2022 16:08:54 GMT
server: Apache
content-encoding: gzip
etag: W/"1b587-5e79fd47b00a2"
vary: Accept-Encoding
content-type: text/css
cache-control: public
accept-ranges: bytes
expires: Fri, 03 Jan 2025 18:01:46 GMT

GET
H2 200 fontello.woff2
zeno.fm/widget/assets/fonts/ Frame B9D1 5 KB
5 KB 439ms
438ms Font
application/font-woff2 67.23.116.141
MOVECLICKLLC

General

Check archive.org

Show headers Download Go to

Full URL

https://zeno.fm/widget/assets/fonts/fontello.woff2

Requested by

Host: zeno.fm
URL: https://zeno.fm/player/imbanasi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.23.116.141 Fairfax, United States, ASN40015 (MOVECLICKLLC, US),

Reverse DNS

Software

Apache /

Resource Hash

34157decd6f726e1ab98c222596cd09209de71cf6c8f8294cafa79bed133fa0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zeno.fm/player/imbanasi
Origin: https://zeno.fm
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:46 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-length: 4768
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Sep 2022 16:08:47 GMT
server: Apache
etag: "12a0-5e79fd417c9c9"
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,OPTIONS
content-type: application/font-woff2
access-control-allow-origin: https://zeno.fm
access-control-expose-headers: Location
cache-control: max-age=15552000, public, public
accept-ranges: bytes
access-control-allow-headers: Accept-Token,Content-Type,Authorization
expires: Fri, 03 Jan 2025 18:01:46 GMT

GET
H2 200 hinted-Larsseit-Medium.woff2
zeno.fm/widget/assets/fonts/ Frame B9D1 20 KB
20 KB 221ms
220ms Font
application/font-woff2 67.23.116.141
MOVECLICKLLC

General

Check archive.org

Show headers Download Go to

Full URL

https://zeno.fm/widget/assets/fonts/hinted-Larsseit-Medium.woff2

Requested by

Host: zeno.fm
URL: https://zeno.fm/player/imbanasi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.23.116.141 Fairfax, United States, ASN40015 (MOVECLICKLLC, US),

Reverse DNS

Software

Apache /

Resource Hash

c0b0d9a082fa44b9adad7f989a0aded0435ceca6f9d340237a83f35326170227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zeno.fm/player/imbanasi
Origin: https://zeno.fm
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:46 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-length: 20024
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Sep 2022 16:08:49 GMT
server: Apache
etag: "4e38-5e79fd43066ab"
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,OPTIONS
content-type: application/font-woff2
access-control-allow-origin: https://zeno.fm
access-control-expose-headers: Location
cache-control: max-age=15552000, public, public
accept-ranges: bytes
access-control-allow-headers: Accept-Token,Content-Type,Authorization
expires: Fri, 03 Jan 2025 18:01:46 GMT

GET
H2 200 hinted-Larsseit.woff2
zeno.fm/widget/assets/fonts/ Frame B9D1 20 KB
20 KB 221ms
221ms Font
application/font-woff2 67.23.116.141
MOVECLICKLLC

General

Check archive.org

Show headers Download Go to

Full URL

https://zeno.fm/widget/assets/fonts/hinted-Larsseit.woff2

Requested by

Host: zeno.fm
URL: https://zeno.fm/player/imbanasi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.23.116.141 Fairfax, United States, ASN40015 (MOVECLICKLLC, US),

Reverse DNS

Software

Apache /

Resource Hash

acf3a32b411356f86baad4a8177a52c63c3cb5038bc1e6fbb26bc119d39ae3ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zeno.fm/player/imbanasi
Origin: https://zeno.fm
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:46 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-length: 20016
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Sep 2022 16:08:50 GMT
server: Apache
etag: "4e30-5e79fd43d0919"
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,OPTIONS
content-type: application/font-woff2
access-control-allow-origin: https://zeno.fm
access-control-expose-headers: Location
cache-control: max-age=15552000, public, public
accept-ranges: bytes
access-control-allow-headers: Accept-Token,Content-Type,Authorization
expires: Fri, 03 Jan 2025 18:01:46 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame B9D1 244 KB
84 KB 77ms
76ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2T527NZWVM

Requested by

Host: zeno.fm
URL: https://zeno.fm/player/imbanasi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d61755a25b36a1a5a210d6662fda9e0522d480382b9313ee081f366696b2098

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/player/imbanasi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86315
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jan 2024 18:01:46 GMT

GET
H/1.1 200
OK attc-uAdJ2ujapxW6xDFKk.min.js Show response
play.adtonos.com/ Frame B9D1 6 KB
6 KB 121ms
32ms Script
application/javascript 51.89.155.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://play.adtonos.com/attc-uAdJ2ujapxW6xDFKk.min.js

Requested by

Host: zeno.fm
URL: https://zeno.fm/player/imbanasi

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.89.155.117 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ns3157979.ip-51-89-155.eu

Software

nginx /

Resource Hash

16be0a907ddb441a6b9b6562e2364dad916933afa19a1a026871b1494dc568b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/player/imbanasi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 18:01:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Access-Control-Allow-Credentials: true
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 5665
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK register2.php Show response
synchrobox.adswizz.com/ Frame B9D1 589 B
1 KB 421ms
42ms Script
text/javascript 52.31.131.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synchrobox.adswizz.com/register2.php
Requested by: Host: zeno.fm
URL: https://zeno.fm/player/imbanasi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.131.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-131-200.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 857f3d6558aec07553171f4dec779c0b2cad0542cd6b7346c52399426c18010e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/player/imbanasi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Methods: GET, HEAD, OPTIONS, POST, PUT
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin: *
content-type: text/javascript
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length: 589

GET
H2 200 SynchroClient2.js Show response
cdn.adswizz.com/adswizz/js/ Frame B9D1 9 KB
9 KB 202ms
49ms Script
application/javascript 65.9.95.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Requested by: Host: zeno.fm
URL: https://zeno.fm/player/imbanasi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-19.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/player/imbanasi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 23:54:08 GMT
via: 1.1 d9c696d6d0c92f63870873ced2895baa.cloudfront.net (CloudFront)
last-modified: Tue, 15 Sep 2020 06:28:38 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 65260
etag: "3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9187
x-amz-cf-id: __v3HG8rbjXyjlfRcDb3r-884BhkjmNGdDBwSxb3W0w1PluNwpicZw==

GET
H/1.1

200
OK

idsync.js Show response
playerservices.live.streamtheworld.com/api/ Frame B9D1
Redirect Chain

https://playerservices.live.streamtheworld.com/api/idsync.js?stationId=118143
https://playerservices.live.streamtheworld.com/api/idsync.js?stationId=118143&bounce=true

907 B
1 KB

350ms
128ms

Script
application/javascript

192.173.29.77
TRITONDIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://playerservices.live.streamtheworld.com/api/idsync.js?stationId=118143&bounce=true
Requested by: Host: zeno.fm
URL: https://zeno.fm/player/imbanasi
Protocol: HTTP/1.1
Server: 192.173.29.77 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software: /
Resource Hash: 2ebbc1bd1379bafc0c2abcdd974dcd1efa16a7fa6f005da1231d789680ad2ade

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/player/imbanasi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:48 GMT
x-stw-server: mtl-strc-lb02-docker01_8082
x-stw-site: MTL
content-language: nl-NL
access-control-allow-origin: *
p3p: policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=ISO-8859-1
connection: close

Redirect headers

date: Thu, 04 Jan 2024 18:01:47 GMT
x-stw-server: mtl-strc-docker04_8082
x-stw-site: MTL
content-language: nl-NL
location: https://playerservices.live.streamtheworld.com/api/idsync.js?stationId=118143&bounce=true
access-control-allow-origin: *
p3p: policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=ISO-8859-1
connection: close

GET
H2 200 logo-zeno-black.png
zeno.fm/widget/assets/images/elements/ Frame B9D1 4 KB
4 KB 113ms
112ms Image
image/png 67.23.116.141
MOVECLICKLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zeno.fm/widget/assets/images/elements/logo-zeno-black.png

Requested by

Host: zeno.fm
URL: https://zeno.fm/player/imbanasi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.23.116.141 Fairfax, United States, ASN40015 (MOVECLICKLLC, US),

Reverse DNS

Software

Apache /

Resource Hash

5ae13b47c6124533d5283d0631135beb884dbc3782b13832faff0fb0193232bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/player/imbanasi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Thu, 04 Jan 2024 18:01:46 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Thu, 01 Sep 2022 16:08:57 GMT
server: Apache
etag: "e5b-5e79fd4abf7fd"
content-type: image/png
cache-control: public
accept-ranges: bytes
content-length: 3675
expires: Fri, 03 Jan 2025 18:01:46 GMT

GET
H2 200 vendors.min.js Show response
zeno.fm/widget/assets/javascript/ Frame B9D1 131 KB
132 KB 329ms
329ms Script
application/x-javascript 67.23.116.141
MOVECLICKLLC

General

Check archive.org

Show headers Download Go to

Full URL

https://zeno.fm/widget/assets/javascript/vendors.min.js?_=1700488480

Requested by

Host: zeno.fm
URL: https://zeno.fm/player/imbanasi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.23.116.141 Fairfax, United States, ASN40015 (MOVECLICKLLC, US),

Reverse DNS

Software

Apache /

Resource Hash

551dab3472e7f99f99f660c01ccf9a6d37370f8cad019af534ef6690b6b2b3b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/player/imbanasi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Thu, 04 Jan 2024 18:01:46 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Mon, 20 Nov 2023 13:55:15 GMT
server: Apache
etag: "20da8-60a95d5ece319"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: private
accept-ranges: bytes
content-length: 134568
expires: Fri, 03 Jan 2025 18:01:46 GMT

GET
H2 200 scripts.min.js Show response
zeno.fm/widget/assets/javascript/ Frame B9D1 2 KB
3 KB 326ms
326ms Script
application/x-javascript 67.23.116.141
MOVECLICKLLC

General

Check archive.org

Show headers Download Go to

Full URL

https://zeno.fm/widget/assets/javascript/scripts.min.js?_=1700488480

Requested by

Host: zeno.fm
URL: https://zeno.fm/player/imbanasi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.23.116.141 Fairfax, United States, ASN40015 (MOVECLICKLLC, US),

Reverse DNS

Software

Apache /

Resource Hash

c02ddde78c7305436f8deea9b4d105d1ed0f18ee5854852238a263151acefe50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/player/imbanasi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Thu, 04 Jan 2024 18:01:46 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Mon, 20 Nov 2023 13:55:15 GMT
server: Apache
etag: "982-60a95d5e7d234"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: private
accept-ranges: bytes
content-length: 2434
expires: Fri, 03 Jan 2025 18:01:46 GMT

GET
H2 200 index.min.js Show response
zeno.fm/widget/assets/javascript/ Frame B9D1 4 KB
4 KB 112ms
112ms Script
application/x-javascript 67.23.116.141
MOVECLICKLLC

General

Check archive.org

Show headers Download Go to

Full URL

https://zeno.fm/widget/assets/javascript/index.min.js?_=1700488480

Requested by

Host: zeno.fm
URL: https://zeno.fm/player/imbanasi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.23.116.141 Fairfax, United States, ASN40015 (MOVECLICKLLC, US),

Reverse DNS

Software

Apache /

Resource Hash

de8715c2f82e2aca288843fef9839aca913cb0640560eed0cf39e9ba7d4da378

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/player/imbanasi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Thu, 04 Jan 2024 18:01:46 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Mon, 20 Nov 2023 13:55:14 GMT
server: Apache
etag: "1099-60a95d5d841c5"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: private
accept-ranges: bytes
content-length: 4249
expires: Fri, 03 Jan 2025 18:01:46 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7FF1 764 KB
170 KB 924ms
923ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3524306440520793&output=html&adk=1812271804&adf=3025194257&lmt=1704391306&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fimbanasi.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704391306266&bpp=2&bdt=4726&idt=248&shv=r20240102&mjsv=m202401040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8494102754206&frm=20&pv=2&ga_vid=1029109762.1704391307&ga_sid=1704391307&ga_hid=1626392404&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C31080236&oid=2&pvsid=3143642256741610&tmod=438028957&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=261

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3524306440520793&plah=imbanasi.com&bust=31080236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89a08672cc394d16a3e9d8c538cb01d3b5b109d81f61f6a34f8e9add6cf51139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imbanasi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 173534
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jan 2024 18:01:47 GMT
expires: Thu, 04 Jan 2024 18:01:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 530-featured-75x75.jpg
imbanasi.com/wp-content/uploads/wordpress-popular-posts/ 2 KB
3 KB 342ms
341ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbanasi.com/wp-content/uploads/wordpress-popular-posts/530-featured-75x75.jpg
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c7ffa3f099787c53922f29fe6450b539d50ea270a82f4507c8edc4f44fa1f2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:46 GMT
cf-cache-status: MISS
last-modified: Fri, 25 Nov 2022 22:35:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJ3I5HBUjToJ%2Bag9Qt3dn68qwWKL6C2c2oo6euNo1VkES7Em9c6a%2BOnefjNtzSuN%2FpCzW8EOhJwlEkEVt218L46Nh8TliypHo%2B%2BMPfVmi3DM70RVDmxEZdTdG2VXHYfgeiVWdDexUnUlmwI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8405638249a566e6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2233
expires: Thu, 11 Jan 2024 18:01:46 GMT

GET
H3 200 471-featured-75x75.jpg
imbanasi.com/wp-content/uploads/wordpress-popular-posts/ 2 KB
3 KB 341ms
340ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbanasi.com/wp-content/uploads/wordpress-popular-posts/471-featured-75x75.jpg
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0a2945335233c8f3074009aae18a6f4a77e5db7236153d8a2b7adf636676d4a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:46 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Jun 2022 07:59:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQKCFqW6%2BTtReqxBssrhBkRfu6q%2FWaFo0UAoy32G0sWjRrZTNQE1eF2S%2B%2FfnMaI1IvU7DtgIioe6aVaKUMeOa8UBsLmDutTwO2Nen74g6TVU%2B3wnPfbeVMc0Cno7ekInvrBotamQu2QG7yw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8405638249a766e6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2389
expires: Thu, 11 Jan 2024 18:01:46 GMT

GET
H3 200 524-featured-75x75.jpeg
imbanasi.com/wp-content/uploads/wordpress-popular-posts/ 4 KB
4 KB 414ms
413ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbanasi.com/wp-content/uploads/wordpress-popular-posts/524-featured-75x75.jpeg
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2a0739286d4a3a3e976b3f11b40c1bfc7fbb4854e4d5ac81c5674fc750d9962

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:46 GMT
cf-cache-status: MISS
last-modified: Sat, 18 Mar 2023 09:30:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k504YeUPp4Yh4N5czRxN7%2B%2B%2FuVZfjqEQwgyy0gN0RCWDO%2FUjCnQ5E89ZIP%2FwhUSEdi%2FnxbIVHrizsEiFdzgt%2F0mO3aa36MjAaxD9lT0qg7HOeco3donB2XIBuARGcdqX1VpkeElTTVyVhy4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8405638249aa66e6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 3729
expires: Thu, 11 Jan 2024 18:01:46 GMT

GET
H3 200 484-featured-75x75.jpg
imbanasi.com/wp-content/uploads/wordpress-popular-posts/ 3 KB
3 KB 367ms
366ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbanasi.com/wp-content/uploads/wordpress-popular-posts/484-featured-75x75.jpg
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a2117e56eebe26f9f86a916ab809740f45d068c9aab546ba6201b25bca7d284

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:46 GMT
cf-cache-status: MISS
last-modified: Tue, 13 Sep 2022 06:38:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVFw1UJC6uV4kpfmW6lY6LB97y6er8SjmraJYAhWZDJpOQPmWi300ezICTKOOiBapCVk39Jp9XjJDLS1cRbAh7kOohJNXSp%2BLNk2N85dbE8HpBhJ7YFil4Gbl%2FbwS0axoH8xvUtLp9dqkBg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8405638249ae66e6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2688
expires: Thu, 11 Jan 2024 18:01:46 GMT

GET
H3 200 467-featured-75x75.jpg
imbanasi.com/wp-content/uploads/wordpress-popular-posts/ 3 KB
3 KB 405ms
405ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbanasi.com/wp-content/uploads/wordpress-popular-posts/467-featured-75x75.jpg
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eedb83de557c2d75a6ef4b70037580f8e554a7ede5f3dd90e7f52401edfa702

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:46 GMT
cf-cache-status: MISS
last-modified: Fri, 17 Mar 2023 18:49:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LZ%2B47geKgMcCkCI5qhIYbO4CgKLYLirbmbO4OrKLc7Oxpu22BJ3oldU4kvfBCuTYXB%2FYgkMC%2Fp2SHiG5ntNt83pnTBZyq7lTXD7Bm7xp0S0Qd9nFZZYEjfKqUXQnpqTwstG1d2Xhhw5n3U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8405638249b366e6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2884
expires: Thu, 11 Jan 2024 18:01:46 GMT

GET
H3 200 307-featured-75x75.jpg
imbanasi.com/wp-content/uploads/wordpress-popular-posts/ 2 KB
3 KB 412ms
411ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbanasi.com/wp-content/uploads/wordpress-popular-posts/307-featured-75x75.jpg
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2105ac1b7fbb39b67ea9e3d54e923ef3e06880c8102b89e4c0261e318f90b375

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:46 GMT
cf-cache-status: MISS
last-modified: Sun, 27 Mar 2022 07:04:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdzrFG%2B%2FkIWO93jnZJmwBS3bBW2e4A6wfm73M8yUl8JOXD4sOXPV7HI9kd9%2ByGQ02xf7zvu%2FEIflOKxs0rl6v9vZ1SCyxpDqaC9SA4ySe4CzngWepU6V7Siz1iQGvWxbWBsa5xKxKuNPfz0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8405638249b566e6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2482
expires: Thu, 11 Jan 2024 18:01:46 GMT

GET
H3 200 479-featured-75x75.jpg
imbanasi.com/wp-content/uploads/wordpress-popular-posts/ 3 KB
3 KB 186ms
186ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbanasi.com/wp-content/uploads/wordpress-popular-posts/479-featured-75x75.jpg
Requested by: Host: imbanasi.com
URL: https://imbanasi.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fadd4367dbca6e7413d9fc59c82a012afe8db21d575a598aa8f012a0ec520828

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:46 GMT
cf-cache-status: MISS
last-modified: Sat, 19 Nov 2022 23:47:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXZ6r5uMFNHzSEw2pgZP3dN%2FEqcAQ2kd18POF%2Boiuq%2F1UDwQjEqm4zRnDbsGuHmC1WoErGr3Sfjc0hs%2FvA0zNf9L%2FUJLc7drpXJX%2FkS8oBBQ%2BV0zXxj7OtucD0xd5%2FXxCPpQ42guXi2tilE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8405638249b966e6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2836
expires: Thu, 11 Jan 2024 18:01:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
78 KB 107ms
106ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZB1XCGCZ9Y&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-220184477-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8dd54d5d926bef99de353a323ed5fa552c98a5c3d9b41e6d74a070ac593bac50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79796
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jan 2024 18:01:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 180ms
57ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-220184477-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 04 Jan 2024 17:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 809
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 04 Jan 2024 19:48:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 201 KB
74 KB 72ms
72ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K6K1XPQ7N2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-220184477-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

466e237685180351be34c81263860416a61237b0e2aaabc4d3240054452f38e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75333
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jan 2024 18:01:46 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 84ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-K6K1XPQ7N2&gtm=45je4130v883232058&_p=1704391302395&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1029109762.1704391307&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704391306&sct=1&seg=0&dl=https%3A%2F%2Fimbanasi.com%2F&dt=TUIMBE%20NA%20TUSALI%20PAMOJA%20-&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5845
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K6K1XPQ7N2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 18:01:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://imbanasi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 55ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZB1XCGCZ9Y&gtm=45je4130v9107762193&_p=1704391302395&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1029109762.1704391307&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1704391306&sct=1&seg=0&dl=https%3A%2F%2Fimbanasi.com%2F&dt=TUIMBE%20NA%20TUSALI%20PAMOJA%20-&en=page_view&_fv=1&_ss=1&tfd=5875
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZB1XCGCZ9Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 18:01:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://imbanasi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
203 B 65ms
64ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1626392404&t=pageview&_s=1&dl=https%3A%2F%2Fimbanasi.com%2F&ul=en-us&de=UTF-8&dt=TUIMBE%20NA%20TUSALI%20PAMOJA%20-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1730677766&gjid=1090523399&cid=1029109762.1704391307&tid=UA-220184477-1&_gid=702889777.1704391307&_r=1&gtm=457e4130&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=683606547

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://imbanasi.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 18:01:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://imbanasi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.mousewheel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/ Frame B9D1 3 KB
2 KB 86ms
33ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js

Requested by

Host: zeno.fm
URL: https://zeno.fm/widget/assets/javascript/vendors.min.js?_=1700488480

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/player/imbanasi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3080982
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1046
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-ad3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E78brxMJnxWQZIAQZGRpMdCFGcQp1ZwuS%2FUjQ4cHcB%2F5V8%2F1b1qN34Iur45d4yA88cruoizYziIkkzjI3X8%2F1Cj%2F%2FRAyChNrgItIbaF7IQsGVz1VTCtY5vL%2BWPjaOwFPhYV3N6TbprUD0r6A4f7KFTCJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 840563848d9f6714-AMS
expires: Tue, 24 Dec 2024 18:01:46 GMT

GET
H2 200 fontello.woff2
zeno.fm/widget/assets/fonts/ Frame B9D1 5 KB
5 KB 112ms
112ms Font
application/font-woff2 67.23.116.141
MOVECLICKLLC

General

Check archive.org

Show headers Download Go to

Full URL

https://zeno.fm/widget/assets/fonts/fontello.woff2?77753831

Requested by

Host: zeno.fm
URL: https://zeno.fm/widget/assets/stylesheets/main.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.23.116.141 Fairfax, United States, ASN40015 (MOVECLICKLLC, US),

Reverse DNS

Software

Apache /

Resource Hash

34157decd6f726e1ab98c222596cd09209de71cf6c8f8294cafa79bed133fa0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zeno.fm/widget/assets/stylesheets/main.min.css
Origin: https://zeno.fm
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:46 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-length: 4768
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Sep 2022 16:08:47 GMT
server: Apache
etag: "12a0-5e79fd417c9c9"
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,OPTIONS
content-type: application/font-woff2
access-control-allow-origin: https://zeno.fm
access-control-expose-headers: Location
cache-control: max-age=15552000, public, public
accept-ranges: bytes
access-control-allow-headers: Accept-Token,Content-Type,Authorization
expires: Fri, 03 Jan 2025 18:01:46 GMT

GET
H/1.1 200
OK / Show response
zenoplay.zenomedia.com/api/zenofm/stations/imbanasi/ Frame B9D1 521 B
871 B 623ms
272ms XHR
application/json 67.23.116.136
MOVECLICKLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://zenoplay.zenomedia.com/api/zenofm/stations/imbanasi/
Requested by: Host: zeno.fm
URL: https://zeno.fm/widget/assets/javascript/vendors.min.js?_=1700488480
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.23.116.136 Fairfax, United States, ASN40015 (MOVECLICKLLC, US),
Reverse DNS
Software: Jetty(9.4.44.v20210927) /
Resource Hash: c6c3d3c27040914bf4a793249c19503846e5c42d5b84ce544d3ae31b295959d0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://zeno.fm/player/imbanasi
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 18:01:47 GMT
Content-Encoding: gzip
Server: Jetty(9.4.44.v20210927)
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST,PUT,GET,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://zeno.fm
Access-Control-Expose-Headers: Location
Access-Control-Max-Age: 86400
Connection: Keep-Alive
Access-Control-Allow-Headers: Accept-Token,Content-Type,Authorization
Content-Length: 381
Keep-Alive: timeout=10, max=100000

GET
H/1.1 200
OK dashboardCards Show response
editor.zenomedia.com/api/zenofm/cd7bb069-d208-4765-bb55-ea88564ba0d0/ Frame B9D1 2 KB
1 KB 715ms
347ms XHR
application/json 67.23.116.135
MOVECLICKLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://editor.zenomedia.com/api/zenofm/cd7bb069-d208-4765-bb55-ea88564ba0d0/dashboardCards
Requested by: Host: zeno.fm
URL: https://zeno.fm/widget/assets/javascript/vendors.min.js?_=1700488480
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.23.116.135 Fairfax, United States, ASN40015 (MOVECLICKLLC, US),
Reverse DNS
Software: Jetty(9.4.44.v20210927) /
Resource Hash: ec2fdaf2506856fa0712eeaac90be49ee303b4d3f89495a292d10810ad753217

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://zeno.fm/player/imbanasi
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 18:01:48 GMT
Content-Encoding: gzip
Server: Jetty(9.4.44.v20210927)
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST,PUT,GET,DELETE,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://zeno.fm
Access-Control-Expose-Headers: Location
Access-Control-Max-Age: 86400
Connection: Keep-Alive
Access-Control-Allow-Headers: Accept-Token,Content-Type,Authorization
Content-Length: 834
Keep-Alive: timeout=10, max=100000

GET
H/1.1

200

background
zenoimages.s3.us-west-001.backblazeb2.com/cd7bb069-d208-4765-bb55-ea88564ba0d0/images/ Frame B9D1
Redirect Chain

https://stream-tools.zenomedia.com/content/stations/cd7bb069-d208-4765-bb55-ea88564ba0d0/microsite/background_image/?keep=w&updated=1686989205000
https://zenoimages.s3.us-west-001.backblazeb2.com/cd7bb069-d208-4765-bb55-ea88564ba0d0/images/background?keep=w&updated=1686989205000

116 KB
117 KB

670ms
274ms

Image
image/jpeg

104.153.233.254
BACKBLAZE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zenoimages.s3.us-west-001.backblazeb2.com/cd7bb069-d208-4765-bb55-ea88564ba0d0/images/background?keep=w&updated=1686989205000
Requested by: Host: zeno.fm
URL: https://zeno.fm/player/imbanasi
Protocol: HTTP/1.1
Server: 104.153.233.254 , United States, ASN40401 (BACKBLAZE, US),
Reverse DNS: s3.us-west-001.backblazeb2.com
Software: /
Resource Hash: 1d8b324bd1acdc9075e6d3e9d472effb0982516e3e34df0b65508679004e82c7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 4_za00567c1143b8dbc81100414_f102a703ae7289635_d20220909_m063916_c001_v0001150_t0043_u01662705556196
Date: Thu, 04 Jan 2024 18:01:48 GMT
x-amz-meta-metadata: {"original_filename":"1BACKGROUNDpsd.jpg"}
Last-Modified: Fri, 09 Sep 2022 06:39:16 GMT
x-amz-request-id: e1217e04db57dd42
ETag: "cd024ae1c2cb893b4c2be42420cb13fd"
x-amz-meta-src_last_modified_millis: 1662705551782
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 118810
x-amz-id-2: aMDg1ODdjMaI0JWJ5ZGRjRTGxMPA0WjS/

Redirect headers

location: https://zenoimages.s3.us-west-001.backblazeb2.com/cd7bb069-d208-4765-bb55-ea88564ba0d0/images/background?keep=w&updated=1686989205000
date: Thu, 04 Jan 2024 18:01:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY

GET
H/1.1

200

logo
zenoimages.s3.us-west-001.backblazeb2.com/cd7bb069-d208-4765-bb55-ea88564ba0d0/images/ Frame B9D1
Redirect Chain

https://stream-tools.zenomedia.com/content/stations/cd7bb069-d208-4765-bb55-ea88564ba0d0/image/?keep=w&lu=1686989205000&resize=350x350
https://zenoimages.s3.us-west-001.backblazeb2.com/cd7bb069-d208-4765-bb55-ea88564ba0d0/images/logo?keep=w&resize=350x350

98 KB
99 KB

695ms
286ms

Image
image/jpeg

104.153.233.254
BACKBLAZE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zenoimages.s3.us-west-001.backblazeb2.com/cd7bb069-d208-4765-bb55-ea88564ba0d0/images/logo?keep=w&resize=350x350
Requested by: Host: zeno.fm
URL: https://zeno.fm/player/imbanasi
Protocol: HTTP/1.1
Server: 104.153.233.254 , United States, ASN40401 (BACKBLAZE, US),
Reverse DNS: s3.us-west-001.backblazeb2.com
Software: /
Resource Hash: aa971cb07c370b578fec29beec10452b08c0799bf8b0a499d6616dec8b799819

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/player/imbanasi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 4_za00567c1143b8dbc81100414_f109632ce5dd2a4ea_d20220909_m063804_c001_v0001161_t0015_u01662705484638
Date: Thu, 04 Jan 2024 18:01:48 GMT
x-amz-meta-metadata: {"original_filename":"ZENO.jpg"}
Last-Modified: Fri, 09 Sep 2022 06:38:04 GMT
x-amz-request-id: db6149726ad6f921
ETag: "cca96d57505a2bbfa5f23d68d4066b09"
x-amz-meta-src_last_modified_millis: 1662705473663
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 100353
x-amz-id-2: aMJo1rDfjMYA06mIHZHFjOzHeMNM0czTe

Redirect headers

location: https://zenoimages.s3.us-west-001.backblazeb2.com/cd7bb069-d208-4765-bb55-ea88564ba0d0/images/logo?keep=w&resize=350x350
date: Thu, 04 Jan 2024 18:01:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY

GET
H/1.1

200
OK

h3ewnbn9m3uuv
stream-151.zeno.fm/ Frame B9D1
Redirect Chain

https://stream.zeno.fm/h3ewnbn9m3uuv
https://stream-151.zeno.fm/h3ewnbn9m3uuv?zs=0--smj3aRsy8UIY3nOKYvA

140 KB
0

840ms
608ms

Media
audio/mpeg

15.235.115.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://stream-151.zeno.fm/h3ewnbn9m3uuv?zs=0--smj3aRsy8UIY3nOKYvA
Requested by: Host: zeno.fm
URL: https://zeno.fm/player/imbanasi
Protocol: HTTP/1.1
Server: 15.235.115.81 , Canada, ASN16276 (OVH, FR),
Reverse DNS: dovh51.ca.zeno.fm
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/player/imbanasi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

icy-name: ImbaNasi
transfer-encoding: chunked
content-type: audio/mpeg

Redirect headers

location: https://stream-151.zeno.fm/h3ewnbn9m3uuv?zs=0--smj3aRsy8UIY3nOKYvA
date: Thu, 04 Jan 2024 18:01:48 GMT
cache-control: no-cache
content-length: 0

GET
H2 200 h3ewnbn9m3uuv
api.zeno.fm/mounts/metadata/subscribe/ Frame B9D1 184 B
0 350ms
111ms EventSource
text/event-stream 148.113.165.173
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeno.fm/mounts/metadata/subscribe/h3ewnbn9m3uuv

Requested by

Host: zeno.fm
URL: https://zeno.fm/player/imbanasi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.113.165.173 , Canada, ASN16276 (OVH, FR),

Reverse DNS

dsovh10.ca.zeno.fm

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://zeno.fm/player/imbanasi
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:47 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: no-cache
access-control-allow-credentials: true

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401040101/ 161 KB
55 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401040101/reactive_library_fy2021.js?bust=31080236

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cda32ff45de83de4c87018c89614f1fe271fb5418339194374d67e1f9dd57334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imbanasi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56088
x-xss-protection: 0
server: cafe
etag: 4249856059844276382
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 18:01:48 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E81F 719 B
378 B 739ms
739ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3524306440520793&output=html&h=280&adk=618363986&adf=3418355587&pi=t.aa~a.3481235483~rp.4&w=368&fwrn=4&fwrnh=100&lmt=1704391308&rafmt=1&to=qs&pwprc=5058813217&format=368x280&url=https%3A%2F%2Fimbanasi.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704391308421&bpp=1&bdt=6881&idt=-M&shv=r20240102&mjsv=m202401040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8494102754206&frm=20&pv=1&ga_vid=1029109762.1704391307&ga_sid=1704391307&ga_hid=1626392404&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=1418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C31080236&oid=2&pvsid=3143642256741610&tmod=438028957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99659a40c87c4dcff2b0b7c8e1057f8f14b7e9b3ee3d2207193590fa47b29125

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imbanasi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 353
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jan 2024 18:01:49 GMT
expires: Thu, 04 Jan 2024 18:01:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 215B 107 KB
41 KB 727ms
725ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3524306440520793&output=html&h=280&adk=4084846023&adf=1974706903&pi=t.aa~a.2570693766~rp.4&w=368&fwrn=4&fwrnh=100&lmt=1704391308&rafmt=1&to=qs&pwprc=5058813217&format=368x280&url=https%3A%2F%2Fimbanasi.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704391308421&bpp=1&bdt=6881&idt=-M&shv=r20240102&mjsv=m202401040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C368x280&nras=3&correlator=8494102754206&frm=20&pv=1&ga_vid=1029109762.1704391307&ga_sid=1704391307&ga_hid=1626392404&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C31080236&oid=2&pvsid=3143642256741610&tmod=438028957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=20

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3401ea7665039b9f192ed65b3da0fe68634a2b3207a55237a09e0df479f5abb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imbanasi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42019
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jan 2024 18:01:49 GMT
expires: Thu, 04 Jan 2024 18:01:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4D9C 719 B
382 B 585ms
585ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3524306440520793&output=html&h=280&adk=2801471196&adf=2077395797&pi=t.aa~a.3554082373~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1704391308&rafmt=1&to=qs&pwprc=5058813217&format=1200x280&url=https%3A%2F%2Fimbanasi.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704391308421&bpp=1&bdt=6881&idt=0&shv=r20240102&mjsv=m202401040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C368x280%2C368x280&nras=4&correlator=8494102754206&frm=20&pv=1&ga_vid=1029109762.1704391307&ga_sid=1704391307&ga_hid=1626392404&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C31080236&oid=2&pvsid=3143642256741610&tmod=438028957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=23

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e83e4ffdb3632a9c5d51a279e404e05d2ad54de760bbdf2ba8bcc70acb9d316

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imbanasi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jan 2024 18:01:49 GMT
expires: Thu, 04 Jan 2024 18:01:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/ Frame 4929 9 KB
4 KB 33ms
32ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imbanasi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 68507
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 23:00:01 GMT
etag: 9219409622527106327
expires: Wed, 17 Jan 2024 23:00:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/ Frame F88F 9 KB
4 KB 33ms
32ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imbanasi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 68507
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 23:00:01 GMT
etag: 9219409622527106327
expires: Wed, 17 Jan 2024 23:00:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/ Frame 987B 9 KB
4 KB 34ms
33ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imbanasi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 68507
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 23:00:01 GMT
etag: 9219409622527106327
expires: Wed, 17 Jan 2024 23:00:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/ Frame BAB5 9 KB
4 KB 35ms
35ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imbanasi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 68507
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 23:00:01 GMT
etag: 9219409622527106327
expires: Wed, 17 Jan 2024 23:00:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 4929 4 KB
767 B 69ms
66ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 Jan 2024 18:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 17:12:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Jan 2024 18:01:48 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4929 205 B
650 B 106ms
31ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 11:22:43 GMT
x-content-type-options: nosniff
age: 23945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 03 Jan 2025 11:22:43 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4929 604 B
695 B 117ms
42ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 20:01:00 GMT
x-content-type-options: nosniff
age: 79248
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 02 Jan 2025 20:01:00 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/elements/html/ Frame 4929 16 KB
7 KB 106ms
32ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 04:17:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 04:17:38 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/elements/html/ Frame 4929 22 KB
9 KB 138ms
64ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 04:17:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 04:17:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F88F 2 KB
639 B 66ms
66ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 Jan 2024 18:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 16:51:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Jan 2024 18:01:48 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame F88F 2 KB
856 B 156ms
94ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 19:26:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/ Frame F88F 23 KB
9 KB 155ms
95ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 16:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 16:12:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame F88F 3 KB
1 KB 151ms
90ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 16:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 16:12:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame F88F 20 KB
8 KB 101ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 19:26:25 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F88F 204 KB
65 KB 142ms
47ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 18:01:48 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame F88F 37 KB
15 KB 92ms
33ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:13:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 09:13:33 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E1D9 624 B
246 B 74ms
74ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COTnywEQ-sP-ARjV-dXtATAB&v=APEucNWx5BkzVwC7j-Ejd7sKYu4bp-0PuVbKetpEk7YPxm3_rEdvyhzvm-r3MPEz7Fv9YTxmZXdUhElbGX-T5O594lNe1wWw3zECzLbb2Vp8j3GuP21TWtTFsbtoqag9r1FFfhLIhi7_IwJuXQ4TtSMjVaXFxWmTi5IqiERVASsomjdJB0QNs8Y

Requested by

Host: imbanasi.com
URL: https://imbanasi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jan 2024 18:01:48 GMT
expires: Thu, 04 Jan 2024 18:01:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4E8A 111 KB
39 KB 207ms
60ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: imbanasi.com
URL: https://imbanasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 07:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jan 2024 07:16:09 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240102/r20110914/elements/html/ Frame 4E8A 7 KB
3 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240102/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: imbanasi.com
URL: https://imbanasi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 04:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 04:11:47 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240102/r20110914/ Frame 4E8A 23 KB
9 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240102/r20110914/abg_lite_fy2021.js

Requested by

Host: imbanasi.com
URL: https://imbanasi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 01:37:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59045
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 01:37:43 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4E8A 41 KB
14 KB 140ms
97ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: imbanasi.com
URL: https://imbanasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187952
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 13:49:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 4E8A 3 KB
1 KB 131ms
89ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/window_focus_fy2021.js

Requested by

Host: imbanasi.com
URL: https://imbanasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 16:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 16:12:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 4E8A 20 KB
8 KB 76ms
34ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: imbanasi.com
URL: https://imbanasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 19:26:25 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E8A 204 KB
64 KB 201ms
124ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: imbanasi.com
URL: https://imbanasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 18:01:48 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E8A 42 B
63 B 66ms
65ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DUWX8VvaFdf5GPi-emdADSDLdRzrM916PEHf-sKH2BjP1w2VzhnGAmdA9xYfvrvrRatz4DErx-dy4xIWsGGSVz8xZ8rDTDAqu-EzEIlfN8Ljok6qA

Requested by

Host: imbanasi.com
URL: https://imbanasi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 18:01:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame BAB5 2 KB
875 B 119ms
88ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 19:26:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/ Frame BAB5 23 KB
9 KB 108ms
78ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 16:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 16:12:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame BAB5 3 KB
1 KB 107ms
77ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 16:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 16:12:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame BAB5 20 KB
8 KB 101ms
71ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 19:26:25 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BAB5 204 KB
64 KB 170ms
106ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 18:01:48 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame BAB5 37 KB
15 KB 72ms
43ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:13:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 09:13:33 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame BAB5 43 KB
44 KB 209ms
60ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRKHdObo6UO_Gi09JqZrN7xfNMx2Kp6AhhdSt13qj6BCcKz8s-g_43I8o4r2g&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4078e3e6ee52a7a3cd9a2749a9845255b2307ab75b3d3c9f1ea0dffd8643d2ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 02:33:39 GMT
x-content-type-options: nosniff
age: 228489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44011
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 09:45:40 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 01 Jan 2025 02:33:39 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame BAB5 45 KB
45 KB 264ms
126ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTj7hH9pMzdAj6UVA4t6FY3c88NRIkvF4hDZF0V59u_q8c3Y_VXkzOhexNf524&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e166d7455768ebd8035cc264787c07f1d83f66460c8a72282b257291fa7d6029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 14:21:25 GMT
x-content-type-options: nosniff
age: 186023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45627
x-xss-protection: 0
last-modified: Wed, 05 Jun 2024 01:22:20 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 01 Jan 2025 14:21:25 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame BAB5 25 KB
25 KB 133ms
32ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQfLltnlOLe5ETUXU3RU20f2YR9ZBHoLD3K2cm1lrnJwvAPWVSQzSq33wwjIA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

239954e86a5c9572e694acbf9141e594435fe5d8394caa0938c120f9f496f706

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 19:12:14 GMT
x-content-type-options: nosniff
age: 427774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25162
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 19:47:27 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 29 Dec 2024 19:12:14 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame BAB5 88 KB
89 KB 323ms
186ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcR4VaiRFrpWACw0ZQbVY1K70XURBuUSTFUfoZp05X6mkzHQdFmmO5zx0HQ2KA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6a00ffcfccd11f1f40c5879c60446e028e545a73a77d0a7dc3fc439436793ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 14:43:59 GMT
x-content-type-options: nosniff
age: 530269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90565
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 06:32:12 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 28 Dec 2024 14:43:59 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame BAB5 37 KB
38 KB 197ms
59ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcT1idDpZqzFH703PVx9knFNE48JsDyWlPjorKXfmTOD9fyvfgtuWqECIC685g&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

920b1fb1c1a386a8708e4ffad2da3bf664f6f3f6f448feb237a68276e9ae646d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 01:31:35 GMT
x-content-type-options: nosniff
age: 145813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38377
x-xss-protection: 0
last-modified: Sat, 24 Feb 2024 10:06:36 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 02 Jan 2025 01:31:35 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame BAB5 24 KB
24 KB 196ms
96ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRFXBLJjvnV2FeVH3u3SRiDvI015V3Fu1K26Io0OnY8r917LEk95KAz7qWT6Q&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63269263989e587015e807ddafd10082a504332e7a4bf5302d8b2d49172cdd96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 19:54:41 GMT
x-content-type-options: nosniff
age: 598027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24715
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 05:39:41 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 27 Dec 2024 19:54:41 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame BAB5 47 KB
47 KB 164ms
65ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTtrzk3ziGpGH-BjG7P_XbWfpXf1731CmK8acdBpnjo31j_5fAYwbeLjh8Hpg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4db06976a436c01505b914a05248c422f3e2d4e0ebbb6902b9a33aa4b7c1405a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 21:11:41 GMT
x-content-type-options: nosniff
age: 334207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48154
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 03:11:42 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 30 Dec 2024 21:11:41 GMT

GET
H2

200

5771625503872918031
tpc.googlesyndication.com/simgad/ Frame BAB5
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCF0svLNRCwCRiwCTIIsINYDqFw07M
https://tpc.googlesyndication.com/simgad/5771625503872918031

77 KB
78 KB

34ms
32ms

Image
image/png

2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5771625503872918031

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Tue, 31 Dec 2024 22:25:03 GMT
date: Mon, 01 Jan 2024 22:25:03 GMT
x-content-type-options: nosniff
age: 243405
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79088
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 12:56:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

Redirect headers

date: Thu, 04 Jan 2024 16:38:34 GMT
x-content-type-options: nosniff
server: cafe
age: 4994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/5771625503872918031
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 03 Feb 2024 16:38:34 GMT

GET
H2 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame 008C 9 KB
4 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 02:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 01 Apr 2024 02:12:26 GMT

GET
H2 200 aaaa0c68f83bc91a42091e4a37f3fa3d.js Show response
www.gstatic.com/mysidia/ Frame 008C 174 KB
63 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/aaaa0c68f83bc91a42091e4a37f3fa3d.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2631b82949f1c3cc9755701e6261c8ff97c9982c3db6ff98b7c69b31d3fbeed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:02:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64899
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 01 Apr 2024 08:02:12 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 008C 7 KB
1 KB 70ms
68ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 Jan 2024 18:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 16:44:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Jan 2024 18:01:48 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 008C 2 KB
856 B 100ms
98ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 19:26:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/ Frame 008C 23 KB
9 KB 101ms
99ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 16:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 16:12:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 008C 3 KB
1 KB 104ms
103ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 16:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 16:12:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 008C 20 KB
8 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 19:26:25 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 008C 204 KB
64 KB 168ms
138ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 18:01:48 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 008C 37 KB
15 KB 104ms
103ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:13:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 09:13:33 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame E1D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED_3cOneLVlkOIML1SUWyrE&google_cver=1

43 B
337 B

53ms
52ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED_3cOneLVlkOIML1SUWyrE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COTnywEQ-sP-ARjV-dXtATAB&v=APEucNWx5BkzVwC7j-Ejd7sKYu4bp-0PuVbKetpEk7YPxm3_rEdvyhzvm-r3MPEz7Fv9YTxmZXdUhElbGX-T5O594lNe1wWw3zECzLbb2Vp8j3GuP21TWtTFsbtoqag9r1FFfhLIhi7_IwJuXQ4TtSMjVaXFxWmTi5IqiERVASsomjdJB0QNs8Y
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 18:01:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cu3k8FlqdZ95aHgx0UVXntM93gx9kZDsISdWrlLnKpevoNtP9MkQDsVsXNyZKgWV%2B%2FWiJdCJZerW1d083Z1titMvP7rV5i8gpM7vS4yYHuq8fxWewKEbTr7s7F58mpb6ndj%2Bd6gKI%2F0Mow%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8405638ff9af0e18-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 04 Jan 2024 18:01:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED_3cOneLVlkOIML1SUWyrE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E1D9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZbyjLF1F2Kqza6BmYBD4wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED_3cOneLVlkOIML1SUWyrE&google_cver=1

43 B
768 B

58ms
58ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED_3cOneLVlkOIML1SUWyrE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COTnywEQ-sP-ARjV-dXtATAB&v=APEucNWx5BkzVwC7j-Ejd7sKYu4bp-0PuVbKetpEk7YPxm3_rEdvyhzvm-r3MPEz7Fv9YTxmZXdUhElbGX-T5O594lNe1wWw3zECzLbb2Vp8j3GuP21TWtTFsbtoqag9r1FFfhLIhi7_IwJuXQ4TtSMjVaXFxWmTi5IqiERVASsomjdJB0QNs8Y
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 18:01:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVkcXVl7wpVcNRzeWZRCgBIZc3z4Q2fknVIBUtKZuEy52PD%2BtBZJnKAG1TnrorOVobePiFuifcZCLF1gY%2F1sP40MYCl5yFZXOpMNIKiCJQl67FZnqmllGHaLm6UtcoReKpaS4JDBRJRfmw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84056390cdb36645-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 04 Jan 2024 18:01:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED_3cOneLVlkOIML1SUWyrE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame E1D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKZQAaaQeCBl8PAQDp9l5uI&google_cver=1

43 B
840 B

35ms
34ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKZQAaaQeCBl8PAQDp9l5uI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COTnywEQ-sP-ARjV-dXtATAB&v=APEucNWx5BkzVwC7j-Ejd7sKYu4bp-0PuVbKetpEk7YPxm3_rEdvyhzvm-r3MPEz7Fv9YTxmZXdUhElbGX-T5O594lNe1wWw3zECzLbb2Vp8j3GuP21TWtTFsbtoqag9r1FFfhLIhi7_IwJuXQ4TtSMjVaXFxWmTi5IqiERVASsomjdJB0QNs8Y

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 18:01:48 GMT
an-x-request-uuid: 3f95ec07-ee2a-4b82-8adf-48f945103521
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.197; 31.204.152.197; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 04 Jan 2024 18:01:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKZQAaaQeCBl8PAQDp9l5uI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E1D9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE2MTA2NzE3MzYzODA2OTE%3D

170 B
243 B

42ms
42ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE2MTA2NzE3MzYzODA2OTE%3D

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 18:01:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 04 Jan 2024 18:01:48 GMT
an-x-request-uuid: 2ac452e4-d0bc-4561-b764-80ebc57f0be6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE2MTA2NzE3MzYzODA2OTE%3D
x-proxy-origin: 31.204.152.197; 31.204.152.197; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 idsync.js Show response
yield-op-idsync.live.streamtheworld.com/ Frame B9D1 3 KB
3 KB 902ms
160ms Script
application/javascript 208.80.55.239
TRITONDIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://yield-op-idsync.live.streamtheworld.com/idsync.js?stn=ZenoAds
Requested by: Host: playerservices.live.streamtheworld.com
URL: https://playerservices.live.streamtheworld.com/api/idsync.js?stationId=118143
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.80.55.239 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software: /
Resource Hash: 9379c67bd1cac6da5bb6017a8f1bc6d09f32d273e20fc1a6b35aebad3e9b330d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/player/imbanasi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Thu, 04 Jan 2024 18:01:49 GMT
content-length: 2731
content-type: application/javascript; charset=UTF-8

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame F1D4 38 KB
13 KB 32ms
31ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 186069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 14:20:39 GMT
expires: Wed, 01 Jan 2025 14:20:39 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 008C 0
234 B 194ms
75ms Ping
image/gif 2a00:1450:4006:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lqzikukc&c=1668423875132&slotId=834211937566&qqid=CJ-ylrOoxIMDFcTkTAIdCpIPPA&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1&ua_e=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/aaaa0c68f83bc91a42091e4a37f3fa3d.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4006:811::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 18:01:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hq1.jpg
i1.ytimg.com/vi/o4V4Nt7KvYw/ Frame 008C 11 KB
12 KB 214ms
72ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/o4V4Nt7KvYw/hq1.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f760061caac404307dc1e136a5a742e1c094c0f9bea2ce59b3f4728513fcd2c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:48 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11770
x-xss-protection: 0
server: sffe
etag: "1694637943"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 04 Jan 2024 20:01:48 GMT

GET
H/1.1 206
Partial Content videoplayback
rr1---sn-pouxga5o-vu2l.googlevideo.com/ Frame 008C 1 MB
1 MB 651ms
484ms Media
video/mp4 2a00:ff0:1234:2::c
ASOCIATIA-INTERLA...

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-pouxga5o-vu2l.googlevideo.com/videoplayback?expire=1704420107&ei=i_KWZa6QBf7js8IPk_aquA0&ip=2a00:1630:2:606::14&id=a3857836decabd8c&itag=18&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=m8&mm=31&mn=sn-pouxga5o-vu2l&ms=au&mv=u&mvi=1&pl=32&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=17.020&lmt=1696983429417524&mt=1704390721&cpn=tP2ayGiYGlleMqB9&txp=5530434&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=AJfQdSswRQIgGZijbg6k3ukuXg8fO9pmSVcn9bfsYop53o0N2rvHNbMCIQDbI2OSuZVF6xgjo_NClWBwXRyVGIc1Z-ME2-9gTh_xsw==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AAO5W4owRAIgPT4wHZbf9y9yHCAZzwZD1QPsxQ0H_SFcbHBd0SVqhsQCIHWCZnLkJ0YDFFo0EnlLbCnKbU19wwQrq3OidX8psrJw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:ff0:1234:2::c , Romania, ASN41494 (ASOCIATIA-INTERLAN InterLAN Services, RO),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5bbe7253f45a31f3a8c0a8b860fa51e4c86ad6c42e3e25a53cf139b0612f7e3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 04 Jan 2024 18:01:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Oct 2023 00:17:09 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1066223/1066224
Cache-Control: private, max-age=28498
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1066224
Expires: Thu, 04 Jan 2024 18:01:49 GMT

GET
DATA 200
OK truncated
/ Frame BAB5 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5ef768fed5cb0ccb4a7a10d62101ef061a53e867518fedcf9f379eed68ce459

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 hinted-Larsseit-Bold.woff2
zeno.fm/widget/assets/fonts/ Frame B9D1 19 KB
20 KB 113ms
113ms Font
application/font-woff2 67.23.116.141
MOVECLICKLLC

General

Check archive.org

Show headers Download Go to

Full URL

https://zeno.fm/widget/assets/fonts/hinted-Larsseit-Bold.woff2

Requested by

Host: zeno.fm
URL: https://zeno.fm/widget/assets/stylesheets/main.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.23.116.141 Fairfax, United States, ASN40015 (MOVECLICKLLC, US),

Reverse DNS

Software

Apache /

Resource Hash

1bfcbf88ee6a3a8dea04c6606e119d2d7c1097da398b6a9ea1b6ea9e742bbc4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zeno.fm/widget/assets/stylesheets/main.min.css
Origin: https://zeno.fm
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-length: 19812
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Sep 2022 16:08:48 GMT
server: Apache
etag: "4d64-5e79fd4240e76"
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,OPTIONS
content-type: application/font-woff2
access-control-allow-origin: https://zeno.fm
access-control-expose-headers: Location
cache-control: max-age=15552000, public, public
accept-ranges: bytes
access-control-allow-headers: Accept-Token,Content-Type,Authorization
expires: Fri, 03 Jan 2025 18:01:48 GMT

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame F1D4 51 KB
19 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 05:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 218978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Jan 2025 05:12:10 GMT

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame DD5E 51 KB
19 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Host: imbanasi.com
URL: https://imbanasi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 05:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 218978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Jan 2025 05:12:10 GMT

GET
H3 200 160x600.html Show response
s0.2mdn.net/sadbundle/2472587881894301897/ Frame 7121 6 KB
2 KB 98ms
33ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2472587881894301897/160x600.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e43e7f7ca6face8ef55e5f1f10ac39121bb4d8c89ba15022a86d4c97061238a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 116670
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2377
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 09:37:18 GMT
expires: Thu, 02 Jan 2025 09:37:18 GMT
last-modified: Mon, 24 Apr 2023 12:18:20 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 4E8A 0
0 156ms
78ms Fetch
image/gif 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuwzaUQWXOA7zDAfIMT0wniE6S_yzogj3B46CJbukcb65_-zIC6K6gO2Jvl4v-_vX5s1BerQ4sk4610DXP0eLufcIb0j6ros6bhnuB7Hc1IUkWQOfrQcaK_WOHYnu-Wu1zgoONTcfnm7TkYOQ4XNoQ6GLLydnSD_7uDGAETAm6Tba2bXYByFTx5UsbrT48kXj5VhDaQy4wWZWAfxdzYMqvl-DSYWDLaLNCMZeBSNAzhvyKiydDAqMCHqRD8PM8qrMotJYLdaf7M-L9oJ1QD1tEnyAAcVs19Kat5DBDjC7UhoP_YEbROYVwLpYy2VzUXd1_zEqjPzGzpQPFr1ituGj5c2zF0DpfDv_aEvIXKPirEWsIL_0KD4Sg2GM7MvbbLEDTLapvHDBqfJ0hqqQkc0h-DNHGtd8zm5pmn9yFDZl-XmpWeLCvZeXTonDY-CHJ0yXACpd07oAkFMDbF91UIBX0M6FefGHEbWqhXUNHwcH9-luaj1p0KjXs333T38GyVsLKBLqgvDVv0K5ZzgMb97PC0r1_oPk_tOm1Fi6YdN0pxq1qPZn0NjxmYsBG7fghEnqFneO5FbfyFtbrrlpW0oXk2J4NQqC0iCYun9OxI2piX5z7blwzbkwKA0pD6YXx0KLOhpfrcJO_ZR1iKaffnUXB4z3LTVnbPc-WlGJoL-1bVjHSGcNT_mvQdrlo4hmcgsl8OQtttNn9ssXxVn5-VpVz5m45VjvC6w3exLM0dsaT9Gk6QD6wZ_5L3Eu1MNCMJk8DeWwPK2Z3rsZWskz5GoPdrAHy-dWXgaVP9RAENHGd-zXVhYwjQZd1XTt4bHD4HSDXnJ0iXQzkgUa5q2YQBs02ro2pZ0DJTuVca2gEuTqdwUQoLQ0PYPCM1M0qeGDi-bUEn_ds5CTq0P7eM_P55ap7SlCcnfSL-WoxfWFJCPR9PY7T9WERW09XYdpxpfeBAaE3aBtCnp0D38thNrjy6oXSP_iQ8hs5u-LRTzqS4Z-oU8bV2FbSZX4XCkplbu4dyXRYCGj2mr6mAlFyOFMF-cLQr2mNyjUcr8zlR7ssNGYAvSqq9VyrsyN8PHz_V79p3xis8x35M92o7zlcKtCvbFNW8Xzda_MEhC6mWKjy-r0juS29X05AzA36IU6tWR0TI-vq8HI4alof0ov0MJvxvR5bvv5tutWuW-TkU8vIbGElD01cvHnFCw5FW8gRlSt3HwsPscpGeZrPZBTU2UT3L_GPmmKfW4KMggpKrI-NWz9kqAvIdd5HqsXrQ0596V8mYU44JaabYtT0nUhGLo46YAl2mnQjn_OEL13B5M04Jh1MBSQYZtUW0Td2iR2Rn-NhMPwEfMcsRAa2Pszp8wa8gIz5qDlmj4QuvSfTWSURTZg6orB9RQAyUubEAuZfDDz9kClEJOFEJZB1fxGxm3A&sai=AMfl-YR9SLzy8GIfjaaPnEt6CC8u6XMzpVe1OpJO_6pPmU2S-HdDI3OTRDLEbn7c9l2QjILVK78EIyp7NZA23AQRNZm85KutVWpQwoYkBDS2uQLgW46yMDX8bFNXAnx2l8hwJ0x5sEugQldLRKaC0JuKzXAYw0gtAKiCAOL2EvQY4KtUDJQX-UuQino-Yuug3krq3jBPMMeBIVhaxfV_XM1XQvSBCHFlyCpyqjQKQ5dn9VUHd6b9cIuLgt2e7ZHspHwSl-zVRLdE5PCaom83iVJckVF4u8mLduVLYLwSgtol_44HicbgLQEBWdln8PzYzu1GfqZQlALG45DwjJe5v6Z7xs_1rGE_C4aEMzYUUPgA8FLCT6sho-x43xprJ88iF5iljcN3J_qakBQ_AEd5ZYSLs9pQYV6qe-ZDMuhJ6P52UpD4ZYSIWaZSzEnZlCk8YCQgW4JZwoBN2Faw0BS414qyM5WSrrLj2utx_EuuqLDX1BoLXhFlx63MV-v2-Jz9OWRL4R20xKDY1X9C&sig=Cg0ArKJSzLnKXa76JL05EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9za3lyYWRpby5ubA&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=338&cbvp=1&cstd=336&cisv=r20240102.73184&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: imbanasi.com
URL: https://imbanasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 04 Jan 2024 18:01:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame BAB5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CDH34ivKWZaLFLcTJs8IPiqS-4AP4squXdZKqhcKkEsv4lJWbDhABIPfAopEBYJGEoIWMGKABocCY8SjIAQmoAwHIA8uEgIAEqgT_AU_Qw7ELLlJrs5w2HocD80eF9Qxap7p1Sv8gePXhH7R...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222257970197579362343%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%2225...

0
0

217ms
96ms

Fetch
text/css

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222257970197579362343%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2201-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216145987985729377649%22}&andc=true

Requested by

Host: imbanasi.com
URL: https://imbanasi.com/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:49 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"2257970197579362343","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["01-04"],"6":["true"]},"priority":"500","source_event_id":"16145987985729377649"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 04 Jan 2024 18:01:49 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 04 Jan 2024 18:01:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2257970197579362343","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["01-04"],"6":["true"]},"priority":"500","source_event_id":"16145987985729377649"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame 0608 51 KB
19 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Host: imbanasi.com
URL: https://imbanasi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 05:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 218979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Jan 2025 05:12:10 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F1D4 0
20 B 69ms
69ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BFR-hivKWZaHFLcTJs8IPiqS-4AMAAAAAOAHgBAI&bg=!np2lndLNAAa0LlnulC47ADQBe5WfOF7JroUoOvdg06TQLxbiX_uFl4rnRrtVPHJJ7GD9QpI97gfobNo2iQyvHM5T8HdDAgAAAHBSAAAAAWgBB5kDDIqcTFCkAHOY-aAJ4FjA5_UuBPOifsmjlaP3Mitpj8CGASQdydhQyG_K6hd-JBCrRrIWAJtQMrUqbN5pTqFFGoWPfqauOamPrq689ZFUjR7XeT-y_Yuu5SzDFhF43ZfyQ8l_gbA9WHJw4BqWNmagwCtImpuKdtvkFG8mBPT9j9BPC2odfDSJfoRx3Mi1etvh4yIZ2Anx5P1b80A4NzQhDaDa5Kz4cd5CDShIDUDhJpKVOYO9vH6KAykWYygJ-sbBL0GCFwIGWSLPOsyoVIeW-8sa-hzebmnSc-0oGnFaYdmdK7gLC7eagwANMAhi_tPzZRrtYQaNe5aoTvOwfLQalXpff5gsiLSztxFDO4FCHb5ky6cnljDCDiNWFLZ48QFvvQJK3vcGIbEju9BxauAJ_nPvH-h1GItZTkS90ioZUSj2xsq2HU6HGpkeP7cobEUKp7JJDS5CSsgWQWD-cf5vNyqzXvmVNbNONwFHkSol056p4F61W-IZJCRdqIXRcFjv3WKDHXFZZ8IKnO2X1VwRdOttC7z4MApuLt5wVBvRsXPPeVjWhk8ja5uUenFL4OiZuvO4iy-gmyvLkxjjH1253s0LkE64rjjTO8RJM_bj2YyKNEznD5vI6I793ksD0IFcmJDHWt_u3Ko6aK4wGoPUMYCm22PrVQtExIFyKSfmd-4V3Rz9InpFhqGHUrwA3A0Hr4dBHQbTDShNv3jv-SH_hp1ol5SY5WXC9OHMYC_LaTk_PUF4WkncN374kZKP0raV_J3nSP-zjWgsn3e-eEhoG05a9EciRqa6LvdWNU66VhmlSaMEZzyrjGv_6zwEXlTwriA7fhG6PgX9APfzQWHMnuq-faMCEbmgjEwopbHMIMMwE5fKZbT6f2Cb0n-Bxbi_LVT1UpQjBCClW5JxoRj0fhN5ptva0a4YXU8miDRTwfextJRxwhPi3N9dMQFbvZUfq3zH8kzd7wzrcBF09nhZQotHPDVPkvaebrITvD5sw9eLz2QgzHoRaL7681HrjYSvfTnKqGoaQW1zT5e_Og

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 18:01:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame 7121 139 KB
48 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2472587881894301897/160x600.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2472587881894301897/160x600.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 17:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 653
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48652
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 04 Jan 2024 18:05:56 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7121 236 KB
63 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2472587881894301897/160x600.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2472587881894301897/160x600.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 04 Jan 2024 18:01:49 GMT

GET
H3 200 160x600.js Show response
s0.2mdn.net/sadbundle/2472587881894301897/ Frame 7121 20 KB
6 KB 46ms
46ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2472587881894301897/160x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2472587881894301897/160x600.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b29e76a8aa7f19cd376f36c19c0096d35dcf0c46ed78816c49140e5a7d0d51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2472587881894301897/160x600.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Thu, 02 Jan 2025 09:37:19 GMT
date: Wed, 03 Jan 2024 09:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116670
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5767
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 12:18:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 155ms
67ms Preflight
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 04 Jan 2024 18:01:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gradient.jpg
s0.2mdn.net/sadbundle/2472587881894301897/images/ Frame 7121 6 KB
6 KB 32ms
32ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2472587881894301897/images/gradient.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ec4304a5d2757290451c3c6dad524b2b337cc91485ad1c454e4947c98f0c8e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2472587881894301897/160x600.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 06:04:41 GMT
date: Thu, 04 Jan 2024 06:04:41 GMT
x-content-type-options: nosniff
age: 43028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6426
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 12:18:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 4E8A 0
0 71ms
71ms Fetch
image/gif 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuwzaUQWXOA7zDAfIMT0wniE6S_yzogj3B46CJbukcb65_-zIC6K6gO2Jvl4v-_vX5s1BerQ4sk4610DXP0eLufcIb0j6ros6bhnuB7Hc1IUkWQOfrQcaK_WOHYnu-Wu1zgoONTcfnm7TkYOQ4XNoQ6GLLydnSD_7uDGAETAm6Tba2bXYByFTx5UsbrT48kXj5VhDaQy4wWZWAfxdzYMqvl-DSYWDLaLNCMZeBSNAzhvyKiydDAqMCHqRD8PM8qrMotJYLdaf7M-L9oJ1QD1tEnyAAcVs19Kat5DBDjC7UhoP_YEbROYVwLpYy2VzUXd1_zEqjPzGzpQPFr1ituGj5c2zF0DpfDv_aEvIXKPirEWsIL_0KD4Sg2GM7MvbbLEDTLapvHDBqfJ0hqqQkc0h-DNHGtd8zm5pmn9yFDZl-XmpWeLCvZeXTonDY-CHJ0yXACpd07oAkFMDbF91UIBX0M6FefGHEbWqhXUNHwcH9-luaj1p0KjXs333T38GyVsLKBLqgvDVv0K5ZzgMb97PC0r1_oPk_tOm1Fi6YdN0pxq1qPZn0NjxmYsBG7fghEnqFneO5FbfyFtbrrlpW0oXk2J4NQqC0iCYun9OxI2piX5z7blwzbkwKA0pD6YXx0KLOhpfrcJO_ZR1iKaffnUXB4z3LTVnbPc-WlGJoL-1bVjHSGcNT_mvQdrlo4hmcgsl8OQtttNn9ssXxVn5-VpVz5m45VjvC6w3exLM0dsaT9Gk6QD6wZ_5L3Eu1MNCMJk8DeWwPK2Z3rsZWskz5GoPdrAHy-dWXgaVP9RAENHGd-zXVhYwjQZd1XTt4bHD4HSDXnJ0iXQzkgUa5q2YQBs02ro2pZ0DJTuVca2gEuTqdwUQoLQ0PYPCM1M0qeGDi-bUEn_ds5CTq0P7eM_P55ap7SlCcnfSL-WoxfWFJCPR9PY7T9WERW09XYdpxpfeBAaE3aBtCnp0D38thNrjy6oXSP_iQ8hs5u-LRTzqS4Z-oU8bV2FbSZX4XCkplbu4dyXRYCGj2mr6mAlFyOFMF-cLQr2mNyjUcr8zlR7ssNGYAvSqq9VyrsyN8PHz_V79p3xis8x35M92o7zlcKtCvbFNW8Xzda_MEhC6mWKjy-r0juS29X05AzA36IU6tWR0TI-vq8HI4alof0ov0MJvxvR5bvv5tutWuW-TkU8vIbGElD01cvHnFCw5FW8gRlSt3HwsPscpGeZrPZBTU2UT3L_GPmmKfW4KMggpKrI-NWz9kqAvIdd5HqsXrQ0596V8mYU44JaabYtT0nUhGLo46YAl2mnQjn_OEL13B5M04Jh1MBSQYZtUW0Td2iR2Rn-NhMPwEfMcsRAa2Pszp8wa8gIz5qDlmj4QuvSfTWSURTZg6orB9RQAyUubEAuZfDDz9kClEJOFEJZB1fxGxm3A&sai=AMfl-YR9SLzy8GIfjaaPnEt6CC8u6XMzpVe1OpJO_6pPmU2S-HdDI3OTRDLEbn7c9l2QjILVK78EIyp7NZA23AQRNZm85KutVWpQwoYkBDS2uQLgW46yMDX8bFNXAnx2l8hwJ0x5sEugQldLRKaC0JuKzXAYw0gtAKiCAOL2EvQY4KtUDJQX-UuQino-Yuug3krq3jBPMMeBIVhaxfV_XM1XQvSBCHFlyCpyqjQKQ5dn9VUHd6b9cIuLgt2e7ZHspHwSl-zVRLdE5PCaom83iVJckVF4u8mLduVLYLwSgtol_44HicbgLQEBWdln8PzYzu1GfqZQlALG45DwjJe5v6Z7xs_1rGE_C4aEMzYUUPgA8FLCT6sho-x43xprJ88iF5iljcN3J_qakBQ_AEd5ZYSLs9pQYV6qe-ZDMuhJ6P52UpD4ZYSIWaZSzEnZlCk8YCQgW4JZwoBN2Faw0BS414qyM5WSrrLj2utx_EuuqLDX1BoLXhFlx63MV-v2-Jz9OWRL4R20xKDY1X9C&sig=Cg0ArKJSzLnKXa76JL05EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9za3lyYWRpby5ubA&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=539&vt=11&dtpt=201&dett=3&cstd=336&cisv=r20240102.73184&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: imbanasi.com
URL: https://imbanasi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4E8A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 501d5c887ce4f8288045cbbd48bffe5a7873e8b7f82556d40babc427a4738cc3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 image.jpg
s0.2mdn.net/sadbundle/2472587881894301897/images/ Frame 7121 25 KB
25 KB 32ms
32ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2472587881894301897/images/image.jpg

Requested by

Host: imbanasi.com
URL: https://imbanasi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adb20c187e3c45a27a105c826787131ec7aa646c719eb464cb0b95cbb3cd6eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2472587881894301897/160x600.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Thu, 02 Jan 2025 09:37:19 GMT
date: Wed, 03 Jan 2024 09:37:19 GMT
x-content-type-options: nosniff
age: 116670
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25333
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 12:18:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1776899227349432577
tpc.googlesyndication.com/simgad/ Frame 215B 36 KB
36 KB 58ms
58ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1776899227349432577?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn5XWfy_izOIoXQ1Vs4x7Mvw0_NkQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3524306440520793&output=html&h=280&adk=4084846023&adf=1974706903&pi=t.aa~a.2570693766~rp.4&w=368&fwrn=4&fwrnh=100&lmt=1704391308&rafmt=1&to=qs&pwprc=5058813217&format=368x280&url=https%3A%2F%2Fimbanasi.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704391308421&bpp=1&bdt=6881&idt=-M&shv=r20240102&mjsv=m202401040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C368x280&nras=3&correlator=8494102754206&frm=20&pv=1&ga_vid=1029109762.1704391307&ga_sid=1704391307&ga_hid=1626392404&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C31080236&oid=2&pvsid=3143642256741610&tmod=438028957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ebc00ad50a9bd3e7d643079a5a531f5b73c4f06b5e59a00175f4d8b22c0a75d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 17:45:09 GMT
x-content-type-options: nosniff
age: 1000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37016
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 17:28:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 03 Jan 2025 17:45:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/ Frame 215B 23 KB
9 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 16:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 16:12:09 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B254 143 B
166 B 33ms
33ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3524306440520793&output=html&h=280&adk=4084846023&adf=1974706903&pi=t.aa~a.2570693766~rp.4&w=368&fwrn=4&fwrnh=100&lmt=1704391308&rafmt=1&to=qs&pwprc=5058813217&format=368x280&url=https%3A%2F%2Fimbanasi.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704391308421&bpp=1&bdt=6881&idt=-M&shv=r20240102&mjsv=m202401040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C368x280&nras=3&correlator=8494102754206&frm=20&pv=1&ga_vid=1029109762.1704391307&ga_sid=1704391307&ga_hid=1626392404&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C31080236&oid=2&pvsid=3143642256741610&tmod=438028957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=20
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jan 2024 17:38:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 215B 3 KB
1 KB 104ms
104ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 16:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 16:12:10 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9616 1 KB
643 B 31ms
31ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 76915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 20:39:54 GMT
etag: 48472445140208031
expires: Thu, 04 Jan 2024 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 215B 20 KB
8 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 19:26:25 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 215B 204 KB
64 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 18:01:49 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 215B 36 KB
14 KB 109ms
109ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e73556347f061bcbefdd907b2a377220818ea0c32808ca19c50ab2181df7a9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 20:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14809
x-xss-protection: 0
server: cafe
etag: 6453211018870451496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 20:25:26 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9616
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFbPGfj7va7lgTvDD2649mQ&google_cver=1&google_push=AXcoOmRGqcN72kW3TJVEusnCAtQvtKOQ93SbDm5WeQvT5oVTN5w5P9MkRHhCA-gPsAxawqJPwCxsz8Ny-VNwVfsPMi7wfWbJjVe5XA
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzYyODc5NzU5MzY5MzI4OTUwNA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFbPGfj7va7lgTvDD2649mQ&google_cver=1

43 B
398 B

40ms
26ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFbPGfj7va7lgTvDD2649mQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3524306440520793&output=html&h=280&adk=4084846023&adf=1974706903&pi=t.aa~a.2570693766~rp.4&w=368&fwrn=4&fwrnh=100&lmt=1704391308&rafmt=1&to=qs&pwprc=5058813217&format=368x280&url=https%3A%2F%2Fimbanasi.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704391308421&bpp=1&bdt=6881&idt=-M&shv=r20240102&mjsv=m202401040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C368x280&nras=3&correlator=8494102754206&frm=20&pv=1&ga_vid=1029109762.1704391307&ga_sid=1704391307&ga_hid=1626392404&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C31080236&oid=2&pvsid=3143642256741610&tmod=438028957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=20
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 04 Jan 2024 18:01:48 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 04 Jan 2024 18:01:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFbPGfj7va7lgTvDD2649mQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 9616 35 B
464 B 117ms
36ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED8TSSWYnN-nTh5pJeGH4QA&google_cver=1&google_push=AXcoOmTxAhnLZ8L_fTnvbmr65kjtA1YHXODoilx9YoH8ky5f6lwn-YhybzbVOxTYQnNTBb2sQg2JQm4Lz_AEsqEqRY3Q4IB0YnYp

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 18:01:49 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 9616 0
104 B 194ms
92ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGiMQAvNYlYRGj2hVDu5gq0&google_cver=1&google_push=AXcoOmTi2K7r30-5ak1QhdarCvEj14lbf7y1XWtwlf_XAAv5rbwZq3fMgzNaJijSQhrtsYh50HDaF1nUmWioxDocQU2mIkiq1kGm4Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3524306440520793&output=html&h=280&adk=4084846023&adf=1974706903&pi=t.aa~a.2570693766~rp.4&w=368&fwrn=4&fwrnh=100&lmt=1704391308&rafmt=1&to=qs&pwprc=5058813217&format=368x280&url=https%3A%2F%2Fimbanasi.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704391308421&bpp=1&bdt=6881&idt=-M&shv=r20240102&mjsv=m202401040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C368x280&nras=3&correlator=8494102754206&frm=20&pv=1&ga_vid=1029109762.1704391307&ga_sid=1704391307&ga_hid=1626392404&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C31080236&oid=2&pvsid=3143642256741610&tmod=438028957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 18:01:49 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 9616 70 B
149 B 139ms
43ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHVN5Ozu0bVZqTLKMugBrtw&google_cver=1&google_push=AXcoOmRf_1mAQwzhNBN1_D0e9tz8UFxTV3G1nOVY_ig2yw8-V11h_kVYtg4-5Gb9mShatDD36KY7WHJHDPnZ8DAYu-kLL4R01vuM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3524306440520793&output=html&h=280&adk=4084846023&adf=1974706903&pi=t.aa~a.2570693766~rp.4&w=368&fwrn=4&fwrnh=100&lmt=1704391308&rafmt=1&to=qs&pwprc=5058813217&format=368x280&url=https%3A%2F%2Fimbanasi.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704391308421&bpp=1&bdt=6881&idt=-M&shv=r20240102&mjsv=m202401040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C368x280&nras=3&correlator=8494102754206&frm=20&pv=1&ga_vid=1029109762.1704391307&ga_sid=1704391307&ga_hid=1626392404&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C31080236&oid=2&pvsid=3143642256741610&tmod=438028957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:49 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame 9616 43 B
145 B 260ms
33ms Image
image/gif 18.158.12.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEM_zUBFXPWyxxMEAa7tEtJI&google_cver=1&google_push=AXcoOmRkwhH0DgwiZQBtpa-YNbsFnzrvagFBPvkEIQLf5xSZ4fmLpgLWOBT1ErohJUXfEecCGPkDl6xqF_G4TxVlXayx0neBxcpoQQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3524306440520793&output=html&h=280&adk=4084846023&adf=1974706903&pi=t.aa~a.2570693766~rp.4&w=368&fwrn=4&fwrnh=100&lmt=1704391308&rafmt=1&to=qs&pwprc=5058813217&format=368x280&url=https%3A%2F%2Fimbanasi.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704391308421&bpp=1&bdt=6881&idt=-M&shv=r20240102&mjsv=m202401040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C368x280&nras=3&correlator=8494102754206&frm=20&pv=1&ga_vid=1029109762.1704391307&ga_sid=1704391307&ga_hid=1626392404&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C31080236&oid=2&pvsid=3143642256741610&tmod=438028957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.12.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-12-89.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame 9616 43 B
146 B 259ms
32ms Image
image/gif 18.158.12.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEM_zUBFXPWyxxMEAa7tEtJI&google_cver=1&google_push=AXcoOmRTAO7bk5aYN2ATpZ-05t1kwklMbAdsAsS7VFN9MKjR8UTL2caZvZj-N6cyPLPwniXEtqsuBO9KYoDsitAIMJpo9i9v8LGl
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3524306440520793&output=html&h=280&adk=4084846023&adf=1974706903&pi=t.aa~a.2570693766~rp.4&w=368&fwrn=4&fwrnh=100&lmt=1704391308&rafmt=1&to=qs&pwprc=5058813217&format=368x280&url=https%3A%2F%2Fimbanasi.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704391308421&bpp=1&bdt=6881&idt=-M&shv=r20240102&mjsv=m202401040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C368x280&nras=3&correlator=8494102754206&frm=20&pv=1&ga_vid=1029109762.1704391307&ga_sid=1704391307&ga_hid=1626392404&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C31080236&oid=2&pvsid=3143642256741610&tmod=438028957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.12.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-12-89.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9616
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGqJN6FPSnFQw8YvnVHCoB8&google_cver=1&google_push=AXcoOmS0gyx58QoHIypiNIHKxsuUgWiHVdEjUCWPx6YeXoFW9owryocI9BZ8d_12kYgTbvDj-NTMDmIE...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGqJN6FPSnFQw8YvnVHCoB8&google_cver=1&google_push=AXcoOmS0gyx58QoHIypiNIHKxsuUgWiHVdEjUCWPx6YeXoFW9owryocI9BZ8d_12kYgTbvDj-NT...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjI2NTcyNDMyODQ0MDMxNTEwNw&google_push=AXcoOmS0gyx58QoHIypiNIHKxsuUgWiHVdEjUCWPx6YeXoFW9owryocI9BZ8d_12kYgTbvDj-NTMDm...

170 B
188 B

42ms
42ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjI2NTcyNDMyODQ0MDMxNTEwNw&google_push=AXcoOmS0gyx58QoHIypiNIHKxsuUgWiHVdEjUCWPx6YeXoFW9owryocI9BZ8d_12kYgTbvDj-NTMDmIEN0OFCVZB6lPP10Lu05S5

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 18:01:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 04 Jan 2024 18:01:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjI2NTcyNDMyODQ0MDMxNTEwNw&google_push=AXcoOmS0gyx58QoHIypiNIHKxsuUgWiHVdEjUCWPx6YeXoFW9owryocI9BZ8d_12kYgTbvDj-NTMDmIEN0OFCVZB6lPP10Lu05S5
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9616 0
12 B 39ms
39ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I7osNLSZ6fF-eb5utBIV39VfIQJKiIjQjlDQiIN98ixwZm9cavm9IwYQkryBsb0EgwFG6T

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B254
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

42ms
42ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jan 2024 18:01:49 GMT
expires: Thu, 04 Jan 2024 18:01:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jan 2024 18:01:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 215B 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45a9cd7ba3b4349fcf586411115409e7b7423761853562ee4f30ddc85737e340

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 215B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CD2ZsjPKWZc-RJ47lrQT6_rboC5Tx_pd19OKe_PsRtIq54LkoEAEg98CikQFgkYSghYwYoAG0rI_1AsgBAqgDAcgDyQSqBJYCT9AcBHFxWloLoVZthpSebh4WS_440rakzbhXfQ7uNfUc-Ze...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211286667509824977953%22,%22debug_reporting%22:true,%22destination%22:%22https://torarica.com%22,%22event_report_window%22:...

0
0

97ms
96ms

Fetch
text/css

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211286667509824977953%22,%22debug_reporting%22:true,%22destination%22:%22https://torarica.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22782489140%22],%2222%22:[%22true%22],%224%22:[%2201-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216212632241252767617%22}&andc=true

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:49 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11286667509824977953","debug_reporting":true,"destination":"https://torarica.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["782489140"],"22":["true"],"4":["01-04"],"6":["true"]},"priority":"500","source_event_id":"16212632241252767617"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 04 Jan 2024 18:01:49 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 04 Jan 2024 18:01:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11286667509824977953","debug_reporting":true,"destination":"https://torarica.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["782489140"],"22":["true"],"4":["01-04"],"6":["true"]},"priority":"500","source_event_id":"16212632241252767617"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 69ms
69ms Preflight
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 04 Jan 2024 18:01:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame 2838 51 KB
19 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 05:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 218979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Jan 2025 05:12:10 GMT

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame 92A0 51 KB
19 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 05:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 218979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Jan 2025 05:12:10 GMT

GET
H2

200

pixel.gif
yield-op-idsync.live.streamtheworld.com/ Frame B9D1
Redirect Chain

https://ib.adnxs.com/getuid?https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=$UID&pubId=25053
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=31610671736380691&pubId=25053

43 B
393 B

157ms
157ms

Image
image/gif

208.80.55.239
TRITONDIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=31610671736380691&pubId=25053
Requested by: Host: zeno.fm
URL: https://zeno.fm/player/imbanasi
Protocol: H2
Server: 208.80.55.239 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/player/imbanasi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:49 GMT
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 04 Jan 2024 18:01:49 GMT
an-x-request-uuid: 7ddd30bf-ec2f-42c2-a52c-5dbd202573fc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=31610671736380691&pubId=25053
x-proxy-origin: 31.204.152.197; 31.204.152.197; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET uuid
nodeny.targetspot.com/callback/ Frame B9D1 0
0

GET
H2 200 sync
x.bidswitch.net/ Frame B9D1 43 B
145 B 33ms
32ms Image
image/gif 18.158.12.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triton&stn=ZenoAds
Requested by: Host: zeno.fm
URL: https://zeno.fm/player/imbanasi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.12.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-12-89.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/player/imbanasi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame B9D1 70 B
148 B 44ms
43ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=tpqk5an&ttd_puid=ZenoAds
Requested by: Host: zeno.fm
URL: https://zeno.fm/player/imbanasi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/player/imbanasi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:49 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

pixel.gif
yield-op-idsync.live.streamtheworld.com/ Frame B9D1
Redirect Chain

https://ums.acuityplatform.com/tum?umid=133&uid=0154b92a-bf64-4f39-bf49-b38900167d6c&rurl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dacu%26uid%3D___AUID___%26pubI...
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=872695282980&pubId=25053

43 B
384 B

159ms
159ms

Image
image/gif

208.80.55.239
TRITONDIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=872695282980&pubId=25053
Requested by: Host: zeno.fm
URL: https://zeno.fm/player/imbanasi
Protocol: H2
Server: 208.80.55.239 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/player/imbanasi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:49 GMT
content-length: 43
content-type: image/gif

Redirect headers

access-control-allow-origin: *
location: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=872695282980&pubId=25053
content-length: 0

GET
H2 204 CookieSyncTriton
rtb.adentifi.com/ Frame B9D1 0
35 B 404ms
110ms Image
text/plain 107.23.145.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncTriton?redirect=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dadt%26uid%3D%24UID%26pubId%3D25053
Requested by: Host: zeno.fm
URL: https://zeno.fm/player/imbanasi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.145.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-145-95.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/player/imbanasi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:49 GMT

GET
H2

200

pixel.gif
yield-op-idsync.live.streamtheworld.com/ Frame B9D1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=70&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dmm%26uid%3D%5BMM_UUID%5D%26pubId%3D25053
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=1fc76596-f28d-4300-a374-83f067f6b1f3&pubId=25053

43 B
431 B

158ms
158ms

Image
image/gif

208.80.55.239
TRITONDIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=1fc76596-f28d-4300-a374-83f067f6b1f3&pubId=25053
Requested by: Host: zeno.fm
URL: https://zeno.fm/player/imbanasi
Protocol: H2
Server: 208.80.55.239 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/player/imbanasi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:50 GMT
content-length: 43
content-type: image/gif

Redirect headers

Date: Thu, 04 Jan 2024 18:01:49 GMT
Server: MT3 1237 600843f master ord ord-pixel-x23 config_version:"1808"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=1fc76596-f28d-4300-a374-83f067f6b1f3&pubId=25053
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 04 Jan 2024 18:01:48 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame B9D1 0
187 B 89ms
25ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D25053
Requested by: Host: zeno.fm
URL: https://zeno.fm/player/imbanasi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/player/imbanasi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 04 Jan 2024 18:01:49 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

pixel.gif
idsync.live.streamtheworld.com/ Frame B9D1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triton&google_sc&google_cm&stn=ZenoAds
https://idsync.live.streamtheworld.com/pixel.gif?partner=dbm&uid=CAESEPjRR_4LOf_7t_nuBJbUZSc&stn=ZenoAds&google_cver=1

43 B
415 B

317ms
157ms

Image
image/gif

208.80.55.239
TRITONDIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.live.streamtheworld.com/pixel.gif?partner=dbm&uid=CAESEPjRR_4LOf_7t_nuBJbUZSc&stn=ZenoAds&google_cver=1
Requested by: Host: zeno.fm
URL: https://zeno.fm/player/imbanasi
Protocol: H2
Server: 208.80.55.239 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/player/imbanasi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:49 GMT
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 04 Jan 2024 18:01:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://idsync.live.streamtheworld.com/pixel.gif?partner=dbm&uid=CAESEPjRR_4LOf_7t_nuBJbUZSc&stn=ZenoAds&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame B9D1 0
45 B 159ms
54ms Image
text/plain 217.182.178.229
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=85
Requested by: Host: zeno.fm
URL: https://zeno.fm/player/imbanasi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.229 , France, ASN16276 (OVH, FR),
Reverse DNS: ip229.ip-217-182-178.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/player/imbanasi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:49 GMT
content-length: 0

GET
H2

200

pixel.gif
yield-op-idsync.live.streamtheworld.com/ Frame B9D1
Redirect Chain

https://ad.turn.com/r/cs?pid=58&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Damb%26uid%3D%23USER_ID%23%26pubId%3D25053
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=3628797593693289504&pubId=25053

43 B
399 B

159ms
158ms

Image
image/gif

208.80.55.239
TRITONDIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=3628797593693289504&pubId=25053
Requested by: Host: zeno.fm
URL: https://zeno.fm/player/imbanasi
Protocol: H2
Server: 208.80.55.239 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zeno.fm/player/imbanasi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 18:01:49 GMT
content-length: 43
content-type: image/gif

Redirect headers

location: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=3628797593693289504&pubId=25053
pragma: no-cache
date: Thu, 04 Jan 2024 18:01:48 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET triton
sync.adotmob.com/cookie/ Frame B9D1 0
0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BAB5 42 B
174 B 99ms
98ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssA68CRcUHmoDHDIN9MlyDBsZKv1kbRZZfUuzIBDspa8UZNLmKdxvami2dIBKHnOB9Kz09kX9IC8dYaUTqqIajzXLy2bBT1eU4ur4UiwyEug-e6mLmjyIouqGegGDkNuctT4fW88EdlAk9w7AAD-697jcmx&sai=AMfl-YQDJvEzyR-cnLfxmnk1gCRPOqW20yhwNyXrXRWn0TAz_KyLfiZg9CMjR8zCYBjfXqziKQLz0qtIz4v_qvwg6H6XLr2_VD1xXWMTgSvGJIIWTRiLQDDwNzA4bMpGY2ZmuOOERLa5ozZOBatx5rduiw&sig=Cg0ArKJSzEwMloPls18YEAE&cid=CAQSTwAvHhf_IzOmwvnJufYZ0SSW3j8SDWaK5DB4zmS1iM6ivJ830VGKi91oIs2hSI9Mx1uACpv_b6wDdIzDo7EM5C_oEuzD7Qmgt7xuSrPQ2VwYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=178,861,1000,1000,1000&tos=178,683,139,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704391308509&rpt=474&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 18:01:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4E8A 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstAD6iFlGShK12Pxl1QMOZBf2zVcA4v1rmZtA9SEjlsj2GkxsH8DTz0OPbqJ1PsROKcwUwiI4SkVnig1QjPdiDlKoLouA-ZtSfWyXNer0VchxiqSW5wY52L55MjGtx39sSlPh0K--shqPkfbkpuxoI-WL6x&sai=AMfl-YRKe_axt86GJPLkGh4lfI17kVGAHk1hroZZVY4EeLL9Z3cfoxxdJsepTY_MMmJs8yuoWD-5CyV-fxvSEVa2UKLD7XMlmMAkNiEOOybvkIwLenoLVYQZAMc_a4mfbRSfiBlEEVBRheEa1ZCkN3sx8g&sig=Cg0ArKJSzIbIy6MG6XwXEAE&cid=CAQSTwAvHhf_IzOmwvnJufYZ0SSW3j8SDWaK5DB4zmS1iM6ivJ830VGKi91oIs2hSI9Mx1uACpv_b6wDdIzDo7EM5C_oEuzD7Qmgt7xuSrPQ2VwYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704391308564&rpt=402&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 18:01:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 008C 0
54 B 76ms
75ms Ping
image/gif 2a00:1450:4006:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lqzikukg&c=1668423875132&slotId=834211937566&qqid=CJ-ylrOoxIMDFcTkTAIdCpIPPA&umsem=0&ple=1&ape=1&met.4=vil.lqzikv4x~vfl.lqzikvay
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/aaaa0c68f83bc91a42091e4a37f3fa3d.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4006:811::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 18:01:50 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: nodeny.targetspot.com
URL: https://nodeny.targetspot.com/callback/uuid?https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=ts&uid=$UID&pubId=25053

Domain: sync.adotmob.com
URL: https://sync.adotmob.com/cookie/triton?r=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Ddot%26uid%3D%7Bamob_user_id%7D%26pubId%3D25053

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.imbanasi.com/	1970-01-21 03:02:31	Name: _ga_K6K1XPQ7N2 Value: GS1.1.1704391306.1.0.1704391306.0.0.0
.imbanasi.com/	1970-01-21 03:02:31	Name: _ga_ZB1XCGCZ9Y Value: GS1.1.1704391306.1.0.1704391306.0.0.0
.imbanasi.com/	1970-01-21 03:02:31	Name: _ga Value: GA1.2.1029109762.1704391307
.imbanasi.com/	1970-01-20 17:27:57	Name: _gid Value: GA1.2.702889777.1704391307
.imbanasi.com/	1970-01-20 17:26:31	Name: _gat_gtag_UA_220184477_1 Value: 1
.live.streamtheworld.com/	1970-01-20 18:09:43	Name: uuid-s Value: 0154b92a-bf64-4f39-bf49-b38900167d6c
.imbanasi.com/	1970-01-21 02:48:07	Name: __gads Value: ID=9cd0117c4db10099:T=1704391306:RT=1704391306:S=ALNI_Mae2jZ5SiSlETETPnxdgZU-hehjxw
.imbanasi.com/	1970-01-21 02:48:07	Name: __gpi Value: UID=00000d382a203e61:T=1704391306:RT=1704391306:S=ALNI_MYc6lEw6TRgbmJq5dVXhcq900PPnA
.adnxs.com/	1970-01-20 19:36:07	Name: uuid2 Value: 31610671736380691
.adnxs.com/	1970-01-21 03:02:31	Name: XANDR_PANID Value: uROPGrAHLgla5r6cFRt4IEDYGepXzQWlwri_WKvdQifzejkpDTRpv5egvZNc0pZzukj_2a9Y-gJlOxFY9xg2GCNsglIIeb83YYwTHuipAcM.
.casalemedia.com/	1970-01-21 02:12:07	Name: CMID Value: ZZbyjLF1F2Kqza6BmYBD4wAA
.casalemedia.com/	1970-01-20 19:36:07	Name: CMPS Value: 2124
.casalemedia.com/	1970-01-20 19:36:07	Name: CMPRO Value: 2124
.adnxs.com/	1970-01-20 19:36:07	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%ujJtDt!]tbPl1M>e)ZlrFUfJ+tGXxoe@4re4DYU7F?n]>xE#_NKE[GOZf2W[lQBJjbpRzqF1`b_N4*)#A:
.doubleclick.net/	1970-01-21 02:48:07	Name: IDE Value: AHWqTUl-Rf8Bk6TAixGJxX1M0EF5trI2WKlhkr3edZL_InbvaJ4ZOhj6v9WPaBtEVNA
.turn.com/	1970-01-20 21:45:43	Name: uid Value: 3628797593693289504
.quantserve.com/	1970-01-20 19:36:07	Name: d Value: EFsBCQHpKoEA
.quantserve.com/	1970-01-21 02:56:45	Name: mc Value: 6596f28d-55159-241e5-84cf6
.adform.net/	1970-01-20 18:11:09	Name: C Value: 1
.googleadservices.com/	1970-01-20 19:36:07	Name: ar_debug Value: 1
.adform.net/	1970-01-20 18:52:55	Name: uid Value: 2265724328440315107
.doubleclick.net/	1970-01-20 17:26:34	Name: DSID Value: NO_DATA
.acuityplatform.com/	1970-01-21 02:12:07	Name: auid Value: 872695282980
.acuityplatform.com/	1970-01-21 02:12:07	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqCMTMz+o11c2VyTWF0Y2hpbmdJZCQEipFsYXN0RHJvcFRpbWVNaWxsaXMlAUY1NDdLkJhsYXN0U3VjY2Vzc2Z1bE1hdGNoTWlsbGlzJQFGNTQ3S5CPdGhpcmRQYXJ0eVVzZXJJZGMwMTU0YjkyYS1iZjY0LTRmMzktYmY0OS1iMzg5MDAxNjdkNmP7+4Z2ZXJzaW9uwvs="
.live.streamtheworld.com/	1970-01-20 17:36:36	Name: idsync-an-uid-s Value: 31610671736380691
.live.streamtheworld.com/	1970-01-20 17:36:36	Name: idsync-amb-uid-s Value: 3628797593693289504
.live.streamtheworld.com/	1970-01-20 17:36:36	Name: idsync-acu-uid-s Value: 872695282980
.live.streamtheworld.com/	1970-01-20 17:36:36	Name: idsync-dbm-uid-s Value: CAESEPjRR_4LOf_7t_nuBJbUZSc
.mathtag.com/	1970-01-21 02:52:26	Name: uuid Value: 1fc76596-f28d-4300-a374-83f067f6b1f3
.live.streamtheworld.com/	1970-01-20 17:36:36	Name: idsync-mm-uid-s Value: 1fc76596-f28d-4300-a374-83f067f6b1f3

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ghost.blueecho88.com/pYkgct6rQxvBqxpAkroMUNbgRFCfvBNKlrwUXof7AkiH7VdQ2A== Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://nodeny.targetspot.com/callback/uuid?https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=ts&uid=$UID&pubId=25053 Message: Failed to load resource: net::ERR_CONNECTION_REFUSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad.turn.com
api.zeno.fm
c1.adform.net
cdn.adswizz.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
editor.zenomedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
ghost.blueecho88.com
googleads.g.doubleclick.net
i1.ytimg.com
ib.adnxs.com
idsync.live.streamtheworld.com
imbanasi.com
match.adsrvr.org
nodeny.targetspot.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
play.adtonos.com
playerservices.live.streamtheworld.com
r.turn.com
region1.google-analytics.com
rr1---sn-pouxga5o-vu2l.googlevideo.com
rtb.adentifi.com
s0.2mdn.net
ssbsync.smartadserver.com
stream-151.zeno.fm
stream-tools.zenomedia.com
stream.zeno.fm
sync.adotmob.com
sync.mathtag.com
synchrobox.adswizz.com
tpc.googlesyndication.com
ums.acuityplatform.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
yield-op-idsync.live.streamtheworld.com
zeno.fm
zenoimages.s3.us-west-001.backblazeb2.com
zenoplay.zenomedia.com
nodeny.targetspot.com
sync.adotmob.com
104.153.233.254
104.18.36.155
107.23.145.95
148.113.165.173
15.235.115.81
15.235.14.140
15.235.86.218
154.59.122.79
172.217.16.130
172.217.16.198
178.236.246.109
18.158.12.89
185.89.210.153
192.173.29.77
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
208.80.55.239
216.200.232.253
216.58.206.34
217.182.178.229
2606:4700::6811:180e
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:801::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::200e
2a00:1450:4001:812::2003
2a00:1450:4001:812::2004
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2006
2a00:1450:4001:830::200e
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:4006:811::2003
2a00:ff0:1234:2::c
2a02:fa8:8806:16::1400
2a06:98c1:3120::3
37.157.6.233
51.89.155.117
52.223.40.198
52.31.131.200
65.9.95.19
67.23.116.135
67.23.116.136
67.23.116.141
98.98.134.242
01d7c9a6f7c2b8c9290aba44c16c812337398880d14cfcbbb402fd7b153661b1
05b29e76a8aa7f19cd376f36c19c0096d35dcf0c46ed78816c49140e5a7d0d51
093f68fcb134f3e43cc714b86036c1bd9f2c2e448095ee81cbcea1775f020541
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d7cd639c89358f19d898c0f407c362e22f9f3efb8f419bb35ede15d184daa71
0ebc00ad50a9bd3e7d643079a5a531f5b73c4f06b5e59a00175f4d8b22c0a75d
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16be0a907ddb441a6b9b6562e2364dad916933afa19a1a026871b1494dc568b4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
193cb7d341a7cd06154bd056f9bb1aa44d4c98f484f152cba52dc131f38f82d0
1bfcbf88ee6a3a8dea04c6606e119d2d7c1097da398b6a9ea1b6ea9e742bbc4d
1d8b324bd1acdc9075e6d3e9d472effb0982516e3e34df0b65508679004e82c7
2105ac1b7fbb39b67ea9e3d54e923ef3e06880c8102b89e4c0261e318f90b375
239954e86a5c9572e694acbf9141e594435fe5d8394caa0938c120f9f496f706
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
2631b82949f1c3cc9755701e6261c8ff97c9982c3db6ff98b7c69b31d3fbeed9
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a
2a7bcbb5506f763ad54a0432554627831d592ad24f13539d49688c5a757b2b21
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b68491bcf04c1a52df469b4b19f9096588fba79f809c1e4617db63420e3c18c
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2ebbc1bd1379bafc0c2abcdd974dcd1efa16a7fa6f005da1231d789680ad2ade
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
318ad9c59143ac495dac58215eb17885efc744c523b444f7c1f82ff72197839a
3401ea7665039b9f192ed65b3da0fe68634a2b3207a55237a09e0df479f5abb3
34157decd6f726e1ab98c222596cd09209de71cf6c8f8294cafa79bed133fa0d
4078e3e6ee52a7a3cd9a2749a9845255b2307ab75b3d3c9f1ea0dffd8643d2ad
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
45a9cd7ba3b4349fcf586411115409e7b7423761853562ee4f30ddc85737e340
466e237685180351be34c81263860416a61237b0e2aaabc4d3240054452f38e7
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4db06976a436c01505b914a05248c422f3e2d4e0ebbb6902b9a33aa4b7c1405a
4ed2c613655221946fd5539a4e49a662c0ab225efd2fc10231cd201305bde46d
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4ffaa9133b90171d600ad8a7d5e20c304f24129dce333a57d7c52a73490376f5
501d5c887ce4f8288045cbbd48bffe5a7873e8b7f82556d40babc427a4738cc3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
551dab3472e7f99f99f660c01ccf9a6d37370f8cad019af534ef6690b6b2b3b4
56392a29c6bd9c419f24fecd0326cef393e42ffa5cb7cd011b486f57f72e0fd6
5762b6219f50f2e10c20b675b7685d9de45070171473249b81a8c118736b43b7
58c7ffa3f099787c53922f29fe6450b539d50ea270a82f4507c8edc4f44fa1f2
597978bca0f97e5bb3f70452c24f8a0c93db7f7229433c2a54706b85cdd39aa6
59c0e6792e27652db6c68b49c2df7dc21e767c99f70f023fe53cc2bee6b26961
5ae13b47c6124533d5283d0631135beb884dbc3782b13832faff0fb0193232bc
5bbe7253f45a31f3a8c0a8b860fa51e4c86ad6c42e3e25a53cf139b0612f7e3a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d61755a25b36a1a5a210d6662fda9e0522d480382b9313ee081f366696b2098
5e83e4ffdb3632a9c5d51a279e404e05d2ad54de760bbdf2ba8bcc70acb9d316
5eedb83de557c2d75a6ef4b70037580f8e554a7ede5f3dd90e7f52401edfa702
63269263989e587015e807ddafd10082a504332e7a4bf5302d8b2d49172cdd96
6400a4fc8f8c759503f20139e4ab3addc6add1dacde51affc572af36498569b3
6596a1e2c00a9382621eecdd04431e99c4638499a25fe64389d690a05d838a15
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c4ca119cf1bceba15e6b59d19c9a913dcfa12dd54b9ca0900890819adfae5e5
6cf8b627b8de7c4cf224806c661d3c3e8d1a0c8f5b3a94233a24d83839a326b8
6ec4304a5d2757290451c3c6dad524b2b337cc91485ad1c454e4947c98f0c8e6
76cd0fa0dac3c8ce8bd2d5324a2e9bb553c595447f86d3070bd45283d271d36f
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
8046e624b87d35265325e160609ed4f96a327756ededf8594798dadf20a2b24a
80f3a4bc4c13cecc05eaf52a1d415bf4e5fb501ffb8ab47a0f2579423a6c7bf8
857f3d6558aec07553171f4dec779c0b2cad0542cd6b7346c52399426c18010e
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
89a08672cc394d16a3e9d8c538cb01d3b5b109d81f61f6a34f8e9add6cf51139
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd54d5d926bef99de353a323ed5fa552c98a5c3d9b41e6d74a070ac593bac50
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8f05cc38ae1d7b80d813e164c4eb93e83f03f6eecbfd271d19d2e39386ff0fe7
920b1fb1c1a386a8708e4ffad2da3bf664f6f3f6f448feb237a68276e9ae646d
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9379c67bd1cac6da5bb6017a8f1bc6d09f32d273e20fc1a6b35aebad3e9b330d
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
99659a40c87c4dcff2b0b7c8e1057f8f14b7e9b3ee3d2207193590fa47b29125
9a2117e56eebe26f9f86a916ab809740f45d068c9aab546ba6201b25bca7d284
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aa067574acf4c7b8d7cef4f104ea80eeb6bd8af4d1e142015d029779dcdae3e
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a85904e098cd1b968434e3bdcedd5a1465fec7d762b06d54348f334dc51bfc54
aa971cb07c370b578fec29beec10452b08c0799bf8b0a499d6616dec8b799819
acf3a32b411356f86baad4a8177a52c63c3cb5038bc1e6fbb26bc119d39ae3ef
adb20c187e3c45a27a105c826787131ec7aa646c719eb464cb0b95cbb3cd6eeb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
b6a00ffcfccd11f1f40c5879c60446e028e545a73a77d0a7dc3fc439436793ff
b96c11a823c801f31ceecbd089e2f22ec97efff585462d45f7dcd3b3c2f38bd2
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c02ddde78c7305436f8deea9b4d105d1ed0f18ee5854852238a263151acefe50
c0a2945335233c8f3074009aae18a6f4a77e5db7236153d8a2b7adf636676d4a
c0b0d9a082fa44b9adad7f989a0aded0435ceca6f9d340237a83f35326170227
c241219c457169c627ad4b4fea6cadb2112b758b1ef9cd03f3de29d9286df492
c3b043fd30878819c8b0286057c9a44ef1f6a4083fdbd850b40d69dad8407c66
c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c5fca0141fd1fba5d7ab36cc0b1c62d3ad22ef3f85f2464743d16b3499d5f7c9
c6c3d3c27040914bf4a793249c19503846e5c42d5b84ce544d3ae31b295959d0
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
cda32ff45de83de4c87018c89614f1fe271fb5418339194374d67e1f9dd57334
d2a0739286d4a3a3e976b3f11b40c1bfc7fbb4854e4d5ac81c5674fc750d9962
d5ef768fed5cb0ccb4a7a10d62101ef061a53e867518fedcf9f379eed68ce459
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de8715c2f82e2aca288843fef9839aca913cb0640560eed0cf39e9ba7d4da378
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e166d7455768ebd8035cc264787c07f1d83f66460c8a72282b257291fa7d6029
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5833597a13fd497d210e2c036317ae5b663fd443c3c778bcb7f1ade247a6a
e43e7f7ca6face8ef55e5f1f10ac39121bb4d8c89ba15022a86d4c97061238a6
e73556347f061bcbefdd907b2a377220818ea0c32808ca19c50ab2181df7a9d9
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
e9d61380220dc6557adf818615193db49999ec5af04e82d2a4be2970ebda389e
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec2fdaf2506856fa0712eeaac90be49ee303b4d3f89495a292d10810ad753217
ee942f4a5ec260e449e5404657495b091d50c3286bf9805e7385f6cf2d73cf5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063
f760061caac404307dc1e136a5a742e1c094c0f9bea2ce59b3f4728513fcd2c2
fadd4367dbca6e7413d9fc59c82a012afe8db21d575a598aa8f012a0ec520828
ff6b729c340fa5eae226367b2a2aea16a4e1ff19071d141ef73e81160ce7e3af

imbanasi.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

195 Requests

89 %HTTPS

46 %IPv6

36 Domains

54 Subdomains

45 IPs

12 Countries

6553 kBTransfer

10714 kBSize

30 Cookies

8 Outgoing links

Redirected requests

195 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

imbanasi.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

195
Requests

89 %
HTTPS

46 %
IPv6

36
Domains

54
Subdomains

45
IPs

12
Countries

6553 kB
Transfer

10714 kB
Size

30
Cookies

195 HTTP transactions
4 data transactions