guide.elitemu.net Open in urlscan Pro
185.30.165.25 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://guide.elitemu.net/
Effective URL:
https://guide.elitemu.net/
Submission: On November 01 via api (November 1st 2023, 4:03:05 pm UTC) from US — Scanned from NL

Summary HTTP 71 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 12 domains to perform 71 HTTP transactions. The main IP is 185.30.165.25, located in Amsterdam, Netherlands and belongs to FNXTEC, BR. The main domain is guide.elitemu.net.
TLS certificate: Issued by R3 on September 27th 2023. Valid for: 3 months.

This is the only time guide.elitemu.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	185.30.165.25 185.30.165.25	60503 (FNXTEC) (FNXTEC)
17	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
2	78.46.90.238 78.46.90.238	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1 5	138.201.220.30 138.201.220.30	24940 (HETZNER-AS) (HETZNER-AS)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 2	34.248.207.226 34.248.207.226	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:0:1a:7c92:efc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
71	19

11 185.30.165.25 (Amsterdam, Netherlands) 1 redirects

ASN60503 (FNXTEC, BR)
PTR: protected.hyperfilter.com

guide.elitemu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.90.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.220.30 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de

hal900016.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.207.226 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-207-226.eu-west-1.compute.amazonaws.com

ti.tradetracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:0:1a:7c92:efc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.tradetracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	415 KB
11	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	67 KB
11	elitemu.net 1 redirects guide.elitemu.net	384 KB
7	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 38186 hal900016.redintelligence.net — Cisco Umbrella Rank: 178788	25 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	91 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	3 KB
3	tradetracker.net 1 redirects ti.tradetracker.net — Cisco Umbrella Rank: 168120 static.tradetracker.net — Cisco Umbrella Rank: 182039	30 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	2 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181 www.googleadservices.com — Cisco Umbrella Rank: 145	602 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	119 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
71	12

	Domain	Requested by
17	pagead2.googlesyndication.com	guide.elitemu.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
11	guide.elitemu.net	1 redirects guide.elitemu.net
7	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
5	hal900016.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900016.redintelligence.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	ti.tradetracker.net	1 redirects guide.elitemu.net
2	www.googleadservices.com	guide.elitemu.net
2	fonts.googleapis.com	googleads.g.doubleclick.net hal900016.redintelligence.net
2	hal9000.redintelligence.net	googleads.g.doubleclick.net hal900016.redintelligence.net
2	www.googletagservices.com	googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	static.tradetracker.net	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
71	18

This site contains links to these domains. Also see Links.

Domain
elitemu.net
forum.elitemu.net

Subject Issuer	Validity	Valid
www.guide.elitemu.net R3	`2023-09-27` - `2023-12-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.tradetracker.net Amazon RSA 2048 M02	`2023-09-19` - `2024-10-16`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://guide.elitemu.net/
Frame ID: 89E3DAA7CCAC3E480AFA49F982839935
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231030/r20190131/zrt_lookup.html?hello=world
Frame ID: 412A9FC37C1E8550749A345FEC7C924E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3778058131801178&output=html&h=250&slotname=1944312655&adk=1223859378&adf=2836758445&pi=t.ma~as.1944312655&w=250&lmt=1698850981&url=https%3A%2F%2Fguide.elitemu.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698854580728&bpp=238&bdt=263&idt=505&shv=r20231030&mjsv=m202310260102&ptt=5&saldr=sd&abxe=1&correlator=8246512841113&frm=20&pv=2&ga_vid=848340063.1698854581&ga_sid=1698854581&ga_hid=303249335&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079192%2C31079231%2C44804683%2C44805932%2C44807047%2C44807454%2C31078301&oid=2&pvsid=4067489934307912&tmod=285191637&uas=0&nvt=2&ref=http%3A%2F%2Fguide.elitemu.net%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=leaHieCezA&p=https%3A//guide.elitemu.net&dtd=530
Frame ID: A178D3BF1CCA412E81DF6C34BA774454
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3778058131801178&output=html&h=60&slotname=3547236041&adk=1556638581&adf=2347699626&pi=t.ma~as.3547236041&w=468&lmt=1698850981&url=https%3A%2F%2Fguide.elitemu.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698854580732&bpp=234&bdt=267&idt=534&shv=r20231030&mjsv=m202310260102&ptt=5&saldr=sd&abxe=1&prev_slotnames=1944312655&correlator=8246512841113&frm=20&pv=1&ga_vid=848340063.1698854581&ga_sid=1698854581&ga_hid=303249335&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=716&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079192%2C31079231%2C44804683%2C44805932%2C44807047%2C44807454%2C31078301&oid=2&pvsid=4067489934307912&tmod=285191637&uas=0&nvt=2&ref=http%3A%2F%2Fguide.elitemu.net%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=M2NyllMbrW&p=https%3A//guide.elitemu.net&dtd=538
Frame ID: 8054C6C256FFA50BD1F3BEF2A4118459
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3778058131801178&output=html&adk=1812271804&adf=3025194257&lmt=1698850981&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fguide.elitemu.net%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698854580977&bpp=1&bdt=512&idt=300&shv=r20231030&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&prev_slotnames=1944312655%2C3547236041&nras=1&correlator=8246512841113&frm=20&pv=1&ga_vid=848340063.1698854581&ga_sid=1698854581&ga_hid=303249335&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079192%2C31079231%2C44804683%2C44805932%2C44807047%2C44807454%2C31078301&oid=2&pvsid=4067489934307912&tmod=285191637&uas=0&nvt=2&fsapi=1&ref=http%3A%2F%2Fguide.elitemu.net%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=315
Frame ID: 1533FEEEF85F8DBCB085156FFED2D2AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiu77vGATAB&v=APEucNW9PF4fDz-kD2zKDvSmAnhfgtrCI3TB0aPOlXKizS_iPcMyN8HgP_8sIkosLEPUloaNhC4_7SKEpvPC6f-esSe815A6XTAkobvNt7MENgUx5IGxSVzR_r-wXOn-LMyi8Txj1zO-1NXN0Q32MonX_75JteUVlBGimAtdx24JgKi9dbJG8HA
Frame ID: 9D9B2E52A82F17B83FD521A9BB5E9507
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 206CDCA2ED0C6FF1BD1DC419836C8B83
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yki7wq91PsU7DdxfmXKOQxU4B1wmfJmh9h09t8sJadc.js
Frame ID: 290DEB1D8119E135B6749E68BF32DB79
Requests: 1 HTTP requests in this frame

Frame: https://hal900016.redintelligence.net/request_content.php?s=44959300119980604444448012495016&a=938a9014
Frame ID: 3751AE9380D4705E729168F51F4AB0AC
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3E763B6BD436BA3225B4D4F5236C4F51
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AE5DBABCF1F0A2980A0F0B221FC29A1C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

EliteMU v2.0 Guide - Tutorials

Page URL History Show full URLs

http://guide.elitemu.net/ Page URL
http://guide.elitemu.net/ HTTP 302
https://guide.elitemu.net/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

71
Requests

86 %
HTTPS

56 %
IPv6

12
Domains

18
Subdomains

19
IPs

5
Countries

1132 kB
Transfer

2175 kB
Size

17
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://elitemu.net/shop/vip
Title: • VIP System

Search URL Search Domain Scan URL

URL: http://forum.elitemu.net/index.php?/topic/5-event-top-voter-of-the-month/
Title: • TOP Voter of the Month (HOT)

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://guide.elitemu.net/ Page URL
http://guide.elitemu.net/ HTTP 302
https://guide.elitemu.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAFvUOz_kasacP273FxPVXc&google_cver=1

Request Chain 25

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUJ2tQx2MVkrQRQMwHSRnAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAFvUOz_kasacP273FxPVXc&google_cver=1

Request Chain 26

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDqrj3_xPVPL-oST5pe7Y3s&google_cver=1

Request Chain 27

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEzMDIyNjEyMzk3ODkyODc3Mw%3D%3D

Request Chain 44

https://hal900016.redintelligence.net/request.php?zone=lk8t7grhuo1n&nw=20&renderingType=javascript&namespace=4abb31a0a4&subid=&uid=36f8780c165abd85&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR0dstXZCZcLPFozc18cPpYiuwAjM-YagaZOyx__3D_AuEAEg1bjRImCRhKCFjBjIAQmpArR7dP4qsLE-qAMByAObBKoE7AFP0NKML84PQQkyeEDp-9iPvjWg9QuEpOFrDkUgDNgEIeTN5x4IoxQf_e6KOevMkfeCIOCCrb7lv4wnLB1boSi0_p-dxBoM-RhW5rAoWvOlS1w4CNQreLzQVLl9rLCjHqfeh1bw7CIshNQGeM0R_6sb2_7g-ANVRPUC-7ftec-o04DZ8QT0XMkyE62jt-TqNdWuJuoq-hlSKyTOef_DgrUKgexIFGP6J0u5Y2gN0wyxakkSI6DDyrHy1DbCdO2YMT_msdt2rsyrj1Kb1loHOSQMRDMuxRMTKgqbBSohsg4_59cs1vup9Aw0lE9_s8AE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAk5MsBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNYOmu-Y6oF-FMgE2oByZFe7W7ONPjm9-BFbD9IqRbrznITEBp4-hAqpqYTFhGhxPAh1fB4W-UG-caVfC4zaIYaUimRBd7sfYYAQ%26sig%3DAOD64_1Cyw6LZjPCFgjQTw5yfgvEe63epg%26client%3Dca-pub-3778058131801178%26dbm_c%3DAKAmf-AIU7G8iK-XtZl7_sZCi0SZ19n6pKzEsy0_Wf_OfowX9HxJPcTiDU_LcGE7ShMDrHPq2i5fuQYtmvhibPUT2C9bJsQmbfG8Iadu-lDLCvhlQ4tQ38R-A01-TXQopK7hkVsU4rQ6Q6aQz_UxWkVNMYoAWiEcPgNGTWMelMNhSLf0Te_AZO4%26cry%3D1%26dbm_d%3DAKAmf-B4xvSQk1lJl7s2iKzTued5EElKOcm0Qfk91nBZme9YQwg9uOp7fBv4Tki1FxQ-SYov2KGSIPFeiehy7mYE7G6eNJWAEHGdZBIbwCnSkYedwz8-nvcpXLySrVenkDCdgVugBkHxRpFReWM2rAU1laTWCFZNJX8wDfyMQ-3SMeHaaCznTyzy3igY6DOAuHYNMOBgqLlj_ONjbaX-dQcSbD1i1AVljoWk1t9oU_LJBOGty2arTbWeMZMdeK0aj5q6sEIu4P0UgDq3xV6JGjuXeImsCaAXEYJ6UDQ4KdGYh_aSux8yQnil7v-QXr32-G5DJ7Y3t_jO_tLncyTe98dG5fzD14vPqcoDl4dxH9yYJYO7NOeAD6kZ1DZPLONbXD-KA7ww7gVwHIldoY1kQAhxVZvmp2_0UX8uEtLJXWfzJshwTUhrj8quSVQtIrKi2TNo6d6hKbRV3erZ7rdNfGxGUcBs-DidQkb8PvOnqOp36ZuHJ5H-iKFFKo0GjUXak3xTT8ahBgkilIvTEe2P5GkrQEcdvjNNm33chl-gjxFYXaZXNuE35ys%26adurl%3D&documentReferer=https%3A%2F%2Fguide.elitemu.net%2F&ancestorOrigins=https%3A%2F%2Fguide.elitemu.net&random=2167112714160&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900016.redintelligence.net/request.php?zone=lk8t7grhuo1n&nw=20&renderingType=javascript&namespace=4abb31a0a4&subid=&uid=36f8780c165abd85&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR0dstXZCZcLPFozc18cPpYiuwAjM-YagaZOyx__3D_AuEAEg1bjRImCRhKCFjBjIAQmpArR7dP4qsLE-qAMByAObBKoE7AFP0NKML84PQQkyeEDp-9iPvjWg9QuEpOFrDkUgDNgEIeTN5x4IoxQf_e6KOevMkfeCIOCCrb7lv4wnLB1boSi0_p-dxBoM-RhW5rAoWvOlS1w4CNQreLzQVLl9rLCjHqfeh1bw7CIshNQGeM0R_6sb2_7g-ANVRPUC-7ftec-o04DZ8QT0XMkyE62jt-TqNdWuJuoq-hlSKyTOef_DgrUKgexIFGP6J0u5Y2gN0wyxakkSI6DDyrHy1DbCdO2YMT_msdt2rsyrj1Kb1loHOSQMRDMuxRMTKgqbBSohsg4_59cs1vup9Aw0lE9_s8AE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAk5MsBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNYOmu-Y6oF-FMgE2oByZFe7W7ONPjm9-BFbD9IqRbrznITEBp4-hAqpqYTFhGhxPAh1fB4W-UG-caVfC4zaIYaUimRBd7sfYYAQ%26sig%3DAOD64_1Cyw6LZjPCFgjQTw5yfgvEe63epg%26client%3Dca-pub-3778058131801178%26dbm_c%3DAKAmf-AIU7G8iK-XtZl7_sZCi0SZ19n6pKzEsy0_Wf_OfowX9HxJPcTiDU_LcGE7ShMDrHPq2i5fuQYtmvhibPUT2C9bJsQmbfG8Iadu-lDLCvhlQ4tQ38R-A01-TXQopK7hkVsU4rQ6Q6aQz_UxWkVNMYoAWiEcPgNGTWMelMNhSLf0Te_AZO4%26cry%3D1%26dbm_d%3DAKAmf-B4xvSQk1lJl7s2iKzTued5EElKOcm0Qfk91nBZme9YQwg9uOp7fBv4Tki1FxQ-SYov2KGSIPFeiehy7mYE7G6eNJWAEHGdZBIbwCnSkYedwz8-nvcpXLySrVenkDCdgVugBkHxRpFReWM2rAU1laTWCFZNJX8wDfyMQ-3SMeHaaCznTyzy3igY6DOAuHYNMOBgqLlj_ONjbaX-dQcSbD1i1AVljoWk1t9oU_LJBOGty2arTbWeMZMdeK0aj5q6sEIu4P0UgDq3xV6JGjuXeImsCaAXEYJ6UDQ4KdGYh_aSux8yQnil7v-QXr32-G5DJ7Y3t_jO_tLncyTe98dG5fzD14vPqcoDl4dxH9yYJYO7NOeAD6kZ1DZPLONbXD-KA7ww7gVwHIldoY1kQAhxVZvmp2_0UX8uEtLJXWfzJshwTUhrj8quSVQtIrKi2TNo6d6hKbRV3erZ7rdNfGxGUcBs-DidQkb8PvOnqOp36ZuHJ5H-iKFFKo0GjUXak3xTT8ahBgkilIvTEe2P5GkrQEcdvjNNm33chl-gjxFYXaZXNuE35ys%26adurl%3D&documentReferer=https%3A%2F%2Fguide.elitemu.net%2F&ancestorOrigins=https%3A%2F%2Fguide.elitemu.net&random=2167112714160&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 50

https://googleads.g.doubleclick.net/pagead/adview?ai=CuBimtXZCZd-PFqK418cPkOmWkAXx6P6vZoiP4-TXEdrZHhABINW40SJgkYSghYwYoAHAm_j1AsgBCakCtHt0_iqwsT6oAwHIA8sEqgTjAU_QaOwiYGB7J3rfWUlmyenbyUgwo0umxhXNZheY0hY5mxaxO4A_33MO73HxrbomxBVoyu-J-SU_O-zjDRc0gi6njqK3v8pS3Axio4Hxpx_S4ZwOZS9OL4sfP34puFBWNazycIU-JRa3pm2IdT4LQJ7vS6_u1nN5_fCCz2YDkRAE0fmE_lsIY2zJnqBYO2yS57FF4LwvgfgYyorAmaK8tVg3XA0-fIj72fM0zPYCEXr28q9xyXB_7p8TPD1NJO0ITLQByrWt_O7N3K4WtrZd-XVcvfJolVPj5eU9YJKII27Z8OSawAT7sIOorwOIBb7Njr0kkgUECAQYAZIFBAgFGASgBi6AB6jkh4oBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQpZAD0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJFWh0dHBzOi8vd3d3LmJlcmVpay5ubIAKAcgLAbgT5APYEw2IFAPQFQGAFwGyFxwKGggAEhRwdWItMzc3ODA1ODEzMTgwMTE3OBgA&sigh=Dv0_50vo3pI&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaNkh9M5Vl1IHzxRJXTWjpRgtN2ogbIwEvGZTlmewgMibV4nxu5z2e5Bx9EevLznxkIm96ebOfblZstafY_a13_sRFwL5mnYhgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223698987983060619373%22,%22debug_reporting%22:true,%22destination%22:%22https://bereik.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22784207296%22],%224%22:[%2211-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216032269081343675329%22}&andc=true

Request Chain 58

https://ti.tradetracker.net/?c=36785&m=2147229&a=70002&r=44959300119980604444448012495016&t=html HTTP 302
https://static.tradetracker.net/nl/material_image/e8/b6b56d4db26a7ddae298f91033941ff8970f56.png

71 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
guide.elitemu.net/ 637 B
852 B 66ms
25ms Document
text/html 185.30.165.25
FNXTEC

General

Check archive.org

Show headers Download Go to

Full URL: http://guide.elitemu.net/
Protocol: HTTP/1.1
Server: 185.30.165.25 Amsterdam, Netherlands, ASN60503 (FNXTEC, BR),
Reverse DNS: protected.hyperfilter.com
Software: HYPERFILTER - HWP/2.0.0 /
Resource Hash: a143614d36a0bab356f56d19d318228daff96300ff64f961985bb9cb7f2fdac2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache
Connection: close
Content-Encoding: gzip
Content-Type: text/html
DDOS: Protected by HyperFilter : https://www.hyperfilter.com
Date: Wed, 01 Nov 2023 16:03:00 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
HF-HWPStage: HIT-3/DYNAMIC
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Server: HYPERFILTER - HWP/2.0.0
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK hf-lib.php Show response
guide.elitemu.net/hf-sys/ 30 KB
8 KB 66ms
39ms Script
application/octet-stream 185.30.165.25
FNXTEC

General

Check archive.org

Show headers Download Go to

Full URL: http://guide.elitemu.net/hf-sys/hf-lib.php
Requested by: Host: guide.elitemu.net
URL: http://guide.elitemu.net/
Protocol: HTTP/1.1
Server: 185.30.165.25 Amsterdam, Netherlands, ASN60503 (FNXTEC, BR),
Reverse DNS: protected.hyperfilter.com
Software: HYPERFILTER - HWP/2.0.0 /
Resource Hash: 694bbff2b58086a42b3a853daf9cf0dc9d34d14fd67d3479acc374f271583e47

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://guide.elitemu.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 16:03:00 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30 Apr 2017 15:16:19 GMT
Server: HYPERFILTER - HWP/2.0.0
ETag: W/"5905ffc3-76d4"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/octet-stream
Cache-Control: no-cache
Connection: keep-alive
Expires: Wed, 01 Nov 2023 16:02:59 GMT

GET
H/1.1 200
OK hf-help.php Show response
guide.elitemu.net/hf-sys/ 2 KB
1 KB 51ms
25ms Script
application/octet-stream 185.30.165.25
FNXTEC

General

Check archive.org

Show headers Download Go to

Full URL: http://guide.elitemu.net/hf-sys/hf-help.php
Requested by: Host: guide.elitemu.net
URL: http://guide.elitemu.net/
Protocol: HTTP/1.1
Server: 185.30.165.25 Amsterdam, Netherlands, ASN60503 (FNXTEC, BR),
Reverse DNS: protected.hyperfilter.com
Software: HYPERFILTER - HWP/2.0.0 /
Resource Hash: 7f2a1d241f913cdce9b6de0dbc430e6bd711d09246ce91a5d44ebd8e1dfc6c7a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://guide.elitemu.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 16:03:00 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30 Apr 2017 15:16:19 GMT
Server: HYPERFILTER - HWP/2.0.0
ETag: W/"5905ffc3-793"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/octet-stream
Cache-Control: no-cache
Connection: keep-alive
Expires: Wed, 01 Nov 2023 16:02:59 GMT

GET
H/1.1

200
OK

Primary Request / Show response
guide.elitemu.net/
Redirect Chain

http://guide.elitemu.net/
https://guide.elitemu.net/

15 KB
4 KB

146ms
56ms

Document
text/html

185.30.165.25
FNXTEC

General

Check archive.org

Show headers Download Go to

Full URL: https://guide.elitemu.net/
Requested by: Host: guide.elitemu.net
URL: http://guide.elitemu.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.30.165.25 Amsterdam, Netherlands, ASN60503 (FNXTEC, BR),
Reverse DNS: protected.hyperfilter.com
Software: HYPERFILTER - HWP/2.0.0 /
Resource Hash: 37131dd0bf92c40b36b66f45a3b58e3381f2e79041b9309873cb6d9e2828f7f7

Request headers

Referer: http://guide.elitemu.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
DDOS: Protected by HyperFilter : https://www.hyperfilter.com
Date: Wed, 01 Nov 2023 16:03:00 GMT
HF-HWPStage: HIT-3/DYNAMIC
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Server: HYPERFILTER - HWP/2.0.0
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: close
Content-Length: 210
Content-Type: text/html; charset=iso-8859-1
DDOS: Protected by HyperFilter : https://www.hyperfilter.com
Date: Wed, 01 Nov 2023 16:03:00 GMT
HF-HWPStage: HIT-3/DYNAMIC
Location: https://guide.elitemu.net/
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Server: HYPERFILTER - HWP/2.0.0

GET
H/1.1 200
OK style.css
guide.elitemu.net/assets/css/ 4 KB
2 KB 105ms
52ms Stylesheet
text/css 185.30.165.25
FNXTEC

General

Check archive.org

Show headers Download Go to

Full URL: https://guide.elitemu.net/assets/css/style.css?v=1698854580
Requested by: Host: guide.elitemu.net
URL: https://guide.elitemu.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.30.165.25 Amsterdam, Netherlands, ASN60503 (FNXTEC, BR),
Reverse DNS: protected.hyperfilter.com
Software: HYPERFILTER - HWP/2.0.0 /
Resource Hash: bb73cb24a895f194782b49bd3167650c2849ea2b05249125c1c9e04ccb293cb8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://guide.elitemu.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 16:03:00 GMT
HF-HWPStage: HIT-1/STATIC
Content-Encoding: gzip
Last-Modified: Thu, 24 Aug 2023 22:54:37 GMT
Server: HYPERFILTER - HWP/2.0.0
DDOS: Protected by HyperFilter : https://www.hyperfilter.com
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Content-Type: text/css
HF-SuperCache: MISS
Cache-Control: public, max-age=604800
Connection: keep-alive

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 24 KB
10 KB 252ms
128ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: guide.elitemu.net
URL: https://guide.elitemu.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f278374bb6fc98996ad7c5c93d34ac2f76bd692e0b9774d0f4a9693cdd6938b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://guide.elitemu.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 16:03:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10055
x-xss-protection: 0
server: cafe
etag: 412274210045655850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 16:03:00 GMT

GET
H/1.1 200
OK mu2.gif
guide.elitemu.net/assets/images/ 1 KB
2 KB 52ms
51ms Image
image/gif 185.30.165.25
FNXTEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guide.elitemu.net/assets/images/mu2.gif
Requested by: Host: guide.elitemu.net
URL: https://guide.elitemu.net/assets/css/style.css?v=1698854580
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.30.165.25 Amsterdam, Netherlands, ASN60503 (FNXTEC, BR),
Reverse DNS: protected.hyperfilter.com
Software: HYPERFILTER - HWP/2.0.0 /
Resource Hash: de72c5d76c4b7ebc7df9f1c530cfeaff3097e1af90c00e956e1e18174c55dfa4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://guide.elitemu.net/assets/css/style.css?v=1698854580
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 16:03:00 GMT
HF-HWPStage: HIT-1/STATIC
Content-Encoding: gzip
Last-Modified: Fri, 25 Nov 2022 16:16:52 GMT
Server: HYPERFILTER - HWP/2.0.0
DDOS: Protected by HyperFilter : https://www.hyperfilter.com
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Content-Type: image/gif
HF-SuperCache: EXPIRED
Cache-Control: public, max-age=604800
Connection: keep-alive

GET
H/1.1 200
OK mu2.cur
guide.elitemu.net/assets/images/ 4 KB
2 KB 109ms
56ms Image
application/octet-stream 185.30.165.25
FNXTEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guide.elitemu.net/assets/images/mu2.cur
Requested by: Host: guide.elitemu.net
URL: https://guide.elitemu.net/assets/css/style.css?v=1698854580
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.30.165.25 Amsterdam, Netherlands, ASN60503 (FNXTEC, BR),
Reverse DNS: protected.hyperfilter.com
Software: HYPERFILTER - HWP/2.0.0 /
Resource Hash: cd86245aef76cc418d8f48121a2ec736d7f85a346407e331bab687a337f22991

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://guide.elitemu.net/assets/css/style.css?v=1698854580
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 16:03:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 25 Nov 2022 16:16:52 GMT
Server: HYPERFILTER - HWP/2.0.0
DDOS: Protected by HyperFilter : https://www.hyperfilter.com
HF-Wall: HIT-7/THROTTLED_7
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Connection: keep-alive

GET
H/1.1 200
OK new-help-center.png
guide.elitemu.net/assets/images/ 358 KB
359 KB 113ms
59ms Image
image/png 185.30.165.25
FNXTEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guide.elitemu.net/assets/images/new-help-center.png
Requested by: Host: guide.elitemu.net
URL: https://guide.elitemu.net/assets/css/style.css?v=1698854580
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.30.165.25 Amsterdam, Netherlands, ASN60503 (FNXTEC, BR),
Reverse DNS: protected.hyperfilter.com
Software: HYPERFILTER - HWP/2.0.0 /
Resource Hash: f7814ceaa4d1ac6d03cc4058a16adaa2105c13b4ba8e7762fc88948f2bcc5ade

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://guide.elitemu.net/assets/css/style.css?v=1698854580
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 16:03:00 GMT
HF-HWPStage: HIT-1/STATIC
Content-Encoding: gzip
Last-Modified: Wed, 23 Aug 2023 12:52:26 GMT
Server: HYPERFILTER - HWP/2.0.0
DDOS: Protected by HyperFilter : https://www.hyperfilter.com
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Content-Type: image/png
HF-SuperCache: EXPIRED
Cache-Control: public, max-age=604800
Connection: keep-alive

GET
H/1.1 200
OK mu.gif
guide.elitemu.net/assets/images/ 1 KB
2 KB 123ms
70ms Image
image/gif 185.30.165.25
FNXTEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guide.elitemu.net/assets/images/mu.gif
Requested by: Host: guide.elitemu.net
URL: https://guide.elitemu.net/assets/css/style.css?v=1698854580
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.30.165.25 Amsterdam, Netherlands, ASN60503 (FNXTEC, BR),
Reverse DNS: protected.hyperfilter.com
Software: HYPERFILTER - HWP/2.0.0 /
Resource Hash: 431412294b26b87005492a71d1862c54a5a42611c5dc82aec0545210a0e1bf00

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://guide.elitemu.net/assets/css/style.css?v=1698854580
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 16:03:00 GMT
HF-HWPStage: HIT-1/STATIC
Content-Encoding: gzip
Last-Modified: Fri, 25 Nov 2022 16:16:52 GMT
Server: HYPERFILTER - HWP/2.0.0
DDOS: Protected by HyperFilter : https://www.hyperfilter.com
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Content-Type: image/gif
HF-SuperCache: EXPIRED
Cache-Control: public, max-age=604800
Connection: keep-alive

GET
H/1.1 200
OK mu.cur
guide.elitemu.net/assets/images/ 4 KB
2 KB 109ms
56ms Image
application/octet-stream 185.30.165.25
FNXTEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://guide.elitemu.net/assets/images/mu.cur
Requested by: Host: guide.elitemu.net
URL: https://guide.elitemu.net/assets/css/style.css?v=1698854580
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.30.165.25 Amsterdam, Netherlands, ASN60503 (FNXTEC, BR),
Reverse DNS: protected.hyperfilter.com
Software: HYPERFILTER - HWP/2.0.0 /
Resource Hash: 858a2b7789ee7ba65793e64fab7242365f3aac47ea0859c4a1e5026ca342cd50

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://guide.elitemu.net/assets/css/style.css?v=1698854580
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 16:03:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 25 Nov 2022 16:16:52 GMT
Server: HYPERFILTER - HWP/2.0.0
DDOS: Protected by HyperFilter : https://www.hyperfilter.com
HF-Wall: HIT-7/THROTTLED_7
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Connection: keep-alive

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 133ms
133ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8ac08760ee69ce732ed3e2bd9783aec9d3a08126af54e553728fdb320344d2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://guide.elitemu.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 16:03:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51848
x-xss-protection: 0
server: cafe
etag: 11857524165994853052
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 16:03:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/ 398 KB
135 KB 127ms
127ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3778058131801178&plah=guide.elitemu.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8839b74b500df125ff98d74bd71b733c4d3172889996ed428d40e1da2f890e54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://guide.elitemu.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 16:03:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138070
x-xss-protection: 0
server: cafe
etag: 408739208850495687
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 16:03:01 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231030/r20190131/ Frame 412A 10 KB
5 KB 106ms
33ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231030/r20190131/zrt_lookup.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://guide.elitemu.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 72613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 19:52:48 GMT
etag: 4569948109300706969
expires: Tue, 14 Nov 2023 19:52:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
602 B 114ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=guide.elitemu.net&callback=_gfp_s_&client=ca-pub-3778058131801178

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3778058131801178&plah=guide.elitemu.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d0174ac4087b9efa5d7752327162c953d895867308154044bab5a57c3a25fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://guide.elitemu.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 16:03:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A178 111 KB
38 KB 854ms
853ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3778058131801178&output=html&h=250&slotname=1944312655&adk=1223859378&adf=2836758445&pi=t.ma~as.1944312655&w=250&lmt=1698850981&url=https%3A%2F%2Fguide.elitemu.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698854580728&bpp=238&bdt=263&idt=505&shv=r20231030&mjsv=m202310260102&ptt=5&saldr=sd&abxe=1&correlator=8246512841113&frm=20&pv=2&ga_vid=848340063.1698854581&ga_sid=1698854581&ga_hid=303249335&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079192%2C31079231%2C44804683%2C44805932%2C44807047%2C44807454%2C31078301&oid=2&pvsid=4067489934307912&tmod=285191637&uas=0&nvt=2&ref=http%3A%2F%2Fguide.elitemu.net%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=leaHieCezA&p=https%3A//guide.elitemu.net&dtd=530

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0213d9b25f06251839f36be18838fff4e1286bdc46cedc9a7ce9f622ff9a72de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://guide.elitemu.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39164
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 16:03:02 GMT
expires: Wed, 01 Nov 2023 16:03:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8054 24 KB
11 KB 478ms
477ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3778058131801178&output=html&h=60&slotname=3547236041&adk=1556638581&adf=2347699626&pi=t.ma~as.3547236041&w=468&lmt=1698850981&url=https%3A%2F%2Fguide.elitemu.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698854580732&bpp=234&bdt=267&idt=534&shv=r20231030&mjsv=m202310260102&ptt=5&saldr=sd&abxe=1&prev_slotnames=1944312655&correlator=8246512841113&frm=20&pv=1&ga_vid=848340063.1698854581&ga_sid=1698854581&ga_hid=303249335&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=716&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079192%2C31079231%2C44804683%2C44805932%2C44807047%2C44807454%2C31078301&oid=2&pvsid=4067489934307912&tmod=285191637&uas=0&nvt=2&ref=http%3A%2F%2Fguide.elitemu.net%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=M2NyllMbrW&p=https%3A//guide.elitemu.net&dtd=538

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d02b3cd81483d60c40792499bc860b190c83717f52004c864b2ae4027feea1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://guide.elitemu.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10674
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 16:03:01 GMT
expires: Wed, 01 Nov 2023 16:03:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1533 0
180 B 57ms
56ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3778058131801178&output=html&adk=1812271804&adf=3025194257&lmt=1698850981&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fguide.elitemu.net%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698854580977&bpp=1&bdt=512&idt=300&shv=r20231030&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&prev_slotnames=1944312655%2C3547236041&nras=1&correlator=8246512841113&frm=20&pv=1&ga_vid=848340063.1698854581&ga_sid=1698854581&ga_hid=303249335&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079192%2C31079231%2C44804683%2C44805932%2C44807047%2C44807454%2C31078301&oid=2&pvsid=4067489934307912&tmod=285191637&uas=0&nvt=2&fsapi=1&ref=http%3A%2F%2Fguide.elitemu.net%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=315

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://guide.elitemu.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 16:03:01 GMT
expires: Wed, 01 Nov 2023 16:03:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8054 42 B
63 B 159ms
158ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AlmsAVoo9rTl7JOMcgGcinjfE6UG8HUClfT9AG4jw5dlOn9Kz4EQ2LsBUKgJjQM4z8-MWhFd3R01fadUPOdijM2V5QA6Zr7qRu1oxx9wpGx9ETmck

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3778058131801178&output=html&h=60&slotname=3547236041&adk=1556638581&adf=2347699626&pi=t.ma~as.3547236041&w=468&lmt=1698850981&url=https%3A%2F%2Fguide.elitemu.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698854580732&bpp=234&bdt=267&idt=534&shv=r20231030&mjsv=m202310260102&ptt=5&saldr=sd&abxe=1&prev_slotnames=1944312655&correlator=8246512841113&frm=20&pv=1&ga_vid=848340063.1698854581&ga_sid=1698854581&ga_hid=303249335&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=716&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079192%2C31079231%2C44804683%2C44805932%2C44807047%2C44807454%2C31078301&oid=2&pvsid=4067489934307912&tmod=285191637&uas=0&nvt=2&ref=http%3A%2F%2Fguide.elitemu.net%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=M2NyllMbrW&p=https%3A//guide.elitemu.net&dtd=538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 16:03:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8054 0
20 B 159ms
159ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13160982083888563983&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 16:03:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9D9B 624 B
246 B 75ms
74ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiu77vGATAB&v=APEucNW9PF4fDz-kD2zKDvSmAnhfgtrCI3TB0aPOlXKizS_iPcMyN8HgP_8sIkosLEPUloaNhC4_7SKEpvPC6f-esSe815A6XTAkobvNt7MENgUx5IGxSVzR_r-wXOn-LMyi8Txj1zO-1NXN0Q32MonX_75JteUVlBGimAtdx24JgKi9dbJG8HA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3778058131801178&output=html&h=60&slotname=3547236041&adk=1556638581&adf=2347699626&pi=t.ma~as.3547236041&w=468&lmt=1698850981&url=https%3A%2F%2Fguide.elitemu.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698854580732&bpp=234&bdt=267&idt=534&shv=r20231030&mjsv=m202310260102&ptt=5&saldr=sd&abxe=1&prev_slotnames=1944312655&correlator=8246512841113&frm=20&pv=1&ga_vid=848340063.1698854581&ga_sid=1698854581&ga_hid=303249335&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=716&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079192%2C31079231%2C44804683%2C44805932%2C44807047%2C44807454%2C31078301&oid=2&pvsid=4067489934307912&tmod=285191637&uas=0&nvt=2&ref=http%3A%2F%2Fguide.elitemu.net%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=M2NyllMbrW&p=https%3A//guide.elitemu.net&dtd=538
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 16:03:01 GMT
expires: Wed, 01 Nov 2023 16:03:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8054 89 KB
31 KB 217ms
216ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 16:03:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 16:03:01 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 8054 3 KB
1 KB 189ms
64ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 14:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 14:05:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 8054 20 KB
9 KB 182ms
57ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:18:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 19:18:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8054 188 KB
60 KB 148ms
71ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 16:03:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 16:03:01 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 9D9B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAFvUOz_kasacP273FxPVXc&google_cver=1

43 B
542 B

52ms
51ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAFvUOz_kasacP273FxPVXc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiu77vGATAB&v=APEucNW9PF4fDz-kD2zKDvSmAnhfgtrCI3TB0aPOlXKizS_iPcMyN8HgP_8sIkosLEPUloaNhC4_7SKEpvPC6f-esSe815A6XTAkobvNt7MENgUx5IGxSVzR_r-wXOn-LMyi8Txj1zO-1NXN0Q32MonX_75JteUVlBGimAtdx24JgKi9dbJG8HA
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 16:03:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTDkYQja4AVS85E%2F%2FlOQTDEgyOKnB4jS%2FCR6xmfNF6lG9xYCiNKFrmOGP69reByL%2Fj%2BTm1LOyEzx1uw8IVHerrPQY9OTb9lfE%2BbUN%2B2QKCQKxeZbmio14m6vAtxVAknUipSnueQsMO1WtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81f55d917a516714-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 16:03:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAFvUOz_kasacP273FxPVXc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9D9B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUJ2tQx2MVkrQRQMwHSRnAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAFvUOz_kasacP273FxPVXc&google_cver=1

43 B
768 B

48ms
48ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAFvUOz_kasacP273FxPVXc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiu77vGATAB&v=APEucNW9PF4fDz-kD2zKDvSmAnhfgtrCI3TB0aPOlXKizS_iPcMyN8HgP_8sIkosLEPUloaNhC4_7SKEpvPC6f-esSe815A6XTAkobvNt7MENgUx5IGxSVzR_r-wXOn-LMyi8Txj1zO-1NXN0Q32MonX_75JteUVlBGimAtdx24JgKi9dbJG8HA
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 16:03:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgsOzK30OmuB1f9ZoIgMhVye2vEpHM%2BUu8ckJ6%2Fvgk%2FVqTVLKURsdQc0c3tcSk1%2BlvApibq9jMgW9aYlswu0EpglEU4G4RXeeUY4ogL2FO9WeUrvxdl1Bvc7sUiNPw9W8vk2fjmFkW1f3g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81f55d9208d90e4c-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 16:03:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAFvUOz_kasacP273FxPVXc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 9D9B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDqrj3_xPVPL-oST5pe7Y3s&google_cver=1

43 B
845 B

174ms
174ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDqrj3_xPVPL-oST5pe7Y3s&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiu77vGATAB&v=APEucNW9PF4fDz-kD2zKDvSmAnhfgtrCI3TB0aPOlXKizS_iPcMyN8HgP_8sIkosLEPUloaNhC4_7SKEpvPC6f-esSe815A6XTAkobvNt7MENgUx5IGxSVzR_r-wXOn-LMyi8Txj1zO-1NXN0Q32MonX_75JteUVlBGimAtdx24JgKi9dbJG8HA

Protocol

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 16:03:02 GMT
an-x-request-uuid: b4609da2-761a-48dd-b841-eff147a99388
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.221; 31.204.152.221; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 16:03:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDqrj3_xPVPL-oST5pe7Y3s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9D9B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEzMDIyNjEyMzk3ODkyODc3Mw%3D%3D

170 B
243 B

45ms
43ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEzMDIyNjEyMzk3ODkyODc3Mw%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 16:03:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Nov 2023 16:03:01 GMT
an-x-request-uuid: e8ed3f3f-c616-4072-87f3-c59ea03583b0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEzMDIyNjEyMzk3ODkyODc3Mw%3D%3D
x-proxy-origin: 31.204.152.221; 31.204.152.221; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8054 0
20 B 159ms
158ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2918902491330&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 16:03:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8054 0
20 B 158ms
158ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2918902491330&version=m202309260101&ct=77&x=1&cor=13160982083888564000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 16:03:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8054 16 KB
12 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bc50jLifXqnezU00FbQfq4yYx1vrPxwidtHgTQdjjD5fLAy7Jp3blVy-x0GAP23zCYrhhbeHZ3fQoBhwbWhbMsom84TJ73WPnJ1VT6fnVzC9smtGmkOZotQ5J_ldE-nEoav4dQ51r3YlyBVJiqK70XlIfrhCDDEmR3jNFLY_WQmk4Nyu4&cry=1&dbm_d=AKAmf-Dod07_yXvaiuA1YEPg3yeB_bUmi8tBrdEmuZj_Ftbh0E3OZ8v_kgCUKK973XfUDSeMkQrqtzkllL6HLwSEdhPb_xqAfA4znhwO7JjVYqtIU4GtxZXzkOhV4j8i2fvPGaHs7hcdY6gB2k57KTxVeeVvOQ7pHTR1r-yplnE6LxIxFZgwZxicy8iEzZWYE5jf8a1h1Mv27UZe61bFv84y4iUPiBST2kMXyrPD2V_BnebBMW_3lIqpKqLvlnOIQZl43ZeF0dmqIe3VMLHKFeFvA3sos9uJUqBc1xECvU2qgaMbewjCbKQyPyXPPuSO21Pp6Tt0Y2-DzzomBIjyiT327PBLvsh46PVJMeqUryBwnF8bdU40qN3z0k-x8-oLRGISq6BSYjcrLV5PzWfzjzjimF5vKw2uMEYaKDjKH3S8TiqXAKqNOyvVZ-4hkngdbs6SIfQ-jI__iYqb4XDTJPqktKl4J97EfxvcAX_0GGqlpT00UnAqzWWVSrqbJXK5C1PTMsoeJUnBTrMFDzC6ViBRR2BIVgkRm4atgB3jRkSaKa5DERdMAA82XLFrtbv9lFU5bkbJmBU7KH1ASFQdKdTmLIZcJ2E3s4wHnU5ZzFWeUmw4D3sGOr4WzQOl6H4Q6R2YW5uNT18rSETwQXgiTCbenShc0ottiFuFX6c__7-1m5fffRtnZY7QuL1vjvYpFDxCwGEWzM08OsaNZ3KmY6LDrgraIxXkQJ6aIaCV7sq2xahd2RRXV3V5YwjGUQ1YOlvGNu8MKJ5jHsr2e2GE95exKLwiePH4iTY7YpI_Mq7TqvAXqS8PvKassQakSiNWlPJ1QKJ_k87eDdvKvaERYXFK6vkNKUPxdscIjfzZRZvBCs1_gRAy8L8JIY1KfHxAvKRSZ4wUBogfEPAo_oeShXVJjQcqs7ESONqkMlvOZd1qRScRKOJ_rzhs4velwJsnPmHFObkSCEWLly-Y_eNduBt30ZEY8W_9ICQQqcUPilzUXdXgFHOPaEPDsCaEaIOisiEgRESQFCkdYyqcoZlikJLUib-JiH7dcbBRkf72PmmT1Q2MqIcJXTogWfpBpV1J88LbmvSu6NWA1jferSKOGqOuhRZrrwz-QZxN4O4iOB_enGshCklV29Ki305H5IqnkFk6VAmm1irWnXYTCmeJAMG_XGJpbm_-m3R3ms6whtyRu53_lGQUEZ9oLjrJUBzqZNboark9UKFNSCCtLJmNv8Oflj6DXhAR1YjO78a0ZvYIEjbh1VNAVZGa2ZFPlAD-uW4T0l3kqnc4u8z90ABWFz6r1i675qEdznsMoKO_awqeCD8zWteNZbZ8AcUJ-P7rGOJ8NMLmZxqarZ2j9wQQ__K4zaVXXXj5Gv8cwI-4Nt0h3IsUhl9StKItQHnzK0lS4QAmMJD1V2gZGNP5PPk4LQTV_-vrG7VBiP12FbbSFatQJU_r5bKV3BlOhaf1aET93qnVjQGbRXNfzCiau4zyutP35he14dFQeXBHZdFnag_O3VdODz-QXyhZy2UtHHdBx4ONLipMZYf1HKtDmF7Zub1JdsQjclMsKZVKNBbvhRIJdhL6uh5LzmhVjtmRz0ImiKaaudGcH1ojmkL5jmUJudjLUcFpCcWU1sPY5fhRa-lv8q4PtOl7IKDtUvYnFMYWMUCgKEDNv830aYDDPdFBVnR-JUl8Po51vDS7OBsfLmRvOrvLALsCzPZa5McElHNopFEzmUiUo820VB1P7CrszaPVg2QIKijIqjatwhuuv4qXEYLbmBpOQTmgqbNKuacIqLg7Mt7I-0ZBS55urgJnKftQ8ypS_3LaWiJpgRASDXSZDbdzk-Q565mwk_EiPJg-fKV54QY0xKAlvkgD5m10qJxYYfxN96m8paqQ6XCT8rJSguV0oqWUPIbObTlqeh5R50_vLexGtTyK_ImYSH2drcJWYAVWSrlpOD6yoE2pplanq7yaLdfX97QDyY3FCBx8m-dtRAlRJ2ZIqddosSEwlk7cZVIeTFhjBMV-3W1MThx4pJ0MxMeFsaTQg7EEuSR5p86aKLcvNVllz7RUHf0AWgeUmSJWVgSyZ17hU5HB0zC2KSoANWyzESaDp9MuGOTwcfqVJSwiFNn-yzkIMPyHoeqDsnhDDEu4rBwQaMG24xD1u5nZ0-B0ceBapcaAmlksF8-M3BR-kNI8aJjz6j_70CYMgnIHqV-29hVBEXJVNlJOlso2LbAOyadKf1PXC_JPDXat8rwn-qP8nENWsqheH4NU58KsanQXMiZiMKgr08cJ1lf3t40eUTucupTrkbqMryf3RuFs-Q4FOqE0I2E_2zCPC3h16MjnTnZvBFgbUgMz-4LSVgz9QeSc9rEsgisPgl1HWYmjWgd0RWewSYQP5y2J7jgeS59AanE0chYGhA6NfnbJyf5yHSzBIDzZ6jghaqZ3d3wNauhBX_9h85SrNmQdGoGxyho8Sxqx9S75xTX_I6Aeo4cnkkxlmcMdfeVLivu_3MQeoo2Zd68Qqveaxh5YZx4OCoDD1GBKJqxJBfESsnCDtKwLsjt8vSp1Hvo1xSBa1r68eU6nprQ5qHoRib7aXWAX1MvcjG8YLhFRnaAoW9MgTtZeG3emO1q7efXMoHQbVmjzg1FatxE8tznEQhbrQxsAslortIper4XT9P4Q-iXBQb0KNPTXULbpN-_biCSZQFC536CpPTDN140I6S05CBefxN4i6hu9xDZ8esYdGIM28QlDqYXLqNbzQnHpPL3zsvRdVCE_UAlQc1cRS5DWiTI5UuBTDmXb440XsmEhFuxq2xPYhaVljdBcNcfqOaLc6MVJMZt3Qkll4VFv7D_xj7QbMdUPhjMvOxs5UmKWKvVwI7JYrn--VuJSNnwv99SS71Yk58DUGU_177CU607jlgZdnBxMqWAIQEQv1NX8FvbS2Hy-cP2-pxTEn2gLI9oVl7olTAhBECnRXuaXpkKxcxgzertBetHVd-MF3bhbYbpJi8M2Zr2O9etTR4vHZEEl35cBwkR-WWbsfZf9OVPXHe8TxrC-YBbCQA7oE7E8haSIWe2VJb1Sk8a0oWnDYShstg0AbYEKTNSTw1P_FsTbEphZF1BgNZyTggg8SJqw0OX-6fef560T6n1U8wBwMfLfg4KFnSF-uWOD1DNdgkj70fDky4Uykx1QFI2GJJYMY4tQ29cDZGSoytLLFWfvuehS8m5Pb_9pU55-vJTx_qYpxBnJYkSjShhik_XMA-I7qczbPJ4Ep1wiY8SmIVqO8oon1jOcwfeTb8-5UQg7UUJJ-Gflq8RsPz75INvknu1za2PhL2Con8FSis4usSVF7NHxqN4fHA5W0unYN4OsXNE026OZkbI3BTDpm_1-KPURb0RwkC0WbuEAbO63Ep0S5EFa-Gs3m282sTvlwcgSUIdu1WAQHMhq1-GqIKHcXy7DcJbUra2Q1jRi3Z-nVkmUx06pBSFvQ1PHbVDvNcF8bUSeF_YONURQwuTdJLi7lZEUkT7QinCat0I7bL4p1izK62rw5TSgWXbFAWtywpTxan3K9oLNXaqM3XjC9WCBsw9DmvU_brHfKql9qSQZo3MPz10-tPYY3SetTX-GLV_OuhKw6eMU-YhKDqqyPC09NEbG8SzTEN_bI6AYuJLzILwV6MsZsMM54__pu380Z9L_CgO1002QkLGmOA&cid=CAQSTADICaaNYOmu-Y6oF-FMgE2oByZFe7W7ONPjm9-BFbD9IqRbrznITEBp4-hAqpqYTFhGhxPAh1fB4W-UG-caVfC4zaIYaUimRBd7sfYYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fguide.elitemu.net%2F&ds=l&xdt=1&iif=1&cor=13160982083888564000&adk=2923430907&idt=227&cac=0&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0141f26e7c9979e6a56b6c7eb691daa53178fa5f26836793753c7206dbdffd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3778058131801178&output=html&h=60&slotname=3547236041&adk=1556638581&adf=2347699626&pi=t.ma~as.3547236041&w=468&lmt=1698850981&url=https%3A%2F%2Fguide.elitemu.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698854580732&bpp=234&bdt=267&idt=534&shv=r20231030&mjsv=m202310260102&ptt=5&saldr=sd&abxe=1&prev_slotnames=1944312655&correlator=8246512841113&frm=20&pv=1&ga_vid=848340063.1698854581&ga_sid=1698854581&ga_hid=303249335&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=716&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079192%2C31079231%2C44804683%2C44805932%2C44807047%2C44807454%2C31078301&oid=2&pvsid=4067489934307912&tmod=285191637&uas=0&nvt=2&ref=http%3A%2F%2Fguide.elitemu.net%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=M2NyllMbrW&p=https%3A//guide.elitemu.net&dtd=538
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 16:03:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12176
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8054 41 KB
14 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bc50jLifXqnezU00FbQfq4yYx1vrPxwidtHgTQdjjD5fLAy7Jp3blVy-x0GAP23zCYrhhbeHZ3fQoBhwbWhbMsom84TJ73WPnJ1VT6fnVzC9smtGmkOZotQ5J_ldE-nEoav4dQ51r3YlyBVJiqK70XlIfrhCDDEmR3jNFLY_WQmk4Nyu4&cry=1&dbm_d=AKAmf-Dod07_yXvaiuA1YEPg3yeB_bUmi8tBrdEmuZj_Ftbh0E3OZ8v_kgCUKK973XfUDSeMkQrqtzkllL6HLwSEdhPb_xqAfA4znhwO7JjVYqtIU4GtxZXzkOhV4j8i2fvPGaHs7hcdY6gB2k57KTxVeeVvOQ7pHTR1r-yplnE6LxIxFZgwZxicy8iEzZWYE5jf8a1h1Mv27UZe61bFv84y4iUPiBST2kMXyrPD2V_BnebBMW_3lIqpKqLvlnOIQZl43ZeF0dmqIe3VMLHKFeFvA3sos9uJUqBc1xECvU2qgaMbewjCbKQyPyXPPuSO21Pp6Tt0Y2-DzzomBIjyiT327PBLvsh46PVJMeqUryBwnF8bdU40qN3z0k-x8-oLRGISq6BSYjcrLV5PzWfzjzjimF5vKw2uMEYaKDjKH3S8TiqXAKqNOyvVZ-4hkngdbs6SIfQ-jI__iYqb4XDTJPqktKl4J97EfxvcAX_0GGqlpT00UnAqzWWVSrqbJXK5C1PTMsoeJUnBTrMFDzC6ViBRR2BIVgkRm4atgB3jRkSaKa5DERdMAA82XLFrtbv9lFU5bkbJmBU7KH1ASFQdKdTmLIZcJ2E3s4wHnU5ZzFWeUmw4D3sGOr4WzQOl6H4Q6R2YW5uNT18rSETwQXgiTCbenShc0ottiFuFX6c__7-1m5fffRtnZY7QuL1vjvYpFDxCwGEWzM08OsaNZ3KmY6LDrgraIxXkQJ6aIaCV7sq2xahd2RRXV3V5YwjGUQ1YOlvGNu8MKJ5jHsr2e2GE95exKLwiePH4iTY7YpI_Mq7TqvAXqS8PvKassQakSiNWlPJ1QKJ_k87eDdvKvaERYXFK6vkNKUPxdscIjfzZRZvBCs1_gRAy8L8JIY1KfHxAvKRSZ4wUBogfEPAo_oeShXVJjQcqs7ESONqkMlvOZd1qRScRKOJ_rzhs4velwJsnPmHFObkSCEWLly-Y_eNduBt30ZEY8W_9ICQQqcUPilzUXdXgFHOPaEPDsCaEaIOisiEgRESQFCkdYyqcoZlikJLUib-JiH7dcbBRkf72PmmT1Q2MqIcJXTogWfpBpV1J88LbmvSu6NWA1jferSKOGqOuhRZrrwz-QZxN4O4iOB_enGshCklV29Ki305H5IqnkFk6VAmm1irWnXYTCmeJAMG_XGJpbm_-m3R3ms6whtyRu53_lGQUEZ9oLjrJUBzqZNboark9UKFNSCCtLJmNv8Oflj6DXhAR1YjO78a0ZvYIEjbh1VNAVZGa2ZFPlAD-uW4T0l3kqnc4u8z90ABWFz6r1i675qEdznsMoKO_awqeCD8zWteNZbZ8AcUJ-P7rGOJ8NMLmZxqarZ2j9wQQ__K4zaVXXXj5Gv8cwI-4Nt0h3IsUhl9StKItQHnzK0lS4QAmMJD1V2gZGNP5PPk4LQTV_-vrG7VBiP12FbbSFatQJU_r5bKV3BlOhaf1aET93qnVjQGbRXNfzCiau4zyutP35he14dFQeXBHZdFnag_O3VdODz-QXyhZy2UtHHdBx4ONLipMZYf1HKtDmF7Zub1JdsQjclMsKZVKNBbvhRIJdhL6uh5LzmhVjtmRz0ImiKaaudGcH1ojmkL5jmUJudjLUcFpCcWU1sPY5fhRa-lv8q4PtOl7IKDtUvYnFMYWMUCgKEDNv830aYDDPdFBVnR-JUl8Po51vDS7OBsfLmRvOrvLALsCzPZa5McElHNopFEzmUiUo820VB1P7CrszaPVg2QIKijIqjatwhuuv4qXEYLbmBpOQTmgqbNKuacIqLg7Mt7I-0ZBS55urgJnKftQ8ypS_3LaWiJpgRASDXSZDbdzk-Q565mwk_EiPJg-fKV54QY0xKAlvkgD5m10qJxYYfxN96m8paqQ6XCT8rJSguV0oqWUPIbObTlqeh5R50_vLexGtTyK_ImYSH2drcJWYAVWSrlpOD6yoE2pplanq7yaLdfX97QDyY3FCBx8m-dtRAlRJ2ZIqddosSEwlk7cZVIeTFhjBMV-3W1MThx4pJ0MxMeFsaTQg7EEuSR5p86aKLcvNVllz7RUHf0AWgeUmSJWVgSyZ17hU5HB0zC2KSoANWyzESaDp9MuGOTwcfqVJSwiFNn-yzkIMPyHoeqDsnhDDEu4rBwQaMG24xD1u5nZ0-B0ceBapcaAmlksF8-M3BR-kNI8aJjz6j_70CYMgnIHqV-29hVBEXJVNlJOlso2LbAOyadKf1PXC_JPDXat8rwn-qP8nENWsqheH4NU58KsanQXMiZiMKgr08cJ1lf3t40eUTucupTrkbqMryf3RuFs-Q4FOqE0I2E_2zCPC3h16MjnTnZvBFgbUgMz-4LSVgz9QeSc9rEsgisPgl1HWYmjWgd0RWewSYQP5y2J7jgeS59AanE0chYGhA6NfnbJyf5yHSzBIDzZ6jghaqZ3d3wNauhBX_9h85SrNmQdGoGxyho8Sxqx9S75xTX_I6Aeo4cnkkxlmcMdfeVLivu_3MQeoo2Zd68Qqveaxh5YZx4OCoDD1GBKJqxJBfESsnCDtKwLsjt8vSp1Hvo1xSBa1r68eU6nprQ5qHoRib7aXWAX1MvcjG8YLhFRnaAoW9MgTtZeG3emO1q7efXMoHQbVmjzg1FatxE8tznEQhbrQxsAslortIper4XT9P4Q-iXBQb0KNPTXULbpN-_biCSZQFC536CpPTDN140I6S05CBefxN4i6hu9xDZ8esYdGIM28QlDqYXLqNbzQnHpPL3zsvRdVCE_UAlQc1cRS5DWiTI5UuBTDmXb440XsmEhFuxq2xPYhaVljdBcNcfqOaLc6MVJMZt3Qkll4VFv7D_xj7QbMdUPhjMvOxs5UmKWKvVwI7JYrn--VuJSNnwv99SS71Yk58DUGU_177CU607jlgZdnBxMqWAIQEQv1NX8FvbS2Hy-cP2-pxTEn2gLI9oVl7olTAhBECnRXuaXpkKxcxgzertBetHVd-MF3bhbYbpJi8M2Zr2O9etTR4vHZEEl35cBwkR-WWbsfZf9OVPXHe8TxrC-YBbCQA7oE7E8haSIWe2VJb1Sk8a0oWnDYShstg0AbYEKTNSTw1P_FsTbEphZF1BgNZyTggg8SJqw0OX-6fef560T6n1U8wBwMfLfg4KFnSF-uWOD1DNdgkj70fDky4Uykx1QFI2GJJYMY4tQ29cDZGSoytLLFWfvuehS8m5Pb_9pU55-vJTx_qYpxBnJYkSjShhik_XMA-I7qczbPJ4Ep1wiY8SmIVqO8oon1jOcwfeTb8-5UQg7UUJJ-Gflq8RsPz75INvknu1za2PhL2Con8FSis4usSVF7NHxqN4fHA5W0unYN4OsXNE026OZkbI3BTDpm_1-KPURb0RwkC0WbuEAbO63Ep0S5EFa-Gs3m282sTvlwcgSUIdu1WAQHMhq1-GqIKHcXy7DcJbUra2Q1jRi3Z-nVkmUx06pBSFvQ1PHbVDvNcF8bUSeF_YONURQwuTdJLi7lZEUkT7QinCat0I7bL4p1izK62rw5TSgWXbFAWtywpTxan3K9oLNXaqM3XjC9WCBsw9DmvU_brHfKql9qSQZo3MPz10-tPYY3SetTX-GLV_OuhKw6eMU-YhKDqqyPC09NEbG8SzTEN_bI6AYuJLzILwV6MsZsMM54__pu380Z9L_CgO1002QkLGmOA&cid=CAQSTADICaaNYOmu-Y6oF-FMgE2oByZFe7W7ONPjm9-BFbD9IqRbrznITEBp4-hAqpqYTFhGhxPAh1fB4W-UG-caVfC4zaIYaUimRBd7sfYYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fguide.elitemu.net%2F&ds=l&xdt=1&iif=1&cor=13160982083888564000&adk=2923430907&idt=227&cac=0&dtd=20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 567636
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 02:22:26 GMT

GET
H/1.1 200
OK lk8t7grhuo1n Show response
hal9000.redintelligence.net/zone/ Frame 8054 11 KB
4 KB 153ms
53ms Script
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/lk8t7grhuo1n?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR0dstXZCZcLPFozc18cPpYiuwAjM-YagaZOyx__3D_AuEAEg1bjRImCRhKCFjBjIAQmpArR7dP4qsLE-qAMByAObBKoE7AFP0NKML84PQQkyeEDp-9iPvjWg9QuEpOFrDkUgDNgEIeTN5x4IoxQf_e6KOevMkfeCIOCCrb7lv4wnLB1boSi0_p-dxBoM-RhW5rAoWvOlS1w4CNQreLzQVLl9rLCjHqfeh1bw7CIshNQGeM0R_6sb2_7g-ANVRPUC-7ftec-o04DZ8QT0XMkyE62jt-TqNdWuJuoq-hlSKyTOef_DgrUKgexIFGP6J0u5Y2gN0wyxakkSI6DDyrHy1DbCdO2YMT_msdt2rsyrj1Kb1loHOSQMRDMuxRMTKgqbBSohsg4_59cs1vup9Aw0lE9_s8AE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAk5MsBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNYOmu-Y6oF-FMgE2oByZFe7W7ONPjm9-BFbD9IqRbrznITEBp4-hAqpqYTFhGhxPAh1fB4W-UG-caVfC4zaIYaUimRBd7sfYYAQ%26sig%3DAOD64_1Cyw6LZjPCFgjQTw5yfgvEe63epg%26client%3Dca-pub-3778058131801178%26dbm_c%3DAKAmf-AIU7G8iK-XtZl7_sZCi0SZ19n6pKzEsy0_Wf_OfowX9HxJPcTiDU_LcGE7ShMDrHPq2i5fuQYtmvhibPUT2C9bJsQmbfG8Iadu-lDLCvhlQ4tQ38R-A01-TXQopK7hkVsU4rQ6Q6aQz_UxWkVNMYoAWiEcPgNGTWMelMNhSLf0Te_AZO4%26cry%3D1%26dbm_d%3DAKAmf-B4xvSQk1lJl7s2iKzTued5EElKOcm0Qfk91nBZme9YQwg9uOp7fBv4Tki1FxQ-SYov2KGSIPFeiehy7mYE7G6eNJWAEHGdZBIbwCnSkYedwz8-nvcpXLySrVenkDCdgVugBkHxRpFReWM2rAU1laTWCFZNJX8wDfyMQ-3SMeHaaCznTyzy3igY6DOAuHYNMOBgqLlj_ONjbaX-dQcSbD1i1AVljoWk1t9oU_LJBOGty2arTbWeMZMdeK0aj5q6sEIu4P0UgDq3xV6JGjuXeImsCaAXEYJ6UDQ4KdGYh_aSux8yQnil7v-QXr32-G5DJ7Y3t_jO_tLncyTe98dG5fzD14vPqcoDl4dxH9yYJYO7NOeAD6kZ1DZPLONbXD-KA7ww7gVwHIldoY1kQAhxVZvmp2_0UX8uEtLJXWfzJshwTUhrj8quSVQtIrKi2TNo6d6hKbRV3erZ7rdNfGxGUcBs-DidQkb8PvOnqOp36ZuHJ5H-iKFFKo0GjUXak3xTT8ahBgkilIvTEe2P5GkrQEcdvjNNm33chl-gjxFYXaZXNuE35ys%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3778058131801178&output=html&h=60&slotname=3547236041&adk=1556638581&adf=2347699626&pi=t.ma~as.3547236041&w=468&lmt=1698850981&url=https%3A%2F%2Fguide.elitemu.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698854580732&bpp=234&bdt=267&idt=534&shv=r20231030&mjsv=m202310260102&ptt=5&saldr=sd&abxe=1&prev_slotnames=1944312655&correlator=8246512841113&frm=20&pv=1&ga_vid=848340063.1698854581&ga_sid=1698854581&ga_hid=303249335&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=716&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079192%2C31079231%2C44804683%2C44805932%2C44807047%2C44807454%2C31078301&oid=2&pvsid=4067489934307912&tmod=285191637&uas=0&nvt=2&ref=http%3A%2F%2Fguide.elitemu.net%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=M2NyllMbrW&p=https%3A//guide.elitemu.net&dtd=538
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 83e50a7d8f9609350380e7a7ec27651625d9458f94ad600bad05369c02687c22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 16:03:02 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4125
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ Frame A178 6 KB
1 KB 190ms
61ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3778058131801178&output=html&h=250&slotname=1944312655&adk=1223859378&adf=2836758445&pi=t.ma~as.1944312655&w=250&lmt=1698850981&url=https%3A%2F%2Fguide.elitemu.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698854580728&bpp=238&bdt=263&idt=505&shv=r20231030&mjsv=m202310260102&ptt=5&saldr=sd&abxe=1&correlator=8246512841113&frm=20&pv=2&ga_vid=848340063.1698854581&ga_sid=1698854581&ga_hid=303249335&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079192%2C31079231%2C44804683%2C44805932%2C44807047%2C44807454%2C31078301&oid=2&pvsid=4067489934307912&tmod=285191637&uas=0&nvt=2&ref=http%3A%2F%2Fguide.elitemu.net%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=leaHieCezA&p=https%3A//guide.elitemu.net&dtd=530

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 16:03:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 14:58:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Nov 2023 16:03:02 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame A178 2 KB
907 B 58ms
57ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:18:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74656
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 19:18:46 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame A178 23 KB
9 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:19:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74619
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9142
x-xss-protection: 0
server: cafe
etag: 3118617226516770384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 19:19:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame A178 3 KB
1 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 14:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7069
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 14:05:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame A178 20 KB
8 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 19:18:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 19:18:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A178 188 KB
59 KB 122ms
122ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 16:03:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 16:03:02 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame A178 36 KB
15 KB 183ms
58ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:18:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 427451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 16:29:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 17:18:51 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/12984669781615706729/ Frame A178 64 KB
64 KB 67ms
67ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12984669781615706729/2076313506083323656

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5c6efc65dc894af398f2b4f3e421fe8ccac11010da3e5e92dc839191eb790c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 12:58:56 GMT
x-content-type-options: nosniff
age: 270246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65538
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 08:13:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 28 Oct 2024 12:58:56 GMT

GET
DATA 200
OK truncated
/ Frame A178 219 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94f90d0f4c0b4d78a786417223099b5cab8b0c31db647b2bd3412761e1253861

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 206C 38 KB
13 KB 33ms
33ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 460156
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 08:13:46 GMT
expires: Sat, 26 Oct 2024 08:13:46 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 206C 38 KB
15 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 11:45:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 11:45:38 GMT

GET
H/1.1

200
OK

request.php Show response
hal900016.redintelligence.net/ Frame 8054
Redirect Chain

https://hal900016.redintelligence.net/request.php?zone=lk8t7grhuo1n&nw=20&renderingType=javascript&namespace=4abb31a0a4&subid=&uid=36f8780c165abd85&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900016.redintelligence.net/request.php?zone=lk8t7grhuo1n&nw=20&renderingType=javascript&namespace=4abb31a0a4&subid=&uid=36f8780c165abd85&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
2 KB

215ms
107ms

Script
application/x-javascript

138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/request.php?zone=lk8t7grhuo1n&nw=20&renderingType=javascript&namespace=4abb31a0a4&subid=&uid=36f8780c165abd85&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR0dstXZCZcLPFozc18cPpYiuwAjM-YagaZOyx__3D_AuEAEg1bjRImCRhKCFjBjIAQmpArR7dP4qsLE-qAMByAObBKoE7AFP0NKML84PQQkyeEDp-9iPvjWg9QuEpOFrDkUgDNgEIeTN5x4IoxQf_e6KOevMkfeCIOCCrb7lv4wnLB1boSi0_p-dxBoM-RhW5rAoWvOlS1w4CNQreLzQVLl9rLCjHqfeh1bw7CIshNQGeM0R_6sb2_7g-ANVRPUC-7ftec-o04DZ8QT0XMkyE62jt-TqNdWuJuoq-hlSKyTOef_DgrUKgexIFGP6J0u5Y2gN0wyxakkSI6DDyrHy1DbCdO2YMT_msdt2rsyrj1Kb1loHOSQMRDMuxRMTKgqbBSohsg4_59cs1vup9Aw0lE9_s8AE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAk5MsBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNYOmu-Y6oF-FMgE2oByZFe7W7ONPjm9-BFbD9IqRbrznITEBp4-hAqpqYTFhGhxPAh1fB4W-UG-caVfC4zaIYaUimRBd7sfYYAQ%26sig%3DAOD64_1Cyw6LZjPCFgjQTw5yfgvEe63epg%26client%3Dca-pub-3778058131801178%26dbm_c%3DAKAmf-AIU7G8iK-XtZl7_sZCi0SZ19n6pKzEsy0_Wf_OfowX9HxJPcTiDU_LcGE7ShMDrHPq2i5fuQYtmvhibPUT2C9bJsQmbfG8Iadu-lDLCvhlQ4tQ38R-A01-TXQopK7hkVsU4rQ6Q6aQz_UxWkVNMYoAWiEcPgNGTWMelMNhSLf0Te_AZO4%26cry%3D1%26dbm_d%3DAKAmf-B4xvSQk1lJl7s2iKzTued5EElKOcm0Qfk91nBZme9YQwg9uOp7fBv4Tki1FxQ-SYov2KGSIPFeiehy7mYE7G6eNJWAEHGdZBIbwCnSkYedwz8-nvcpXLySrVenkDCdgVugBkHxRpFReWM2rAU1laTWCFZNJX8wDfyMQ-3SMeHaaCznTyzy3igY6DOAuHYNMOBgqLlj_ONjbaX-dQcSbD1i1AVljoWk1t9oU_LJBOGty2arTbWeMZMdeK0aj5q6sEIu4P0UgDq3xV6JGjuXeImsCaAXEYJ6UDQ4KdGYh_aSux8yQnil7v-QXr32-G5DJ7Y3t_jO_tLncyTe98dG5fzD14vPqcoDl4dxH9yYJYO7NOeAD6kZ1DZPLONbXD-KA7ww7gVwHIldoY1kQAhxVZvmp2_0UX8uEtLJXWfzJshwTUhrj8quSVQtIrKi2TNo6d6hKbRV3erZ7rdNfGxGUcBs-DidQkb8PvOnqOp36ZuHJ5H-iKFFKo0GjUXak3xTT8ahBgkilIvTEe2P5GkrQEcdvjNNm33chl-gjxFYXaZXNuE35ys%26adurl%3D&documentReferer=https%3A%2F%2Fguide.elitemu.net%2F&ancestorOrigins=https%3A%2F%2Fguide.elitemu.net&random=2167112714160&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3778058131801178&output=html&h=60&slotname=3547236041&adk=1556638581&adf=2347699626&pi=t.ma~as.3547236041&w=468&lmt=1698850981&url=https%3A%2F%2Fguide.elitemu.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698854580732&bpp=234&bdt=267&idt=534&shv=r20231030&mjsv=m202310260102&ptt=5&saldr=sd&abxe=1&prev_slotnames=1944312655&correlator=8246512841113&frm=20&pv=1&ga_vid=848340063.1698854581&ga_sid=1698854581&ga_hid=303249335&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=716&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079192%2C31079231%2C44804683%2C44805932%2C44807047%2C44807454%2C31078301&oid=2&pvsid=4067489934307912&tmod=285191637&uas=0&nvt=2&ref=http%3A%2F%2Fguide.elitemu.net%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=M2NyllMbrW&p=https%3A//guide.elitemu.net&dtd=538
Protocol: HTTP/1.1
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: c59ea1d9f4d003203cfd4c0348373164451398ba8fe80d348cda2a4e304e71fb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 16:03:02 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 44959300119980604444448012495016
Connection: close
Content-Length: 946
Expires: Wed, 01 Nov 2023 16:03:02 +0100

Redirect headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 16:03:02 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=lk8t7grhuo1n&nw=20&renderingType=javascript&namespace=4abb31a0a4&subid=&uid=36f8780c165abd85&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR0dstXZCZcLPFozc18cPpYiuwAjM-YagaZOyx__3D_AuEAEg1bjRImCRhKCFjBjIAQmpArR7dP4qsLE-qAMByAObBKoE7AFP0NKML84PQQkyeEDp-9iPvjWg9QuEpOFrDkUgDNgEIeTN5x4IoxQf_e6KOevMkfeCIOCCrb7lv4wnLB1boSi0_p-dxBoM-RhW5rAoWvOlS1w4CNQreLzQVLl9rLCjHqfeh1bw7CIshNQGeM0R_6sb2_7g-ANVRPUC-7ftec-o04DZ8QT0XMkyE62jt-TqNdWuJuoq-hlSKyTOef_DgrUKgexIFGP6J0u5Y2gN0wyxakkSI6DDyrHy1DbCdO2YMT_msdt2rsyrj1Kb1loHOSQMRDMuxRMTKgqbBSohsg4_59cs1vup9Aw0lE9_s8AE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAk5MsBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNYOmu-Y6oF-FMgE2oByZFe7W7ONPjm9-BFbD9IqRbrznITEBp4-hAqpqYTFhGhxPAh1fB4W-UG-caVfC4zaIYaUimRBd7sfYYAQ%26sig%3DAOD64_1Cyw6LZjPCFgjQTw5yfgvEe63epg%26client%3Dca-pub-3778058131801178%26dbm_c%3DAKAmf-AIU7G8iK-XtZl7_sZCi0SZ19n6pKzEsy0_Wf_OfowX9HxJPcTiDU_LcGE7ShMDrHPq2i5fuQYtmvhibPUT2C9bJsQmbfG8Iadu-lDLCvhlQ4tQ38R-A01-TXQopK7hkVsU4rQ6Q6aQz_UxWkVNMYoAWiEcPgNGTWMelMNhSLf0Te_AZO4%26cry%3D1%26dbm_d%3DAKAmf-B4xvSQk1lJl7s2iKzTued5EElKOcm0Qfk91nBZme9YQwg9uOp7fBv4Tki1FxQ-SYov2KGSIPFeiehy7mYE7G6eNJWAEHGdZBIbwCnSkYedwz8-nvcpXLySrVenkDCdgVugBkHxRpFReWM2rAU1laTWCFZNJX8wDfyMQ-3SMeHaaCznTyzy3igY6DOAuHYNMOBgqLlj_ONjbaX-dQcSbD1i1AVljoWk1t9oU_LJBOGty2arTbWeMZMdeK0aj5q6sEIu4P0UgDq3xV6JGjuXeImsCaAXEYJ6UDQ4KdGYh_aSux8yQnil7v-QXr32-G5DJ7Y3t_jO_tLncyTe98dG5fzD14vPqcoDl4dxH9yYJYO7NOeAD6kZ1DZPLONbXD-KA7ww7gVwHIldoY1kQAhxVZvmp2_0UX8uEtLJXWfzJshwTUhrj8quSVQtIrKi2TNo6d6hKbRV3erZ7rdNfGxGUcBs-DidQkb8PvOnqOp36ZuHJ5H-iKFFKo0GjUXak3xTT8ahBgkilIvTEe2P5GkrQEcdvjNNm33chl-gjxFYXaZXNuE35ys%26adurl%3D&documentReferer=https%3A%2F%2Fguide.elitemu.net%2F&ancestorOrigins=https%3A%2F%2Fguide.elitemu.net&random=2167112714160&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Wed, 01 Nov 2023 16:03:02 +0100

GET
DATA 200
OK truncated
/ Frame A178 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11e971c85e5a4fd55d56ecad218b57e40873871fdee9089acc9707aff82dd5d1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A178 15 KB
15 KB 159ms
72ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 23:02:07 GMT
x-content-type-options: nosniff
age: 147655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Oct 2024 23:02:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A178 15 KB
16 KB 107ms
34ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 18:18:43 GMT
x-content-type-options: nosniff
age: 164659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Oct 2024 18:18:43 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A178 15 KB
15 KB 114ms
42ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 14:58:03 GMT
x-content-type-options: nosniff
age: 349499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 14:58:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 206C 0
20 B 165ms
165ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BfqoItnZCZc71A6jA9u8P4MmYsAkAAAAAOAHgBAI&bg=!XF-lXxDNAAbo5yKYyOc7ADQBe5WfOFYE-MVJL5_mk7b6kf4KuXhM2ukDMDfS1E9s0U-MJ5mNX_apETKnuyty8tTYFL6jAgAAAI1SAAAABmgBBwoAFQygIKP94XKfWmGvOyCm2lduHpg5LZkC2tSJZUeMqLwWW5QCDY67v7585xv6yW_qrzjYd1CGBFMtyRBPwj4jBTaOKX9_v3sx2koy7QGg8JGUojuEKyquU27mKUsJac3Lnqv8f7XGUNjs7rqYR_ouC7aQ6VTUIJwThdSE3T1LCqLbuq4Bw3-z0hu25BkHZpj7EUFhZ2eBoWs5D5PgeusDUafG3w0jt_YkVH4dhfYsjxR7FwHAkPt3ArmFN1GLOVm7sTzbwLguS3w-8MephLSu-jGu6YvEqx0XqYtesrF7GGJbniqJELJV-9uL1c3D_fjzqZ8gzi2ViSs3CzLCtPIqf3IJ6hxA1HP43vSgHbdyD39xoB6WcXv0eLHlP_mXENHDvy6Gz8LVC27erCHMqOpUo0JDcnTx_xbu1zIyNw8kr3Lfljb91SgqmNYEIisO1qZJfIqQi-vWMv2d0GzCobdiVgh736GEgkmYSJhfM7tpYwLubUpRHKROvHf7Xz3w0dBDc1dAMeWzhl4Yk33FJQ0XIAX1r3HkgaQxbkoHitYIEgKOJ6eBziIAdTscwqa_stGz0dcwBl3hmtgl8yKi0K3L0GeMdrasoaYuYyhBsPYqi8OnKzjVXbedaEcY9oTuUW9PIU7xrPL_LW3lDnEBIawIvZQa1iViEaI4lIWl2hlBVZ96-n_stGU0XUUtoWNyuFQEAFzMMOtBX0zIphhW1Y8uULAYvvTvLU-LJWqN5IeMsHbM_mp5qA1Y2svc_VyXmOhxmL_AdMVxoHkymjhKQo3G7Fml8SShAI-Ty9s-pnnamZFS_BGfLNxgwZGQIz_FKGkQjgWAKNd9907H6U2IsY2yNJKTl1cELx3Bdy-PZCVcaeMJ1Egm9esjTlldBBgT9sIQXgI1Kq2BEuNx6utjubr4ecf9dRZ_jpvsYcvySmfcUu5bC1WronDBmUuGsyq3oO_QoFL0ss4v1VE2Qe51ade-eK4Y4koZ1Uv6XHEla8arlfiOHC8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 16:03:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A178
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CuBimtXZCZd-PFqK418cPkOmWkAXx6P6vZoiP4-TXEdrZHhABINW40SJgkYSghYwYoAHAm_j1AsgBCakCtHt0_iqwsT6oAwHIA8sEqgTjAU_QaOwiYGB7J3rfWUlmyenbyUgwo0umxhXNZhe...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223698987983060619373%22,%22debug_reporting%22:true,%22destination%22:%22https://bereik.nl%22,%22event_report_window%22:%222...

0
0

211ms
91ms

Fetch
text/css

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223698987983060619373%22,%22debug_reporting%22:true,%22destination%22:%22https://bereik.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22784207296%22],%224%22:[%2211-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216032269081343675329%22}&andc=true

Requested by

Host: guide.elitemu.net
URL: https://guide.elitemu.net/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 16:03:03 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"3698987983060619373","debug_reporting":true,"destination":"https://bereik.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["784207296"],"4":["11-01"],"6":["true"]},"priority":"500","source_event_id":"16032269081343675329"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 01 Nov 2023 16:03:03 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 01 Nov 2023 16:03:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3698987983060619373","debug_reporting":true,"destination":"https://bereik.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["784207296"],"4":["11-01"],"6":["true"]},"priority":"500","source_event_id":"16032269081343675329"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Yki7wq91PsU7DdxfmXKOQxU4B1wmfJmh9h09t8sJadc.js Show response
pagead2.googlesyndication.com/bg/ Frame 290D 38 KB
15 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yki7wq91PsU7DdxfmXKOQxU4B1wmfJmh9h09t8sJadc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6248bbc2af753ec53b0ddc5f99728e431538075c267c99a1f61d3db7cb0969d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 423964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15080
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 18:16:58 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 235ms
95ms Preflight
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 01 Nov 2023 16:03:02 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
ti.tradetracker.net/ Frame 8054 452 B
930 B 193ms
91ms Script
text/javascript 34.248.207.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ti.tradetracker.net/?c=36785&m=2147229&a=70002&r=44959300119980604444448012495016&t=js&wid=tt-79988b
Requested by: Host: guide.elitemu.net
URL: http://guide.elitemu.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.207.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-207-226.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d50b7b89698ca637dffc3edd9fa9ef8faafbbcfba6d31515d390c5a8ab7f71c9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Wed, 01 Nov 2023 16:03:02 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-type: text/javascript; charset=UTF-8

GET
H/1.1 200
OK request_content.php Show response
hal900016.redintelligence.net/ Frame 3751 6 KB
2 KB 140ms
46ms Document
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/request_content.php?s=44959300119980604444448012495016&a=938a9014
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=lk8t7grhuo1n&nw=20&renderingType=javascript&namespace=4abb31a0a4&subid=&uid=36f8780c165abd85&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR0dstXZCZcLPFozc18cPpYiuwAjM-YagaZOyx__3D_AuEAEg1bjRImCRhKCFjBjIAQmpArR7dP4qsLE-qAMByAObBKoE7AFP0NKML84PQQkyeEDp-9iPvjWg9QuEpOFrDkUgDNgEIeTN5x4IoxQf_e6KOevMkfeCIOCCrb7lv4wnLB1boSi0_p-dxBoM-RhW5rAoWvOlS1w4CNQreLzQVLl9rLCjHqfeh1bw7CIshNQGeM0R_6sb2_7g-ANVRPUC-7ftec-o04DZ8QT0XMkyE62jt-TqNdWuJuoq-hlSKyTOef_DgrUKgexIFGP6J0u5Y2gN0wyxakkSI6DDyrHy1DbCdO2YMT_msdt2rsyrj1Kb1loHOSQMRDMuxRMTKgqbBSohsg4_59cs1vup9Aw0lE9_s8AE6uvMo-QD4AQDiAWVr-H9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAk5MsBPgm80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNYOmu-Y6oF-FMgE2oByZFe7W7ONPjm9-BFbD9IqRbrznITEBp4-hAqpqYTFhGhxPAh1fB4W-UG-caVfC4zaIYaUimRBd7sfYYAQ%26sig%3DAOD64_1Cyw6LZjPCFgjQTw5yfgvEe63epg%26client%3Dca-pub-3778058131801178%26dbm_c%3DAKAmf-AIU7G8iK-XtZl7_sZCi0SZ19n6pKzEsy0_Wf_OfowX9HxJPcTiDU_LcGE7ShMDrHPq2i5fuQYtmvhibPUT2C9bJsQmbfG8Iadu-lDLCvhlQ4tQ38R-A01-TXQopK7hkVsU4rQ6Q6aQz_UxWkVNMYoAWiEcPgNGTWMelMNhSLf0Te_AZO4%26cry%3D1%26dbm_d%3DAKAmf-B4xvSQk1lJl7s2iKzTued5EElKOcm0Qfk91nBZme9YQwg9uOp7fBv4Tki1FxQ-SYov2KGSIPFeiehy7mYE7G6eNJWAEHGdZBIbwCnSkYedwz8-nvcpXLySrVenkDCdgVugBkHxRpFReWM2rAU1laTWCFZNJX8wDfyMQ-3SMeHaaCznTyzy3igY6DOAuHYNMOBgqLlj_ONjbaX-dQcSbD1i1AVljoWk1t9oU_LJBOGty2arTbWeMZMdeK0aj5q6sEIu4P0UgDq3xV6JGjuXeImsCaAXEYJ6UDQ4KdGYh_aSux8yQnil7v-QXr32-G5DJ7Y3t_jO_tLncyTe98dG5fzD14vPqcoDl4dxH9yYJYO7NOeAD6kZ1DZPLONbXD-KA7ww7gVwHIldoY1kQAhxVZvmp2_0UX8uEtLJXWfzJshwTUhrj8quSVQtIrKi2TNo6d6hKbRV3erZ7rdNfGxGUcBs-DidQkb8PvOnqOp36ZuHJ5H-iKFFKo0GjUXak3xTT8ahBgkilIvTEe2P5GkrQEcdvjNNm33chl-gjxFYXaZXNuE35ys%26adurl%3D&documentReferer=https%3A%2F%2Fguide.elitemu.net%2F&ancestorOrigins=https%3A%2F%2Fguide.elitemu.net&random=2167112714160&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a7067e0049e0a67f4b21301d7463a6a896a278ad183a177389643cfbe0069413

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1827
Content-Type: text/html; charset=utf-8
Date: Wed, 01 Nov 2023 16:03:02 GMT
Expires: Wed, 01 Nov 2023 16:03:02 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 8054 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6696dd38c1d5ffdf6fca2629c8bd403cdbbd00ce385bde44569307223cbbcc76

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 3751 5 KB
755 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=44959300119980604444448012495016&a=938a9014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 16:03:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 15:18:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Nov 2023 16:03:02 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 3751 14 KB
14 KB 144ms
47ms Image
image/png 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=114&height=60&url=https://cdn.contentspread.net/24i/advertiser/72665/creativesup/image016.jpeg
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=44959300119980604444448012495016&a=938a9014
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: a81a6e33f75ed05dfdf06d8d7c5c8a562d3fd92943c5138604b41f3a8ae1924d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 16:03:02 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 13946
Vary: Accept-Encoding
Content-Type: image/png

GET
H2

200

b6b56d4db26a7ddae298f91033941ff8970f56.png
static.tradetracker.net/nl/material_image/e8/ Frame 8054
Redirect Chain

https://ti.tradetracker.net/?c=36785&m=2147229&a=70002&r=44959300119980604444448012495016&t=html
https://static.tradetracker.net/nl/material_image/e8/b6b56d4db26a7ddae298f91033941ff8970f56.png

28 KB
28 KB

127ms
38ms

Image
image/png

2600:9000:21f3:0:1a:7c92:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tradetracker.net/nl/material_image/e8/b6b56d4db26a7ddae298f91033941ff8970f56.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3778058131801178&output=html&h=60&slotname=3547236041&adk=1556638581&adf=2347699626&pi=t.ma~as.3547236041&w=468&lmt=1698850981&url=https%3A%2F%2Fguide.elitemu.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698854580732&bpp=234&bdt=267&idt=534&shv=r20231030&mjsv=m202310260102&ptt=5&saldr=sd&abxe=1&prev_slotnames=1944312655&correlator=8246512841113&frm=20&pv=1&ga_vid=848340063.1698854581&ga_sid=1698854581&ga_hid=303249335&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=716&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079192%2C31079231%2C44804683%2C44805932%2C44807047%2C44807454%2C31078301&oid=2&pvsid=4067489934307912&tmod=285191637&uas=0&nvt=2&ref=http%3A%2F%2Fguide.elitemu.net%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=M2NyllMbrW&p=https%3A//guide.elitemu.net&dtd=538
Protocol: H2
Server: 2600:9000:21f3:0:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: eb287c371a9eb1ac498609fe9e83705d037dcdb9cb40946e4d4b8c48f3b5f56f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:59:00 GMT
via: 1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
last-modified: Mon, 12 Dec 2022 10:49:56 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
age: 285
etag: "63970754-708b"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 28811
x-amz-cf-id: lrHdBJt-1FwMpDYWchjG0E1BPxyuFP-q3YL8581J_7oDe6SAQLkB6Q==

Redirect headers

location: https://static.tradetracker.net/nl/material_image/e8/b6b56d4db26a7ddae298f91033941ff8970f56.png
date: Wed, 01 Nov 2023 16:03:02 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
server: nginx
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900016.redintelligence.net/ Frame 3751 0
150 B 150ms
47ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/viewability?s=44959300119980604444448012495016&a=f0870de5&vb=m
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=44959300119980604444448012495016&a=938a9014
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900016.redintelligence.net/request_content.php?s=44959300119980604444448012495016&a=938a9014
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 16:03:02 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 3751 14 KB
15 KB 57ms
44ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900016.redintelligence.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:23:45 GMT
x-content-type-options: nosniff
age: 517157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 16:23:45 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 3751 15 KB
15 KB 48ms
34ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900016.redintelligence.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 09:02:57 GMT
x-content-type-options: nosniff
age: 457205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 09:02:57 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 237ms
109ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231030&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3da42f64fd0a40cb35f97acd082677207848b96060fd81cc68b4ba4ac30f79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://guide.elitemu.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 16:03:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12264
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://guide.elitemu.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 16:03:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 16:03:03 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3E76 13 KB
5 KB 44ms
33ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://guide.elitemu.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 2016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 15:29:27 GMT
expires: Thu, 31 Oct 2024 15:29:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AE5D 829 B
1 KB 132ms
46ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

45305507ff92d4b63fd33e915005685ddbc2c487561c9b4bfd768345dec854b2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wjHQqtX-FjMRlYUKSLZ32w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://guide.elitemu.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-wjHQqtX-FjMRlYUKSLZ32w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 16:03:03 GMT
expires: Wed, 01 Nov 2023 16:03:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E76 38 KB
15 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 11:45:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 11:45:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AE5D 0
0 159ms
158ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231030&jk=4067489934307912&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3E76 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uTpNIw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 16:03:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8054 42 B
64 B 168ms
167ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsGNd_f5XihgIhdUBZgPI2eE2yn0q0oiOYhFPWIUhdCJUGE27ebYdMjgkCSF82w9RzQmvrHfIfW3uM0QJ13hrDCpAiWbS4jqARntncCxFyyO1BxukMJ6Ll8TYTLmNhoDA&sai=AMfl-YS1UUuBCqH1ueyG7sElsBKFvwC-eXEcpHzjNW9sPTjV_ahOyuYMyL4tx2-iAbkPFjs1_Q7nq7SLuVNr6WZ3YgSr-kR86c2ITAYpimf6xo_i6Kf1vyxAJzOn1WGeiJtlbZbb1kTkPK1lr_p1cQ&sig=Cg0ArKJSzFfkTHdmGnoBEAE&cid=CAQSTADICaaNYOmu-Y6oF-FMgE2oByZFe7W7ONPjm9-BFbD9IqRbrznITEBp4-hAqpqYTFhGhxPAh1fB4W-UG-caVfC4zaIYaUimRBd7sfYYAQ&id=lidar2&mcvt=1004&p=0,0,60,468&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20231030&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1556638581&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698854581272&rpt=1413&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 16:03:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900016.redintelligence.net/ Frame 3751 0
150 B 140ms
47ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/viewability?s=44959300119980604444448012495016&a=f0870de5&vb=v
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=44959300119980604444448012495016&a=938a9014
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hal900016.redintelligence.net/request_content.php?s=44959300119980604444448012495016&a=938a9014
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 16:03:04 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8054 0
20 B 159ms
158ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2918902491330&version=m202309260101&ct=77&x=1&cor=13160982083888564000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 16:03:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 163ms
163ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231030&jk=4067489934307912&bg=!bG-lbyDNAAbo5yKYyOc7ADQBe5WfOJrrOPmXDoTwLnG3_fCT56i14yg0rEpgs3hF1isVHzMq3l2uJBjpS7AwXqa_Xd_5AgAAAFhSAAAACmgBBwoAyKvDa5SMETIXn_AWZqtVSihGiT5P14Agzfmsk3w0QTxmR0QmXoffqcsDnDA6hvxfOz76e3S8NQ56LxDjuWjV7sEXvhoBwpVsJ-4_rZRZRxSQ0WuY6lLBwuSq2Mljl4g5BWJztRSKCOHgZr9Y8CY8Hay28iczpcyBRK3nVyt4mFftXGKopQRQ1l5ebWpIHggU2uCaoVYtbWRWrJJ_-fc3D6jTgRq22Mdwp5ozonIx866owMlYqkRB6_p5RX0qOWpsuRZMI9IXJMHfmQK7EDpGZFsgfUDSJup6xfhuop4sCEMlteoiOOoB0_zsc6CHihRnBACkkNu2oZg0Ef82jdL3Sv_k534BAtWLuZcz2ypYUOe2gtzMg9o0uih2Epp-DQX-GWhVdmfj49rwcWx3oNl_AEHwcR8NDLDxwcZazZkS_VWLQLRWe2ZGS9Il4XHV3lkU1kuQF3WK3vkqdRjBwuuvnp-ueWDRXzRtMItRLJ3sogzi0w_pueg7qF91BbhzISIZA4Pnqpj_mDFhHWmA5FdC0Pxax329CFl7-nMqwkpdJpWiabX2gjJy6EpUO5kQcbeKlOnd6o7kgkPTdfqYk9T1YHrLhhSLtZ5GtoSfVV9UzRlBPHwGCUMVIGI2-pG1-egrcy_o4CzAvNWAwVhWK2WIPG7AYzFR4MszDGYnSEzqzftZwEnaqgY7HczkUkTD5aVibd6s6o-zEqDdtNustwl38tdjTcFZcofN20V_lgxyko6Y5nkMRjcF39sLGAhvAuNEOjg6qzjZUK3cSavgYzNn7FtwId0yjo414gE0s64EZXzOnEs8EjhKouu8evc-_K5TvIHAvofTieo15TCgMN_nJmuYgTHUafBKLcE1ENFs_2yOsupBx8jF1M_kj0lTebKtOsktYxAC8WulHypbgYf9t6WKN6EGAu8SU7dWnBPKusOf19zBviafvBUuA9BszRhczB7Y_PkXgHXHq53UbeVJLXAS0ycFXr25Td3gpN2ZmjqCJXg1lScs_4QmKDuDyE0q7Mcf4NYGIk39ZULQ0IYm-rSyUMyIX_S2QGkpPkwNsPeNnWVXhnsHjt_BmM1to8N7AKTdWLM9X7aTT-AeiVvQLez41weczdmc03wnBDs-dv7BIDaHYeONXk7YYw5zqe0_swh5jDzBSzJazpsIW3c2b2vF7WFhBf8NxCkVe513edYrPkJ9-Ce3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://guide.elitemu.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.elitemu.net/	1970-01-20 16:04:19	Name: __HFUID Value: 83dae3e3fc83c342695301721c2c12aa
.elitemu.net/	1969-12-31 23:59:59	Name: Value: elitemu.net
guide.elitemu.net/	1969-12-31 23:59:59	Name: __HFCTL Value: 0
.doubleclick.net/	1970-01-21 01:15:50	Name: IDE Value: AHWqTUksHM-uaIohj96vQl1XdCTqXybgdjmiBiXOp8dwoiyQgSEqnq3BdXH6Kbo0
.adnxs.com/	1970-01-20 18:03:50	Name: uuid2 Value: 6130226123978928773
.casalemedia.com/	1970-01-21 00:39:50	Name: CMID Value: ZUJ2tQx2MVkrQRQMwHSRnAAA
.casalemedia.com/	1970-01-20 18:03:50	Name: CMPS Value: 2196
.casalemedia.com/	1970-01-20 18:03:50	Name: CMPRO Value: 2196
.doubleclick.net/	1970-01-20 20:13:26	Name: APC Value: AfxxVi4f7v6aqiRiLtVluBHOO5dBaMLT6pKgTCexI41ESM6YGq6dLQ
.doubleclick.net/	1970-01-20 15:54:15	Name: test_cookie Value: CheckForPermission
.adnxs.com/	1970-01-20 18:03:50	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In7k(WBH!]tbPl1M>e)ZlrFUfJ+tGXxo7D<[B4Luu?(N@.WxI2<6t[i4G`_/!k[W_GFlbpRzqF1`b`ot=V[?
.elitemu.net/	1970-01-21 01:15:50	Name: __gads Value: ID=08ac1efa260b5b0b:T=1698854581:RT=1698854581:S=ALNI_MavekqzMTYRT1MHhtUkBLalFn6ogA
.elitemu.net/	1970-01-21 01:15:50	Name: __gpi Value: UID=00000cc62ce3505b:T=1698854581:RT=1698854581:S=ALNI_MYI_b0gUZ1nkuxBnLCNJXBDkBsvKQ
.redintelligence.net/	1970-01-20 18:03:50	Name: 8lcfmzhxc8d6_uid Value: f983a6c0d4041dee
.tradetracker.net/	1970-01-21 00:41:16	Name: uf Value: xJDMTBsH7oRWG3TD0bYNH1FicXBuN29DdmY3V3pySjJPZmlhTWp0VDlpc0hZbXhkd09tYTFwRjdVY2l3c0xCb24wY3lmNTJIcitrYnpSQVFRUEdlUnhVN01NZHpCZ0djMTZncXR3PT0%3D
.tradetracker.net/	1970-01-20 18:18:14	Name: pi Value: f16936f2025560373455299d295ed2d7
.googleadservices.com/	1970-01-20 18:03:50	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
guide.elitemu.net
hal9000.redintelligence.net
hal900016.redintelligence.net
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
static.tradetracker.net
ti.tradetracker.net
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
104.18.36.155
138.201.220.30
142.250.185.66
142.250.186.130
185.30.165.25
2600:9000:21f3:0:1a:7c92:efc0:93a1
2a00:1450:4001:800::2001
2a00:1450:4001:801::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2002
34.248.207.226
37.252.173.215
78.46.90.238
0213d9b25f06251839f36be18838fff4e1286bdc46cedc9a7ce9f622ff9a72de
08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11e971c85e5a4fd55d56ecad218b57e40873871fdee9089acc9707aff82dd5d1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37131dd0bf92c40b36b66f45a3b58e3381f2e79041b9309873cb6d9e2828f7f7
431412294b26b87005492a71d1862c54a5a42611c5dc82aec0545210a0e1bf00
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
45305507ff92d4b63fd33e915005685ddbc2c487561c9b4bfd768345dec854b2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
5d0174ac4087b9efa5d7752327162c953d895867308154044bab5a57c3a25fa8
5d02b3cd81483d60c40792499bc860b190c83717f52004c864b2ae4027feea1e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6248bbc2af753ec53b0ddc5f99728e431538075c267c99a1f61d3db7cb0969d7
6696dd38c1d5ffdf6fca2629c8bd403cdbbd00ce385bde44569307223cbbcc76
694bbff2b58086a42b3a853daf9cf0dc9d34d14fd67d3479acc374f271583e47
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7f2a1d241f913cdce9b6de0dbc430e6bd711d09246ce91a5d44ebd8e1dfc6c7a
83e50a7d8f9609350380e7a7ec27651625d9458f94ad600bad05369c02687c22
858a2b7789ee7ba65793e64fab7242365f3aac47ea0859c4a1e5026ca342cd50
8839b74b500df125ff98d74bd71b733c4d3172889996ed428d40e1da2f890e54
94f90d0f4c0b4d78a786417223099b5cab8b0c31db647b2bd3412761e1253861
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a143614d36a0bab356f56d19d318228daff96300ff64f961985bb9cb7f2fdac2
a7067e0049e0a67f4b21301d7463a6a896a278ad183a177389643cfbe0069413
a81a6e33f75ed05dfdf06d8d7c5c8a562d3fd92943c5138604b41f3a8ae1924d
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3da42f64fd0a40cb35f97acd082677207848b96060fd81cc68b4ba4ac30f79e
bb73cb24a895f194782b49bd3167650c2849ea2b05249125c1c9e04ccb293cb8
c59ea1d9f4d003203cfd4c0348373164451398ba8fe80d348cda2a4e304e71fb
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cd86245aef76cc418d8f48121a2ec736d7f85a346407e331bab687a337f22991
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
d50b7b89698ca637dffc3edd9fa9ef8faafbbcfba6d31515d390c5a8ab7f71c9
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d8ac08760ee69ce732ed3e2bd9783aec9d3a08126af54e553728fdb320344d2d
de72c5d76c4b7ebc7df9f1c530cfeaff3097e1af90c00e956e1e18174c55dfa4
e0141f26e7c9979e6a56b6c7eb691daa53178fa5f26836793753c7206dbdffd4
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb287c371a9eb1ac498609fe9e83705d037dcdb9cb40946e4d4b8c48f3b5f56f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f278374bb6fc98996ad7c5c93d34ac2f76bd692e0b9774d0f4a9693cdd6938b5
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5c6efc65dc894af398f2b4f3e421fe8ccac11010da3e5e92dc839191eb790c5
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7814ceaa4d1ac6d03cc4058a16adaa2105c13b4ba8e7762fc88948f2bcc5ade

guide.elitemu.net Open in urlscan Pro 185.30.165.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

71 Requests

86 %HTTPS

56 %IPv6

12 Domains

18 Subdomains

19 IPs

5 Countries

1132 kBTransfer

2175 kBSize

17 Cookies

2 Outgoing links

Page URL History

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

guide.elitemu.net Open in urlscan Pro
185.30.165.25 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

86 %
HTTPS

56 %
IPv6

12
Domains

18
Subdomains

19
IPs

5
Countries

1132 kB
Transfer

2175 kB
Size

17
Cookies

71 HTTP transactions
3 data transactions