www.dwjhgx.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG...
Submission: On June 17 via api (June 17th 2023, 5:42:05 pm UTC) from US — Scanned from NL

Summary HTTP 251 Redirects Behaviour Indicators

Summary

This website contacted 58 IPs in 11 countries across 39 domains to perform 251 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.dwjhgx.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2023. Valid for: a year.

This is the only time www.dwjhgx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 17	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	184.31.93.220 184.31.93.220	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.74.203.95 35.74.203.95	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4 7	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	3.34.73.0 3.34.73.0	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	119.28.16.172 119.28.16.172	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
9	2600:9000:210... 2600:9000:2104:8400:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:310... 2a02:26f0:3100::1725:e269	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.7.39 108.138.7.39	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:e... 2600:1901:0:e207::	15169 (GOOGLE) (GOOGLE)
2	54.199.5.69 54.199.5.69	16509 (AMAZON-02) (AMAZON-02)
7	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 2	35.201.76.93 35.201.76.93	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:225... 2600:9000:2250:ea00:3:1794:2540:93a1	() ()
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	54.168.184.210 54.168.184.210	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
20	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.179.245.61 18.179.245.61	16509 (AMAZON-02) (AMAZON-02)
3	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
2	210.59.219.34 210.59.219.34	3462 (HINET Dat...) (HINET Data Communication Business Group)
2 4	35.190.36.98 35.190.36.98	15169 (GOOGLE) (GOOGLE)
2 2	172.105.199.172 172.105.199.172	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
4	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 9	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
3	130.211.44.5 130.211.44.5	15169 (GOOGLE) (GOOGLE)
1	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
251	58

17 2a06:98c1:3121::3 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

www.dwjhgx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.scupio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

store.dwjhgx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
twstat.dwjhgx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
count.dwjhgx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
popup.dwjhgx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.93.220 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-93-220.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.74.203.95 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-74-203-95.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany) 4 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.34.73.0 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-34-73-0.ap-northeast-2.compute.amazonaws.com

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.28.16.172 (Central, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

count.xxxssk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2104:8400:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100::1725:e269 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-39.fra56.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:e207:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.199.5.69 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-199-5-69.ap-northeast-1.compute.amazonaws.com

cm-dev-poc.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 203.75.214.136 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
265f2691-a48b-49ba-a44f-b9a284fd2c35.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.76.93 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:ea00:3:1794:2540:93a1 (United States)

ASN- ()

adcdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.168.184.210 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-168-184-210.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.179.245.61 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-245-61.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.34 (Houzhuangzi, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-34.hinet-ip.hinet.net

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.36.98 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.105.199.172 (Tokyo, Japan) 2 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1853-172.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.184.226 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.141 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.44.5 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 5.44.211.130.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-ew1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.25 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.38.120.206 (Hessen, Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	dwjhgx.com 3 redirects www.dwjhgx.com store.dwjhgx.com twstat.dwjhgx.com count.dwjhgx.com popup.dwjhgx.com	2 MB
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 tpc.googlesyndication.com — Cisco Umbrella Rank: 155 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com	408 KB
29	gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com fonts.gstatic.com	784 KB
26	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 cm.g.doubleclick.net — Cisco Umbrella Rank: 244 ad.doubleclick.net — Cisco Umbrella Rank: 184 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 359	322 KB
20	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 659	990 KB
15	holmesmind.com 1 redirects cdn.holmesmind.com — Cisco Umbrella Rank: 149717 cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 157447 fcm.holmesmind.com Failed c.holmesmind.com — Cisco Umbrella Rank: 116521 adcdn.holmesmind.com — Cisco Umbrella Rank: 163939 ad.holmesmind.com — Cisco Umbrella Rank: 121305	73 KB
7	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 490 rtb0.doubleverify.com — Cisco Umbrella Rank: 765 rtbc-ew1.doubleverify.com — Cisco Umbrella Rank: 16555 tps.doubleverify.com — Cisco Umbrella Rank: 516	134 KB
7	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 73284 265f2691-a48b-49ba-a44f-b9a284fd2c35.t.ssp.hinet.net	6 KB
7	facebook.com 4 redirects www.facebook.com — Cisco Umbrella Rank: 101	121 KB
6	appier.net 4 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 44047 gocm.c.appier.net — Cisco Umbrella Rank: 2634	2 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	250 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 621	3 KB
4	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 742	815 B
4	google.com adservice.google.com — Cisco Umbrella Rank: 107 www.google.com — Cisco Umbrella Rank: 3	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 249	3 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 583	42 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	21 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80 ajax.googleapis.com — Cisco Umbrella Rank: 422	35 KB
3	logly.co.jp l.logly.co.jp — Cisco Umbrella Rank: 66173 sync.logly.co.jp — Cisco Umbrella Rank: 55969	1 KB
3	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 26412 audiencedata.im-apps.net — Cisco Umbrella Rank: 28637	4 KB
3	dable.io static.dable.io — Cisco Umbrella Rank: 23168 api.dable.io — Cisco Umbrella Rank: 20701	38 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 874	489 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 635	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 920 s.tribalfusion.com — Cisco Umbrella Rank: 2022	1 KB
2	scupio.com prebid.scupio.com — Cisco Umbrella Rank: 81827	5 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	139 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	90 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 381	460 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 375	265 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 976	712 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3231	104 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	144 KB
1	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 18939	177 B
1	xxxssk.com count.xxxssk.com — Cisco Umbrella Rank: 285564	565 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1107	601 B
1	compass-fit.jp nt.compass-fit.jp — Cisco Umbrella Rank: 101120	17 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	2 KB
1	scupio.net www.scupio.net — Cisco Umbrella Rank: 375608	2 KB
1	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 127488	12 KB
251	39

	Domain	Requested by
32	store.dwjhgx.com	www.dwjhgx.com
22	pagead2.googlesyndication.com	www.dwjhgx.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com ad.doubleclick.net
20	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
20	tpc.googlesyndication.com	googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com www.dwjhgx.com 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
16	www.dwjhgx.com	3 redirects www.dwjhgx.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
9	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
9	cdn.holmesmind.com	ad.sitemaji.com cdn.holmesmind.com ad.holmesmind.com
7	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
7	www.facebook.com	4 redirects www.dwjhgx.com connect.facebook.net
6	t.ssp.hinet.net	cdn.holmesmind.com t.ssp.hinet.net
6	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
6	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com cdn.doubleverify.com www.googletagservices.com
5	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cdn.doubleverify.com	4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com cdn.doubleverify.com www.dwjhgx.com
4	securepubads.g.doubleclick.net	www.dwjhgx.com securepubads.g.doubleclick.net
4	bidder.criteo.com	static.criteo.net
4	ad2.apx.appier.net	2 redirects www.dwjhgx.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	static.criteo.net	cdn.holmesmind.com www.dwjhgx.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.gstatic.com	googleads.g.doubleclick.net
2	onetag-sys.com	1 redirects 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
2	c1.adform.net	2 redirects
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	www.google.com	tpc.googlesyndication.com 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
2	4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	gocm.c.appier.net	2 redirects
2	prebid.scupio.com	cdn.holmesmind.com
2	fonts.gstatic.com	fonts.googleapis.com
2	sync.logly.co.jp	nt.compass-fit.jp sync.logly.co.jp
2	c.holmesmind.com	1 redirects cdn.holmesmind.com
2	cm-dev-poc.holmesmind.com	cdn.holmesmind.com
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	dmp.im-apps.net	nt.compass-fit.jp dmp.im-apps.net
2	www.googletagmanager.com	www.scupio.net www.googletagmanager.com
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	api.dable.io	static.dable.io
2	twstat.dwjhgx.com	www.dwjhgx.com
2	connect.facebook.net	www.dwjhgx.com connect.facebook.net
1	tps.doubleverify.com	cdn.doubleverify.com
1	pixel.rubiconproject.com	1 redirects
1	match.adsrvr.org	4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com	www.dwjhgx.com
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
1	s0.2mdn.net	4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
1	ad.doubleclick.net	www.googletagservices.com
1	rtbc-ew1.doubleverify.com	cdn.doubleverify.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	265f2691-a48b-49ba-a44f-b9a284fd2c35.t.ssp.hinet.net	www.dwjhgx.com
1	prebid-asia.creativecdn.com	cdn.holmesmind.com
1	ajax.googleapis.com	api.dable.io
1	ad.holmesmind.com	cdn.holmesmind.com
1	adcdn.holmesmind.com	cdn.holmesmind.com
1	audiencedata.im-apps.net	dmp.im-apps.net
1	l.logly.co.jp	nt.compass-fit.jp
1	count.xxxssk.com	www.dwjhgx.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	nt.compass-fit.jp	www.dwjhgx.com
1	static.dable.io	www.dwjhgx.com
1	cdnjs.cloudflare.com	www.dwjhgx.com
1	www.scupio.net	www.dwjhgx.com
1	popup.dwjhgx.com	www.dwjhgx.com
1	count.dwjhgx.com	www.dwjhgx.com
1	ad.sitemaji.com	www.dwjhgx.com
0	fcm.holmesmind.com Failed	cdn.holmesmind.com
251	70

This site contains no links.

Subject Issuer	Validity	Valid
www.dwjhgx.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-10-15` - `2023-10-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
feebee.com.tw R3	`2023-05-02` - `2023-07-31`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-27` - `2023-06-25`	3 months	crt.sh
scupio.net E1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
static.dable.io R3	`2023-05-02` - `2023-07-31`	3 months	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2023-04-11` - `2024-05-12`	a year	crt.sh
*.dable.io Sectigo ECC Domain Validation Secure Server CA	`2022-11-17` - `2023-11-17`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
count.xxxssk.com TrustAsia RSA DV TLS CA G2	`2023-05-05` - `2024-05-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2023-05-19` - `2024-06-19`	a year	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.logly.co.jp Amazon RSA 2048 M02	`2023-04-05` - `2024-05-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-06-08` - `2023-09-06`	3 months	crt.sh
*.t.ssp.hinet.net	`2023-04-06` - `2024-04-06`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Frame ID: BC8BADFEC43FA19AEDD195E9BDCC0C04
Requests: 75 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20190131/zrt_lookup.html
Frame ID: F951A49CB685B76314B73492307BBD24
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&adk=1812271804&adf=3025194257&lmt=1687023717&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718726&bpp=3&bdt=635&idt=241&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5141125721414&frm=20&pv=2&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=262
Frame ID: F71687BCF99B02917338F511B8CA43B7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=3811420561&adf=3099259536&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718729&bpp=2&bdt=638&idt=262&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HMFkBwgTwZ&p=https%3A//www.dwjhgx.com&dtd=268
Frame ID: C77A6B59DA06F156C0A4058A631FE8D8
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=2258619035&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718731&bpp=1&bdt=640&idt=271&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=2028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6u2nYobpTA&p=https%3A//www.dwjhgx.com&dtd=274
Frame ID: 601F62A2745046F7D45E3FDE0936E40F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=4020535244&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718732&bpp=1&bdt=641&idt=277&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IDSiMIRm53&p=https%3A//www.dwjhgx.com&dtd=280
Frame ID: 29EAC3E15E2228C6B3BA1509C6C8469B
Requests: 22 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2729b9144b5b1c%26domain%3Dwww.dwjhgx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dwjhgx.com%252Ff37407a0cccc57%26relation%3Dparent.parent&container_width=700&height=100&href=http%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&locale=zh_TW&numposts=3&sdk=joey&version=v12.0&width
Frame ID: 57CA947F661C51E0177D40BB7D8CB19F
Requests: 12 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfeb7e2ac193b04%26domain%3Dwww.dwjhgx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dwjhgx.com%252Ff37407a0cccc57%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&locale=zh_TW&numposts=3&sdk=joey&version=v12.0&width=550
Frame ID: 0A978DF5A04AF19E734A18102E4AF769
Requests: 10 HTTP requests in this frame

Frame: https://api.dable.io/widgets/id/goP0dJoQ/users/00000000.0000000000000?from=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=sddmovie.com%2Fpal-mate&gdpr=1&service_id=10086&service_type=news&country=TW&client_id=2011&randomStr=29f179c3-81ba-4fa8-96d2-411a86c24e5f&id=dablewidget_goP0dJoQ&category1=%E8%A3%9D%E4%BF%AE%E8%88%87%E8%A8%AD%E8%A8%88&author=https%3A%2F%2Fwww.facebook.com%2F%25E4%25B8%2596%25E7%2595%258C%25E7%2599%25BE%25E7%25A7%2591%25E5%25A5%2587%25E8%2581%259E-1365804550169165%2F&ad_params=%7B%7D&pixel_ratio=1&client_width=700&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Frame ID: 3C7AD56922683BC242322811C6967FA9
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 1BF096E6E9C3FA1AED927B9D0E6F3F75
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: EF0C63D89C83777060A716BB37D32BA1
Requests: 25 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: BB98C53ABDAE9A4673F18BE71F785E79
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: E054FB5164A7EAAC76C835DCD20287F1
Requests: 1 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 1F4BD368A67501C11C5A9681F35AD781
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: 5B834DC1C054A383A63FB00327D09CF8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: C66819CD50070718D1F1F3F5690943A1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: 0800B529DA53A9E653015B0271C0A2DD
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 9FD72DD4108C993D433CB112A1087BF5
Requests: 8 HTTP requests in this frame

Frame: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 5F7BA3EC3B2992A6D2B9A595AB9D42AF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 17177B13F6F5F95877403A33FB25F706
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3DE5EFCCE2D1E9DDCFD0D0455C50A891
Requests: 2 HTTP requests in this frame

Frame: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 54120661C1EBF536407ED5E1F30A1E3F
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY0sqJvQEwAQ&v=APEucNWt8SkybNzvM0eO4U6xMZy4YrKc9eGTL0UB7LMrhZjCkZQ-8AvvIjGq0JNwAIucVTc-Of1Cyc2yGu8VPSTPvNdPHfFIwbun1PR-u9GfxSYM_VgEi9aKkSG8qzqQ9wEaqIfBuUhgh7uDGKpI64duRwmyE6XmWUL_K1-GOQNyMZBA0zcc2uc
Frame ID: D614843A481AB2E8812F199C5F4364FD
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1AA2876D4FB2D5EC85F7261DB3020A71
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9E4DF630B5B771B12DF0AD757C4594AE
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3886.js
Frame ID: C462825A23AC7364A5D3AF13C320F94E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 748808892DFE7FD978000BCC53F70963
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

走進張學友的香港豪宅！住淺水灣富人小區，室內裝修奢華，網誇讚：真不愧是天王的家

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

251
Requests

94 %
HTTPS

57 %
IPv6

39
Domains

70
Subdomains

58
IPs

11
Countries

5461 kB
Transfer

12580 kB
Size

37
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://www.dwjhgx.com/xstat/moneystat HTTP 302
https://twstat.dwjhgx.com/stat

Request Chain 36

https://www.dwjhgx.com/xstat/index/2184 HTTP 302
https://count.dwjhgx.com/?2184

Request Chain 37

https://www.dwjhgx.com/xstat/pop/4794845 HTTP 302
https://popup.dwjhgx.com/js/ad?lang=zh&aid=4794845&host=www.dwjhgx.com&type=1&count=0

Request Chain 69

https://www.facebook.com/v12.0/plugins/comments.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2729b9144b5b1c%26domain%3Dwww.dwjhgx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dwjhgx.com%252Ff37407a0cccc57%26relation%3Dparent.parent&container_width=700&height=100&href=http%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&locale=zh_TW&numposts=3&sdk=joey&version=v12.0&width= HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2729b9144b5b1c%26domain%3Dwww.dwjhgx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dwjhgx.com%252Ff37407a0cccc57%26relation%3Dparent.parent&container_width=700&height=100&href=http%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&locale=zh_TW&numposts=3&sdk=joey&version=v12.0&width HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2729b9144b5b1c%26domain%3Dwww.dwjhgx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dwjhgx.com%252Ff37407a0cccc57%26relation%3Dparent.parent&container_width=700&height=100&href=http%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&locale=zh_TW&numposts=3&sdk=joey&version=v12.0&width

Request Chain 70

https://www.facebook.com/v12.0/plugins/comments.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfeb7e2ac193b04%26domain%3Dwww.dwjhgx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dwjhgx.com%252Ff37407a0cccc57%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&locale=zh_TW&numposts=3&sdk=joey&version=v12.0&width=550 HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfeb7e2ac193b04%26domain%3Dwww.dwjhgx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dwjhgx.com%252Ff37407a0cccc57%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&locale=zh_TW&numposts=3&sdk=joey&version=v12.0&width=550 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfeb7e2ac193b04%26domain%3Dwww.dwjhgx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dwjhgx.com%252Ff37407a0cccc57%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&locale=zh_TW&numposts=3&sdk=joey&version=v12.0&width=550

Request Chain 115

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 156

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=Cm_sQVJBCca59MD7afCNZA

Request Chain 157

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=4bJITdWtDtqsdjYsafCNZA

Request Chain 217

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJTI-MYzNde3wA4HDnupMNo&google_cver=1

Request Chain 218

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZI3wakykVwcxHOGWZthPnwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJTI-MYzNde3wA4HDnupMNo&google_cver=1

Request Chain 219

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEP8FwLprvdEZLqRqVxLYSas&google_cver=1

Request Chain 220

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc4Mzk2MDIxMjU5MTE1Mzc1OQ%3D%3D

Request Chain 244

https://a.tribalfusion.com/i.match?p=b6&u=CAESENBBjJIFTZZhvVscH8bOWoc&google_cver=1&google_push=ATf1kGMkpY5Le94W9s6NNkkp4hv5qOLhYavO6AgOqzbSaPAf_W6PTVZxSmOcFoJ2cGLXUF8FFeeC8khYrd5ftWx0V1tDuI7eJNrT&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMkpY5Le94W9s6NNkkp4hv5qOLhYavO6AgOqzbSaPAf_W6PTVZxSmOcFoJ2cGLXUF8FFeeC8khYrd5ftWx0V1tDuI7eJNrT%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENBBjJIFTZZhvVscH8bOWoc&google_cver=1&google_push=ATf1kGMkpY5Le94W9s6NNkkp4hv5qOLhYavO6AgOqzbSaPAf_W6PTVZxSmOcFoJ2cGLXUF8FFeeC8khYrd5ftWx0V1tDuI7eJNrT&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMkpY5Le94W9s6NNkkp4hv5qOLhYavO6AgOqzbSaPAf_W6PTVZxSmOcFoJ2cGLXUF8FFeeC8khYrd5ftWx0V1tDuI7eJNrT%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 245

https://um.simpli.fi/gp_match?google_gid=CAESEBWqITbhxEmYJIsGsm1Udgw&google_cver=1&google_push=ATf1kGMYwqGWiBwTM3jo4uYxNFHgubwydtD0a3Mg0eJfdERXZKJEgILNu76NBCDTg_TBL2V3M83DP2ZfuMNx0ng6ENbElrcfbTdh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B71542483E2341708C868525366EB29D&google_push=ATf1kGMYwqGWiBwTM3jo4uYxNFHgubwydtD0a3Mg0eJfdERXZKJEgILNu76NBCDTg_TBL2V3M83DP2ZfuMNx0ng6ENbElrcfbTdh

Request Chain 247

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGa6VE-8cLWtOtvFtVXCVaY&google_cver=1&google_push=ATf1kGMaM0FcuCFpgge7ZIGlTcPNeZUKt6BBrF7oRtsbjfn_fIvjzh6BRXmvg7RNDJr7zUm4hJ_OUV4ZfVDo-ufDPiNo9EJ6f4j6 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGa6VE-8cLWtOtvFtVXCVaY&google_cver=1&google_push=ATf1kGMaM0FcuCFpgge7ZIGlTcPNeZUKt6BBrF7oRtsbjfn_fIvjzh6BRXmvg7RNDJr7zUm4hJ_OUV4ZfVDo-ufDPiNo9EJ6f4j6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzkzODk2NjM2Nzc3NjA4OTAxNw&google_push=ATf1kGMaM0FcuCFpgge7ZIGlTcPNeZUKt6BBrF7oRtsbjfn_fIvjzh6BRXmvg7RNDJr7zUm4hJ_OUV4ZfVDo-ufDPiNo9EJ6f4j6

Request Chain 248

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIPwTpLJTu_MB-09OCD7ENQ&google_cver=1&google_push=ATf1kGPUrxKQixxLSUNV4xidPozQbKjHCLyp3oHD3qRbNcyoqZkhXRwgRvJFaxh3gCXbNIaFNDg3ymNrHax7XiioQWzmbX9IK7M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEowQUQ4NUItMTItNlZJNA==&google_push=ATf1kGPUrxKQixxLSUNV4xidPozQbKjHCLyp3oHD3qRbNcyoqZkhXRwgRvJFaxh3gCXbNIaFNDg3ymNrHax7XiioQWzmbX9IK7M

Request Chain 249

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECu_hK_cIkahQANw-0ug9G8&google_cver=1&google_push=ATf1kGMlK5iRA-6ns2aTCoH0LsZscLhb4MLkcT72brDz2BNFZObpyKI5ZJ6uDBy9EPJRx1JxLSXw27ZX1tEiYjGknZe1G2ZKnrMIIA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMlK5iRA-6ns2aTCoH0LsZscLhb4MLkcT72brDz2BNFZObpyKI5ZJ6uDBy9EPJRx1JxLSXw27ZX1tEiYjGknZe1G2ZKnrMIIA HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

251 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09 Show response
www.dwjhgx.com/ 58 KB
16 KB 882ms
792ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 03f8c5b32dd9044500c945224719b91dd782640bb3c35935f2b772d05a4de425

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=28800
cf-cache-status: DYNAMIC
cf-ray: 7d8d16192b4e2c42-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 17 Jun 2023 17:41:58 GMT
expires: Sun, 18 Jun 2023 01:41:57 GMT
last-modified: Sat, 17 Jun 2023 17:41:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22Mk0EMkvhXJSYF9BkTANZ%2F55Vb0h2U%2BcRD7A4Y%2Fnh7hjU6ZhnaAaeKG19JfMgPhNWiloEAUmFfX7nrqLhcXNgMLWowEr2ZJmzqnlO9LwN2WFpjQt1iOGCgRqp1qoidVWtBUT1eyFmCtLajT1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 min.css
www.dwjhgx.com/Content/zc002_cn/css/ 223 KB
37 KB 424ms
422ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwjhgx.com/Content/zc002_cn/css/min.css
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a42d095bbf6a8a40272995bb22b09d14dba01959476fe734d7236bd96a87fc5d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 22 Mar 2023 12:52:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"11b52328bd5cd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rboZhZnKDdys1Jh%2Bk3V0H15BhQ8CT%2Be0BtleVG3vsV3mEKdrd8yu3IAgetr1qsrae7Sfk1S8SJeiJOMysV%2FrWLlAIMUEBrtEAGF9Vx2koVqk2KGLYU1evh99h7QX5xdF%2FUp%2BTNhaoBCgcV0KzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=28800
cf-ray: 7d8d161e2b522c42-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Jun 2023 01:41:58 GMT

GET
H2 200 page.css
www.dwjhgx.com/Content/zc002_cn/css/ 49 KB
8 KB 415ms
414ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwjhgx.com/Content/zc002_cn/css/page.css
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0def7252823eb7844a7425ebe2eb49a701d998e1ea9d790bde56033fbce7fdb5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 22 Mar 2023 12:07:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2ef2b7ddb65cd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNyvFueyuoh7s56t2ZlJ2f1A6tOTwZHkb%2Fr%2FQfLIc3XkvYvOciOZVp%2B9CJumHK0DM1fJZ07SxANk0zu3tnnyxI2p8zg5kqPLL80x6oSC7%2Bf1WTa%2F%2F%2Fa8icbJktBr3dK%2FpLOpVoadkjljTU5Zkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=28800
cf-ray: 7d8d161e2b542c42-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Jun 2023 01:41:58 GMT

GET
H2 200 jquery-2.1.0.min.js Show response
www.dwjhgx.com/Scripts/ 99 KB
32 KB 240ms
239ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwjhgx.com/Scripts/jquery-2.1.0.min.js
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ef973092ac39265e4497c81e4263b7d28543062302c9cedacf2da24ac5115542

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 22 Mar 2023 12:07:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"a88455e2b65cd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSLoLAEkdrSn0fs0mwq2SFDgEshfyr6xzwoXu5mrJIcSiKTst7ZnB%2F%2FHDSjLOMcP%2Fq1vKf92dPptGr1RMrN0ZB8CdxztnOdsLDEEIh9kvS3g6ZlrCleooHL6cXKTwIAbZTXWTJ29rGMnoPHY8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=28800
cf-ray: 7d8d161e2b572c42-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Jun 2023 01:41:58 GMT

GET
H3 200 rocket-loader.min.js Show response
www.dwjhgx.com/Content/zc002_cn/js/ 18 KB
5 KB 75ms
67ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwjhgx.com/Content/zc002_cn/js/rocket-loader.min.js
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 422fae47ff72778a6ba083c215b0b47f84ed30d1dd553f685efc4869188620c8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2486
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Mar 2023 12:07:27 GMT
server: cloudflare
etag: W/"d584cedeb65cd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBBZ7lTEdEYlH7IB4BtzxeYAQl9aaqj%2BI1%2B1gCABAvrpDy5Ox2tXrDarrO8BCnfvLzU23YPiXf4IHPa8PMg1g67Eh3WkD8XM2OC9laLC7IER%2FAKTBwtb4xkyrfDRXyRzSOyLOzg2jUvogJ54hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=28800
cf-ray: 7d8d16210d205c80-FRA
expires: Sun, 18 Jun 2023 01:00:31 GMT

GET
H2 200 contents.css
www.dwjhgx.com/Content/css/ 7 KB
2 KB 420ms
419ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwjhgx.com/Content/css/contents.css
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b1ede5f6c20a18e0e28467f98d21dc394f6dce158cdf898610ca109867eba989

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 22 Mar 2023 12:07:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"80d6a3dfb65cd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0EdWNFD8Rh3yhgYFyjq8g1LEtm7MqLjnL4jI%2B7xsibtmB3lnaPMMbpfge1y9yxUwDOFG7RC%2BkuyUk1J5L3ww9ivSvfMiNlAZP0JvUGEUubFzy9RSvWj9FT%2FWxBjVdTt%2Fh9sm2FBlxHDSD5pshA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=28800
cf-ray: 7d8d161e2b552c42-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Jun 2023 01:41:58 GMT

GET
H2 200 openart.js Show response
www.dwjhgx.com/Content/js/ 86 B
401 B 447ms
446ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwjhgx.com/Content/js/openart.js
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bfc29c17292ecabcf6ac3123497ef8e0684c078f1b2a58cdd65da41fc29b28fd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 22 Mar 2023 12:52:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"d27cbb23bd5cd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8AhzTNeScHqVR7ERMZLUx8RJjM13ub6hbcHu5UwIfJzNIUm3bspYEq3lpHDTIq%2BC6QLo9KI9ARzNe71tbhM9%2F5YywdD1%2BVyPhdgLaXHzf5r6scntWg%2Bb4JAlj9GuydQrKo5cDvLgoN1NlMVCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=28800
cf-ray: 7d8d161e2b582c42-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Jun 2023 01:41:58 GMT

GET
H2 200 F1AE35A6A24A.png
store.dwjhgx.com/logo/2022-02-16/ 6 KB
7 KB 139ms
51ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/logo/2022-02-16/F1AE35A6A24A.png
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b38eddb0c77e0a67c5551e8708b721d5d34f9ce324b98f8ed022cf648e3d4025

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2485
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 16 Feb 2022 09:34:49 GMT
server: cloudflare
etag: W/"66db75711823d81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9z%2B3vkvPXpTHnokRb4s8EPOLzLbG62x03ARQuMcgMwoNSi0GkwGMTyY8sIn7R7gh%2FrcQsfGpzailyP%2BtajTwFatsdYGzlOi3d7YsS7FGJs%2F4qr06c%2BW5qB%2BKw1LI3XhhbC%2B2ciKsW%2F6QZzTLUVPc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d16219c409243-FRA
expires: Sat, 24 Jun 2023 17:00:33 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 132ms
74ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7949086572848068

Requested by

Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3422450c9425e339372a13123639487b38732fb33513f3419bc2b1253c58bdc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dwjhgx.com/
Origin: https://www.dwjhgx.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47217
x-xss-protection: 0
server: cafe
etag: 14195427484080442650
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 17:41:58 GMT

GET
H2 200 47A426C96F2Bw582h763.jpeg
store.dwjhgx.com/uploads/20220504/7A/ 83 KB
83 KB 140ms
52ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20220504/7A/47A426C96F2Bw582h763.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 99d75b207ae7abd6831722feb515ea6e01a342a64601a65e91481c82c804fb04

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2485
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 May 2022 03:09:57 GMT
server: cloudflare
etag: W/"275d1b6f645fd81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkMTlMSZl64LEZ0OwRo9yTsnEC%2FkHsuHQHSbK3ZEZJtn3A2ZclueThBmwRJHAc%2FnB1ntFYYXTiF%2BCRRsPI3BqdhtGmSsNGtiMpqV203MTJc6Vlc8W%2BNgvq0EvyFVckLkhFov4i7q5tUUE8L2BFQ9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d1621ac559243-FRA
expires: Sat, 24 Jun 2023 17:00:33 GMT

GET
H2 200 07E2C198D9E7w784h472.jpeg
store.dwjhgx.com/uploads/20220504/7E/ 27 KB
27 KB 154ms
67ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20220504/7E/07E2C198D9E7w784h472.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bf585e2eb8b5642c4f9295db01bdadf9ab57c97cf8aea863de7a528f0f4fe500

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2485
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 May 2022 03:09:57 GMT
server: cloudflare
etag: W/"12e856f645fd81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDA6klIjZlhWXEhFMsl2C7aw78EQP3a%2Foz3PH1ROYhoYEbUO6wq%2F%2FEUOkQkktj85oO0gbAjT3iij1K38fId4ycvf9UMLWXV%2FIIKmvqXcYjDnaKQ0d1mRlkwR%2BJcCjBS2IORvWGRbREbf8NUZRdwl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d16219c429243-FRA
expires: Sat, 24 Jun 2023 17:00:33 GMT

GET
H2 200 79F19FDE12C3w684h630.jpeg
store.dwjhgx.com/uploads/20220504/9F/ 27 KB
28 KB 154ms
67ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20220504/9F/79F19FDE12C3w684h630.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f7d0907c6ec4883de72f35cbefc88dc356bd22e5bb892dcc85d1c5d13023e0f7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2485
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 May 2022 03:09:55 GMT
server: cloudflare
etag: W/"19cdc86d645fd81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQbq5KB3nSNQUHQuEsrETXigMF0sHD4eANSuprzJlYLjRp%2BYbG1%2F63VacJ9iEF2bzHjEWsxpYfLjdv%2FQ2SB7YJbvugDWy5WXffXAXKMt8jW4nIxlx9K1P5u75fWoURbbc8P2MRwoSsaI5A%2BEERvb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d1621ac5c9243-FRA
expires: Sat, 24 Jun 2023 17:00:33 GMT

GET
H2 200 3552F351FC1Bw900h555.jpeg
store.dwjhgx.com/uploads/20220504/55/ 35 KB
35 KB 141ms
54ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20220504/55/3552F351FC1Bw900h555.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 25b811b6b4d32facc60e46bae2ad42a8e675c3e1e3ba3425b7d806c1cbb040d0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2485
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 May 2022 03:09:56 GMT
server: cloudflare
etag: W/"793d5a6e645fd81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y84k5KHQvLY5KTOlJuh7KCLmCJGrl2WjXMN96zMecWGelfzW6Z7y%2Bg1Ftuuj7NTImcVIVrpzQ72JyJ1ikDxMrxYReEpKhFNrZ77j98DR24cPByAvKxaGLgex6wJUtGSdEgEMLtvmYr2u1ZoVVjeD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d1621ac5d9243-FRA
expires: Sat, 24 Jun 2023 17:00:33 GMT

GET
H2 200 301BB9FD4D5Ew899h495.jpeg
store.dwjhgx.com/uploads/20220504/01/ 25 KB
26 KB 139ms
53ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20220504/01/301BB9FD4D5Ew899h495.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 185c1d51fa8e2443a4c208505f4f89df52d3909464193b7d1fe6d9dbfad34c16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2485
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 May 2022 03:09:55 GMT
server: cloudflare
etag: W/"923e3b6e645fd81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g94amFm193SBbd4J6UcriY7fvdZMc9JslQ4WtF7bNsQvKKzqqvmspZwqrqIf3VwmOYc1uzhYRHDNjBrX0sZXYTMu2%2F%2FzL0PIigYKWQ9ZSkcZWgoYe0kA12tXX42OfqvowQu98oLxaJqVqW5xjtRN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d1621ac5e9243-FRA
expires: Sat, 24 Jun 2023 17:00:33 GMT

GET
H2 200 44D72F0B4379w632h516.jpeg
store.dwjhgx.com/uploads/20220504/4D/ 24 KB
24 KB 46ms
44ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20220504/4D/44D72F0B4379w632h516.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 297cb45ed5d4a43a93467ed4a81f39f4eb1a87d2dca18c816450a1dbe73fab9f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2485
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 May 2022 03:09:55 GMT
server: cloudflare
etag: W/"a9522f6e645fd81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFYXqqtTqaXtbldSei2uONbYDL9Ee%2BZbW5wd%2Bo9CzAxucvf8sHT2GG43%2BpifvsP8Gv%2BXgFeBV65JvXOotOr5Sa9%2BiEiIu0eDCnM9CVdB3XP1gmw1tID21SaYBh15NGAc96SV1KIg%2FPsWm%2Bt%2BxCcs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d1621ac5f9243-FRA
expires: Sat, 24 Jun 2023 17:00:33 GMT

GET
H2 200 DA2BBBF64579w648h529.jpeg
store.dwjhgx.com/uploads/20220504/A2/ 42 KB
42 KB 46ms
45ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20220504/A2/DA2BBBF64579w648h529.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 65cff4a4265e5b0406edef91cd90000649534978b0e974bc1f2d44283c1c5693

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2485
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 May 2022 03:09:54 GMT
server: cloudflare
etag: W/"afe37e6d645fd81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdH7wjXCEO7Ydlq6xxE1H4sFdMLFKsy492C2aB2esahl2N0mLoJnPeg99ltbYo7stFMNqT%2FG%2B5QpoJsRiQ3YYxyhuza2kZOVmaDrPVH22PssVFHVXHshcw8CgKbk7hFtmpcmF%2FoLmFer%2BfFZ2ly9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d1621ac619243-FRA
expires: Sat, 24 Jun 2023 17:00:33 GMT

GET
H2 200 ABFE89670F97w870h573.jpeg
store.dwjhgx.com/uploads/20220504/BF/ 45 KB
45 KB 45ms
44ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20220504/BF/ABFE89670F97w870h573.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e0f3d29b2fbf3c41da20e6c9d61319bc21e89f3dc30818b33ecf8a140cdbb4bc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2485
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 May 2022 03:09:56 GMT
server: cloudflare
etag: W/"df12b06e645fd81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvKV7CLkEsiWuIYvay1FnYs1%2Fla9mCkCR5uQUuKTzXiPz3kKkR%2BLFVxOns4PXuIEt0q8IURi3SP%2B0wA5%2FmbA%2BGhwskwX0IuMmz53f2LasbpAOmTIDTuTP5q3FSbP%2FY9HK%2FsnXuqOOK2mhc%2FHzRsM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d1621ac629243-FRA
expires: Sat, 24 Jun 2023 17:00:33 GMT

GET
H2 200 D8057F76D9F5w896h580.jpeg
store.dwjhgx.com/uploads/20220504/80/ 53 KB
53 KB 49ms
48ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20220504/80/D8057F76D9F5w896h580.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2a820cd271abb3b1293b6e536847bbf2361640be49fb19c04ad2597fd41683e9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2485
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 May 2022 03:09:57 GMT
server: cloudflare
etag: W/"275d1b6f645fd81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MgrkZSSBF0tbWXGxZs77Lc%2FyKApB5Eb7WiMG%2Fhnwuub7yf7qjIfJW4sQdD7g4V2yB%2FCf484jFdlr322s94lo8c9dEqJ7Zb4iKx1GUwLcKAMLqAVyI73ZKNMPxAfCtMcs%2FLZbc%2BN3ln6q1LNL69dA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d1621ac649243-FRA
expires: Sat, 24 Jun 2023 17:00:33 GMT

GET
H2 200 ysm_docilepuppy.js Show response
ad.sitemaji.com/ 39 KB
12 KB 59ms
14ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_docilepuppy.js
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 5b2d07f444380914a71b578ca63ac48f88bacbd0af29333166862fad6a62f255

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:39:00 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 05 Jun 2023 08:20:47 GMT
server: nginx/1.12.1 (Ubuntu)
age: 178
etag: W/"647d9adf-9aee"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12131
expires: Sun, 18 Jun 2023 17:39:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_TW/ 3 KB
2 KB 74ms
21ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js

Requested by

Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

445391624254b8bf8a506b3ea9df2f494434e77db1778179dbd0d4ef4f884a5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.dwjhgx.com/
Origin: https://www.dwjhgx.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Jun 2023 17:41:58 GMT
content-md5: /0VGNepHNB/ub3fROIe3Jg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1690
x-fb-debug: kjCOIhPhXMgBoQhez2SVtGWwbusB83FyXzgm3nccVjiRT9V3tW8oe7grCCNxbVNJimw1k0kzCz1Bo7gOlgC1jQ==
x-fb-trip-id: 1679558926
x-fb-content-md5: 4509ad0d5aaa33f76a603a14cccdcea5
cross-origin-opener-policy: same-origin-allow-popups
etag: "94ee0eb6c854f750b189998adc6e117f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 17 Jun 2023 18:00:05 GMT

GET
H2 200 2F8883FA111Dw1000h525.jpeg
store.dwjhgx.com/uploads/20220820/F8/ 61 KB
61 KB 69ms
27ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20220820/F8/2F8883FA111Dw1000h525.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d120eb30813a0dc39250404e6a1b8d7e124f01230ad413b6febd4f47b00d2bb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2485
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 20 Aug 2022 01:49:04 GMT
server: cloudflare
etag: W/"ed81737b4d81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2FUd0a%2F%2BTrJC3pL8O%2FR1iuG5GL%2Bn68ufA06lMYQEF5hOE7xFrI5o%2B1gcSVbIRzOybsL10lqPuvyARPDIrupDBLp8AiVmZWS0HclsqEuupW6xVHwGarfKOohbUmCel4Wb1eDeOuwiYIl9uz5I46Eg"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d16218c2f9243-FRA
expires: Sat, 24 Jun 2023 17:00:33 GMT

GET
H2 200 73FB8239D791w1000h525.jpeg
store.dwjhgx.com/uploads/20221203/3F/ 52 KB
53 KB 96ms
55ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20221203/3F/73FB8239D791w1000h525.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d8f12de2409c7195460e3721f5c9fe59042844fd5b8df79d21c09839fc5210d7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2485
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 03 Dec 2022 06:56:32 GMT
server: cloudflare
etag: W/"829c3760e46d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mm9b%2B5Q6qufnjfVMW07nbI82y6iFiR%2Bh1I3LD01NEYRUba4mOmmZuAadr6%2FIdN98hhRsg2ny1ywLxkYocKVH3iNn2KkgDtoa7MnLMjJayQRLMq20pSMV21qViok%2FkHI3RQ4JC%2BkXl24dcovIcQG%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d1621ac5a9243-FRA
expires: Sat, 24 Jun 2023 17:00:33 GMT

GET
H2 200 246CA4CA3F7Dw1000h525.jpeg
store.dwjhgx.com/uploads/20220811/46/ 53 KB
53 KB 93ms
52ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20220811/46/246CA4CA3F7Dw1000h525.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9a821a8cb7dc4114eb9ea2a20eb75b733e65dce616ab2e893390ccea612a3c8a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2485
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 11 Aug 2022 06:47:56 GMT
server: cloudflare
etag: W/"fdf7f4494eadd81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JLfkPJnFyX6qexFYOqD6SJyEtx%2FLTxKuYTce4hgep4ZXv6DTGOSmjIlx5adK5y%2BvsnLygZ5Kx8WQdaBnZ9CplZ5c8AoTzWfqKTMgBl4KmVc7Hzea4EnjBsn68uW%2BzG7EBDA3RJWcVLRwI7SH2cO%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d1621ac599243-FRA
expires: Sat, 24 Jun 2023 17:00:33 GMT

GET
H2 200 68455526226Cw900h472.jpeg
store.dwjhgx.com/uploads/20220908/84/ 45 KB
46 KB 91ms
50ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20220908/84/68455526226Cw900h472.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b422b4ab578cd3a3438f36e2d642f511b6b4832532989a46f5f69150415e11de

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60289
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 08 Sep 2022 11:13:58 GMT
server: cloudflare
etag: W/"656a91774c3d81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTxj3%2BxRUFVnJxYfh8FTaWexfSN2QbGeQgCqS2rcYV1qsPOYdHZE58WFU7gbezOsThaRRweEVuXGDzLpqSwNkWWVpx18HmzJHk56ZhuI8NbDOc0kd1tQJEtxIQsrSaeN5zNQjxW%2BTDZwWhejlfQA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d16219c349243-FRA
expires: Sat, 24 Jun 2023 00:57:09 GMT

GET
H2 200 C3D113900699w1000h525.jpeg
store.dwjhgx.com/uploads/20220504/3D/ 67 KB
67 KB 92ms
51ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20220504/3D/C3D113900699w1000h525.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 953db93b1823873a0477cf76a4bef2d4bd79e38f96be1d5b7c1b63bef2c4591d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 131692
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 May 2022 03:09:54 GMT
server: cloudflare
etag: W/"29712b6d645fd81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TnppOXXCAkqBrIQYDhK4uEbUYd6ff%2FzfFf7pIApXeuqMt9PSrhhInHlIds3RLD6%2BwFwqyQaBJjmpcrRtcXBayvlM%2BNkZlTj9CZFyLxb%2BGYrUSROcp8htauCNvZMV9HHBpYfXT2HPk5LFxoSK2H0o"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d16218c329243-FRA
expires: Fri, 23 Jun 2023 05:07:06 GMT

GET
H2 200 DFEAE66035CAw900h472.jpeg
store.dwjhgx.com/template/2023-05-17/ 45 KB
46 KB 92ms
50ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/template/2023-05-17/DFEAE66035CAw900h472.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3ab1407530e94ab924c724e7765ed27eb6471433f47ee290374054b60fe2caf1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2485
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 17 May 2023 03:45:21 GMT
server: cloudflare
etag: W/"8b93c17288d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r3R8eMEhCO7ASlSJfRBp6rmvG6K%2B58rQBWPbrFvWA32WzILqbRTDluIWGsKr0R5ePdEwBjJywQFVF8l3%2BVH%2FBPrBWtx5tOb7v1hTijEi0Njn%2BTF7jxnxy8wnEgqdLu0kXKe%2F5qj4JFHTTKBYlrGA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d16219c3b9243-FRA
expires: Sat, 24 Jun 2023 17:00:33 GMT

GET
H2 200 423984414618w1000h525.jpeg
store.dwjhgx.com/uploads/20230615/23/ 44 KB
44 KB 108ms
67ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20230615/23/423984414618w1000h525.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7e6196b89c7fe2f312312a39dd787a191c54ed8058a362bf1682c139476558cd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 131692
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 15 Jun 2023 01:52:10 GMT
server: cloudflare
etag: W/"34aa1ff2b9fd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qweoFYbwJJKIKqceD3mXHJ79YxnjBax5BPpqucdrFjymeDDMMR%2FoBIqQ%2FsBDZUzVlpm74xxvFnnjofzTWntXQT61mK8go1qf2Vjr7IPMK4X6U93HTNCYI5%2FB901wjr46k37MBKgZUen2d0EGF06"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d1621ac589243-FRA
expires: Fri, 23 Jun 2023 05:07:06 GMT

GET
H2 200 F960B0856EAFw1000h525.jpeg
store.dwjhgx.com/uploads/20230613/96/ 48 KB
48 KB 94ms
53ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20230613/96/F960B0856EAFw1000h525.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c632923964959e287b91a13c539ea9dc98f61c5854b667b4c4c16b785193b9a5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2485
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Jun 2023 07:47:42 GMT
server: cloudflare
etag: W/"ac59db55cb9dd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=moXAnyxOPI0mhgP61RWqPNMfEPFFRsXQW3DS%2BbibEjPnwhDt%2BHPDH3F2D%2Bp4Kg3UFq2E4EHUpeigWh6lrvXPcipaWruD3OV7U2auMzDtbAkvsXlaGMzk7EKj9wmDq0FwhanAOOjhkDHi7sk5Vw%2Fr"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d1621ac579243-FRA
expires: Sat, 24 Jun 2023 17:00:33 GMT

GET
H2 200 A9298B69ADA7w1000h525.jpeg
store.dwjhgx.com/uploads/20230613/92/ 56 KB
56 KB 93ms
52ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20230613/92/A9298B69ADA7w1000h525.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bde5e9fe785796e61b7e412b9f453b554366ad41224aa2e1fc5fa3f85cb85d95

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2485
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Jun 2023 07:43:46 GMT
server: cloudflare
etag: W/"e1a7bcc8ca9dd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrZxkCNB0An8cE9HfGihe9fn2oDrkz3BYbhwLwpJNaSWp5iU8Iw8%2FsoPauwmaK2iLqqgdTay6WHPNooKRm8sCmrwP%2Bx5%2BdIyi6n3MYeg%2FsAyiNk7LxVrn0msiZfsKs6TwPT%2F01C0NsjTc7gnZySl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d16219c389243-FRA
expires: Sat, 24 Jun 2023 17:00:33 GMT

GET
H2 200 71FF172E5E8Cw1000h525.jpeg
store.dwjhgx.com/uploads/20230124/1F/ 60 KB
61 KB 93ms
52ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20230124/1F/71FF172E5E8Cw1000h525.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 06ed352e390abae6bf638029b652813044a119b7e3dab404f7c768719f81c8a0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 131692
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 23 Jan 2023 19:52:17 GMT
server: cloudflare
etag: W/"92dd7532642fd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PEVu6Z4iZBfaw2pBIYbXkoLCW6OYRfRFXrjDnVDBHuU2M5SD%2FLX2IkDmshGGj2xDUHJW65YJ5wFKD99NMShe7RAKTDGL%2B4rB9Pnexm9XnvGXYwZQPrghdK7ymyGTfrxPljTF6m17FEIMqDd3I6cV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d1621ac5b9243-FRA
expires: Fri, 23 Jun 2023 05:07:06 GMT

GET
H2 200 8A0DFC0BACF1w900h472.jpeg
store.dwjhgx.com/template/2023-05-06/ 37 KB
38 KB 98ms
57ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/template/2023-05-06/8A0DFC0BACF1w900h472.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: df6cf63d58a091a68bf13dac41ad235ec78277d51ebfb8dd337c1ea6775a198a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 131692
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 06 May 2023 06:07:33 GMT
server: cloudflare
etag: W/"d53128ce17fd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7jydBL73f6FfwIFhzh07XLNgnh9nQl%2BoXZo5%2F0Oo%2FR9CH5GzLzuFJxoChClO8%2FEK2Gvxyui9U%2BmqUv3ixhmjY5dyThXyOf3psMuPl3hMPLyXtqyarYEmbcjJeX9d92LkNSfn%2BnmNTxDKYh%2Fq8t1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d1621ac569243-FRA
expires: Fri, 23 Jun 2023 05:07:06 GMT

GET
H2 200 10F06E25213Fw900h472.jpeg
store.dwjhgx.com/uploads/20221013/0F/ 70 KB
70 KB 92ms
51ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20221013/0F/10F06E25213Fw900h472.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d4c67360dd011abad10e5b2ff0e4f764097fe470063a3053529072dbed1e4c41

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 207988
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 13 Oct 2022 01:55:01 GMT
server: cloudflare
etag: W/"b15391cea6ded81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=et9ci5msPEHHs5YV6fKJhg3VEqVi4FOd0fSSwgHsZz34CBHmpihEofDqmEDrrUGj47EOuEhaQ82HuVbI2sBqmWFaR00oZ5Z6MENcL%2BzfB%2FRnDDNCl9i7x4mYox3X3xeTmWGP8ZeSksKKlNBewP2K"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d16219c3f9243-FRA
expires: Thu, 22 Jun 2023 07:55:30 GMT

GET
H2 200 B9CA3B1D8F99w900h472.jpeg
store.dwjhgx.com/uploads/20220830/9C/ 47 KB
47 KB 48ms
47ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20220830/9C/B9CA3B1D8F99w900h472.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 79b8b940074ccf68183e01728514449fd78e9c9b5bcdf4c48e73fcf1bd700a5d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 131692
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 30 Aug 2022 08:03:14 GMT
server: cloudflare
etag: W/"e0ff73f446bcd81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2F9zseKEYATnqyfCQLjlG7NGyKZFoGXu3x%2BpIowqDDmXaUBrOL6DZde5kd41DL%2BqsEY7COypIhpL2KjYMwV5EjX4zAssGYBbd3As0kTW2udbpH%2Bg4%2BEwlLVx6RU92m%2BYHFUE%2FZgmOICOwrRngMzZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d1621ac659243-FRA
expires: Fri, 23 Jun 2023 05:07:06 GMT

GET
H2 200 70EF21BCD08Fw1000h525.jpeg
store.dwjhgx.com/uploads/20220503/0E/ 74 KB
74 KB 45ms
44ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20220503/0E/70EF21BCD08Fw1000h525.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1770409f40e45b284e6f22c397dbfbbedbdc09622920ed183347964b614d0bfd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 453699
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 03 May 2022 01:01:11 GMT
server: cloudflare
etag: W/"0ecfc47895ed81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzVcM2DJGwc1mI%2BUVqQc9b8ZQn7bt89a34wLujLxY%2FkHPyd5ou6DNemri88WGaPLzRW6XHXpg8J2ddVF2zUiig5940n4zROAKM7m2H3Sf6YDy2ebwsKZcLdKULeTq78CbrRPNfRp%2FUZKYpI9ahvx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d1621ac669243-FRA
expires: Mon, 19 Jun 2023 11:40:19 GMT

GET
H2 200 ECAB1853E091w1200h628.jpeg
store.dwjhgx.com/uploads/20211119/CA/ 55 KB
56 KB 49ms
48ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20211119/CA/ECAB1853E091w1200h628.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: de48ec5b7ea6b876c18a619bd85a5aa8d90fa5cf20f94d8f60f4f68192688f23

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2485
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 19 Nov 2021 00:58:24 GMT
server: cloudflare
etag: W/"577c4d8ee0dcd71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xN7s7IdOXQppArNaRB0vjqAntOUuA4dHZ1hDMJgUtyujCu%2BDF45C1dCrOJwS6Ca2AfK02LfgF%2BpZQAEw%2BfBsGuLLdnpM%2F0fTbClUdyzlcfab2HXZPlrjviXa9NVLecy3bzE0eF1nHCwXOhMQt3y%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d1621ac679243-FRA
expires: Sat, 24 Jun 2023 17:00:33 GMT

GET
H2 200 34D94EA67CC1w1000h525.jpeg
store.dwjhgx.com/uploads/20230611/4D/ 61 KB
61 KB 46ms
45ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20230611/4D/34D94EA67CC1w1000h525.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a1a25099d3bad7b5e9495b996bf25cba1a9485bbe60cd37c64556227e7738809

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 131692
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 11 Jun 2023 09:16:51 GMT
server: cloudflare
etag: W/"da105b75459cd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pwdR5fW5TgnKMOxrO%2F2CfrfVZjwlpp7Rot3P1TjwJKV4EarZkfEXAAI%2B27og%2Bmz3n6HihWx%2FGJMIhQRxEMvWiArIXp5uI0fHprWlvibVrtqRm%2FLbdaYsl5bUImBd6uLfPKvGuls559VAsOXYYP19"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d1621ac689243-FRA
expires: Fri, 23 Jun 2023 05:07:06 GMT

GET
H2

200

stat Show response
twstat.dwjhgx.com/
Redirect Chain

https://www.dwjhgx.com/xstat/moneystat
https://twstat.dwjhgx.com/stat

1 KB
903 B

437ms
422ms

Script
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://twstat.dwjhgx.com/stat
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 075d7165087bc2b8142d4615336807c2e62929d00237aed9b9263f45d0af3d66

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:59 GMT
content-encoding: br
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipbDdnSY%2FqSASnCRCaGUclr44o7%2Fg5VjI9LCQRM0RE6Gci4JfDBcp%2Fkyf0gR8xfEK8DVbt%2BR3qC%2Bn2Q3EJnz5ov4hETAE%2BT5aFbyMnD%2FM6QDZkV5zRFrFB6w6F1lAPIhC8ctHiv%2FF53%2FbrGj3TbWTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private
cf-ray: 7d8d1623de559243-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 17 Jun 2023 17:41:58 GMT
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5N24ApasQdTfFupI98kzaMGehG1zrp1g3MXpBxOxRZ2GtUjAV2d%2BPBXu9GUP6dIdohkgigc3A9x%2BLHKvDeo5HCGkLeN%2BCj4U%2Bx9fVG6jQqpp46D3acZMjhpdn65qFmmFizelpdOVvklPuZ5MYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://twstat.dwjhgx.com/stat
cache-control: private
cf-ray: 7d8d1620dce25c80-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

/ Show response
count.dwjhgx.com/
Redirect Chain

https://www.dwjhgx.com/xstat/index/2184
https://count.dwjhgx.com/?2184

7 KB
2 KB

413ms
398ms

Script
text/javascript

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://count.dwjhgx.com/?2184
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4c7d0062edf223a5c69effad463229166406006816ec712d0103dd155ee4db7f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rlgrNI1zqW6bA4opZj6CqGKQNbfVm7OPCiKlUObMN8b6XorxSTvAYmvxfPPxJr6L1mFNgWmAT90GvgQnBjgXdsLDmx2YHl%2FgakTQdbp9IG9iUP0t6KPUGtWgJfiomCVEUIb1mqTSvAxMCMO3d%2BQ5"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
p3p: CP=CAO PSA OUR
cache-control: public
cf-ray: 7d8d1623ee6c9243-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 17 Jun 2023 17:46:59 GMT

Redirect headers

date: Sat, 17 Jun 2023 17:41:58 GMT
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSgoMXjGf7e2bBz1vfsqV5c5tQkVy6%2FcGe62vLZnHO8YHmxkaNlMVGkjf8RX3ydyN5LAx%2FNgzuLm3FnCZ%2F5v%2BfiVMUJN6lAuduLLBrVG0kNan6%2BHv6JaEBXOOwORJoOUso6NqEbzOCZwHo4gLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://count.dwjhgx.com?2184
cache-control: private
cf-ray: 7d8d16210d105c80-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

ad Show response
popup.dwjhgx.com/js/
Redirect Chain

https://www.dwjhgx.com/xstat/pop/4794845
https://popup.dwjhgx.com/js/ad?lang=zh&aid=4794845&host=www.dwjhgx.com&type=1&count=0

0
268 B

552ms
514ms

Script
text/plain

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://popup.dwjhgx.com/js/ad?lang=zh&aid=4794845&host=www.dwjhgx.com&type=1&count=0
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:59 GMT
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qxDmiuc4ErKBn%2FXQGeWiLU8OSMk%2BWirD%2BzI7rvBkzwSM3iLQ8pTici2y%2FuKx6I0ClA34EG1Gfm79%2BFiEhFUDyeRarwjU54K2Y6SIirjv8nAOU31AJZl7wRH%2BOVfcMgltwe3IUg8rf2TX1gm%2B5hBN"}],"group":"cf-nel","max_age":604800}
cache-control: private
cf-ray: 7d8d16241ea59243-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

Redirect headers

date: Sat, 17 Jun 2023 17:41:58 GMT
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eh3RyaN9L6rCA9AbVJt7M%2FgRFD8BjihzvBkgSbTSLxXGiZyw%2Bmz4lSITABwaLN2BAuY70x0mHK9SPmepQLmAaM0tioTwNBVSF%2Fw3wTScyFMH3tEOGriL21g4ZyWwI5YMXY6pl1bZqKBVlyPm1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://popup.dwjhgx.com/js/ad?lang=zh&aid=4794845&host=www.dwjhgx.com&type=1&count=0
cache-control: private
cf-ray: 7d8d16210d1d5c80-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 email-decode.min.js Show response
www.dwjhgx.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 30ms
22ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dwjhgx.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Jun 2023 10:17:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"648ae541-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8vmzxZm2vC%2B0uW%2F22JDHt%2FnDAHCPnWGX1GQh972jsbfIXR8DcNkM1Fux2ZpOd5LUpYe1zegcAZHAHJvSn3Gh%2B8SPbQWGZ4Zm4B0XnkqxlKrs8ERng%2FhA%2FjJZXObZlhuFLjiBq5ts4EWF9YLIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7d8d16210d1f5c80-FRA
expires: Mon, 19 Jun 2023 17:41:58 GMT

GET
H2 200 / Show response
www.scupio.net/kanglei/ 3 KB
2 KB 677ms
605ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.scupio.net/kanglei/
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.9
Resource Hash: 5f04a67133e8d41a751e2030f0c3492cd7438868d74e850b94007eb12805e6d7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.3.9
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sO343l2Lv76GddSMIpOWlr2zV6Jd1R%2BP5Q2mEPSz2EhtKQFahl%2FEJcheK9QXrelWr%2BpIGCHlurD0upfZi8JkJB2DbZaNEYLf11JO7ew5H1gSYQKn%2B7MbA%2BXlpTOyOoFWIHOjFYSa9N9U0747YA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7d8d16217eef1c15-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.lazyload.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery_lazyload/1.9.7/ 3 KB
2 KB 77ms
26ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js

Requested by

Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80351098c2478918bb80008d7836499305bf6f4d4b2abf742b8823255bbb0d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dwjhgx.com/
Origin: https://www.dwjhgx.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5268831
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1120
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-d35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90oAhg%2BTIulQq9%2FkSJyIEOC%2F%2FdPtZARJNXI52kV3zKd39oluFqKY19Wn7kKZ4ehZHZYImw55w0VDTKn6aF%2Fd3UjFBoAP413K2JRc15aT62VkykHFjibc%2FHmp%2Faa%2FiefApwNVLVOgDDmbNte7QfprwoaI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d8d16215eef90ee-FRA
expires: Thu, 06 Jun 2024 17:41:58 GMT

GET
H3 200 scrolldepth_tw.js Show response
www.dwjhgx.com/Content/js/ 1 KB
960 B 424ms
421ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwjhgx.com/Content/js/scrolldepth_tw.js?r=0.1368746922734838
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 40741befbc3c09b5f0fb087cb0183ac25824ca837eab7276267719669461474b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 22 Mar 2023 12:52:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"17f69923bd5cd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDVqutR3S3bTXXNVtP3mYm61nug7Snd%2FStrCMzOxUC75mq69SuS9OOrzpfQ%2BkG6pLr9ZsLZlG3%2FyhW2iCzMWX6eLddM66XgkzIilRlUtBdqO0RH5nLUtBaO2rkiKe14D2wZF1YAv9jiHxEeFRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=28800
cf-ray: 7d8d16210d225c80-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Jun 2023 01:41:58 GMT

GET
H2 200 plugin.min.js Show response
static.dable.io/dist/ 101 KB
37 KB 172ms
28ms Script
application/javascript 184.31.93.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.93.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-93-220.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 553418974414e9d86765451073753eccd6092e0d6c20e4ba712297601232b7f6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: Apqf5ffwEpPmlJvBETJ8q7AEjmGF6SjP
content-encoding: gzip
date: Sat, 17 Jun 2023 17:41:58 GMT
last-modified: Thu, 15 Jun 2023 04:29:36 GMT
server: nginx/1.20.0
x-amz-request-id: 10CHGJZZ1XVEGBC3
etag: "f0a931085381d488ae5965ee8b9ec0a7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=21607
accept-ranges: bytes
content-length: 37278
x-amz-id-2: PZATs1lOe+ZKvYfn6F/XahKHIYNmXZcrQ4WPr4QTuIrj1beJRxO4KbMpGfya7/t/mvKL+dLAVRY=

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 78 KB
17 KB 1063ms
509ms Script
text/javascript 35.74.203.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.74.203.95 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-74-203-95.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8c4cba2e1e20ae511379d3194bfc17d169a0f6fa489e6d95eaa62a5b92ef145c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:41:59 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H3 200 fontawesome-webfont.woff2
www.dwjhgx.com/Content/zc002_cn/fonts/ 75 KB
76 KB 26ms
26ms Font
application/x-font-woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwjhgx.com/Content/zc002_cn/fonts/fontawesome-webfont.woff2
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/Content/zc002_cn/css/min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.dwjhgx.com/Content/zc002_cn/css/min.css
Origin: https://www.dwjhgx.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2486
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Wed, 22 Mar 2023 12:52:28 GMT
server: cloudflare
etag: "55c6828bd5cd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xubHjymo8G%2BpQ2q5iisS%2BfP9rpcCrGx97v9rzaOO6lV%2FfgtFZyWld3MzgGeqK1ZWYNn5efcrFeL8AXYCx7gFbUc%2FEB5uy26IYiNjZEDWaoknYhe2WNrinkkdrUHifQqyX7YazzFDmpyfVY2DQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-woff2
cache-control: public, max-age=28800
accept-ranges: bytes
cf-ray: 7d8d16211d245c80-FRA
expires: Sun, 18 Jun 2023 01:00:31 GMT

GET
H2 200 ADE0579B90F6w1200h628.jpeg
store.dwjhgx.com/uploads/20200429/AD/ 49 KB
50 KB 47ms
46ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20200429/AD/ADE0579B90F6w1200h628.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 31d884ef20eadfe06f8dfab018b02ff0d8c464c6d9d0cb2ac284c8788808b715

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60289
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 29 Apr 2020 04:45:01 GMT
server: cloudflare
etag: W/"37a88f1e01dd61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X7sLFNcD7JCCtR6vZbdgVlGiAXHUo7qVHvXE6K2hV1F%2BY8vKOv1DK9AetAzgq8i7E8LufwpoUqsaRROt24uREDHlxFZgveN29CFgp4xObPrHr1ihzyeFQHHx5zUhHcMeFs7bQHHLW6gmvWM0KupF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d1621ac699243-FRA
expires: Sat, 24 Jun 2023 00:57:09 GMT

GET
H2 200 BF7DB201AEA3w1000h525.jpeg
store.dwjhgx.com/uploads/20210903/BF/ 53 KB
53 KB 46ms
45ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20210903/BF/BF7DB201AEA3w1000h525.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1bb3ae035eb0b672c86074528edbfeeac272345e36ce0fb4450b76ebfb8fed53

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2451
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 Sep 2021 03:11:06 GMT
server: cloudflare
etag: W/"1fab445671a0d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AC0WXAHIXh2duwYC61xF92TuFhdKDFsjCfUqEWfwL7Fjvtvzp1FZlPsuqg7tIxG%2BDxMpg9GcYhYauFidPsyVTE0E7C4Wy%2FSZ4qYIluu%2BY2yoibexTSPwWDYNaqTn6Ppg7PaJvWTNEms7KGpWOrlj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d1621ac6a9243-FRA
expires: Sat, 24 Jun 2023 17:01:07 GMT

GET
H2 200 FD56C5574754w1000h525.jpeg
store.dwjhgx.com/uploads/20230304/D5/ 54 KB
54 KB 48ms
47ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20230304/D5/FD56C5574754w1000h525.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 043591419eca0f40e6672d5a30de7e18e9063949a87edc248ec1b50c2d8493b2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2451
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 04 Mar 2023 06:23:23 GMT
server: cloudflare
etag: W/"5e7387d2614ed91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pthsvef6f0xPwEHQ5WrzFDXyf%2FzqM1vKBQfqkD1sCkSVBv92Je0BCbF9V9fyDkdcch1yspHDeJK3DW%2BF0HgQyjLbD5kOr0OZJnz%2Bk7WTSDfiG87q8rPlD71Z2qHAI6U8XDSyQak%2Fw%2BYJIETedLC%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d1621ac6b9243-FRA
expires: Sat, 24 Jun 2023 17:01:07 GMT

GET
H2 200 1F7D693B1D3Fw900h472.jpeg
store.dwjhgx.com/uploads/20220909/F7/ 59 KB
60 KB 47ms
46ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20220909/F7/1F7D693B1D3Fw900h472.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 92eaa30affeb91694306ac4711e5d486860ac2ee3d7f3f279277b4adf3ac1b2b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2451
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 09 Sep 2022 00:19:50 GMT
server: cloudflare
etag: W/"582741e0e1c3d81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpzNSFtDUW4rlpzhQOzOBQgpRayxN3w6zMbFszDwVZyP4aI9um52VlaIge3O59oxnOkCCO8sm%2FRi6jAm%2F0gexp5pVSk44GDV0fKt%2BudNI1v8QgbGavDSWP3p4UcGfDFG9%2BudMQbm8hNg9pRtPuQ5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d1621ac6d9243-FRA
expires: Sat, 24 Jun 2023 17:01:07 GMT

GET
H2 200 30D203924F8Ew1000h525.jpeg
store.dwjhgx.com/uploads/20230505/0D/ 53 KB
53 KB 59ms
58ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20230505/0D/30D203924F8Ew1000h525.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c8d2f11aa67538eb638d38d64601053c08866fb614b14b96858a02e50d38647f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2451
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 05 May 2023 06:42:19 GMT
server: cloudflare
etag: W/"8e3477bd1c7fd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPLWODul9pyDCgSVutPg9nZjdCXzz3A7SU3Fpqbkflu45eVSXoU6r8IDQsG8DYEK%2Bjxsp91u2u5AgMrzQLaNw2j8ByZcQMgiJYycMw2SZDPBZaXLzxAbf0uRUYxdJGnSxdJBIOUurzxXAba%2FQ6e%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d1621ac709243-FRA
expires: Sat, 24 Jun 2023 17:01:07 GMT

GET
H2 200 4E710E3A2A59w1000h525.jpeg
store.dwjhgx.com/uploads/20230429/E7/ 69 KB
69 KB 48ms
47ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dwjhgx.com/uploads/20230429/E7/4E710E3A2A59w1000h525.jpeg
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 184ae17929bfbdef3d7416093d05dd0127fa383d8701f0b36e97ded48316bce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2451
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 29 Apr 2023 07:43:44 GMT
server: cloudflare
etag: W/"34ddfa526e7ad91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9nEKX8DvFUEaWI7Q8xPUFyXdz3MpVHme6uKQH28IvNQMGkFDEmWIc27ylIlhGnj5VcqLuDp8RcCtGljQlA%2BIWr3hvo%2FnM9w9OIb%2BAPk9YhsxgYpyQ%2F%2BMjOm16jNli5Fy2nHEfMoaT38faR19ECI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7d8d1621ac719243-FRA
expires: Sat, 24 Jun 2023 17:01:07 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_TW/ 307 KB
87 KB 23ms
22ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js?hash=6404f8437333788196af61050919f1be

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

51b573014d02387ae3935e554c135bdafe40e4b8db0c074b8f730adafc771e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.dwjhgx.com/
Origin: https://www.dwjhgx.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Jun 2023 17:41:58 GMT
content-md5: HMfUPu7zUxGc04rg5qoXkg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88886
x-fb-debug: bbVN9ZJYnEFkkQ0pVvMzlEbu3IWcWvxPQkrtbYGPhtCKtdj29nwrC/7LABnBpAvgOV6tlIWbFIDlp32uPj14LA==
x-fb-trip-id: 1679558926
x-fb-content-md5: 1fcb616b030c91216d915250f7fe3063
cross-origin-opener-policy: same-origin-allow-popups
etag: "83ef300abcf572c39bb68d04de4f0719"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 16 Jun 2024 17:37:58 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ 352 KB
118 KB 148ms
95ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7949086572848068&plah=www.dwjhgx.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7949086572848068

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09e8c14c8ac6d2d87e1067b99ce111ab9664d861a56767f16581640e2aba4c7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120784
x-xss-protection: 0
server: cafe
etag: 5686110102446839617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 17:41:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230614/r20190131/ Frame F951 10 KB
5 KB 80ms
19ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230614/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7949086572848068

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dwjhgx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 85028
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 18:04:50 GMT
etag: 15057649708203361565
expires: Fri, 30 Jun 2023 18:04:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 74ms
21ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1001839627068325&ev=fb_page_view&dl=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&rl=&if=false&ts=1687023718849&sw=1600&sh=1200&at=

Requested by

Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 17 Jun 2023 17:41:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 prefs2 Show response
api.dable.io/plugin/services/sddmovie.com%2Fpal-mate/ 868 B
1 KB 775ms
253ms Script
text/javascript 3.34.73.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/sddmovie.com%2Fpal-mate/prefs2?cached_uid=&tcfapiSet=0&gdpr=0&callback=dbljson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.34.73.0 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-34-73-0.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

457425bf82dff89eacfdff50698cc0151d956e95bfcbced37de2f908317e9676

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"364-2kyGjhdIchIybcXzCo/7ZeNhnFg"
content-type: text/javascript; charset=utf-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
601 B 111ms
28ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.dwjhgx.com&callback=_gfp_s_&client=ca-pub-7949086572848068

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7949086572848068&plah=www.dwjhgx.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95e0e926d4c853862c56c69ae00155b84c8427930d812609cab1ee8f9ca8e97e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 77ms
28ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.dwjhgx.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F716 0
179 B 211ms
210ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&adk=1812271804&adf=3025194257&lmt=1687023717&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718726&bpp=3&bdt=635&idt=241&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5141125721414&frm=20&pv=2&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=262

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dwjhgx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 17:41:59 GMT
expires: Sat, 17 Jun 2023 17:41:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C77A 127 KB
38 KB 1578ms
1576ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=3811420561&adf=3099259536&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718729&bpp=2&bdt=638&idt=262&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HMFkBwgTwZ&p=https%3A//www.dwjhgx.com&dtd=268

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b68bfc0b0d528fb4eae3168bde498497fe462cffe93645976653294c7df31e9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dwjhgx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38937
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 17:42:00 GMT
expires: Sat, 17 Jun 2023 17:42:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 601F 115 KB
38 KB 837ms
836ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=2258619035&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718731&bpp=1&bdt=640&idt=271&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=2028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6u2nYobpTA&p=https%3A//www.dwjhgx.com&dtd=274

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

693a5876252158238fbca8a985b4926c350d64353375affda08dfef89ce0cd9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dwjhgx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38253
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 17:41:59 GMT
expires: Sat, 17 Jun 2023 17:41:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 29EA 153 KB
40 KB 1005ms
1005ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=4020535244&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718732&bpp=1&bdt=641&idt=277&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IDSiMIRm53&p=https%3A//www.dwjhgx.com&dtd=280

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c8d8fd776e34407b6ba8aed77bc86a8320dd35becb1c278f1f3ec8686216bc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dwjhgx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40536
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 17:41:59 GMT
expires: Sat, 17 Jun 2023 17:41:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK /
count.xxxssk.com/s/ 338 B
565 B 989ms
213ms Image
image/jpeg 119.28.16.172
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://count.xxxssk.com/s/?isentrance=true&guid=dd68892c-f764-3462-0fb7-7dbb8d05a940&resolution=1600,1200&colordepth=24&location=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&referrer=&rd=0.7005778484853797&sid=2184&dpr=1&appCodeName=Mozilla&appName=Netscape&appVersion=5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/114.0.5735.133%20Safari/537.36&maxTouchPoints=0&platform=Win32&product=Gecko&productSub=20030107&vendor=Google%20Inc.&deviceMemory=8
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.28.16.172 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e93636d3ef399dc7d33a87e01495e525303cdcb7f443dbfa77f05e4c80825407

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 17:42:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/jpeg
P3P: CP=CAO PSA OUR
Cache-Control: private
Content-Length: 338

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
64 KB 469ms
48ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-87942765-23

Requested by

Host: www.scupio.net
URL: https://www.scupio.net/kanglei/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ddb25799d4162b8c9daf4e213a2fc4644888ecbd05a720a36ca6637f17aec3d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 64725
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Jun 2023 17:42:00 GMT

GET
H3 200 cse.js Show response
www.dwjhgx.com/Content/zc002_cn/js/ 13 KB
5 KB 35ms
34ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwjhgx.com/Content/zc002_cn/js/cse.js
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/Content/zc002_cn/js/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: abc242f134647159f15fc4e8a3691daf1b7a1153d3370885c3389130b9ab3f74

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2481
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Mar 2023 12:52:29 GMT
server: cloudflare
etag: W/"41861929bd5cd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0s0gMqya94JWOChzwEcTOMV6GZFVC4MG%2FNIaq62qmcASUm4FLFcfu5%2FVx%2BBoBG12cWvvvBZ5nDR%2FtKtKLJeBLMiIr%2BLSAy7vP1ffS1L5QNngnKdAB93Em1iOdhGeHbM4ZMbSrblYnik9KtlwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=28800
cf-ray: 7d8d16276ce65c80-FRA
expires: Sun, 18 Jun 2023 01:00:38 GMT

GET
H3 200 min.js Show response
www.dwjhgx.com/Content/zc002_cn/js/ 163 KB
36 KB 39ms
39ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwjhgx.com/Content/zc002_cn/js/min.js
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/Content/zc002_cn/js/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: aea7a0b33959519cc0da4cbad38826e5e99391568dee742f63c25801e6c109fe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2480
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Mar 2023 12:07:27 GMT
server: cloudflare
etag: W/"a835cedeb65cd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OTC%2FHiIcCgIPJx6YNHuh8I6vN5bcT3%2FolvquUGB4axm%2FfTeB0up86r3I10CVCcC1Y6ZHGe%2BFx9hHds3NiDd9HrhqKh2MN8hKhRbqfP%2FpuaqxbFHIW62TqpEG3aoKvaNhbut%2FkiZ5w7a6Xv9vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=28800
cf-ray: 7d8d16276ce95c80-FRA
expires: Sun, 18 Jun 2023 01:00:39 GMT

GET
H3 200 imagesloaded.min.js Show response
www.dwjhgx.com/Content/zc002_cn/js/ 7 KB
3 KB 42ms
42ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwjhgx.com/Content/zc002_cn/js/imagesloaded.min.js
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/Content/zc002_cn/js/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a38776c09a3752a38cc775fdd597a31dde3d57640b54fcdf2136f942970b687a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2480
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Mar 2023 12:07:27 GMT
server: cloudflare
etag: W/"f097c9deb65cd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KK56wCYSGteCUlDZmaFU5YhiFG11NNpwlCoWGyHc3pWScaT6Q94ivD3fDKPoDb1nt0TxHPtaXoCh4wJ2iXzOl1c%2FZyOwUnsO3nZ%2Fz%2Bp6zvdonX8g2iz051JhStBG4RfPJM3pADHJTqPDMJhVSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=28800
cf-ray: 7d8d16276cea5c80-FRA
expires: Sun, 18 Jun 2023 01:00:39 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ 17 KB
17 KB 449ms
28ms Script
application/javascript 2600:9000:2104:8400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_docilepuppy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:8400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0696c5e661e7c6a48cd7c8d06695a1a9080271fa630cee908d8383282e6424cb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: zD9.Cbfx8TYSkl7RuTjaI7R4kG4gYwIG
date: Sat, 17 Jun 2023 17:42:00 GMT
via: 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jun 2023 09:57:53 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
age: 17
x-amz-server-side-encryption: AES256
etag: "43a50f8c40c3cffa2f15e77ea30165c9"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 17223
x-amz-cf-id: NK044n6ACLW2YjXHWKgwu7rWyATWp9fF0sTk0fqD7z8N_M4xrsi4lg==

GET
H2 200 scrolldepth Show response
twstat.dwjhgx.com/stat/ 50 B
358 B 229ms
228ms Script
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://twstat.dwjhgx.com/stat/scrolldepth?url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&type=1&_=1687023718547
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/Scripts/jquery-2.1.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ca233c8d70dbda55befd78568a27756e79bcaceca42338525909057e9ba374b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:41:59 GMT
content-encoding: br
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bx9kunuJWBk9GtcvEN6r0AQWsxIWvHQ%2FXfQJrvhVaHYwY9EQlgKmmVQhhcKhTiLFb0AWeievc5%2BIoDTUsJVUPrIIEJPZJEq8q2wgk%2Fa1sGOjUc8M6NLX6RkmNYkVlqPs7wFWG6KiShw9crYoT45J6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private
cf-ray: 7d8d1627699f9243-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

feedback.php Show response
www.facebook.com/plugins/ Frame 57CA
Redirect Chain

https://www.facebook.com/v12.0/plugins/comments.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2729b9144b5b1c%26domain%...
https://www.facebook.com/plugins/comments.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2729b9144b5b1c%26domain%3Dwww....
https://www.facebook.com/plugins/feedback.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2729b9144b5b1c%26domain%3Dwww....

293 KB
59 KB

202ms
202ms

Document
text/html

2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2729b9144b5b1c%26domain%3Dwww.dwjhgx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dwjhgx.com%252Ff37407a0cccc57%26relation%3Dparent.parent&container_width=700&height=100&href=http%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&locale=zh_TW&numposts=3&sdk=joey&version=v12.0&width

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=6404f8437333788196af61050919f1be

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

449fd45c066259bc313c25d56a7f763339fd6928de6c0afb2ce8e52d08b8dc72

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dwjhgx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Sat, 17 Jun 2023 17:42:00 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: WVCcL20DAY2PbWZnk5aR/6MGqJkw4hHrT2V33bV5nXZx/9CsyPx+HYXnM3qx7lQLjH89b/5kmwPmFUZdXtsV1w==
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 17 Jun 2023 17:42:00 GMT
location: https://www.facebook.com/plugins/feedback.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2729b9144b5b1c%26domain%3Dwww.dwjhgx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dwjhgx.com%252Ff37407a0cccc57%26relation%3Dparent.parent&container_width=700&height=100&href=http%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&locale=zh_TW&numposts=3&sdk=joey&version=v12.0&width
origin-agent-cluster: ?0
priority: u=0,i
strict-transport-security: max-age=15552000; preload
x-fb-debug: 5soDIrMFij7RAnZqiDH6lBSFHv0Pk4R3rxHXAYCxE2nbqHZf4YEcLWOHRAw5otP6NtsL4vOdaM5CB/gZF/afPA==

GET
H3

200

feedback.php Show response
www.facebook.com/plugins/ Frame 0A97
Redirect Chain

https://www.facebook.com/v12.0/plugins/comments.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfeb7e2ac193b04%26domain%3...
https://www.facebook.com/plugins/comments.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfeb7e2ac193b04%26domain%3Dwww.d...
https://www.facebook.com/plugins/feedback.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfeb7e2ac193b04%26domain%3Dwww.d...

295 KB
60 KB

167ms
167ms

Document
text/html

2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfeb7e2ac193b04%26domain%3Dwww.dwjhgx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dwjhgx.com%252Ff37407a0cccc57%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&locale=zh_TW&numposts=3&sdk=joey&version=v12.0&width=550

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=6404f8437333788196af61050919f1be

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ebb69da3f593e40debf0011ffd8d7230c1d6b6de9f0d035b11a7dd77fd719227

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dwjhgx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Sat, 17 Jun 2023 17:42:00 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: EUZfY/DXPVku0FwBw5RCn8YOPtR5g9uxmR+aobiwRmKXBpseJJMYVcsbKjZEcy/YLOVKtDU2KGdpaCvjdSI8pQ==
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 17 Jun 2023 17:42:00 GMT
location: https://www.facebook.com/plugins/feedback.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfeb7e2ac193b04%26domain%3Dwww.dwjhgx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dwjhgx.com%252Ff37407a0cccc57%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&locale=zh_TW&numposts=3&sdk=joey&version=v12.0&width=550
origin-agent-cluster: ?0
priority: u=0,i
strict-transport-security: max-age=15552000; preload
x-fb-debug: fMD2rehc/tsNrxKbGLgIsmGipPln6as00W26K7I24nR3EYl6GS63E6g3kuv7dS1qbBmh+pe6hWuan3YzVQsAOA==

GET
H2 200 00000000.0000000000000 Show response
api.dable.io/widgets/id/goP0dJoQ/users/ Frame 3C7A 409 B
441 B 290ms
290ms Document
text/html 3.34.73.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/widgets/id/goP0dJoQ/users/00000000.0000000000000?from=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=sddmovie.com%2Fpal-mate&gdpr=1&service_id=10086&service_type=news&country=TW&client_id=2011&randomStr=29f179c3-81ba-4fa8-96d2-411a86c24e5f&id=dablewidget_goP0dJoQ&category1=%E8%A3%9D%E4%BF%AE%E8%88%87%E8%A8%AD%E8%A8%88&author=https%3A%2F%2Fwww.facebook.com%2F%25E4%25B8%2596%25E7%2595%258C%25E7%2599%25BE%25E7%25A7%2591%25E5%25A5%2587%25E8%2581%259E-1365804550169165%2F&ad_params=%7B%7D&pixel_ratio=1&client_width=700&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.34.73.0 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-34-73-0.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 0531873e9e4906c68177f7632bd08821e4e488e721f50a212748d2ebe6f84933

Request headers

Referer: https://www.dwjhgx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 17 Jun 2023 17:42:00 GMT
server: nginx

GET
H/1.1 200
OK im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
681 B 351ms
30ms Script
text/javascript 2a02:26f0:3100::1725:e269
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1725:e269 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 17:42:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="NOI PSD OTR"
Content-Type: text/javascript
Cache-Control: private, no-store
Connection: keep-alive
Content-Length: 445

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 571ms
250ms Script
text/plain 108.138.7.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4300666&widget_id=54803&auc_id=&callback=_lgy_lift_callback_4300666&render_id=MTY4NzAyMzcxOV8wXzhlZTM0OWIxNjgwYw%3D%3D&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&ref=
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-39.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 17:42:00 GMT
Via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: FRA56-P6
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: RIkmAKKeh7W-OF7SkEfYamWmVr6PH_ik-__vVjfKSEzr5Hp4wYXnxA==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 css
fonts.googleapis.com/ Frame 601F 2 KB
975 B 113ms
32ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=2258619035&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718731&bpp=1&bdt=640&idt=271&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=2028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6u2nYobpTA&p=https%3A//www.dwjhgx.com&dtd=274

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 17:40:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 17:42:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 601F 2 KB
926 B 128ms
53ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 17:37:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 601F 22 KB
9 KB 107ms
49ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8931
x-xss-protection: 0
server: cafe
etag: 12022837384336330993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 17:36:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 601F 3 KB
1 KB 112ms
54ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29094
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 09:37:06 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 601F 19 KB
8 KB 99ms
26ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 17:36:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 601F 178 KB
56 KB 115ms
42ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 17:42:00 GMT

GET
H2 200 9c81088c85b4e7b59d5cd8ce7f87e269.js Show response
www.gstatic.com/mysidia/ Frame 601F 32 KB
14 KB 102ms
22ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9c81088c85b4e7b59d5cd8ce7f87e269.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1255c225e18e01faae68870c17c44c85368bf6c4120d0e674615f7a9ccc70d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 03:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13708
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 22:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 03:26:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 601F 0
0 75ms
74ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSVQgZ_CNZPf0AePjkdUP0NKEmAS3t7n0cL-hxfLFENrgs7KUMBABINrito4BYJEEoAGgmdzsAsgBCakCcfypSkpZsj6oAwHIA8sEqgTyAU_Q2ycrnGGdX22N2Jp501NMQLjUSwFmgTcHnEovzEwwAbLPsGLGC9JJS-mI8Rm4ACsbfPyvECv_jVfYtEEcQdGpHv43B1Pw-eoSysinpyvI_m4WaLRRQyCpCTHe2e9uUiR1_IMF2F3YVfC4NDPfzRmFNZ_ZuqIHBNw3SZwwdZ1YtXoynDpL5hpwPass54S7dSMgRFtU7g2akcztPFGzaXi5jBg_aWIa6ssZpg1HhSicnwpeOqtKPTirpJU-mHGd3CbISn6Ef5m6DX5hvO72e4dQZcSCaUZ_NvhdB406TkmBgzISd8L9xWfKqpGIuL4eDBLqwASayfie6gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH_d7mpAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQy8AJ0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTC9AVAYAXAbIXHAoaCAASFHB1Yi03OTQ5MDg2NTcyODQ4MDY4GAA&sigh=vnviDvTLHbU&uach_m=[UACH]&cid=CAQSGwBygQiDdQHEmpnI-Lcf2xhTxZtq7U1Qhq1kRRgB&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=2258619035&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718731&bpp=1&bdt=640&idt=271&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=2028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6u2nYobpTA&p=https%3A//www.dwjhgx.com&dtd=274
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Jun 2023 17:42:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Jun 2023 17:42:00 GMT

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 1BF0 8 KB
8 KB 37ms
37ms Document
text/html 2600:9000:2104:8400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:8400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95ea6dd9b4a1ea51842a2445f692c6667d6a8f039bc8b6b84e2b8e4d47e89225

Request headers

Referer: https://www.dwjhgx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 10
content-length: 7890
content-type: text/html
date: Sat, 17 Jun 2023 17:42:00 GMT
etag: "e090f4ac111bd0e0dd865bdbb97fa28f"
last-modified: Wed, 14 Jun 2023 13:45:19 GMT
server: AmazonS3
via: 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
x-amz-cf-id: XCdvACj3vxJre-U8Wd4domrdyDmgPm2Zymm0J-9Ab5Fd8vFsZZdYbA==
x-amz-cf-pop: AMS1-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: S2DFp1kCOKWY1.ffDCmGy6vawdQiJHiT
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ 662 B
1 KB 21ms
21ms Script
application/javascript 2600:9000:2104:8400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:8400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: kxGTttkSnY54PF5gFAWoFPEzbSOmH_Sj
date: Sat, 17 Jun 2023 17:42:00 GMT
via: 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:44:58 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
age: 56
x-amz-server-side-encryption: AES256
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: AB_wGjh76i51E1cJ5tnLuYfo5g7vgCE3dWPq40_CYpoZSYJkACkvKQ==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame EF0C 15 KB
16 KB 33ms
33ms Script
application/javascript 2600:9000:2104:8400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:8400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: enDyvkee2bFtwe5gJbVvig7G0KnS4pcd
date: Sat, 17 Jun 2023 17:42:00 GMT
via: 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:45:07 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
age: 2
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: WqHuTIroZenYoK2IjYYmdB5pV4p-__S1-L5wPSbUNjxeJ-xGGFbYbg==

GET
H/1.1 200
OK im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 30ms
30ms Script
application/javascript 2a02:26f0:3100::1725:e269
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1725:e269 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
Content-Encoding: gzip
Date: Sat, 17 Jun 2023 17:42:00 GMT
Last-Modified: Fri, 21 Apr 2023 06:05:08 GMT
ETag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
P3P: CP="NOI PSD OTR"
Cache-Control: max-age=10800
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2434

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 601F 25 KB
26 KB 117ms
40ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRhWE304Zqe62R8MQoGvoxr-WEDY26Mywqv-Pl6Hh15XPf6rqtEjq7MdkRZHA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38c38010ebce2d39fd495580ea03f603a2ab4f19c9495a0e8d39d99294818d15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 23:15:31 GMT
x-content-type-options: nosniff
age: 584789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26054
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 02:25:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 09 Jun 2024 23:15:31 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 601F 20 KB
21 KB 98ms
22ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSZx4ZXZ17UaskO6jyZS4AFO_zHw31W9P_Yn2tFoERv94opj2sa&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

031c69cbb9ed5a6d7a4ae75ba055fe0881941d402bdfa894bc998c7afd14d49c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 06:33:03 GMT
x-content-type-options: nosniff
age: 40137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20599
x-xss-protection: 0
last-modified: Sat, 26 Sep 2020 05:37:32 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 16 Jun 2024 06:33:03 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 601F 42 KB
42 KB 96ms
25ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcReRfMPUt49vSTGNhaGWBWHe2HsX3Bw3vFMIafSL3bmIdWNzjL52MYyDeAH92M&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7db8cc7f883bb29a0baa68b2df678c418d3d80849902b8badf762d06e866e47e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 19:30:45 GMT
x-content-type-options: nosniff
age: 598275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43021
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 04:12:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 09 Jun 2024 19:30:45 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 601F 19 KB
19 KB 89ms
22ms Image
image/png 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSt90Xhm3VNcbeVpMNt2FstLSc7JB68TImRBLkB0wF_2xanYKq7&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c4dd48cbad832bbbef8a321acd5ad470cc58d669cfccbbd320be412a5e386c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 20:11:14 GMT
x-content-type-options: nosniff
age: 336646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18950
x-xss-protection: 0
last-modified: Mon, 13 Jan 2020 18:14:51 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 12 Jun 2024 20:11:14 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 29EA 2 KB
972 B 72ms
47ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=4020535244&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718732&bpp=1&bdt=641&idt=277&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IDSiMIRm53&p=https%3A//www.dwjhgx.com&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 17:37:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 29EA 22 KB
9 KB 55ms
31ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=4020535244&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718732&bpp=1&bdt=641&idt=277&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IDSiMIRm53&p=https%3A//www.dwjhgx.com&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8931
x-xss-protection: 0
server: cafe
etag: 12022837384336330993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 17:36:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 29EA 3 KB
1 KB 63ms
48ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=4020535244&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718732&bpp=1&bdt=641&idt=277&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IDSiMIRm53&p=https%3A//www.dwjhgx.com&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29094
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 09:37:06 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 29EA 19 KB
8 KB 53ms
29ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=4020535244&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718732&bpp=1&bdt=641&idt=277&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IDSiMIRm53&p=https%3A//www.dwjhgx.com&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 17:36:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 29EA 178 KB
56 KB 101ms
77ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=4020535244&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718732&bpp=1&bdt=641&idt=277&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IDSiMIRm53&p=https%3A//www.dwjhgx.com&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 17:42:00 GMT

GET
H2 200 9c81088c85b4e7b59d5cd8ce7f87e269.js Show response
www.gstatic.com/mysidia/ Frame 29EA 32 KB
13 KB 67ms
29ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9c81088c85b4e7b59d5cd8ce7f87e269.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=4020535244&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718732&bpp=1&bdt=641&idt=277&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IDSiMIRm53&p=https%3A//www.dwjhgx.com&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1255c225e18e01faae68870c17c44c85368bf6c4120d0e674615f7a9ccc70d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 03:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13708
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 22:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 03:26:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 29EA 0
0 77ms
76ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeJ2ZZ_CNZIT-BIDlkdUP7fmfmA7rvbeVcaDqjrC2EPC8oITINRABINrito4BYLsGoAGIxOrgAsgBCakC0Qzm8PSAtT6oAwHIA8sEqgSCAk_QE83imJDCyr_yuIdgROvkVWFxHHULETkVRt7Egp0ZtSv-nuNj4xoGhQtPlkhczxiQv3DuRlXhh30PO8ayhA9_c7StZh4HH6aI0iRndIvpFKR17pdEaehpJv2o9s2RSNdTTfOyzf98VHVyMa3vD5oxZ6yVMA1P4y70qe__cB-qFEYIF3Bys7_99Ro_TBdMK3YfEgDkjumechi9QIPiIf9CCBu5M3iTWBcZPpGJ1jSDtWddYfSZu9aqcLLThy1MYi3vyRd7gb0YME4AjN5cY69Ns837dKQzgKD9VWsVUbhz6ivGkUiqXi-a031AIyUGh8x5h3FVphI4Vw2rkQHgMqQVjMAEpb3J1pEEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-C7lZ8BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEKfNNNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwvQFQGYFgGAFwGyFxwKGggAEhRwdWItNzk0OTA4NjU3Mjg0ODA2OBgA&sigh=hAueXmCKKlU&uach_m=[UACH]&cid=CAQSGwBygQiDM46drPfGT3x0sZmkOb98qGrnEtSW6BgB&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=4020535244&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718732&bpp=1&bdt=641&idt=277&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IDSiMIRm53&p=https%3A//www.dwjhgx.com&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=4020535244&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718732&bpp=1&bdt=641&idt=277&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IDSiMIRm53&p=https%3A//www.dwjhgx.com&dtd=280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Jun 2023 17:42:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Jun 2023 17:42:00 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 29EA 48 KB
48 KB 116ms
67ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQSuXvJTiVKKqfSh6e6eNnLJaGYCdFgTa0FAe43f8_e7nRUnCF6MvJli6IfkuA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=4020535244&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718732&bpp=1&bdt=641&idt=277&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IDSiMIRm53&p=https%3A//www.dwjhgx.com&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

075e694276305f6e004ee863190060bcb7616bb4a66473361ec260a822419e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 13 Aug 2023 12:43:27 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48872
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 16 Jun 2024 17:42:00 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 29EA 47 KB
47 KB 115ms
42ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRCVUbakhBwKdhO6Abd2yNP3m01ulClw3Px0T4dHkbY3pbbaHCpKV9atSN9ML8&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=4020535244&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718732&bpp=1&bdt=641&idt=277&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IDSiMIRm53&p=https%3A//www.dwjhgx.com&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c0bf988bb79aca937d5d0dfa2360b4231b37b9fe6385462b93a83009b7843ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 23 Jul 2023 05:36:32 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48470
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 16 Jun 2024 17:42:00 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 29EA 34 KB
34 KB 109ms
57ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQN4oiywj8mIOpnvKgvl-6MPlR0fNhbe0OXl41MTNOKvy3CWpc-Y2TNNYo3Gy8&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=4020535244&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718732&bpp=1&bdt=641&idt=277&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IDSiMIRm53&p=https%3A//www.dwjhgx.com&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb7306edbddd8ec390939248891df48470a4d388a2c723d148f5aab6bbfadcc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 13 Oct 2022 05:12:06 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35111
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 16 Jun 2024 17:42:00 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 29EA 48 KB
48 KB 78ms
29ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQJIXKT71n-CbrY0m-cxXPoQGTd8Ixi7uBtlh6JoSTiDUKNpd_jcd3AfuNEFg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=4020535244&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718732&bpp=1&bdt=641&idt=277&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IDSiMIRm53&p=https%3A//www.dwjhgx.com&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcaca7dde7bd419c13187c471da6901a6292774daada6653cf4afa87e51716c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 09:07:55 GMT
x-content-type-options: nosniff
age: 117245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48875
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 10:21:11 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 15 Jun 2024 09:07:55 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 29EA 36 KB
36 KB 166ms
93ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTQW8mG0cqMcbfd83mql6M9B4ApKs3rTKAGqRwFy7EUwvKfuW33i7N9fgx15uQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=4020535244&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718732&bpp=1&bdt=641&idt=277&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IDSiMIRm53&p=https%3A//www.dwjhgx.com&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49c871a8b3957f66a558ac91ec81016686234e518cdb8e07876508316832688e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 Aug 2023 08:17:03 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36387
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 16 Jun 2024 17:42:00 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 29EA 26 KB
27 KB 107ms
35ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRsfWgCZvZl5Svl1iB5k0j929OaKNINqG6WxJaD2lL60jsM44_odKg7LN_WWcg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=4020535244&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718732&bpp=1&bdt=641&idt=277&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IDSiMIRm53&p=https%3A//www.dwjhgx.com&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d9490f4497dfe5f200d8eb8e31be40390cc1b297d7d6ae53bb5c04bddae178f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 13 Oct 2022 05:12:06 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26829
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 16 Jun 2024 17:42:00 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 29EA 35 KB
35 KB 125ms
75ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRhM64ZgZgB9ERN0uFwGdqfBdAPpTvgwP5sN6NaL7vQkULYYJl6DCkEUImN4A&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=4020535244&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718732&bpp=1&bdt=641&idt=277&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IDSiMIRm53&p=https%3A//www.dwjhgx.com&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d669c798ff75c923cac5e33b9e9faaab12019489df496d4b23b6f34cb07194dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 Aug 2023 05:23:24 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35744
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 16 Jun 2024 17:42:00 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 29EA 25 KB
25 KB 111ms
56ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcS_lvFTpTJkxnGQyIeVJDi3V7Z8GTehQ4YrEMlNGrShdqtyDkBGtj2V72gF3OQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=4020535244&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718732&bpp=1&bdt=641&idt=277&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IDSiMIRm53&p=https%3A//www.dwjhgx.com&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bf05eec5de5aeaf9139cb23fd0f9307afd419a7302f42cb3552705b0b2a6bc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 13:23:48 GMT
x-content-type-options: nosniff
age: 101892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25182
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 12:39:57 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 15 Jun 2024 13:23:48 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 29EA 7 KB
7 KB 72ms
22ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTAx2Mkj-KK3oXLNdS6q-fXwmZDX13dmYerq0sl5ANEMznGCl4&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=4020535244&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718732&bpp=1&bdt=641&idt=277&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IDSiMIRm53&p=https%3A//www.dwjhgx.com&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b6cd7ecd07c67cf6e63039215581d9b025d6f84c7562e0b1117ef3716097282

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 13:23:48 GMT
x-content-type-options: nosniff
age: 101892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7148
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 17:24:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 15 Jun 2024 13:23:48 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 29EA 26 KB
26 KB 126ms
80ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSStvzE6EHoLWc8_A8FtSiFj2DFOS-TZ5nmZiWrkjFViT16yPuFJymmAbMb3ks&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=4020535244&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718732&bpp=1&bdt=641&idt=277&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IDSiMIRm53&p=https%3A//www.dwjhgx.com&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a08be0f0b35fc9fec8b8ca161642d9a63e0d7cffdb415fc9e52acc03bf41e366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 13 Oct 2022 05:12:06 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26719
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 16 Jun 2024 17:42:00 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 29EA 26 KB
26 KB 163ms
92ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQoZJdxE8uYPGngzQD3F5rVbTHoX6jeKe0-_4jeIE_rrQGnvemX3PTgVsvP488&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=4020535244&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718732&bpp=1&bdt=641&idt=277&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IDSiMIRm53&p=https%3A//www.dwjhgx.com&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a08be0f0b35fc9fec8b8ca161642d9a63e0d7cffdb415fc9e52acc03bf41e366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Oct 2022 00:26:53 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26719
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 16 Jun 2024 17:42:00 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 29EA 25 KB
25 KB 186ms
115ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRaqkubANaVqsDPDnOgouIcMhnyj_HM97YvYdkeN9d0RQBrrihuucCH5ROvb34&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=4020535244&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718732&bpp=1&bdt=641&idt=277&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IDSiMIRm53&p=https%3A//www.dwjhgx.com&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7171866b9021d5550336ebf694fc92d6507e356108b479fea9585542031d4c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 Oct 2022 12:39:51 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25849
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 16 Jun 2024 17:42:00 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 29EA 31 KB
31 KB 127ms
73ms Image
image/png 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSqQmQOH4LeUmlg8aNyTFnIaHSyo_xF_AiwjDk0WkkZz0JyRLE&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=4020535244&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718732&bpp=1&bdt=641&idt=277&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IDSiMIRm53&p=https%3A//www.dwjhgx.com&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cc33d1fa8a52f5e88d5dfe3dc3761884e509245ccbae7f340045e40006cd4f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 07 Sep 2022 07:54:48 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31623
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 16 Jun 2024 17:42:00 GMT

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
174 B 303ms
250ms XHR
application/json 2600:1901:0:e207::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H35765M34FPKEB5TA54TATFK
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: https://www.dwjhgx.com
date: Sat, 17 Jun 2023 17:42:00 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame BB98 0
217 B 804ms
253ms Document
text/html 54.199.5.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.199.5.69 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-199-5-69.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 17:42:00 GMT
server: nginx/1.18.0 (Ubuntu)

GET cm.php
fcm.holmesmind.com/ Frame E054 0
0

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 1BF0 5 KB
3 KB 931ms
258ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 17 Jun 2023 17:52:00 GMT

GET
H2

200

cm
c.holmesmind.com/ Frame 1BF0
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
500 B

149ms
111ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

date: Sat, 17 Jun 2023 17:42:00 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
content-type: text/html; charset=UTF-8
location: https://c.holmesmind.com/cm?tc=getIn&
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 1BF0 0
218 B 800ms
251ms Image
text/html 54.199.5.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.199.5.69 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-199-5-69.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame EF0C 2 KB
850 B 113ms
31ms Script
text/html 2600:9000:2250:ea00:3:1794:2540:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=14557
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ea00:3:1794:2540:93a1 , United States, ASN (),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 45c497b26b9ff2259226db67a73fc9ab4f8c1764d900e01f1e1a1bd8da8f298f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:34:31 GMT
content-encoding: gzip
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P2
age: 449
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: Uj4Kd0iGc1jrUbVT_KCtBMSdY2ikGqlqUzfyMlJ8y5pGZbK0dqXqNQ==

GET
DATA 200
OK truncated
/ Frame 601F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f76b430c13c9e8e9cf4f3b69ef71dd8aff059db512707608b63d355869079fa7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
76 KB 43ms
41ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VCEDQQD6JV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-87942765-23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c2048f53171ff9f20b599a63b505a38eb45f1f11f6470065182fd26d5511a8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77475
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Jun 2023 17:42:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 94ms
22ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-87942765-23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Jun 2023 16:35:22 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 3998
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 17 Jun 2023 18:35:22 GMT

GET
DATA 200
OK truncated
/ Frame 29EA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bbd280f3b2570073378f33fb6b56b77fffb6094f8fd419d3f7fadbdb437432b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame 1F4B 495 B
664 B 743ms
239ms Document
text/html 54.168.184.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.168.184.210 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-168-184-210.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://www.dwjhgx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Sat, 17 Jun 2023 17:42:00 GMT
etag: "648c90f1-1ef"
last-modified: Fri, 16 Jun 2023 16:42:25 GMT
server: nginx

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 601F 20 KB
21 KB 70ms
19ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 16:40:42 GMT
x-content-type-options: nosniff
age: 3678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 16:40:42 GMT

GET
H2 200 Mk94vMMnE0_.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/1,cross/ Frame 0A97 721 B
623 B 129ms
79ms Stylesheet
text/css 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/1,cross/Mk94vMMnE0_.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfeb7e2ac193b04%26domain%3Dwww.dwjhgx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dwjhgx.com%252Ff37407a0cccc57%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&locale=zh_TW&numposts=3&sdk=joey&version=v12.0&width=550

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe4cbace9fd4820232a3ef9ebfef646bb3948bec6a5fbf5015a7caa1eb09718e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 8PXgZwd+47LIQZAIO7K6FA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 393
x-fb-debug: TDN6MTVgmcE7bIRnScYiWn/KozAdMe2PwAl7dCfuuTAxj+mlk3eGOyDQ5Wg3psraUqgzfK9pHLmOa9lIq/fVQA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 13 Jun 2024 17:14:01 GMT

GET
H2 200 _qHCM0GC8i1.css
static.xx.fbcdn.net/rsrc.php/v3/yr/l/1,cross/ Frame 0A97 122 KB
20 KB 140ms
90ms Stylesheet
text/css 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yr/l/1,cross/_qHCM0GC8i1.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

be0c695218146c97e18977c402dc28a99b3a530c89b2c59d7b2f1079bdd95dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4d5syXb/z4P2Xp7sdGqrwA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19948
x-fb-debug: 8LJ8+OdOtxbUD3HIKZ3Q96Ab2GzNNJgx0VUDPmsOJykzJPze8DE0wflq10ou81oH0STrHHhp6lf9jeOFdN8Gsw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 12 Jun 2024 20:33:45 GMT

GET
H2 200 GdsGmM7N_ap.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 0A97 321 KB
85 KB 72ms
23ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/GdsGmM7N_ap.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

23d0cc03f145a97b1b8823fcd07fb6a6a46b844f9714b0c69587d66c63ce0775

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: czfTGWWDUP8e0Gi19s55cA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 85898
x-fb-debug: 89LK47yO39axRmeepCa8kccdQOZvoRnjoTqP7MnY7aIuaZcIa1wYE4g0HhDdsomxU6EoEczY03BK/bVMxswtDA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 15 Jun 2024 00:38:44 GMT

GET
H2 200 oU2bBDMY9hj.js Show response
static.xx.fbcdn.net/rsrc.php/v3i63m4/yg/l/zh_TW/ Frame 0A97 136 KB
39 KB 141ms
91ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i63m4/yg/l/zh_TW/oU2bBDMY9hj.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7b39c49543a8e086224b676e4b23d1ac3d9a440b3fdbad1599598cbc03f03184

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oeBeSW/iQoLpe7jHKuSFOg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 39730
x-fb-rlafr: 0
x-fb-debug: 4z6JLAgHGAGg8WzlvuC4u9aIspomzQLmO2NnLHdyfyD7XxXU9e7mc6aCws1sPnLidnSQlkOa3VxQ4W2dL+hTYA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 09 Jun 2024 18:56:54 GMT

GET
H2 200 zemXG9qRak_.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yq/r/ Frame 0A97 47 KB
14 KB 142ms
93ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yq/r/zemXG9qRak_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

21cb5bf6a5a54684ec7404dd68ceab396a5c26dc8f4d0c061268b3e279d81942

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ESjIr9kGmYTX/KS4gY+mpg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14640
x-fb-rlafr: 0
x-fb-debug: VSMH73iGvUIldAOKCrXCs2QhFP4ywYyBUCsHoArr+H6TYdIskDdT9ajoUF428hZ7ZAs77Kk5AbN6KNtC+hj0lw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 06 Jun 2024 00:27:18 GMT

GET
H2 200 oculuwuu3uf.js Show response
static.xx.fbcdn.net/rsrc.php/v3imFs4/yH/l/zh_TW/ Frame 0A97 1 MB
278 KB 143ms
94ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3imFs4/yH/l/zh_TW/oculuwuu3uf.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

43205b1ef47f0276af53eb4fa28ddb2c5b0c5a5b28fc5515de4e6d124c12ad67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MozjCLP+V6D6Yc0foBtidA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 284199
x-fb-debug: b1vYvAYaHIjGLd0OoRxomUotYD4K56FifG/rYpMyb1EJ34TUrf6O6r57+h9obmEYqR4IRtQxw5uDCK74e1O/kw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 16 Jun 2024 02:14:37 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 0A97 507 B
489 B 141ms
92ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-rlafr: 0
x-fb-debug: ZV+R+Zb2r/Nl3roC7RMk/vL5VEJ0/BCFpvz5TVRQ0Pp8Ay8PLwfWTmY6nUj1vFEUUov/MrcUtfx7bbyz48paXw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 06 Jun 2024 14:19:49 GMT

GET
H2 200 lRow5ikYhwr.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 0A97 58 KB
16 KB 141ms
93ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/lRow5ikYhwr.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fcbc406de6d244fa65cea4df1a366ccccfb0b9c6ef1bcfba1a007f845c0078ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6C415KRq9MkmtWnj/x6u5w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16036
x-fb-rlafr: 0
x-fb-debug: CZszPy104hRYn37gziQsn/Jl4FtulE22Lt+QydzE/2/toRFZUXOW0++IOHeEzqvpmeax9cz8+dph0OPhnt59gA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 07 Jun 2024 19:52:39 GMT

GET
H2 200 K0mAZ2RGFhw.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAHa4/y5/l/zh_TW/ Frame 0A97 44 KB
13 KB 138ms
90ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAHa4/y5/l/zh_TW/K0mAZ2RGFhw.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b33ded52eb1cffb12b02b367e5660a1d62e8f147927457e5fc4a7dc561497fdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 3AqvI3ZhAxogCNM68NLEhQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13158
x-fb-debug: gScqlCi8ncOfpbpJAF3U0REGkg/d1Vcx85EXJxbFosjQQGhLFKwuZ9VJLbFswWlzGBzT8aicJ7hJTSQIwWkOcg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 12 Jun 2024 17:10:05 GMT

GET
H2 200 Mk94vMMnE0_.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/1,cross/ Frame 57CA 721 B
541 B 110ms
79ms Stylesheet
text/css 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/1,cross/Mk94vMMnE0_.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2729b9144b5b1c%26domain%3Dwww.dwjhgx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dwjhgx.com%252Ff37407a0cccc57%26relation%3Dparent.parent&container_width=700&height=100&href=http%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&locale=zh_TW&numposts=3&sdk=joey&version=v12.0&width

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe4cbace9fd4820232a3ef9ebfef646bb3948bec6a5fbf5015a7caa1eb09718e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 8PXgZwd+47LIQZAIO7K6FA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 393
x-fb-debug: TDN6MTVgmcE7bIRnScYiWn/KozAdMe2PwAl7dCfuuTAxj+mlk3eGOyDQ5Wg3psraUqgzfK9pHLmOa9lIq/fVQA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 13 Jun 2024 17:14:01 GMT

GET
H2 200 _qHCM0GC8i1.css
static.xx.fbcdn.net/rsrc.php/v3/yr/l/1,cross/ Frame 57CA 122 KB
20 KB 121ms
91ms Stylesheet
text/css 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yr/l/1,cross/_qHCM0GC8i1.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2729b9144b5b1c%26domain%3Dwww.dwjhgx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dwjhgx.com%252Ff37407a0cccc57%26relation%3Dparent.parent&container_width=700&height=100&href=http%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&locale=zh_TW&numposts=3&sdk=joey&version=v12.0&width

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

be0c695218146c97e18977c402dc28a99b3a530c89b2c59d7b2f1079bdd95dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4d5syXb/z4P2Xp7sdGqrwA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19948
x-fb-debug: 8LJ8+OdOtxbUD3HIKZ3Q96Ab2GzNNJgx0VUDPmsOJykzJPze8DE0wflq10ou81oH0STrHHhp6lf9jeOFdN8Gsw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 12 Jun 2024 20:33:45 GMT

GET
H2 200 GdsGmM7N_ap.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 57CA 321 KB
84 KB 122ms
92ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/GdsGmM7N_ap.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2729b9144b5b1c%26domain%3Dwww.dwjhgx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dwjhgx.com%252Ff37407a0cccc57%26relation%3Dparent.parent&container_width=700&height=100&href=http%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&locale=zh_TW&numposts=3&sdk=joey&version=v12.0&width

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

23d0cc03f145a97b1b8823fcd07fb6a6a46b844f9714b0c69587d66c63ce0775

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: czfTGWWDUP8e0Gi19s55cA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 85898
x-fb-debug: 89LK47yO39axRmeepCa8kccdQOZvoRnjoTqP7MnY7aIuaZcIa1wYE4g0HhDdsomxU6EoEczY03BK/bVMxswtDA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 15 Jun 2024 00:38:44 GMT

GET
H2 200 oU2bBDMY9hj.js Show response
static.xx.fbcdn.net/rsrc.php/v3i63m4/yg/l/zh_TW/ Frame 57CA 136 KB
39 KB 121ms
91ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i63m4/yg/l/zh_TW/oU2bBDMY9hj.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2729b9144b5b1c%26domain%3Dwww.dwjhgx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dwjhgx.com%252Ff37407a0cccc57%26relation%3Dparent.parent&container_width=700&height=100&href=http%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&locale=zh_TW&numposts=3&sdk=joey&version=v12.0&width

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7b39c49543a8e086224b676e4b23d1ac3d9a440b3fdbad1599598cbc03f03184

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oeBeSW/iQoLpe7jHKuSFOg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 39730
x-fb-rlafr: 0
x-fb-debug: 4z6JLAgHGAGg8WzlvuC4u9aIspomzQLmO2NnLHdyfyD7XxXU9e7mc6aCws1sPnLidnSQlkOa3VxQ4W2dL+hTYA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 09 Jun 2024 18:56:54 GMT

GET
H2 200 oculuwuu3uf.js Show response
static.xx.fbcdn.net/rsrc.php/v3imFs4/yH/l/zh_TW/ Frame 57CA 1 MB
278 KB 124ms
94ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3imFs4/yH/l/zh_TW/oculuwuu3uf.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2729b9144b5b1c%26domain%3Dwww.dwjhgx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dwjhgx.com%252Ff37407a0cccc57%26relation%3Dparent.parent&container_width=700&height=100&href=http%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&locale=zh_TW&numposts=3&sdk=joey&version=v12.0&width

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

43205b1ef47f0276af53eb4fa28ddb2c5b0c5a5b28fc5515de4e6d124c12ad67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MozjCLP+V6D6Yc0foBtidA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 284199
x-fb-debug: b1vYvAYaHIjGLd0OoRxomUotYD4K56FifG/rYpMyb1EJ34TUrf6O6r57+h9obmEYqR4IRtQxw5uDCK74e1O/kw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 16 Jun 2024 02:14:37 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 57CA 507 B
443 B 122ms
92ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2729b9144b5b1c%26domain%3Dwww.dwjhgx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dwjhgx.com%252Ff37407a0cccc57%26relation%3Dparent.parent&container_width=700&height=100&href=http%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&locale=zh_TW&numposts=3&sdk=joey&version=v12.0&width

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-rlafr: 0
x-fb-debug: ZV+R+Zb2r/Nl3roC7RMk/vL5VEJ0/BCFpvz5TVRQ0Pp8Ay8PLwfWTmY6nUj1vFEUUov/MrcUtfx7bbyz48paXw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 06 Jun 2024 14:19:49 GMT

GET
H2 200 zemXG9qRak_.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yq/r/ Frame 57CA 47 KB
14 KB 122ms
92ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yq/r/zemXG9qRak_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2729b9144b5b1c%26domain%3Dwww.dwjhgx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dwjhgx.com%252Ff37407a0cccc57%26relation%3Dparent.parent&container_width=700&height=100&href=http%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&locale=zh_TW&numposts=3&sdk=joey&version=v12.0&width

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

21cb5bf6a5a54684ec7404dd68ceab396a5c26dc8f4d0c061268b3e279d81942

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ESjIr9kGmYTX/KS4gY+mpg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14640
x-fb-rlafr: 0
x-fb-debug: VSMH73iGvUIldAOKCrXCs2QhFP4ywYyBUCsHoArr+H6TYdIskDdT9ajoUF428hZ7ZAs77Kk5AbN6KNtC+hj0lw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 06 Jun 2024 00:27:18 GMT

GET
H2 200 lRow5ikYhwr.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 57CA 58 KB
16 KB 122ms
93ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/lRow5ikYhwr.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2729b9144b5b1c%26domain%3Dwww.dwjhgx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dwjhgx.com%252Ff37407a0cccc57%26relation%3Dparent.parent&container_width=700&height=100&href=http%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&locale=zh_TW&numposts=3&sdk=joey&version=v12.0&width

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fcbc406de6d244fa65cea4df1a366ccccfb0b9c6ef1bcfba1a007f845c0078ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6C415KRq9MkmtWnj/x6u5w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16036
x-fb-rlafr: 0
x-fb-debug: CZszPy104hRYn37gziQsn/Jl4FtulE22Lt+QydzE/2/toRFZUXOW0++IOHeEzqvpmeax9cz8+dph0OPhnt59gA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 07 Jun 2024 19:52:39 GMT

GET
H2 200 K0mAZ2RGFhw.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAHa4/y5/l/zh_TW/ Frame 57CA 44 KB
13 KB 123ms
93ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAHa4/y5/l/zh_TW/K0mAZ2RGFhw.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2729b9144b5b1c%26domain%3Dwww.dwjhgx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dwjhgx.com%252Ff37407a0cccc57%26relation%3Dparent.parent&container_width=700&height=100&href=http%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&locale=zh_TW&numposts=3&sdk=joey&version=v12.0&width

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b33ded52eb1cffb12b02b367e5660a1d62e8f147927457e5fc4a7dc561497fdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 3AqvI3ZhAxogCNM68NLEhQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13158
x-fb-debug: gScqlCi8ncOfpbpJAF3U0REGkg/d1Vcx85EXJxbFosjQQGhLFKwuZ9VJLbFswWlzGBzT8aicJ7hJTSQIwWkOcg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 12 Jun 2024 17:10:05 GMT

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B83 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 18:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 256061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jun 2024 18:34:19 GMT

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame EF0C 2 KB
1 KB 1035ms
470ms Script
text/html 18.179.245.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=14557&rf=https%3A%2F%2Fwww.dwjhgx.com&n=672&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=6531-ttEyhzQsvM5mv1MYtUSjwrDqlMZ3d0Ox&fp_uuid=6531-12d3d72735b2734df23114d16e270dd6e44e6d49a9647638a189ad1eed38c445&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.179.245.61 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-179-245-61.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e8f745e59b564a8da8609096edd413e5ca82776e9a288abee6c0c726343d7d22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: https://www.dwjhgx.com
date: Sat, 17 Jun 2023 17:42:01 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame EF0C 3 KB
3 KB 28ms
27ms Script
application/javascript 2600:9000:2104:8400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:8400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 1d7i8aDt24bAAhdQGVHcl4aJbGsdC8qT
date: Sat, 17 Jun 2023 17:42:00 GMT
via: 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:45:19 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
age: 1
x-amz-server-side-encryption: AES256
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: O1bQ8rQrC9BGy6iPjFY-9pbpC3vGdBx3aJ864Km65teXsX-gKD4XPQ==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame EF0C 126 KB
41 KB 105ms
33ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce42adf01899c970e7e1791dc9c4665f8307e40bc6dc1dc7fd20041b8f5f44a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-1f8af"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Jun 2023 17:42:00 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame EF0C 2 KB
3 KB 27ms
26ms Script
application/javascript 2600:9000:2104:8400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:8400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: FwcpNN5Byau4bRXGziLJsTJILumrMvSN
date: Sat, 17 Jun 2023 17:42:00 GMT
via: 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:44:41 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
age: 35
x-amz-server-side-encryption: AES256
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: saPyso3wjzmGKhjrH7iNUj_u-kZHpBv5uI9GBMfTw9U6yCG3lDzUQw==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame EF0C 4 KB
5 KB 32ms
31ms Script
application/javascript 2600:9000:2104:8400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:8400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5db43dfc18e22f338047eb4393993f313139c7a1a6854f137b07b2b387c97cfa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: xNhtWKelLdHMMOOg3IJVR4ueQDc1zNB2
date: Sat, 17 Jun 2023 17:42:00 GMT
via: 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
last-modified: Sat, 17 Jun 2023 01:23:04 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
x-amz-server-side-encryption: AES256
etag: "990b529c50a92c18cd5337f5f2a1d611"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4532
x-amz-cf-id: PW25ymJjShw_z4QiQM8bwfmP8exD9R4XWnObOqA8XbuojHReGYbQEw==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame EF0C 6 KB
7 KB 27ms
26ms Script
application/javascript 2600:9000:2104:8400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:8400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 9yDAe8hc8angtezA583McC9CmPtDZOQm
date: Sat, 17 Jun 2023 17:42:00 GMT
via: 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:45:02 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
age: 35
x-amz-server-side-encryption: AES256
etag: "d653bf20e2f03cb602105cbd317c55ed"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: Ffeu_2XVxsSVhOQsFHzgzILjm220POaOTD1ExT7DQjUknKW3qoSJLg==

POST
H2 204 collect
www.google-analytics.com/g/ 0
171 B 29ms
28ms Ping
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-VCEDQQD6JV&gtm=45je36e0&_p=1180945971&cid=373741398.1687023719&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1687023720&sct=1&seg=0&dl=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&dt=%E8%B5%B0%E9%80%B2%E5%BC%B5%E5%AD%B8%E5%8F%8B%E7%9A%84%E9%A6%99%E6%B8%AF%E8%B1%AA%E5%AE%85%EF%BC%81%E4%BD%8F%E6%B7%BA%E6%B0%B4%E7%81%A3%E5%AF%8C%E4%BA%BA%E5%B0%8F%E5%8D%80%EF%BC%8C%E5%AE%A4%E5%85%A7%E8%A3%9D%E4%BF%AE%E5%A5%A2%E8%8F%AF%EF%BC%8C%E7%B6%B2%E8%AA%87%E8%AE%9A%EF%BC%9A%E7%9C%9F%E4%B8%8D%E6%84%A7%E6%98%AF%E5%A4%A9%E7%8E%8B%E7%9A%84%E5%AE%B6&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VCEDQQD6JV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:42:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dwjhgx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ Frame 3C7A 94 KB
33 KB 125ms
22ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: api.dable.io
URL: https://api.dable.io/widgets/id/goP0dJoQ/users/00000000.0000000000000?from=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=sddmovie.com%2Fpal-mate&gdpr=1&service_id=10086&service_type=news&country=TW&client_id=2011&randomStr=29f179c3-81ba-4fa8-96d2-411a86c24e5f&id=dablewidget_goP0dJoQ&category1=%E8%A3%9D%E4%BF%AE%E8%88%87%E8%A8%AD%E8%A8%88&author=https%3A%2F%2Fwww.facebook.com%2F%25E4%25B8%2596%25E7%2595%258C%25E7%2599%25BE%25E7%25A7%2591%25E5%25A5%2587%25E8%2581%259E-1365804550169165%2F&ad_params=%7B%7D&pixel_ratio=1&client_width=700&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 05:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jun 2024 05:15:40 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 42ms
41ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1180945971&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&ul=en-us&de=UTF-8&dt=%E8%B5%B0%E9%80%B2%E5%BC%B5%E5%AD%B8%E5%8F%8B%E7%9A%84%E9%A6%99%E6%B8%AF%E8%B1%AA%E5%AE%85%EF%BC%81%E4%BD%8F%E6%B7%BA%E6%B0%B4%E7%81%A3%E5%AF%8C%E4%BA%BA%E5%B0%8F%E5%8D%80%EF%BC%8C%E5%AE%A4%E5%85%A7%E8%A3%9D%E4%BF%AE%E5%A5%A2%E8%8F%AF%EF%BC%8C%E7%B6%B2%E8%AA%87%E8%AE%9A%EF%BC%9A%E7%9C%9F%E4%B8%8D%E6%84%A7%E6%98%AF%E5%A4%A9%E7%8E%8B%E7%9A%84%E5%AE%B6&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2043272136&gjid=1178279566&cid=373741398.1687023719&tid=UA-87942765-23&_gid=2015113369.1687023720&_r=1&gtm=457e36e0&jsscut=1&z=254751198

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dwjhgx.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:42:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dwjhgx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame C668 37 KB
14 KB 56ms
26ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=2776478478&adf=4020535244&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718732&bpp=1&bdt=641&idt=277&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x280%2C700x280&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IDSiMIRm53&p=https%3A//www.dwjhgx.com&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 18:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 256061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jun 2024 18:34:19 GMT

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame EF0C 0
177 B 753ms
246ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dwjhgx.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.dwjhgx.com
date: Sat, 17 Jun 2023 17:42:01 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame EF0C 2 KB
2 KB 801ms
253ms XHR
text/plain 210.59.219.34
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.07733509929499682
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 210.59.219.34 Houzhuangzi, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-34.hinet-ip.hinet.net
Software: Kestrel /
Resource Hash: 61597f24cec9c45d5884e4564892eea2b28edcb418adc6a31f942037ed358021

Request headers

Referer: https://www.dwjhgx.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.dwjhgx.com
Date: Sat, 17 Jun 2023 17:42:00 GMT
Access-Control-Allow-Credentials: true
Server: Kestrel
Transfer-Encoding: chunked

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame EF0C 2 KB
2 KB 807ms
257ms XHR
text/plain 210.59.219.34
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.7205562650005739
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 210.59.219.34 Houzhuangzi, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-34.hinet-ip.hinet.net
Software: Kestrel /
Resource Hash: 8b1dd9587cd7002a87bf760c2f97dbca4a703e69e913cbda68933113ecd4baff

Request headers

Referer: https://www.dwjhgx.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.dwjhgx.com
Date: Sat, 17 Jun 2023 17:42:00 GMT
Access-Control-Allow-Credentials: true
Server: Kestrel
Transfer-Encoding: chunked

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame EF0C
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=Cm_sQVJBCca59MD7afCNZA

2 B
130 B

270ms
270ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=Cm_sQVJBCca59MD7afCNZA
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:01 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 17 Jun 2023 17:42:01 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=Cm_sQVJBCca59MD7afCNZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame EF0C
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=4bJITdWtDtqsdjYsafCNZA

2 B
159 B

271ms
270ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=4bJITdWtDtqsdjYsafCNZA
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:01 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 17 Jun 2023 17:42:01 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=4bJITdWtDtqsdjYsafCNZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame EF0C 0
193 B 105ms
38ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=63436523213

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.dwjhgx.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.dwjhgx.com
date: Sat, 17 Jun 2023 17:42:00 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame EF0C 0
192 B 109ms
41ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=53633638261

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.dwjhgx.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.dwjhgx.com
date: Sat, 17 Jun 2023 17:42:00 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame EF0C 5 KB
3 KB 450ms
259ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 17 Jun 2023 17:52:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C77A 2 KB
639 B 33ms
30ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=3811420561&adf=3099259536&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718729&bpp=2&bdt=638&idt=262&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HMFkBwgTwZ&p=https%3A//www.dwjhgx.com&dtd=268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 16:43:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 17:42:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame C77A 2 KB
926 B 24ms
23ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=3811420561&adf=3099259536&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718729&bpp=2&bdt=638&idt=262&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HMFkBwgTwZ&p=https%3A//www.dwjhgx.com&dtd=268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 17:37:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame C77A 22 KB
9 KB 24ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=3811420561&adf=3099259536&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718729&bpp=2&bdt=638&idt=262&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HMFkBwgTwZ&p=https%3A//www.dwjhgx.com&dtd=268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8931
x-xss-protection: 0
server: cafe
etag: 12022837384336330993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 17:36:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame C77A 3 KB
1 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=3811420561&adf=3099259536&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718729&bpp=2&bdt=638&idt=262&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HMFkBwgTwZ&p=https%3A//www.dwjhgx.com&dtd=268

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29094
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 09:37:06 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame C77A 19 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=3811420561&adf=3099259536&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718729&bpp=2&bdt=638&idt=262&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HMFkBwgTwZ&p=https%3A//www.dwjhgx.com&dtd=268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 17:36:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C77A 178 KB
56 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=3811420561&adf=3099259536&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718729&bpp=2&bdt=638&idt=262&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HMFkBwgTwZ&p=https%3A//www.dwjhgx.com&dtd=268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 17:42:00 GMT

GET
H2 200 9c81088c85b4e7b59d5cd8ce7f87e269.js Show response
www.gstatic.com/mysidia/ Frame C77A 32 KB
13 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9c81088c85b4e7b59d5cd8ce7f87e269.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=3811420561&adf=3099259536&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718729&bpp=2&bdt=638&idt=262&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HMFkBwgTwZ&p=https%3A//www.dwjhgx.com&dtd=268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1255c225e18e01faae68870c17c44c85368bf6c4120d0e674615f7a9ccc70d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 03:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13708
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 22:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 03:26:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C77A 0
0 66ms
65ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGL62Z_CNZI_MAe_lkdUP6amX-AK3t7n0cL-hxfLFENrgs7KUMBABINrito4BYJEEoAGgmdzsAsgBCakCcfypSkpZsj6oAwHIA8sEqgTyAU_QBBUmlx_7lH5V0aDosMtRXuMwi7xmDSXzYbTOdTxkvbZULbNAtr_79HtNdIlDDyw76zTA22geyy1l2trK--nsTp5qIVO1pntLDsmR5y_0NGUZFFVmp3UktYdmnDL3iCJZiC37SwRHUGzrWFji3qjT9ysWxr1RmQT8bDAXFMgtcemz9ed24a_EhrneNDyzaB8OM-aXjyTBfhmZjAx8GM3198w7UBRYXL5zzpUZBXq4-7lA8AYPq9wgJTrk3Az6tYa73LNOMQ_2cEvOx683aaG5VSQPrSIaa3jIrC1BTRuyU6ofaihe5GP1WKPZvKps90wjwASayfie6gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH_d7mpAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQoO8S0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTC9AVAYAXAbIXHAoaCAASFHB1Yi03OTQ5MDg2NTcyODQ4MDY4GAA&sigh=gWMbXoBvzfs&uach_m=[UACH]&cid=CAQSGwBygQiD_uPa80h-bGf-2q0oYXLrOowD2NWrlhgB&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=3811420561&adf=3099259536&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718729&bpp=2&bdt=638&idt=262&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HMFkBwgTwZ&p=https%3A//www.dwjhgx.com&dtd=268

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=3811420561&adf=3099259536&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718729&bpp=2&bdt=638&idt=262&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HMFkBwgTwZ&p=https%3A//www.dwjhgx.com&dtd=268
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Jun 2023 17:42:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 events
bidder.criteo.com/csm/ Frame EF0C 0
215 B 25ms
24ms Ping
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.dwjhgx.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.dwjhgx.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame EF0C 43 B
365 B 14ms
13ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 11 Jun 2024 17:42:00 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame EF0C 43 B
365 B 15ms
14ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 11 Jun 2024 17:42:00 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame EF0C 0
215 B 24ms
24ms Ping
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.dwjhgx.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.dwjhgx.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame C77A 25 KB
26 KB 22ms
19ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRhWE304Zqe62R8MQoGvoxr-WEDY26Mywqv-Pl6Hh15XPf6rqtEjq7MdkRZHA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=3811420561&adf=3099259536&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718729&bpp=2&bdt=638&idt=262&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HMFkBwgTwZ&p=https%3A//www.dwjhgx.com&dtd=268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38c38010ebce2d39fd495580ea03f603a2ab4f19c9495a0e8d39d99294818d15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 23:15:31 GMT
x-content-type-options: nosniff
age: 584789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26054
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 02:25:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 09 Jun 2024 23:15:31 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame C77A 20 KB
20 KB 27ms
25ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSZx4ZXZ17UaskO6jyZS4AFO_zHw31W9P_Yn2tFoERv94opj2sa&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=3811420561&adf=3099259536&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718729&bpp=2&bdt=638&idt=262&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HMFkBwgTwZ&p=https%3A//www.dwjhgx.com&dtd=268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

031c69cbb9ed5a6d7a4ae75ba055fe0881941d402bdfa894bc998c7afd14d49c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 06:33:03 GMT
x-content-type-options: nosniff
age: 40137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20599
x-xss-protection: 0
last-modified: Sat, 26 Sep 2020 05:37:32 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 16 Jun 2024 06:33:03 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame C77A 42 KB
42 KB 22ms
20ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcReRfMPUt49vSTGNhaGWBWHe2HsX3Bw3vFMIafSL3bmIdWNzjL52MYyDeAH92M&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=3811420561&adf=3099259536&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718729&bpp=2&bdt=638&idt=262&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HMFkBwgTwZ&p=https%3A//www.dwjhgx.com&dtd=268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7db8cc7f883bb29a0baa68b2df678c418d3d80849902b8badf762d06e866e47e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 19:30:45 GMT
x-content-type-options: nosniff
age: 598275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43021
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 04:12:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 09 Jun 2024 19:30:45 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame C77A 33 KB
34 KB 29ms
27ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTgAeI1NLCLTp7ekhpjISRS8GDTLrF9gH0ZcdzfNYGQnWhzG90&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=3811420561&adf=3099259536&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718729&bpp=2&bdt=638&idt=262&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HMFkBwgTwZ&p=https%3A//www.dwjhgx.com&dtd=268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de254d1d29b33e25c1783710b7889bd6aa801098f9dfb064d06504ef088440df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 12:50:28 GMT
x-content-type-options: nosniff
age: 17492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34295
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 09:11:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 16 Jun 2024 12:50:28 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame C77A 22 KB
22 KB 27ms
26ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSW1JvRf-G9TwG7sM9TSJOH10D7bKPHWuIc0jVwiby1SbHubVw&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=3811420561&adf=3099259536&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718729&bpp=2&bdt=638&idt=262&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HMFkBwgTwZ&p=https%3A//www.dwjhgx.com&dtd=268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

124d79f812dba1455455100f66437973d9924f559cd8eecee4b3534599701034

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 18:10:41 GMT
x-content-type-options: nosniff
age: 603079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22662
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 07:01:16 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 09 Jun 2024 18:10:41 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame C77A 16 KB
16 KB 25ms
23ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTtpCpSAsMyIafqILtj8UX53l9EOpd1yT1o-TVQ22ykmrvooW4&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=3811420561&adf=3099259536&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718729&bpp=2&bdt=638&idt=262&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HMFkBwgTwZ&p=https%3A//www.dwjhgx.com&dtd=268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270e69f376445d7b3fb009ef9f5754a4c1b1b209b57fc8f583699ad300aee343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 05:20:54 GMT
x-content-type-options: nosniff
age: 130866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16429
x-xss-protection: 0
last-modified: Sat, 26 Sep 2020 05:36:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 15 Jun 2024 05:20:54 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame C77A 19 KB
19 KB 23ms
21ms Image
image/png 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSt90Xhm3VNcbeVpMNt2FstLSc7JB68TImRBLkB0wF_2xanYKq7&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=3811420561&adf=3099259536&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718729&bpp=2&bdt=638&idt=262&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HMFkBwgTwZ&p=https%3A//www.dwjhgx.com&dtd=268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c4dd48cbad832bbbef8a321acd5ad470cc58d669cfccbbd320be412a5e386c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 20:11:14 GMT
x-content-type-options: nosniff
age: 336646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18950
x-xss-protection: 0
last-modified: Mon, 13 Jan 2020 18:14:51 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 12 Jun 2024 20:11:14 GMT

GET
H3 200 RrTv1CW2D5U.png
static.xx.fbcdn.net/rsrc.php/v3/yN/r/ Frame 57CA 58 KB
58 KB 47ms
20ms Image
image/png 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/RrTv1CW2D5U.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yr/l/1,cross/_qHCM0GC8i1.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a558097700b7d43ab370181ad21f135afd5318e000a2844c5d2bdca97d6ae8ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yr/l/1,cross/_qHCM0GC8i1.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
x-content-type-options: nosniff
content-md5: /VHakIX1zd7YWIXa1Ya6RQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 59596
x-fb-rlafr: 0
x-fb-debug: YBZvQFiyhfwM5fy9hsrRtVy7oEnz9IARjGZw50TETUdA5NeYL6fGJqgPRUv7s91wwVw86Fvtj15/nDhMi16vxQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1,i
expires: Thu, 06 Jun 2024 23:51:30 GMT

GET
H3 200 odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame 57CA 1 KB
1 KB 61ms
50ms Image
image/jpeg 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1001839627068325&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2729b9144b5b1c%26domain%3Dwww.dwjhgx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.dwjhgx.com%252Ff37407a0cccc57%26relation%3Dparent.parent&container_width=700&height=100&href=http%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&locale=zh_TW&numposts=3&sdk=joey&version=v12.0&width

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:00 GMT
x-content-type-options: nosniff
content-md5: 8E8V7SJfv5OQxsrCIaL7hQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1131
x-fb-debug: vyFFEeV4xQErmSbxskaByi/70Aq0XCc2A+H3n0gIC7H6LcnLvL8quc7EwtsoyLTi1pp81pQpJJXoC1YJlqCLOA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 15 Jun 2024 02:58:01 GMT

GET
DATA 200
OK truncated
/ Frame C77A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b2306b456f5b67f8492343413c027f2249efc93cb49c932dbfbe5387c96c947

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame C77A 20 KB
20 KB 22ms
19ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 16:40:42 GMT
x-content-type-options: nosniff
age: 3678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 16:40:42 GMT

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 0800 37 KB
14 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7949086572848068&output=html&h=280&slotname=7845985875&adk=3811420561&adf=3099259536&pi=t.ma~as.7845985875&w=700&fwrn=4&fwrnh=100&lmt=1687023717&rafmt=1&format=700x280&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687023718729&bpp=2&bdt=638&idt=262&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5141125721414&frm=20&pv=1&ga_vid=373741398.1687023719&ga_sid=1687023719&ga_hid=1180945971&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44788442%2C44793499%2C44789819&oid=2&pvsid=3572650011644947&tmod=37576467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HMFkBwgTwZ&p=https%3A//www.dwjhgx.com&dtd=268

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 18:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 256061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jun 2024 18:34:19 GMT

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame 1F4B 0
268 B 238ms
238ms Script
text/plain 54.168.184.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.168.184.210 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-168-184-210.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 17 Jun 2023 17:42:01 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 1BF0 37 B
409 B 262ms
262ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

c21b9d9788dcba1347b7be3012ebfc2ccd540ce4ef7e353aeb6e7fa209cec9f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:01 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame EF0C 37 B
405 B 261ms
261ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

5c82c6b2b0b20e588b95b0f0a1fe555b18fcb9890fafda9ce84cf3458475d85d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:01 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.dwjhgx.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame EF0C 30 B
276 B 262ms
262ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=265f2691-a48b-49ba-a44f-b9a284fd2c35

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:01 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.dwjhgx.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame EF0C 10 KB
11 KB 28ms
27ms Script
application/javascript 2600:9000:2104:8400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14557&rf=https%3A%2F%2Fwww.dwjhgx.com&n=672&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=6531-ttEyhzQsvM5mv1MYtUSjwrDqlMZ3d0Ox&fp_uuid=6531-12d3d72735b2734df23114d16e270dd6e44e6d49a9647638a189ad1eed38c445&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:8400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: vxJKj4nf26OQAATxFC7ifIkpRwIUYWyu
date: Sat, 17 Jun 2023 17:42:01 GMT
via: 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:44:48 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
age: 1
x-amz-server-side-encryption: AES256
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: U4iEE2BbcBvXWUtpI0t7lWm1_Vdo10LiyKfuy-UgpJm_fdALZhz7jQ==

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame EF0C 0
192 B 265ms
265ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=6531-ttEyhzQsvM5mv1MYtUSjwrDqlMZ3d0Ox&mp=265f2691-a48b-49ba-a44f-b9a284fd2c35

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:01 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://www.dwjhgx.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
265f2691-a48b-49ba-a44f-b9a284fd2c35.t.ssp.hinet.net/ Frame EF0C 0
79 B 1327ms
261ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://265f2691-a48b-49ba-a44f-b9a284fd2c35.t.ssp.hinet.net/pixel?bd=265f2691-a48b-49ba-a44f-b9a284fd2c35&t=50ef57&referrer=https%3A%2F%2Fdwjhgx.com

Requested by

Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:02 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C77A 42 B
174 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv3WaV0oSVBjb-IEoHSj73vSTM1268o5ZkixKJSjXCZDIc_YjUvQ19n1eGO_ZaePjV81A5tkPzNaCN56IVeZ83ZV-soBIub14t0gyV0cD0NH3DtoVZPOEvad4oIS3-EwBMuwVN2XFKr_pZl&sai=AMfl-YRJrn1FKn6V-DDB_moyoLpcn4tjMXd2VbZ-2p0uGHtFfm2UH_PFgqlD99CCl3Ae43cjOgIhUUTZUIZj&sig=Cg0ArKJSzENOJRSKMnQrEAE&cid=CAQSGwBygQiD_uPa80h-bGf-2q0oYXLrOowD2NWrlhgB&id=lidar2&mcvt=1000&p=0,0,280,700&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3811420561&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687023718998&rpt=1907&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:42:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 9FD7 76 KB
25 KB 170ms
93ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7dfb5ed7630581459215b88a835b82d513b63bef08b1a4aa75ced7af97569475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25361
x-xss-protection: 0
server: cafe
etag: 636 / 19525 / 31075345 / config-hash: 4553594699066521459
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 17:42:02 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/ Frame 9FD7 385 KB
122 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63d2f1bd44add3fdb170079ac23b7954eab7c2c746c3f1c6080e68443c2374a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 10:51:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24612
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124944
x-xss-protection: 0
server: cafe
etag: 5299556878430274508
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 16 Jun 2024 10:51:50 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 9FD7 70 B
82 B 96ms
55ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.dwjhgx.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c08cd37e5b6e88f7292c684cedc968febaca47501605a78d296e4e224f1a4f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58
x-xss-protection: 0
expires: Sat, 17 Jun 2023 17:42:02 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9FD7 107 B
165 B 30ms
29ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.dwjhgx.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9FD7 30 KB
14 KB 377ms
376ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1524366951922413&correlator=1325865651331702&eid=31072019%2C31075066%2C31075345%2C31075354&output=ldjh&gdfp_req=1&vrg=202306130202&ptt=17&impl=fif&iu_parts=22670248360%2Csunflyday_336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=1&adks=1404122349&sfv=1-0-40&sc=1&cookie=ID%3D76cada11ac895abe-22a098c698e100d0%3AT%3D1687023719%3ART%3D1687023719%3AS%3DALNI_MZluU7yHMwf4NR6y7ogmIjkXd5Wew&gpic=UID%3D00000c50d0378039%3AT%3D1687023719%3ART%3D1687023719%3AS%3DALNI_MZJj-IoHD2A8ok56T6ra1g32DkUbA&abxe=1&dt=1687023722388&lmt=1687023722&dlt=1687023722081&idt=272&adxs=467&adys=9565&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=1&ucis=br1zifd2pdpo&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=2&url=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&ref=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&top=https%3A%2F%2Fwww.dwjhgx.com%2Fdoc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU&frm=23&vis=1&psz=336x280&msz=336x0&fws=256&ohw=0&ea=0&ga_vid=373741398.1687023719&ga_sid=1687023722&ga_hid=663711078&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91227c1c5669ac128f3c81503fe24260bc9fc868d83abdad1d6dbda654184d70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13843
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.dwjhgx.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9FD7 14 KB
11 KB 73ms
72ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306130202&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41bcd5f3724b1b092696fc5fedf5b363ac139a3801af01a58de9a80c827641f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11144
x-xss-protection: 0

GET
H2 200 container.html Show response
4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5F7B 6 KB
3 KB 125ms
30ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dwjhgx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 17:42:02 GMT
expires: Sun, 16 Jun 2024 17:42:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9FD7 17 KB
6 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Jun 2023 17:42:02 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1717 13 KB
5 KB 26ms
25ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dwjhgx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 19800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 12:12:02 GMT
expires: Sun, 16 Jun 2024 12:12:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3DE5 783 B
1 KB 94ms
35ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f7a79a80a1c0a3212c0491d655a69f16c640602778ed2439709d42b64059fe26

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zIgSTjixyr6kk7Wol4VR2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dwjhgx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-zIgSTjixyr6kk7Wol4VR2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 17:42:02 GMT
expires: Sat, 17 Jun 2023 17:42:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 1717 37 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 18:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 256063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jun 2024 18:34:19 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3DE5 0
0 58ms
57ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306130202&jk=1524366951922413&rc=
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1717 0
10 B 25ms
25ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?i5N1Cw
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5412 6 KB
3 KB 26ms
25ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dwjhgx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 17:42:02 GMT
expires: Sun, 16 Jun 2024 17:42:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D614 624 B
245 B 68ms
65ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY0sqJvQEwAQ&v=APEucNWt8SkybNzvM0eO4U6xMZy4YrKc9eGTL0UB7LMrhZjCkZQ-8AvvIjGq0JNwAIucVTc-Of1Cyc2yGu8VPSTPvNdPHfFIwbun1PR-u9GfxSYM_VgEi9aKkSG8qzqQ9wEaqIfBuUhgh7uDGKpI64duRwmyE6XmWUL_K1-GOQNyMZBA0zcc2uc

Requested by

Host: 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
URL: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 17:42:02 GMT
expires: Sat, 17 Jun 2023 17:42:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5412 78 KB
27 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
URL: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 17:42:02 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5412 42 B
63 B 62ms
59ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BiZNxKjO9BB1VYdIrIeydBJzrCQdJXflBIXLMYJeOrzPYqSSvakLvA7rlr8kz4ZSmlOyjeM6MCugHYQ6Vkb40UewQtZezSrg9CqeuEEuKcvIMz8C0

Requested by

Host: 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
URL: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:42:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5412 0
20 B 113ms
111ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4534127817395371430&x=1&ct=77

Requested by

Host: 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
URL: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:42:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 5412 2 KB
1 KB 121ms
24ms Script
application/javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=4890984&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jNSZFhybW4Hrwkwi6i74gn&DVP_DBM_1=3060631&DVP_DBM_2=24779281&DVP_DBM_3=15170492595&DVP_DBM_4=396518738&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1544832483060&turl=https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09&DVP_PP_BUNDLE_ID=
Requested by: Host: 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
URL: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 17:42:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:02:09 GMT
Server: UploadServer
ETag: "87b6182d03ee779aa68e37632f67656e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 913
Expires: Thu, 01 Jun 2023 12:16:11 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 5412 8 KB
4 KB 122ms
24ms Script
application/javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0jNSZFhybW4Hrwkwi6i74gn&DVP_DBM_1=3060631&DVP_DBM_2=24779281&DVP_DBM_3=15170492595&DVP_DBM_4=396518738&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1544832483060&turl=https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09&DVP_PP_BUNDLE_ID=
Requested by: Host: 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
URL: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 3161f812469fd0552b9863a8bf904c86342db3208368ef4460329fe5fc2f8863

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 17:42:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jun 2023 09:15:55 GMT
Server: UploadServer
ETag: "71b8beedfc8712992269775dfe385a4e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3374
Expires: Tue, 06 Jun 2023 09:33:40 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 5412 3 KB
1 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
URL: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 09:37:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 5412 19 KB
8 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
URL: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 17:36:45 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5412 0
0 34ms
32ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR9Ql4KvKhMkVmk2kioHy80oIaRUnc29f3t5Dqzyl6p7YVjAu13eAB4kslpg9vi8ne7ODzXFd8vV9CQGZian0gQIL8pAw
Requested by: Host: 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
URL: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5412 178 KB
56 KB 147ms
146ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
URL: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 17:42:02 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D614
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJTI-MYzNde3wA4HDnupMNo&google_cver=1

43 B
766 B

32ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJTI-MYzNde3wA4HDnupMNo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY0sqJvQEwAQ&v=APEucNWt8SkybNzvM0eO4U6xMZy4YrKc9eGTL0UB7LMrhZjCkZQ-8AvvIjGq0JNwAIucVTc-Of1Cyc2yGu8VPSTPvNdPHfFIwbun1PR-u9GfxSYM_VgEi9aKkSG8qzqQ9wEaqIfBuUhgh7uDGKpI64duRwmyE6XmWUL_K1-GOQNyMZBA0zcc2uc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 17:42:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:42:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJTI-MYzNde3wA4HDnupMNo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D614
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZI3wakykVwcxHOGWZthPnwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJTI-MYzNde3wA4HDnupMNo&google_cver=1

43 B
766 B

25ms
25ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJTI-MYzNde3wA4HDnupMNo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY0sqJvQEwAQ&v=APEucNWt8SkybNzvM0eO4U6xMZy4YrKc9eGTL0UB7LMrhZjCkZQ-8AvvIjGq0JNwAIucVTc-Of1Cyc2yGu8VPSTPvNdPHfFIwbun1PR-u9GfxSYM_VgEi9aKkSG8qzqQ9wEaqIfBuUhgh7uDGKpI64duRwmyE6XmWUL_K1-GOQNyMZBA0zcc2uc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 17:42:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:42:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJTI-MYzNde3wA4HDnupMNo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D614
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEP8FwLprvdEZLqRqVxLYSas&google_cver=1

43 B
1 KB

17ms
17ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEP8FwLprvdEZLqRqVxLYSas&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY0sqJvQEwAQ&v=APEucNWt8SkybNzvM0eO4U6xMZy4YrKc9eGTL0UB7LMrhZjCkZQ-8AvvIjGq0JNwAIucVTc-Of1Cyc2yGu8VPSTPvNdPHfFIwbun1PR-u9GfxSYM_VgEi9aKkSG8qzqQ9wEaqIfBuUhgh7uDGKpI64duRwmyE6XmWUL_K1-GOQNyMZBA0zcc2uc

Protocol

HTTP/1.1

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 17:42:03 GMT
AN-X-Request-Uuid: 895af2b2-c7f9-4d1e-b31b-88336dd8adcf
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 95.211.199.139; 95.211.199.139; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:42:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEP8FwLprvdEZLqRqVxLYSas&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D614
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc4Mzk2MDIxMjU5MTE1Mzc1OQ%3D%3D

170 B
243 B

34ms
34ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc4Mzk2MDIxMjU5MTE1Mzc1OQ%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:42:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 17 Jun 2023 17:42:02 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 95.211.199.139; 95.211.199.139; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 31cdfd20-3527-4a16-8054-b421f5b60f82
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc4Mzk2MDIxMjU5MTE1Mzc1OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5412 0
20 B 60ms
60ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2924161477304&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:42:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5412 0
20 B 58ms
58ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2924161477304&version=m202301230201&ct=77&x=1&cor=4534127817395371500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:42:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5412 15 KB
11 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DVeJNf-tQAt_Oshw5a0bovoKMt4TSTtzED-B6bXp0N9BPWtHi77RdiSaZdCL4DwdND0v6DD7uZ9_UCvJzPCqze6_ShsIAEUyJsI_RxyyxEHILPx-hlltoe0hoZeFwMUMw7iJiuGeXmNvTEH_3lZH3G016zZBFPqKAj-TQSkvWUW6_qheI&cry=1&dbm_d=AKAmf-C_Aom9qAHOGCsaqJkL08NC8Gd1OtHoAw54L5XnaUIWsO6cj8_NKUibjSZVOpNewHiQLqOeDABZj_xE1SnDhcZnJpLNr8p1nQmlZqYUFC8C4B7Sfxc8U12zcUbiTeuLnkd3t-ge1rvnwTSGoWicj31bY4GCELR04Qv0VOzdTHp0FVkt_QANSSrDsDsueF0OYvWNsyxJZBB07MpLZG_UHWQosANLzw07ap5kBiGDTlbVlPDnj-LlyTIJx9P6hAbOWsB5VQup9i2Jd-ji_VvC2KCrPs9IxzhJy39pvpAFgfPELiFwWQXhp5gzRqMpdM3bPfDmE83Mv_dEtMaO8IMLreSYBaluJwqYA0Yk0u7sUHZd6HRi9Ud2SnJjsqTIe-w-wJHOqHqWe15CnYQqPlfVCfvyoAZAGdjcQicN2tNVvH-W0WdZyQjsC-WRin1tjHtdkha84q2NRb9v2_4v509Guh2F2gZVdBEfU09GaooKGCjGeP2iy2mVbLI4b_zsdV9-6winLisHVoQd_y6CqP8OTgxKQnh_Ms2lriY5FZXuogx-I6iwvVkxgn6W0AdfcocV9TmwFuXYViwydGxfGDdM_qbRiU5a8tlCxvMZFmIPvS79OEia-gArORVGlfHycLVvGzygttuRkrQnRO32-1OTAwmHButxZ1sIjrFd6OzNS10hpOTgb_z2A2JVKsOUbT1UUbE5juwTmfTQuzdJC-KhVR91FMkG3N65J5emAL7ePye9nVLmSA8fZsOwmaGuMSfsVmsNmTDLR8s-eFSa4StH314XppVIoPHvwN8qCa9ZKCV4SQmKO1KSUQr5IFdPwzwdddqJECKPPApEs4vw8rzKcUpxf6Pko93wUoh2Dl6qozARR5YAiAmbwEX4VpAgy0FIXf6SAchuKPxgzCPnqlC3KGorA9JFsALyOAFnuhPJEMC09dzktzxrWtIPQWOvd8Q9-ETh6C3A6NCu-e3wrSlC1GqaPpMZSpWEzD8uudMgJb6IzC-leLHgVrCy_e-gGxI9u41ZX2_BNwJzyo_JghRpldL3Qvni_UVj6udKWgozJw160nDYJSiwVsAk1oHnOeg6giJQjVfOmrEM0sj0PtzOjFCm1GhnxJ5mu-RVZOJramd7EFY_Jq2U1c8cqA_jvegPN2nWI7_ppVJHfrXCclyMTes9zi2lDZAoK4C_dIgSoODBdEt3Mcsu37omCEvNg2Q6Al-5CPv496P_petMc___NC327r_6ffBCauNzeumo4dcTfahCEpoA6ufgy3pJiqS8z61Ce5TPUBTpNJw9YUPrSohskx0-Xtiej7jrDglgLtBu9xkFfA6gtEs4uf-MvDF9dcr3DqM0Def9GE0uZpLKxegcql3COHFzJcohL5Wa3r9UbY4zyZpJ1MUzgh-4BJ_K1ebml1POuwg9U7vbQ53FXkz7r_sK3pjvr7L2zrCOPorNpXgNNYIVN6fqQ0WSWGtQnUpkFsIMic7apZJFlIrRzFojjwdyjM4bpSSwC_tnBQnZxdppuYQ1kWnPJvz9wzMU6UYOxl3RamDp45kGJIt4UEI8JSGY5end1Z5fbqllHe61jpoq_rXWQZ_dU2lcB3EBphwA_cuUokHtDyxh_bEbt0uukzrl5hTszf-vYT9fF0sBkQ-MeEdfHa9GXpoVcziRL17aDHvKUO1i92jHm8ekWwqZ6H10gHDWNPP_QOHl19c1cDFJ7XVLWH0bnYFqv2H5KTdofTRcQ63eB0wnOtCjlwHGvMFDukNoXysxXIeUBPOVGuMfjWRs6VAuh7PkPpg2AmOBdmsdyC-M4jnhMMaHPGC6mKXBPwKraBLstfIX8WOBxDkeJHBWgT0fcd3sSfzv_U_cfX5C0uG2E07N0-Vt-CNLqm8nmVGeB9MaQXnVH2OetxMYVNwlnQYG4j0pz6KJivz_SHczqUEXo1vmc95pdCn8epS3gX2UvNufuPT1vafDAvxPFcwLNvX8Fevpd5e2ddvY8EjhdhFrv07KOZV6wJhnLWx-cQAzR4D0nGie9LzzxByBe7OTfJtNwaFYai0AtPClDwKOE1CdpL6vgnAU-eJcJbvkY0LKU-YZCzxu-J-N4LIDfPdaONfPU23cQJH2b9s9ev9VRbBxuPqmtomqFSJGxsJyrJT_nJpkeKn6sVvVAk7e-b_Wox-Oq2KSadbkP6dUs6tXYDt9c95xo2WngsUE6jqr9070Izd4wnuZNGBCmc2DED1-OFbtclDMgZyu6t4cGtFu3gXphSQr-4mD5k-EtbBq_QywkIbI8qPhqNuQpxaNpErGJrINy2i1z_NfRIwbyJcelXDJUQ4I8_jS0QOL-1jM9YbRmXVMyN6LVhhcBIvfsPaRskE-y00w0A0QQVHJsyxOYN144NMtW2PxZT6V0G2V0vGtR0lKiGpkRLRKresGOtV8a0Yif8RVKxwtOMeb5VAoLHFYjiyTA7qNHpDgJIummZ1EgEGOk4cUb52g_VPil9GdfMPJuIbPyNr0DqcMoIEvfOF0GSPXBedGEHLHO-l7tQhomXKifH01GX7LB199kTF7A0fjGYSWzcXDiFPpx7OLbztWuiAOIKZQyCe_6LQ8NOMvCW3bwwzdzcDFh_y8pDqSBJfaO_NvEYqUIM3KYTfWOcbydKMfp9hVCfHZ0CsZWaPXifqylrn3hSidvVI6Z5cE_Y1cTHljSo2EMr0gFCtqm2EY4yDPZpUwmxXKbxITwrZ-ayO-O94BBsiCv4oLy4H9f7msCFQUr9LVSe8zpLrKVK2BVF3LnvfZ6jix9NjQhsLqjxUXQMjI5LLIECoPlrxVkfSGhFKUc1c94zsu28X7ia3_pa9BaybPy1GbqwkRhRfRKs8CrX1qFJiLUs6UwCJOTthaOqwfLnT8U_sHwMGU3UAD8uvEKJGOAJ5cKGU-i0HAsIamlHyAkQzDoP84EoWBG10OFw4FODVlP1CN5gzlQeOe1-VJDxyCxCm1d0p16Rzqwc6XD7RSRV0sllQgo4Rr7Tp8Irwi1AnGhkqbupDl9Pw8nmdnXqDO0Pfo649MuwaC5NzduQ_JuE9N8o3b9buOqrqKlUHUehvjiyy06UIexADE0XG8HbVxM1jSUMlCPKSU2pNih6l7P8xeZ2yne_9Qx4NYqcfijDD0LWFtFUfGANUQbze8O0Mu7Y7M3-Ssc0EkTFyzwFQeS1mW2wNtF6w_ygoRahC5BBNiVpMsmyS28MjkrY_uCWw5LNULmd7eKa2uqWJkB0k6MinpEYPiy4b2mJ8ljBoDeR3wT8JoKUCU8QirCT8sWpPH5ITKWzqkPJSDxNJrP2FeoVlhQVpNCEnBHiKdr40x_vhxboGBYi9AdiyhA0imSmRcJsZVN0bXcHCAQJTfi0IXaCeeRYNmRDabqUTGCCKoreQKufBui9_CCHR1nbBXCWeTvF7mXW0IXuZzEPHTVWTo9azuoTtOcVguK6OIe-UHVqRJ3ULnHKIG3_aXUW29e54Deo61o_76Wwn0tWpg-YlCm7AwMMC4G09eMNOq9eFqz58WVumbZ8zrFbDIbyjqGYhdFFGd-1y65UIxFOCkszNEoIfgDnpZANXigr5PCNAyhh6eMyLLvhjMAQo6He5HYqxiehxeDGiqAbFgKsyAhzVwIK53GlVOJ14bBL-uAzJJG0gkM10nf_9c&cid=CAQSOwBygQiD2WhIZkrftByuxZPDtG-tHIzKGqzBlfX5dXJb-h741pn29qovAen9uVVFJzTLg2QxSQuo5DfMGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dwjhgx.com&ds=l&xdt=1&iif=1&cor=4534127817395371500&adk=4124348033&idt=84&cac=0&dtd=17

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b29be589aacb864a40a4c5cf5ecfcc144293586e2aec030723751fda037ab2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:42:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5412 41 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DVeJNf-tQAt_Oshw5a0bovoKMt4TSTtzED-B6bXp0N9BPWtHi77RdiSaZdCL4DwdND0v6DD7uZ9_UCvJzPCqze6_ShsIAEUyJsI_RxyyxEHILPx-hlltoe0hoZeFwMUMw7iJiuGeXmNvTEH_3lZH3G016zZBFPqKAj-TQSkvWUW6_qheI&cry=1&dbm_d=AKAmf-C_Aom9qAHOGCsaqJkL08NC8Gd1OtHoAw54L5XnaUIWsO6cj8_NKUibjSZVOpNewHiQLqOeDABZj_xE1SnDhcZnJpLNr8p1nQmlZqYUFC8C4B7Sfxc8U12zcUbiTeuLnkd3t-ge1rvnwTSGoWicj31bY4GCELR04Qv0VOzdTHp0FVkt_QANSSrDsDsueF0OYvWNsyxJZBB07MpLZG_UHWQosANLzw07ap5kBiGDTlbVlPDnj-LlyTIJx9P6hAbOWsB5VQup9i2Jd-ji_VvC2KCrPs9IxzhJy39pvpAFgfPELiFwWQXhp5gzRqMpdM3bPfDmE83Mv_dEtMaO8IMLreSYBaluJwqYA0Yk0u7sUHZd6HRi9Ud2SnJjsqTIe-w-wJHOqHqWe15CnYQqPlfVCfvyoAZAGdjcQicN2tNVvH-W0WdZyQjsC-WRin1tjHtdkha84q2NRb9v2_4v509Guh2F2gZVdBEfU09GaooKGCjGeP2iy2mVbLI4b_zsdV9-6winLisHVoQd_y6CqP8OTgxKQnh_Ms2lriY5FZXuogx-I6iwvVkxgn6W0AdfcocV9TmwFuXYViwydGxfGDdM_qbRiU5a8tlCxvMZFmIPvS79OEia-gArORVGlfHycLVvGzygttuRkrQnRO32-1OTAwmHButxZ1sIjrFd6OzNS10hpOTgb_z2A2JVKsOUbT1UUbE5juwTmfTQuzdJC-KhVR91FMkG3N65J5emAL7ePye9nVLmSA8fZsOwmaGuMSfsVmsNmTDLR8s-eFSa4StH314XppVIoPHvwN8qCa9ZKCV4SQmKO1KSUQr5IFdPwzwdddqJECKPPApEs4vw8rzKcUpxf6Pko93wUoh2Dl6qozARR5YAiAmbwEX4VpAgy0FIXf6SAchuKPxgzCPnqlC3KGorA9JFsALyOAFnuhPJEMC09dzktzxrWtIPQWOvd8Q9-ETh6C3A6NCu-e3wrSlC1GqaPpMZSpWEzD8uudMgJb6IzC-leLHgVrCy_e-gGxI9u41ZX2_BNwJzyo_JghRpldL3Qvni_UVj6udKWgozJw160nDYJSiwVsAk1oHnOeg6giJQjVfOmrEM0sj0PtzOjFCm1GhnxJ5mu-RVZOJramd7EFY_Jq2U1c8cqA_jvegPN2nWI7_ppVJHfrXCclyMTes9zi2lDZAoK4C_dIgSoODBdEt3Mcsu37omCEvNg2Q6Al-5CPv496P_petMc___NC327r_6ffBCauNzeumo4dcTfahCEpoA6ufgy3pJiqS8z61Ce5TPUBTpNJw9YUPrSohskx0-Xtiej7jrDglgLtBu9xkFfA6gtEs4uf-MvDF9dcr3DqM0Def9GE0uZpLKxegcql3COHFzJcohL5Wa3r9UbY4zyZpJ1MUzgh-4BJ_K1ebml1POuwg9U7vbQ53FXkz7r_sK3pjvr7L2zrCOPorNpXgNNYIVN6fqQ0WSWGtQnUpkFsIMic7apZJFlIrRzFojjwdyjM4bpSSwC_tnBQnZxdppuYQ1kWnPJvz9wzMU6UYOxl3RamDp45kGJIt4UEI8JSGY5end1Z5fbqllHe61jpoq_rXWQZ_dU2lcB3EBphwA_cuUokHtDyxh_bEbt0uukzrl5hTszf-vYT9fF0sBkQ-MeEdfHa9GXpoVcziRL17aDHvKUO1i92jHm8ekWwqZ6H10gHDWNPP_QOHl19c1cDFJ7XVLWH0bnYFqv2H5KTdofTRcQ63eB0wnOtCjlwHGvMFDukNoXysxXIeUBPOVGuMfjWRs6VAuh7PkPpg2AmOBdmsdyC-M4jnhMMaHPGC6mKXBPwKraBLstfIX8WOBxDkeJHBWgT0fcd3sSfzv_U_cfX5C0uG2E07N0-Vt-CNLqm8nmVGeB9MaQXnVH2OetxMYVNwlnQYG4j0pz6KJivz_SHczqUEXo1vmc95pdCn8epS3gX2UvNufuPT1vafDAvxPFcwLNvX8Fevpd5e2ddvY8EjhdhFrv07KOZV6wJhnLWx-cQAzR4D0nGie9LzzxByBe7OTfJtNwaFYai0AtPClDwKOE1CdpL6vgnAU-eJcJbvkY0LKU-YZCzxu-J-N4LIDfPdaONfPU23cQJH2b9s9ev9VRbBxuPqmtomqFSJGxsJyrJT_nJpkeKn6sVvVAk7e-b_Wox-Oq2KSadbkP6dUs6tXYDt9c95xo2WngsUE6jqr9070Izd4wnuZNGBCmc2DED1-OFbtclDMgZyu6t4cGtFu3gXphSQr-4mD5k-EtbBq_QywkIbI8qPhqNuQpxaNpErGJrINy2i1z_NfRIwbyJcelXDJUQ4I8_jS0QOL-1jM9YbRmXVMyN6LVhhcBIvfsPaRskE-y00w0A0QQVHJsyxOYN144NMtW2PxZT6V0G2V0vGtR0lKiGpkRLRKresGOtV8a0Yif8RVKxwtOMeb5VAoLHFYjiyTA7qNHpDgJIummZ1EgEGOk4cUb52g_VPil9GdfMPJuIbPyNr0DqcMoIEvfOF0GSPXBedGEHLHO-l7tQhomXKifH01GX7LB199kTF7A0fjGYSWzcXDiFPpx7OLbztWuiAOIKZQyCe_6LQ8NOMvCW3bwwzdzcDFh_y8pDqSBJfaO_NvEYqUIM3KYTfWOcbydKMfp9hVCfHZ0CsZWaPXifqylrn3hSidvVI6Z5cE_Y1cTHljSo2EMr0gFCtqm2EY4yDPZpUwmxXKbxITwrZ-ayO-O94BBsiCv4oLy4H9f7msCFQUr9LVSe8zpLrKVK2BVF3LnvfZ6jix9NjQhsLqjxUXQMjI5LLIECoPlrxVkfSGhFKUc1c94zsu28X7ia3_pa9BaybPy1GbqwkRhRfRKs8CrX1qFJiLUs6UwCJOTthaOqwfLnT8U_sHwMGU3UAD8uvEKJGOAJ5cKGU-i0HAsIamlHyAkQzDoP84EoWBG10OFw4FODVlP1CN5gzlQeOe1-VJDxyCxCm1d0p16Rzqwc6XD7RSRV0sllQgo4Rr7Tp8Irwi1AnGhkqbupDl9Pw8nmdnXqDO0Pfo649MuwaC5NzduQ_JuE9N8o3b9buOqrqKlUHUehvjiyy06UIexADE0XG8HbVxM1jSUMlCPKSU2pNih6l7P8xeZ2yne_9Qx4NYqcfijDD0LWFtFUfGANUQbze8O0Mu7Y7M3-Ssc0EkTFyzwFQeS1mW2wNtF6w_ygoRahC5BBNiVpMsmyS28MjkrY_uCWw5LNULmd7eKa2uqWJkB0k6MinpEYPiy4b2mJ8ljBoDeR3wT8JoKUCU8QirCT8sWpPH5ITKWzqkPJSDxNJrP2FeoVlhQVpNCEnBHiKdr40x_vhxboGBYi9AdiyhA0imSmRcJsZVN0bXcHCAQJTfi0IXaCeeRYNmRDabqUTGCCKoreQKufBui9_CCHR1nbBXCWeTvF7mXW0IXuZzEPHTVWTo9azuoTtOcVguK6OIe-UHVqRJ3ULnHKIG3_aXUW29e54Deo61o_76Wwn0tWpg-YlCm7AwMMC4G09eMNOq9eFqz58WVumbZ8zrFbDIbyjqGYhdFFGd-1y65UIxFOCkszNEoIfgDnpZANXigr5PCNAyhh6eMyLLvhjMAQo6He5HYqxiehxeDGiqAbFgKsyAhzVwIK53GlVOJ14bBL-uAzJJG0gkM10nf_9c&cid=CAQSOwBygQiD2WhIZkrftByuxZPDtG-tHIzKGqzBlfX5dXJb-h741pn29qovAen9uVVFJzTLg2QxSQuo5DfMGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dwjhgx.com&ds=l&xdt=1&iif=1&cor=4534127817395371500&adk=4124348033&idt=84&cac=0&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 13:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188573
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 13:19:10 GMT

GET
H/1.1 200
OK dvbs_src_internal117.js Show response
cdn.doubleverify.com/ Frame 5412 57 KB
19 KB 26ms
26ms Script
application/javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=4890984&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jNSZFhybW4Hrwkwi6i74gn&DVP_DBM_1=3060631&DVP_DBM_2=24779281&DVP_DBM_3=15170492595&DVP_DBM_4=396518738&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1544832483060&turl=https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 17:42:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:02:11 GMT
Server: UploadServer
ETag: "d07704704b2ea7cfd4b9f2d78f0c7dbb"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18861
Expires: Thu, 30 May 2024 12:10:19 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 5412 9 KB
5 KB 141ms
34ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_134602653756&jsTagObjCallback=__tagObject_callback_134602653756&num=6&ctx=1828362&cmp=115750&plc=4890984&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=134602653756&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=114&bridua=3&dup=null&turl=https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09&srcurlD=2&ssl=1&refD=3&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jNSZFhybW4Hrwkwi6i74gn&DVP_DBM_1=3060631&DVP_DBM_2=24779281&DVP_DBM_3=15170492595&DVP_DBM_4=396518738&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1544832483060&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=11&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D5H%3B98I%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D5H%3B98I%5D4%40%3ETar9EEADTbpTauTauHHH%5D5H%3B98I%5D4%40%3ETar9EEADTbpTauTauHHH%5D5H%3B98I%5D4%40%3ETar9EEADTbpTauTaucceg6g4b3%60fbc62a4fc3chhgb%60e%60h4h%60%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D5H%3B98I%5D4%40%3ETau5%4040%7DvAJ*_%3Dz~wuq4%268a5ayq3%3CcI5%25y)%22%25_h&dvp_exetime=5.00&callbackName=__verify_callback_134602653756
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 2d69ff553976016f64026cbb79039d3592a29c005a6e854e097b34cc7545a520

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 17:42:03 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 06/16/2023 17:42:03

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1AA2 22 KB
8 KB 25ms
25ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 186918
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 13:46:45 GMT
expires: Fri, 14 Jun 2024 13:46:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 1AA2 37 KB
14 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 18:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 256064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jun 2024 18:34:19 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-ew1.doubleverify.com/ Frame 5412 0
234 B 291ms
24ms Ping
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=f48499de49664aaba7eaabb870484306&dvp_ac_version=0810&dvp_acibv=&bsigr=19860153565696&cbust=1687023723181615
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sat, 17 Jun 2023 17:42:03 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 06/16/2023 17:42:03

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 5412 16 KB
7 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6830
x-xss-protection: 0
last-modified: Wed, 24 May 2023 18:59:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 17 Jun 2023 18:33:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1AA2 0
20 B 63ms
63ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDYUIavCNZIq6Os7u-gbfiIPIBQAAAAA4AeAEAg&bg=!wMOlw5fNAAaGYqkwpmI7ADkAdvg8WuGmpGmyLVIsG58eRj6iI29Dx3YSaBOL6X740jG47HVU_WjrBaVJK72QWbmw7PZYWzJS-c0CAAAAT1IAAAADaAEHCgA5wzw0_Ru1kr3kbmjSyUwiK11cPFNOEDAgy6j1R_enlv2fnhaM-RCx6iVip4n4dJZW8lqm1Lgq5GpOmQNRcTyothbzyht94Yrd3q_YlIVvUw4kcm_A7gUWKUrDg1HJq2gwpeKkSDVn5KSJqYsPjx1C-cbRx6Z3THnt2HwM8myEmyyF_tI5biYhROGvmbE346VrVHzt941LKMI6SdVi6GWb-3y2XduSZXR4_HG1coOiGALn2UYtOEjsN4h-MFUWwmlkcuWA__kjB64Fa-rDtYtu7EpXurgzQehsrhDZgpYfnlvdRkKdVswry5uPDB67qvKIz4NErmSKgDrmqXXywjqTw4OX7ZRrDYsUkjz6gHJMRQQAB_KuPYuE70_pj5tJhSO50g5V2m72TW77owQoLR5U4JEVQdz_W80aCqPDDYUovo11mjZd4RB4QNH7J8BwxDDFRFZSXD4wsSFhwSEiYjKh_5tVl_SLUM86nzg8doiaKPCAcNAE11_FCpzRmObzYstAcV4baW2scQyWd8Dgq2KLXqezO0YbFpcmGi7CPFS1_j01lUF5UHBXIoJ6xtw2LMTTm4IbxOA-bY0stL0kQPeCiRLfJm4Ic2Acps4NHq1TK5L4XejEDVioz3aM48Aq9PrY35xHHuMy5Fps0HFQbtyOAWyYTBGrc32X_yv0tCrqmylND_D2jC7CrcBaNIG9S6fDPlSjn48Tea8TV60sTI2t4IMfmXMc4prtxiwKoUEiiDlgtK2hQ7rGJmgPiwIP9ga5eNIqc2uFCQJzpk-y4Ex1VtshTlXn1BG_lX3eqvO_yRGWIWtrMzN_g-X15tUAWGa1SC2UIrBKIUwvAQUX1bkKgY0Opu0v0IIiiMqgfhg1gKIkRC-NyRyUF-381j1GQKFcBBCr9D-AJ4dd5Eq3JuYBmOZeyn_oGfXAo03HdqtMAagXwZhIoo94ZVgPggW0_eJAiYvMfykm4MGrDGomBu1FP_fkrHkfbFlFiDNJ5_7DNY0Q7NBTnFQ-ybjjyvfweJ3ABahhnXVEetlsj2azc-QDLK486b3cLRAKIlCUhINkrLuu5dxHmqwCMsxOWKVLv4mLUZ4TFXaYXXp16hqwlYgScByKw2Njv7yaVZQGmoTrBLonIbDhMHdG6JLfvZ7fUIQxpRVWSiNBYEXeAP8BLc4QZHG4aBgDibA9O0gRoNRd8VJLIS71Usop-AaUKzad

Requested by

Host: 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
URL: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:42:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 impl_v96.js Show response
www.googletagservices.com/dcm/ Frame 5412 49 KB
20 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v96.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:52:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 434992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20157
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:41:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Jun 2024 16:52:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9FD7 0
0 61ms
61ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306130202&jk=1524366951922413&bg=!jY6ljtrNAAaGYqkwpmI7ADkAdvg8Wj6qZCEe8sPSJxOETFC9QHC0m5nEQr2rYKi3Tl6XDi_tlqjE2Qz29b-CGGIJ5fSJwnl2T2kCAAAAbFIAAAADaAEHmQMq-TJ78mZULMIT6hL6rVBmEjvaGg8SaDSnGNoOmSCmMUD7q_1miRTobQAwI6t8mDQc7Ayd9Fd-wapIoKCMO4bjWoax0zbWurgU87CCKY73cuPQyFRHswzkN_cFWqpFf-ccV6bNu3KL4PaRPbhk3MhYXpDC1mOr79vqrKsdTd2Tr7T4DQ7Qf7pa5_uKLDFL_w00cPRykcP2mMAbIfooFPsubRRxUFscOp_d6KCLGbalFezL3nXW7pZPHngNVWxTRaFi1vN94xENDZkea9tI5UDdlCa6yWaQpwxe9ZPNMv_f9qyM79-OMAtVCqUybMUllnG_X4A3I9a0Z4OAghKm3KgAsA5b1qt0ufEAMU0lwKBDtPp9zleIziYNNbDNayJtfIao_H5GI8WzFdrpRlb4jEZmHQvPTHj-JF44saYXJt-4zRdXpX1Y5uPsthHhi4l2TT2-i1Dj0LEz8jMAfkWGCoaVU3vpYN6TvuBzx0NW7WK1D_BMwCnZZbK9DkEJS89QqCtxosRsDmirbU5czqYatiNJlO5pH5jG5XBvXiedTVjr8PqJCJc7hBxnEk0HLqstrR-1ZsF5wHn-ofDhq9YUzYMC0135MkU9Fp0sfeg9ngNpMhntxgFZ3C4KzSq9OOyRhgAtiSd_hJL4QFj4MSJdV5HIYPuF9de0ZGi8Gb6F3T9wuANvKYRwIk5XaBormzC-KwhUNvEE6UJPX-DevZdTKBud6ZG7I34baexge7Y7ZrqY6AI7rZyRwjSIfDYpMUbo0NuIImsulp7JM2yMWUCr5PCC4pg6EcYkkrGmicjxqEH_tmfX56rr8dnWABefyPomgIbQQpSRKYHmM6kCrylIAZkYuwoye10d0K53ipHvUCsgDcKxS0ZGpsB4Nk9EhP0RuO0tjSAb1qek6sDFLOnh_AtqK9JSGs50quUZyA546kllYFL4EaytBWPuGSbyv1x4yzQebN0ay5CoXLMWxh5pRIJd_wQAjTv_kmzTxN-mwLn9NFDYBUcDBscvhVliydMhxoYN2V6EvRfgx904pnGQRdcWu_1GuszOBjdoXGfzWYvrCjvfKLOXbOQAjIgK
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 B9689862.280410797;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=1196669595;ord=plud8p;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=3,https%3A%2F%2Fwww.dwjhgx.com$2,,https%3A%2F%2Fwww.dwjh... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 5412 60 KB
28 KB 141ms
65ms Script
text/javascript 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=1196669595;ord=plud8p;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=3,https%3A%2F%2Fwww.dwjhgx.com$2,,https%3A%2F%2Fwww.dwjhgx.com%2F$0;xdt=1;crlt=..XLDKoRrz;stc=1;chaa=1;sttr=37;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

2d058420ed0fbbf46211a2689ea0db1835d4c1b6ec6540f612890c9f4177eae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:42:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28152
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/ Frame 5412 11 KB
4 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=1196669595;ord=plud8p;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=3,https%3A%2F%2Fwww.dwjhgx.com$2,,https%3A%2F%2Fwww.dwjhgx.com%2F$0;xdt=1;crlt=..XLDKoRrz;stc=1;chaa=1;sttr=37;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:40:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 17:40:25 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5412 0
0 146ms
62ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJ_tcfXys-3nMa8A7Y5nebUufaSvp4E89OraqYzHCXPIb33QR6GeCA9v7tP5fhY9Uu4yvkJPjp1v1P9w9_aEZIpnX7BtA795oWtedor4EjTHE8So5y3hVS8GgYR9aPgKbn8Z8JFf2JQQV33IsPAIqkGzVqc0rQKjMGXLYZ&sai=AMfl-YR189cDVZKGfSqJiplw8AJPmPREwA_iSiLOMVkMXNE01CAJBjFs0kMlgH23UTEodK2BnqAbE0tyOFzzHOYPFLzQTigyMaSkYedOXw&sig=Cg0ArKJSzJzTPIybkAOREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230614.69503&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Jun 2023 17:42:03 GMT

GET
H2 200 12224131752392196093
s0.2mdn.net/simgad/ Frame 5412 144 KB
144 KB 88ms
25ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12224131752392196093

Requested by

Host: 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
URL: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e80f3c6479f08a7ea0b97f0c3538f4d3420e0f00df102e15469e7fc6ed013cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 21:30:12 GMT
x-content-type-options: nosniff
age: 591111
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147304
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 20:18:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jun 2024 21:30:12 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9E4D 22 KB
8 KB 25ms
24ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 186918
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 13:46:45 GMT
expires: Fri, 14 Jun 2024 13:46:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dv-measurements3886.js Show response
cdn.doubleverify.com/ Frame C462 534 KB
101 KB 26ms
26ms Script
application/javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3886.js
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: f74a971771bbed56a13238f100e81152d4e14e3efb0a3da5772340955160f5d6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 17:42:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jun 2023 06:22:01 GMT
Server: UploadServer
ETag: "4bc7e362cab7f510577e8cd49ba8f796"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103299
Expires: Wed, 05 Jun 2024 06:22:07 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7488 1 KB
643 B 25ms
25ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
URL: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 15773
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Sun, 18 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5412 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9d810af7b3e766654de55cdac17763fd73b218159481938fb0835a8ade8f929

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js Show response
pagead2.googlesyndication.com/bg/ Frame 9E4D 38 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d52495b18649afcb88c1d0c6081dbcb847c9fe0313fbb44984c8f52635f11070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 11:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14776
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jun 2024 11:20:34 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 7488 0
104 B 117ms
34ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJHl96R-y4xKPMpoguK4tSQ&google_cver=1&google_push=ATf1kGNmTv4VhSi1LIKP6GJVPU4BAV7-GpoS4jiSsD1Fu7MhoXXOCbaXrIAaDAH2OG14HG3_6I2R43rh5fQWxb55ZpH3iFKLtmAE
Requested by: Host: 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
URL: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:42:03 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 7488
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESENBBjJIFTZZhvVscH8bOWoc&google_cver=1&google_push=ATf1kGMkpY5Le94W9s6NNkkp4hv5qOLhYavO6AgOqzbSaPAf_W6PTVZxSmOcFoJ2cGLXUF8FFeeC8khYrd5ftWx0V1tDuI7eJNrT&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENBBjJIFTZZhvVscH8bOWoc&google_cver=1&google_push=ATf1kGMkpY5Le94W9s6NNkkp4hv5qOLhYavO6AgOqzbSaPAf_W6PTVZxSmOcFoJ2cGLXUF8FFeeC8khYrd5ftWx0V1tDuI7eJNr...

43 B
416 B

214ms
196ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENBBjJIFTZZhvVscH8bOWoc&google_cver=1&google_push=ATf1kGMkpY5Le94W9s6NNkkp4hv5qOLhYavO6AgOqzbSaPAf_W6PTVZxSmOcFoJ2cGLXUF8FFeeC8khYrd5ftWx0V1tDuI7eJNrT&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMkpY5Le94W9s6NNkkp4hv5qOLhYavO6AgOqzbSaPAf_W6PTVZxSmOcFoJ2cGLXUF8FFeeC8khYrd5ftWx0V1tDuI7eJNrT%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:42:03 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d8d1641deb839ee-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:42:03 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 314
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENBBjJIFTZZhvVscH8bOWoc&google_cver=1&google_push=ATf1kGMkpY5Le94W9s6NNkkp4hv5qOLhYavO6AgOqzbSaPAf_W6PTVZxSmOcFoJ2cGLXUF8FFeeC8khYrd5ftWx0V1tDuI7eJNrT&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMkpY5Le94W9s6NNkkp4hv5qOLhYavO6AgOqzbSaPAf_W6PTVZxSmOcFoJ2cGLXUF8FFeeC8khYrd5ftWx0V1tDuI7eJNrT%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d8d16407cc539ee-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7488
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEBWqITbhxEmYJIsGsm1Udgw&google_cver=1&google_push=ATf1kGMYwqGWiBwTM3jo4uYxNFHgubwydtD0a3Mg0eJfdERXZKJEgILNu76NBCDTg_TBL2V3M83DP2ZfuMNx0ng6ENbElrcfbTdh
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B71542483E2341708C868525366EB29D&google_push=ATf1kGMYwqGWiBwTM3jo4uYxNFHgubwydtD0a3Mg0eJfdERXZKJEgILNu76NBCDTg_TBL2V3M83DP2ZfuMNx0ng...

170 B
188 B

35ms
35ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B71542483E2341708C868525366EB29D&google_push=ATf1kGMYwqGWiBwTM3jo4uYxNFHgubwydtD0a3Mg0eJfdERXZKJEgILNu76NBCDTg_TBL2V3M83DP2ZfuMNx0ng6ENbElrcfbTdh

Requested by

Host: 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
URL: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:42:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 17 Jun 2023 17:42:03 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B71542483E2341708C868525366EB29D&google_push=ATf1kGMYwqGWiBwTM3jo4uYxNFHgubwydtD0a3Mg0eJfdERXZKJEgILNu76NBCDTg_TBL2V3M83DP2ZfuMNx0ng6ENbElrcfbTdh
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 16 Jun 2023 17:42:03 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 7488 70 B
265 B 128ms
45ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECRQO7kLiiI4WZEFn2uz_kg&google_cver=1&google_push=ATf1kGMCt_7rj_uRpirWcuG51DeYbjP2dHGk1pWMve9OqKXrl1BaOOn645iKbhq5VvevKb3Tp1kGx-70udVQn6ScI8sv0ULw9tcq
Requested by: Host: 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
URL: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 17 Jun 2023 17:42:03 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7488
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGa6VE-8cLWtOtvFtVXCVaY&google_cver=1&google_push=ATf1kGMaM0FcuCFpgge7ZIGlTcPNeZUKt6BBrF7oRtsbjfn_fIvjzh6BRXmvg7RNDJr7zUm4hJ_OUV4Z...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGa6VE-8cLWtOtvFtVXCVaY&google_cver=1&google_push=ATf1kGMaM0FcuCFpgge7ZIGlTcPNeZUKt6BBrF7oRtsbjfn_fIvjzh6BRXmvg7RNDJr7zUm4hJ_...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzkzODk2NjM2Nzc3NjA4OTAxNw&google_push=ATf1kGMaM0FcuCFpgge7ZIGlTcPNeZUKt6BBrF7oRtsbjfn_fIvjzh6BRXmvg7RNDJr7zUm4hJ_OUV...

170 B
188 B

35ms
35ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzkzODk2NjM2Nzc3NjA4OTAxNw&google_push=ATf1kGMaM0FcuCFpgge7ZIGlTcPNeZUKt6BBrF7oRtsbjfn_fIvjzh6BRXmvg7RNDJr7zUm4hJ_OUV4ZfVDo-ufDPiNo9EJ6f4j6

Requested by

Host: 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
URL: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:42:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:42:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzkzODk2NjM2Nzc3NjA4OTAxNw&google_push=ATf1kGMaM0FcuCFpgge7ZIGlTcPNeZUKt6BBrF7oRtsbjfn_fIvjzh6BRXmvg7RNDJr7zUm4hJ_OUV4ZfVDo-ufDPiNo9EJ6f4j6
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7488
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIPwTpLJTu_MB-09OCD7ENQ&google_cver=1&google_push=ATf1kGPUrxKQixxLSUNV4xidPozQbKjHCLyp3oHD3qRbNcyoqZkhXRwgRvJFaxh3gCXbNIaFNDg...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEowQUQ4NUItMTItNlZJNA==&google_push=ATf1kGPUrxKQixxLSUNV4xidPozQbKjHCLyp3oHD3qRbNcyoqZkhXRwgRvJFaxh3gCXbNIaFNDg3ymNrHax7XiioQWzmbX9IK7M

170 B
188 B

38ms
37ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEowQUQ4NUItMTItNlZJNA==&google_push=ATf1kGPUrxKQixxLSUNV4xidPozQbKjHCLyp3oHD3qRbNcyoqZkhXRwgRvJFaxh3gCXbNIaFNDg3ymNrHax7XiioQWzmbX9IK7M

Requested by

Host: 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
URL: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:42:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEowQUQ4NUItMTItNlZJNA==&google_push=ATf1kGPUrxKQixxLSUNV4xidPozQbKjHCLyp3oHD3qRbNcyoqZkhXRwgRvJFaxh3gCXbNIaFNDg3ymNrHax7XiioQWzmbX9IK7M
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 7488
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECu_hK_cIkahQANw-0ug9G8&google_cver=1&google_push=ATf1kGMlK5iRA-6ns2aTCoH0LsZscLhb4MLkcT72brDz2BNFZObpyKI5ZJ6uDBy9EPJRx1JxLSXw27ZX1tE...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMlK5iRA-6ns2aTCoH0LsZscLhb4MLkcT72brDz2BNFZObpyKI5ZJ6uDBy9EPJRx1JxLSXw27ZX1tEiYjGknZe1G2ZKnrMIIA
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

25ms
25ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
URL: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:42:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7488 0
12 B 34ms
33ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JMwEsS3yRFsyo5P9iD94t25HDD2dvTJaeOcH3Jf3MbJTGD8umAneCe-1FN5CmESyp0-CwSCA

Requested by

Host: 4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
URL: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame C462 8 KB
4 KB 166ms
41ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=84&ttfrms=25&brid=3&brver=114.0.5735.133&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D5H%3B98I%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D5H%3B98I%5D4%40%3ETar9EEADTbpTauTauHHH%5D5H%3B98I%5D4%40%3ETar9EEADTbpTauTauHHH%5D5H%3B98I%5D4%40%3ETar9EEADTbpTauTaucceg6g4b3%60fbc62a4fc3chhgb%60e%60h4h%60%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D5H%3B98I%5D4%40%3ETau5%4040%7DvAJ*_%3Dz~wuq4%268a5ayq3%3CcI5%25y)%22%25_h&srcurlD=2&aUrlD=-1&ssl=https:&uid=1687023723575160&jsCallback=dvCallback_1687023723575914&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3886&tgjsver=3886&lvvn=28&m1=13&refD=3&referrer=https%3A%2F%2F4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D2&fcifrms=11&brh=2&sdf=2&dvp_epl=406&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0jNSZFhybW4Hrwkwi6i74gn&DVP_DBM_1=3060631&DVP_DBM_2=24779281&DVP_DBM_3=15170492595&DVP_DBM_4=396518738&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1544832483060&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=207469756624.76117&dvp_tukv=151903681046.3753&dvp_strhd=0.3000011444091797&dvpx_strhd=0.3000011444091797&dvp_tuid=1210619536365&jurtd=128839486
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3886.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a3cd2f80fb909e37655907f5458ce280391807ba7fc532f384315ee17d2b7092

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 17:42:03 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 06/16/2023 17:42:03

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5412 0
0 63ms
63ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJ_tcfXys-3nMa8A7Y5nebUufaSvp4E89OraqYzHCXPIb33QR6GeCA9v7tP5fhY9Uu4yvkJPjp1v1P9w9_aEZIpnX7BtA795oWtedor4EjTHE8So5y3hVS8GgYR9aPgKbn8Z8JFf2JQQV33IsPAIqkGzVqc0rQKjMGXLYZ&sai=AMfl-YR189cDVZKGfSqJiplw8AJPmPREwA_iSiLOMVkMXNE01CAJBjFs0kMlgH23UTEodK2BnqAbE0tyOFzzHOYPFLzQTigyMaSkYedOXw&sig=Cg0ArKJSzJzTPIybkAOREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=301&vt=11&dtpt=300&dett=2&cstd=0&cisv=r20230614.69503&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:42:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Jun 2023 17:42:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E4D 0
20 B 59ms
58ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgvM-a_CNZKCgFb2n9u8P3aWZgA4AAAAAOAHgBAI&bg=!NDelN2PNAAaGYqkwpmI7ADkAdvg8Ws1iqLBQIWAI8Gp9e20RrC8RjSnGJGQtl7buwC24YEPbrvjoCtrhkwD-ndB9R2IMdYCZ7tUCAAABBFIAAAACaAEHmQN2M44PA4yePExevESD5ECPnvo1u47p3MpSAWy9Q7ejRoHxyDpmKw2TZVp0UysoC1ctLHlOYHr4X0bxcNsH6F-FdtM5qTn2qQpj_Y2WFaVh3X10YZbTeERMAS9AlgFFpMx-qSdzPYgh7Y6dwekLszujg_s1JIKGRltfEFhXyxp0b6MzbnEQrlAVGWshqdRJLjpX3vZ20NJlBYZ6g-RiaXHbizO3LckMXQnwfwV32jlXoIsCDTH0XqwwxhGl9u4UCVLg8A29nBjxH_Uw0rw5c3pb7T1-3zpVE2-CtHECP6AhazeTHbJ0e3Q9hZdSgd8UuKKbPF_KnZwaRnErxN5y54VCoLxW69297LEU_qLmaRtlrwlCu5nQUOd6ATbbSUxm-IyJGn_xbEtYTT5lsFnm9tMGChelBP8FsAKpEEjTTf86demgoTqpQQOwdRmWIAq5CwA3ZkJBW7KAUuEtMDYMWfMlHRzctD67wCoox2WuQx1Uy4bhm1vJAuEJYX2cwhJ-HV_sk5H58mh-uznGglpA65SIGFhuObMV_7RE0nmobYEUG3BoU0B9x7l_QBDReQ5FdUllgjXyO7C6gTU-aqpvKgnJFHtWeIoWGqnC0CRyN1iQsUtPzk5bUfAFuRQSmL6gyleO9OkTDJ5DxnjWEPryD6XtQGNBVz3e3K3zhWZs8iXzNRujvJi_nrBZp3eJm9HUW74w__iZBwHEMlgCOOjcNYcQUgvPqLcHqaUaqIL0FR8D9_pYHs-Zp6eRa8whMoj3JdtnuSzF85dCIV4A3FU1BqRFVKn7vzV05PR2An3tAkbkPrRA8VEtcoiiWy5XItESNK_0_sDs6L5NVnrtWHAe5fQtSMbxGMFQBiUXFfTOMyG4zVGmbq0OFEcZOjxL5QwKKis-CUt69RwJCnqH5u4qgJm8MdIr0Bge1ELf2U-J3rFomeMcMRHb6OSUyG6kJBlYOs7WrSMrKrXkyWMCjmM8LiPoUG-Gq6YO2wcF4z1_bSwcsz9bQqHHI1nXpCKri5OZFVmydBGks3Mqmk6sId-GS209E53PYIfYj0srKWK2zF5lA5ydeeCUVW4Q6E7JjfBaqhepq453UrW00aNFLPT35EvvlZHpDv3KAALzZFToTV-JZZRAT-QT29Vzp-aIQcLsLVW7rtWlVDU_YgS3zH1gK1chIYquLRjqEg

Requested by

Host: www.dwjhgx.com
URL: https://www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09?fbclid=IwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:42:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5412 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2924161477304&version=m202301230201&ct=77&x=1&cor=4534127817395371500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 17:42:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fcm.holmesmind.com
URL: https://fcm.holmesmind.com/cm.php

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dwjhgx.com/	1970-01-20 21:58:39	Name: __gads Value: ID=76cada11ac895abe-22a098c698e100d0:T=1687023719:RT=1687023719:S=ALNI_MZluU7yHMwf4NR6y7ogmIjkXd5Wew
.dwjhgx.com/	1970-01-20 21:58:39	Name: __gpi Value: UID=00000c50d0378039:T=1687023719:RT=1687023719:S=ALNI_MZJj-IoHD2A8ok56T6ra1g32DkUbA
www.dwjhgx.com/	1970-01-20 12:37:25	Name: xxxsskguid2184 Value: dd68892c-f764-3462-0fb7-7dbb8d05a940
www.dwjhgx.com/	1970-01-20 12:37:25	Name: lastlocation2184 Value: https%3A//www.dwjhgx.com/doc_NGpyY0lKOHFBcUg2d2JBbk4xdTJXQT09%3Ffbclid%3DIwAR1SY0GtoHGr_wLuC0Wu-oMkAaY-qzoljzlO_evxqk-DJi58RG0soUUv0VU
.dable.io/	1970-01-20 12:54:43	Name: _gg_ck_match Value: 1
.dable.io/	1970-01-20 12:54:43	Name: _nas_ck_match Value: 1
.dable.io/	1970-01-20 12:54:43	Name: _nh_ck_match Value: 1
.dable.io/	1970-01-20 12:54:43	Name: _gn_ck_match Value: 1
.dable.io/	1970-01-20 12:54:43	Name: _kko_ck_match Value: 1
.www.dwjhgx.com/	1970-01-20 22:13:03	Name: dable_uid Value: 00000000.0000000000000
.www.dwjhgx.com/	1970-01-20 13:20:15	Name: _im_vid Value: 01H35765M34FPKEB5TA54TATFK
.doubleclick.net/	1970-01-20 21:58:39	Name: IDE Value: AHWqTUmS6LPhxKY_SbCVsVr4z0T9YIVnCKnp8XFJJQQXtV6-Vy1OqmSqM-46ENyOTKY
www.dwjhgx.com/	1970-01-20 13:20:15	Name: CFFPCKUUID Value: 8367-eFmnYm8EllCstkcQwok7b6qUi0ft406q
.dwjhgx.com/	1970-01-20 13:20:15	Name: CFFPCKUUIDMAIN Value: 6531-ttEyhzQsvM5mv1MYtUSjwrDqlMZ3d0Ox
.dwjhgx.com/	1970-01-20 13:20:15	Name: FPUUID Value: 6531-12d3d72735b2734df23114d16e270dd6e44e6d49a9647638a189ad1eed38c445
.dwjhgx.com/	1970-01-20 22:13:03	Name: _ga_VCEDQQD6JV Value: GS1.1.1687023720.1.0.1687023720.0.0.0
.dwjhgx.com/	1970-01-20 22:13:03	Name: _ga Value: GA1.2.373741398.1687023719
.dwjhgx.com/	1970-01-20 12:38:30	Name: _gid Value: GA1.2.2015113369.1687023720
.dwjhgx.com/	1970-01-20 12:37:03	Name: _gat_gtag_UA_87942765_23 Value: 1
.holmesmind.com/	1970-01-20 22:13:03	Name: P Value: 268336-5xDUNTRjEpsiKEVoRymuem37KUwu0Dv5
.holmesmind.com/	1970-01-20 12:58:10	Name: Vision Value: 20230618-23:59,20230618-04,20230618-04,20230618-23:59
.holmesmind.com/	1970-01-20 12:58:10	Name: C Value: null
.holmesmind.com/	1970-01-20 15:02:01	Name: RK Value: null
.hinet.net/	1970-01-20 22:13:03	Name: uuid Value: 286875a7-baf0-4f95-b43a-f5f8366c855b
.dwjhgx.com/	1970-01-20 21:22:39	Name: __htid Value: 265f2691-a48b-49ba-a44f-b9a284fd2c35
.dwjhgx.com/	1970-01-20 12:37:07	Name: _ht_em Value: 1
.dwjhgx.com/	1970-01-20 12:38:30	Name: _ht_50ef57 Value: 1
.c.appier.net/	1970-01-20 21:22:39	Name: _auid Value: Cm_sQVJBCca59MD7afCNZA
.adnxs.com/	1970-01-20 14:46:39	Name: uuid2 Value: 6783960212591153759
.casalemedia.com/	1970-01-20 21:22:39	Name: CMID Value: ZI3wakykVwcxHOGWZthPnwAA
.casalemedia.com/	1970-01-20 14:46:39	Name: CMPS Value: 3327
.casalemedia.com/	1970-01-20 14:46:39	Name: CMPRO Value: 3327
.adnxs.com/	1970-01-20 14:46:39	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?jn?73Q!]tbPl1M>e)ZlrFUfJ+tGXvX+Oo5+e8zGiFGUvZ)>lrM`>PsIV_/$_4lV$0=3If)y3KL9D3I?-'X/9Zn
.simpli.fi/	1970-01-20 21:24:06	Name: suid Value: B71542483E2341708C868525366EB29D
.adform.net/	1970-01-20 13:20:15	Name: C Value: 1
.adform.net/	1970-01-20 14:03:27	Name: uid Value: 7938966367776089017
.tribalfusion.com/	1970-01-20 14:46:39	Name: ANON_ID Value: aXnseFOZb3VgUEjUAvMihFkKtZb7qMcYD8HImsmhgsNnqZa3GYnusYUHTm6vhOUKyJ4ZdaBlrATeYY0eqB3aVCGH

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v96.js(Line 77) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

265f2691-a48b-49ba-a44f-b9a284fd2c35.t.ssp.hinet.net
4468e8c3b1734ea2c74b499831619c91.safeframe.googlesyndication.com
a.tribalfusion.com
ad.doubleclick.net
ad.holmesmind.com
ad.sitemaji.com
ad2.apx.appier.net
adcdn.holmesmind.com
adservice.google.com
ajax.googleapis.com
api.dable.io
audiencedata.im-apps.net
bidder.criteo.com
c.holmesmind.com
c1.adform.net
cdn.doubleverify.com
cdn.holmesmind.com
cdnjs.cloudflare.com
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
connect.facebook.net
count.dwjhgx.com
count.xxxssk.com
dclk-match.dotomi.com
dmp.im-apps.net
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fcm.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
l.logly.co.jp
match.adsrvr.org
nt.compass-fit.jp
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
popup.dwjhgx.com
prebid-asia.creativecdn.com
prebid.scupio.com
rtb0.doubleverify.com
rtbc-ew1.doubleverify.com
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.criteo.net
static.dable.io
static.xx.fbcdn.net
store.dwjhgx.com
sync.logly.co.jp
t.ssp.hinet.net
tpc.googlesyndication.com
tps.doubleverify.com
twstat.dwjhgx.com
um.simpli.fi
www.dwjhgx.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.scupio.net
fcm.holmesmind.com
103.132.192.30
108.138.7.39
119.28.16.172
130.211.44.5
142.250.184.226
142.250.186.70
172.105.199.172
172.217.16.194
18.179.245.61
184.31.93.220
185.80.39.216
185.89.210.141
203.75.214.136
210.59.219.34
2600:1901:0:e207::
2600:9000:2104:8400:0:e06c:e940:93a1
2600:9000:2250:ea00:3:1794:2540:93a1
2606:4700::6811:180e
2606:4700::6812:18ad
2a00:1450:4001:801::2001
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:811::200e
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:4001:813::200e
2a00:1450:4001:827::2008
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2006
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a02:2638:3::3
2a02:2638:d::a
2a02:26f0:3100::1725:e269
2a02:26f0:6c00::210:ba0a
2a02:fa8:8806:12::1400
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
3.33.220.150
3.34.73.0
34.91.62.186
35.186.215.140
35.190.36.98
35.201.76.93
35.74.203.95
37.157.4.25
51.38.120.206
54.168.184.210
54.199.5.69
69.173.144.138
031c69cbb9ed5a6d7a4ae75ba055fe0881941d402bdfa894bc998c7afd14d49c
03f8c5b32dd9044500c945224719b91dd782640bb3c35935f2b772d05a4de425
043591419eca0f40e6672d5a30de7e18e9063949a87edc248ec1b50c2d8493b2
0531873e9e4906c68177f7632bd08821e4e488e721f50a212748d2ebe6f84933
0696c5e661e7c6a48cd7c8d06695a1a9080271fa630cee908d8383282e6424cb
06ed352e390abae6bf638029b652813044a119b7e3dab404f7c768719f81c8a0
075d7165087bc2b8142d4615336807c2e62929d00237aed9b9263f45d0af3d66
075e694276305f6e004ee863190060bcb7616bb4a66473361ec260a822419e23
09e8c14c8ac6d2d87e1067b99ce111ab9664d861a56767f16581640e2aba4c7d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2048f53171ff9f20b599a63b505a38eb45f1f11f6470065182fd26d5511a8a
0def7252823eb7844a7425ebe2eb49a701d998e1ea9d790bde56033fbce7fdb5
124d79f812dba1455455100f66437973d9924f559cd8eecee4b3534599701034
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
1770409f40e45b284e6f22c397dbfbbedbdc09622920ed183347964b614d0bfd
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2
184ae17929bfbdef3d7416093d05dd0127fa383d8701f0b36e97ded48316bce0
185c1d51fa8e2443a4c208505f4f89df52d3909464193b7d1fe6d9dbfad34c16
1bb3ae035eb0b672c86074528edbfeeac272345e36ce0fb4450b76ebfb8fed53
1c0bf988bb79aca937d5d0dfa2360b4231b37b9fe6385462b93a83009b7843ca
21cb5bf6a5a54684ec7404dd68ceab396a5c26dc8f4d0c061268b3e279d81942
23d0cc03f145a97b1b8823fcd07fb6a6a46b844f9714b0c69587d66c63ce0775
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25b811b6b4d32facc60e46bae2ad42a8e675c3e1e3ba3425b7d806c1cbb040d0
270e69f376445d7b3fb009ef9f5754a4c1b1b209b57fc8f583699ad300aee343
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
297cb45ed5d4a43a93467ed4a81f39f4eb1a87d2dca18c816450a1dbe73fab9f
2a820cd271abb3b1293b6e536847bbf2361640be49fb19c04ad2597fd41683e9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b29be589aacb864a40a4c5cf5ecfcc144293586e2aec030723751fda037ab2a
2bbd280f3b2570073378f33fb6b56b77fffb6094f8fd419d3f7fadbdb437432b
2c4dd48cbad832bbbef8a321acd5ad470cc58d669cfccbbd320be412a5e386c7
2d058420ed0fbbf46211a2689ea0db1835d4c1b6ec6540f612890c9f4177eae9
2d69ff553976016f64026cbb79039d3592a29c005a6e854e097b34cc7545a520
3161f812469fd0552b9863a8bf904c86342db3208368ef4460329fe5fc2f8863
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d884ef20eadfe06f8dfab018b02ff0d8c464c6d9d0cb2ac284c8788808b715
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
3422450c9425e339372a13123639487b38732fb33513f3419bc2b1253c58bdc2
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
38c38010ebce2d39fd495580ea03f603a2ab4f19c9495a0e8d39d99294818d15
3ab1407530e94ab924c724e7765ed27eb6471433f47ee290374054b60fe2caf1
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
40741befbc3c09b5f0fb087cb0183ac25824ca837eab7276267719669461474b
41bcd5f3724b1b092696fc5fedf5b363ac139a3801af01a58de9a80c827641f0
422fae47ff72778a6ba083c215b0b47f84ed30d1dd553f685efc4869188620c8
43205b1ef47f0276af53eb4fa28ddb2c5b0c5a5b28fc5515de4e6d124c12ad67
445391624254b8bf8a506b3ea9df2f494434e77db1778179dbd0d4ef4f884a5b
449fd45c066259bc313c25d56a7f763339fd6928de6c0afb2ce8e52d08b8dc72
457425bf82dff89eacfdff50698cc0151d956e95bfcbced37de2f908317e9676
45c497b26b9ff2259226db67a73fc9ab4f8c1764d900e01f1e1a1bd8da8f298f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49c871a8b3957f66a558ac91ec81016686234e518cdb8e07876508316832688e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf05eec5de5aeaf9139cb23fd0f9307afd419a7302f42cb3552705b0b2a6bc1
4c7d0062edf223a5c69effad463229166406006816ec712d0103dd155ee4db7f
4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51b573014d02387ae3935e554c135bdafe40e4b8db0c074b8f730adafc771e29
553418974414e9d86765451073753eccd6092e0d6c20e4ba712297601232b7f6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b2d07f444380914a71b578ca63ac48f88bacbd0af29333166862fad6a62f255
5c82c6b2b0b20e588b95b0f0a1fe555b18fcb9890fafda9ce84cf3458475d85d
5db43dfc18e22f338047eb4393993f313139c7a1a6854f137b07b2b387c97cfa
5f04a67133e8d41a751e2030f0c3492cd7438868d74e850b94007eb12805e6d7
61597f24cec9c45d5884e4564892eea2b28edcb418adc6a31f942037ed358021
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63d2f1bd44add3fdb170079ac23b7954eab7c2c746c3f1c6080e68443c2374a1
65cff4a4265e5b0406edef91cd90000649534978b0e974bc1f2d44283c1c5693
693a5876252158238fbca8a985b4926c350d64353375affda08dfef89ce0cd9d
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d9490f4497dfe5f200d8eb8e31be40390cc1b297d7d6ae53bb5c04bddae178f
7171866b9021d5550336ebf694fc92d6507e356108b479fea9585542031d4c89
79b8b940074ccf68183e01728514449fd78e9c9b5bcdf4c48e73fcf1bd700a5d
7b39c49543a8e086224b676e4b23d1ac3d9a440b3fdbad1599598cbc03f03184
7b6cd7ecd07c67cf6e63039215581d9b025d6f84c7562e0b1117ef3716097282
7c08cd37e5b6e88f7292c684cedc968febaca47501605a78d296e4e224f1a4f8
7cc33d1fa8a52f5e88d5dfe3dc3761884e509245ccbae7f340045e40006cd4f1
7db8cc7f883bb29a0baa68b2df678c418d3d80849902b8badf762d06e866e47e
7dfb5ed7630581459215b88a835b82d513b63bef08b1a4aa75ced7af97569475
7e6196b89c7fe2f312312a39dd787a191c54ed8058a362bf1682c139476558cd
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
80351098c2478918bb80008d7836499305bf6f4d4b2abf742b8823255bbb0d8e
843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f
854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8b1dd9587cd7002a87bf760c2f97dbca4a703e69e913cbda68933113ecd4baff
8b2306b456f5b67f8492343413c027f2249efc93cb49c932dbfbe5387c96c947
8c4cba2e1e20ae511379d3194bfc17d169a0f6fa489e6d95eaa62a5b92ef145c
8c8d8fd776e34407b6ba8aed77bc86a8320dd35becb1c278f1f3ec8686216bc9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91227c1c5669ac128f3c81503fe24260bc9fc868d83abdad1d6dbda654184d70
92eaa30affeb91694306ac4711e5d486860ac2ee3d7f3f279277b4adf3ac1b2b
953db93b1823873a0477cf76a4bef2d4bd79e38f96be1d5b7c1b63bef2c4591d
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
95e0e926d4c853862c56c69ae00155b84c8427930d812609cab1ee8f9ca8e97e
95ea6dd9b4a1ea51842a2445f692c6667d6a8f039bc8b6b84e2b8e4d47e89225
99d75b207ae7abd6831722feb515ea6e01a342a64601a65e91481c82c804fb04
9a821a8cb7dc4114eb9ea2a20eb75b733e65dce616ab2e893390ccea612a3c8a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a08be0f0b35fc9fec8b8ca161642d9a63e0d7cffdb415fc9e52acc03bf41e366
a1a25099d3bad7b5e9495b996bf25cba1a9485bbe60cd37c64556227e7738809
a38776c09a3752a38cc775fdd597a31dde3d57640b54fcdf2136f942970b687a
a3cd2f80fb909e37655907f5458ce280391807ba7fc532f384315ee17d2b7092
a42d095bbf6a8a40272995bb22b09d14dba01959476fe734d7236bd96a87fc5d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a558097700b7d43ab370181ad21f135afd5318e000a2844c5d2bdca97d6ae8ca
abc242f134647159f15fc4e8a3691daf1b7a1153d3370885c3389130b9ab3f74
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
aea7a0b33959519cc0da4cbad38826e5e99391568dee742f63c25801e6c109fe
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ede5f6c20a18e0e28467f98d21dc394f6dce158cdf898610ca109867eba989
b33ded52eb1cffb12b02b367e5660a1d62e8f147927457e5fc4a7dc561497fdd
b38eddb0c77e0a67c5551e8708b721d5d34f9ce324b98f8ed022cf648e3d4025
b422b4ab578cd3a3438f36e2d642f511b6b4832532989a46f5f69150415e11de
b68bfc0b0d528fb4eae3168bde498497fe462cffe93645976653294c7df31e9d
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bde5e9fe785796e61b7e412b9f453b554366ad41224aa2e1fc5fa3f85cb85d95
be0c695218146c97e18977c402dc28a99b3a530c89b2c59d7b2f1079bdd95dba
bf585e2eb8b5642c4f9295db01bdadf9ab57c97cf8aea863de7a528f0f4fe500
bfc29c17292ecabcf6ac3123497ef8e0684c078f1b2a58cdd65da41fc29b28fd
c1255c225e18e01faae68870c17c44c85368bf6c4120d0e674615f7a9ccc70d2
c21b9d9788dcba1347b7be3012ebfc2ccd540ce4ef7e353aeb6e7fa209cec9f1
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c632923964959e287b91a13c539ea9dc98f61c5854b667b4c4c16b785193b9a5
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c
c8d2f11aa67538eb638d38d64601053c08866fb614b14b96858a02e50d38647f
c9d810af7b3e766654de55cdac17763fd73b218159481938fb0835a8ade8f929
ca233c8d70dbda55befd78568a27756e79bcaceca42338525909057e9ba374b5
ce42adf01899c970e7e1791dc9c4665f8307e40bc6dc1dc7fd20041b8f5f44a6
d120eb30813a0dc39250404e6a1b8d7e124f01230ad413b6febd4f47b00d2bb7
d4c67360dd011abad10e5b2ff0e4f764097fe470063a3053529072dbed1e4c41
d52495b18649afcb88c1d0c6081dbcb847c9fe0313fbb44984c8f52635f11070
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d669c798ff75c923cac5e33b9e9faaab12019489df496d4b23b6f34cb07194dc
d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d8f12de2409c7195460e3721f5c9fe59042844fd5b8df79d21c09839fc5210d7
ddb25799d4162b8c9daf4e213a2fc4644888ecbd05a720a36ca6637f17aec3d4
de254d1d29b33e25c1783710b7889bd6aa801098f9dfb064d06504ef088440df
de48ec5b7ea6b876c18a619bd85a5aa8d90fa5cf20f94d8f60f4f68192688f23
df6cf63d58a091a68bf13dac41ad235ec78277d51ebfb8dd337c1ea6775a198a
e0f3d29b2fbf3c41da20e6c9d61319bc21e89f3dc30818b33ecf8a140cdbb4bc
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e80f3c6479f08a7ea0b97f0c3538f4d3420e0f00df102e15469e7fc6ed013cbc
e8f745e59b564a8da8609096edd413e5ca82776e9a288abee6c0c726343d7d22
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
e93636d3ef399dc7d33a87e01495e525303cdcb7f443dbfa77f05e4c80825407
eb7306edbddd8ec390939248891df48470a4d388a2c723d148f5aab6bbfadcc2
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ebb69da3f593e40debf0011ffd8d7230c1d6b6de9f0d035b11a7dd77fd719227
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef973092ac39265e4497c81e4263b7d28543062302c9cedacf2da24ac5115542
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f74a971771bbed56a13238f100e81152d4e14e3efb0a3da5772340955160f5d6
f76b430c13c9e8e9cf4f3b69ef71dd8aff059db512707608b63d355869079fa7
f7a79a80a1c0a3212c0491d655a69f16c640602778ed2439709d42b64059fe26
f7d0907c6ec4883de72f35cbefc88dc356bd22e5bb892dcc85d1c5d13023e0f7
fcaca7dde7bd419c13187c471da6901a6292774daada6653cf4afa87e51716c0
fcbc406de6d244fa65cea4df1a366ccccfb0b9c6ef1bcfba1a007f845c0078ae
fe4cbace9fd4820232a3ef9ebfef646bb3948bec6a5fbf5015a7caa1eb09718e

www.dwjhgx.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

251 Requests

94 %HTTPS

57 %IPv6

39 Domains

70 Subdomains

58 IPs

11 Countries

5461 kBTransfer

12580 kBSize

37 Cookies

0 Outgoing links

Redirected requests

251 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.dwjhgx.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

251
Requests

94 %
HTTPS

57 %
IPv6

39
Domains

70
Subdomains

58
IPs

11
Countries

5461 kB
Transfer

12580 kB
Size

37
Cookies

251 HTTP transactions
5 data transactions