mnp.cl Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.n9.cl/yl53x
Effective URL:
https://mnp.cl/en/a/the-best-food-thermoses-in-2022
Submission: On December 04 via manual (December 4th 2023, 10:54:54 am UTC) from IN — Scanned from NL

Summary HTTP 92 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 15 domains to perform 92 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is mnp.cl.
TLS certificate: Issued by GTS CA 1P5 on November 7th 2023. Valid for: 3 months.

This is the only time mnp.cl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 3	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
2	213.239.199.234 213.239.199.234	24940 (HETZNER-AS) (HETZNER-AS)
3 4	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
3 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
13	192.229.233.6 192.229.233.6	15133 (EDGECAST) (EDGECAST)
3	95.217.105.250 95.217.105.250	24940 (HETZNER-AS) (HETZNER-AS)
92	25

2 2a06:98c1:3121::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.n9.cl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

mnp.cl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.239.199.234 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.213-239-199-234.clients.your-server.de

ads.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.53 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 192.229.233.6 (Marlborough, United States)

ASN15133 (EDGECAST, US)

cdn.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.217.105.250 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.105.217.95.clients.your-server.de

pix.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	165 KB
18	revjet.com ads.revjet.com — Cisco Umbrella Rank: 6785 cdn.revjet.com — Cisco Umbrella Rank: 6853 pix.revjet.com — Cisco Umbrella Rank: 5801	986 KB
14	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 ad.doubleclick.net — Cisco Umbrella Rank: 139 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	213 KB
14	mnp.cl mnp.cl	284 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	104 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	256 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	2 KB
2	n9.cl 2 redirects www.n9.cl	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	64 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	82 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	4 KB
92	15

	Domain	Requested by
14	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com mnp.cl pagead2.googlesyndication.com googleads.g.doubleclick.net eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com
14	mnp.cl	mnp.cl
13	cdn.revjet.com	ads.revjet.com srcdoc
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com mnp.cl googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	securepubads.g.doubleclick.net	mnp.cl securepubads.g.doubleclick.net
3	pix.revjet.com	srcdoc eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	ad.doubleclick.net	1 redirects eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com srcdoc
3	fonts.gstatic.com	fonts.googleapis.com
2	ads.revjet.com	eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com ads.revjet.com
2	googleads.g.doubleclick.net	mnp.cl pagead2.googlesyndication.com
2	eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	mnp.cl www.google-analytics.com
2	fonts.googleapis.com	mnp.cl securepubads.g.doubleclick.net
2	www.google.com	mnp.cl tpc.googlesyndication.com
2	www.n9.cl	2 redirects
1	www.googletagservices.com	mnp.cl
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.gstatic.com	www.google.com
1	cdnjs.cloudflare.com	mnp.cl
92	25

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
mirai.cl
getbootstrap.com

Subject Issuer	Validity	Valid
mnp.cl GTS CA 1P5	`2023-11-07` - `2024-02-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.revjet.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-11`	a year	crt.sh
cdn.revjet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-03-11`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://mnp.cl/en/a/the-best-food-thermoses-in-2022
Frame ID: F3A11F4438AC28049F47A78B0E146EDF
Requests: 33 HTTP requests in this frame

Frame: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C3919D30F412A4FC346BEAF96D5CD43B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6D19BA52CC00818A9FB01F8E2AD42CF7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E0A260042EB50BBA097C15FB3D63EBCA
Requests: 2 HTTP requests in this frame

Frame: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5FF478D574AFDB525D9F15949BB899AF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 3C5294C192C0CBD599F416EAEB7E605A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGPau3d4BMAE&v=APEucNXvFaLowxL92XMY8iyuRBwtWfrGB7iOHq2zC-9ZlKmjpWrbaGN687GoTvzSuY_COupuxI3Btt5s4_DM_BrAPQ9PdjowBUu4jvKJcXctEcVyRO1A3QHMzprW0E89ZJ0gtLem0EFc0oveXL_0A0PdhelW3eJesjwT3QcM46VBuHtwN2eDKX0
Frame ID: 8B50F2F2046650E3A4BF66D090C687E5
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 98E6FF39436E59AE79CDB31F66C7E795
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9923EA0AF05A7782E1A568CE98883B34
Requests: 3 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Feac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com
Frame ID: DB9FF7072C6053DAF60F18EA2BD6859C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Frame ID: 5CEBCD9C23DDFB836ED663FC8EC42642
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The best food thermoses in 2022 - MNP

Page URL History Show full URLs

http://www.n9.cl/yl53x HTTP 301
https://www.n9.cl/yl53x HTTP 302
https://mnp.cl/article/v2/eWw1M3gtbjkuY2wtZG5mNW4zNGxrbmRmbGduazU= Page URL
https://mnp.cl/en/a/the-best-food-thermoses-in-2022 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Xajax (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

xajax_core.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

92
Requests

93 %
HTTPS

72 %
IPv6

15
Domains

25
Subdomains

25
IPs

5
Countries

2410 kB
Transfer

4639 kB
Size

18
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https://mnp.cl/en/a/the-best-food-thermoses-in-2022

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=https://mnp.cl/en/a/the-best-food-thermoses-in-2022

Search URL Search Domain Scan URL

URL: https://mirai.cl/en
Title: Mirai

Search URL Search Domain Scan URL

URL: https://getbootstrap.com/
Title: Bootstrap

Search URL Search Domain Scan URL

URL: https://twitter.com/mdo
Title: @mdo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.n9.cl/yl53x HTTP 301
https://www.n9.cl/yl53x HTTP 302
https://mnp.cl/article/v2/eWw1M3gtbjkuY2wtZG5mNW4zNGxrbmRmbGduazU= Page URL
https://mnp.cl/en/a/the-best-food-thermoses-in-2022 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.n9.cl/yl53x HTTP 301
https://www.n9.cl/yl53x HTTP 302
https://mnp.cl/article/v2/eWw1M3gtbjkuY2wtZG5mNW4zNGxrbmRmbGduazU=

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZ4Bi-EeYmL7Ue4nYTRAYM&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZ4Bi-EeYmL7Ue4nYTRAYM&google_cver=1&C=1

Request Chain 67

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW2v-KenN4J3UMoajI4LRwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECJnY7uKKdgF7I5xGNcSjzs&google_cver=1

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBCI5caS6AT38lI8gjc5TZ4&google_cver=1

Request Chain 69

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg4MDA3NjczMzM1NTkwNjIxNg%3D%3D

Request Chain 85

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29233589.357507729;dc_trk_aid=548526127;dc_trk_cid=185788962;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1701687293205 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29233589.357507729;dc_pre=CLP8jJXP9YIDFfip_QcdD-IF4Q;dc_trk_aid=548526127;dc_trk_cid=185788962;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1701687293205

92 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

eWw1M3gtbjkuY2wtZG5mNW4zNGxrbmRmbGduazU= Show response
mnp.cl/article/v2/
Redirect Chain

http://www.n9.cl/yl53x
https://www.n9.cl/yl53x
https://mnp.cl/article/v2/eWw1M3gtbjkuY2wtZG5mNW4zNGxrbmRmbGduazU=

1 KB
1 KB

591ms
439ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mnp.cl/article/v2/eWw1M3gtbjkuY2wtZG5mNW4zNGxrbmRmbGduazU=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45394e2c7fbd6186c5a20da309e4be5cf6332392bc355e4f07c6856fbf9945a3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate max-age=600, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83038375fbcb6673-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 10:54:49 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dqylT7D4i4%2BFSoGrEokZWyiCJNxnOAOa%2FdtVfLqo98lmE%2BBVpsYEf0ucbPUdq8K0qSf3bC9yl6%2BCc0fr96pWlcylCD%2BTx3IVaNBxQ9moEkx%2BQOIW8McHojXg99UqHsOk0sWQ%2BVg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=600, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8303836eab7b0ba5-AMS
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 10:54:49 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://mnp.cl/article/v2/eWw1M3gtbjkuY2wtZG5mNW4zNGxrbmRmbGduazU=
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v23YSj8jNYBKuDzNgNiiIflnq%2FnfMbf8LMFyEQPRGflTc%2FDdqGQWkVhmtDsxn%2B7icpYhfLw8i3TPAP0ad5hZMh5YZ2k%2FTHxdKVEtYENmMWghBJJmMIgBt%2Fjt5JQossnsHeO2vZeoMXs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 bootstrap.min.css
mnp.cl/app/view/css/ 150 KB
24 KB 46ms
45ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mnp.cl/app/view/css/bootstrap.min.css

Requested by

Host: mnp.cl
URL: https://mnp.cl/article/v2/eWw1M3gtbjkuY2wtZG5mNW4zNGxrbmRmbGduazU=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/article/v2/eWw1M3gtbjkuY2wtZG5mNW4zNGxrbmRmbGduazU=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 533989
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 28 May 2021 05:51:40 GMT
server: cloudflare
etag: W/"2565e-5c35d784132b1-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnN4lN1fxoPGalrICDyZJNBhj1DiAt%2FJZLPPyJYSTGdE9taQ%2BkToiVHJpir175LZXkFmF6nXX0GcPhyCYGJ2rNyHtkle6e2ms4JKpVtGcfpAhKq0ta5rkFDC3%2FrrJMga6exgx8I%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 83038378bfca6673-AMS
expires: Thu, 28 Dec 2023 06:35:00 GMT

GET
H2 200 blog.css
mnp.cl/app/view/css/ 1 KB
978 B 36ms
35ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mnp.cl/app/view/css/blog.css

Requested by

Host: mnp.cl
URL: https://mnp.cl/article/v2/eWw1M3gtbjkuY2wtZG5mNW4zNGxrbmRmbGduazU=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e096bdb7aaaf4bcb717bafe992f030998fb80de204ab9ea11aef329195cec01

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/article/v2/eWw1M3gtbjkuY2wtZG5mNW4zNGxrbmRmbGduazU=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451039
cf-polished: origSize=1958
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 11 Jun 2021 20:20:09 GMT
server: cloudflare
etag: W/"7a6-5c4833bf7458e-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tblYP%2BxZa3wD4ivrjdSDr3n47ZDXOmk9CG2GuhiljioY8%2BcyKivlaY%2BrRQrbxTix1dNPkjvFGhEpymZ%2FlEOt%2BzqjDV%2BYu%2Br5Gnb6QWV6gd2WiVxLDFt%2B7TmQzs4HALs2IwuRN8c%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 83038378bfcd6673-AMS
expires: Fri, 29 Dec 2023 05:37:30 GMT

GET
H3 200 Primary Request the-best-food-thermoses-in-2022 Show response
mnp.cl/en/a/ 28 KB
10 KB 461ms
461ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mnp.cl/en/a/the-best-food-thermoses-in-2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19caa45432f6c4625d71edea1b20ddb818b2b356d39acb678ddf3b86e34c638e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://mnp.cl/article/v2/eWw1M3gtbjkuY2wtZG5mNW4zNGxrbmRmbGduazU=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate max-age=600, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8303837f5f9d6702-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 10:54:51 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=563ugxwzfDeXmLpYg0sAz07zDvN0WUNnlHx72jNxKyGu2DbymA1PUhEzNZRHq9ESDZ%2Bv4LVG%2FqW0zCZ3SVz3zlx7f8yDa6DKUtQbiVPyZwVviqCCn%2BS%2FiOlmxG8OsnDk9Us1T6c%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H3 200 bootstrap.min.coverage.css
mnp.cl/app/view/css/ 7 KB
3 KB 38ms
38ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mnp.cl/app/view/css/bootstrap.min.coverage.css

Requested by

Host: mnp.cl
URL: https://mnp.cl/en/a/the-best-food-thermoses-in-2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6a839d6a4a9ec9a7f7d1e793200efe5b957d0620f134abfa52c0af1e0875345

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/en/a/the-best-food-thermoses-in-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 542191
cf-polished: origSize=8139
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 28 May 2021 05:51:39 GMT
server: cloudflare
etag: W/"1fcb-5c35d78322f35-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OK3ldLYDPHvs8LBfiAC8l%2Bdz7u110A35AfMb7%2Fka6WW0NcWT%2FXrZdwrIEyZz0NSnNEa3c1I3DI18UAx9ZukuU5ooGAovcrEW3TSpX4ZJNtK3M%2FGEyrPmMJOe5Jb4lbDHwUsMtIY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 830383823b496702-AMS
expires: Thu, 28 Dec 2023 04:18:20 GMT

GET
H2 200 lazysizes.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.2.0/ 7 KB
4 KB 92ms
35ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.2.0/lazysizes.min.js

Requested by

Host: mnp.cl
URL: https://mnp.cl/en/a/the-best-food-thermoses-in-2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

876b4c12685e991d88378c1b6dd3638fd2da0c88f3c24da1ada950c1f26604e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 459121
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3013
last-modified: Mon, 04 May 2020 16:12:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed0-1c43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Blemyn9XfpM8BP5CL9Ux%2FCdT%2FOZJPS%2Fh95Cw%2F5eZVLCO6ATWt9AC655tMEWN2CeCrGyDhhc4uD7%2FXCIBHRSzMHfbbIb94ifEYrroofaILQ3KX1Nj%2BOeW11CdhYJuyz9NZ1tDzMLKeKtb2YmrC%2BfCtchi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 830383829f541c78-AMS
expires: Sat, 23 Nov 2024 10:54:51 GMT

GET
H3 200 favicon.ico
mnp.cl/app/view/img/favicon/ 15 KB
5 KB 39ms
38ms Image
image/vnd.microsoft.icon 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mnp.cl/app/view/img/favicon/favicon.ico

Requested by

Host: mnp.cl
URL: https://mnp.cl/en/a/the-best-food-thermoses-in-2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3038199101bd396d0b09ed99866a3e5fa5dfdacdd2da910851b59365da89529e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/en/a/the-best-food-thermoses-in-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1729012
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 29 May 2021 01:25:58 GMT
server: cloudflare
etag: W/"3c2e-5c36ddfdf125f"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1QcYPWujBaym8AugKh6EKIFPSbnFiyRsFQGBSQgFC9SQoCNaMOcZAjwqISuTL2uy8ohsBtbLOLG30SslnqI%2Bm6n4FS%2FJZ8NWxxfa3%2F%2BWNRfvUbcjLMewFv%2BYC%2F%2BSRG0qSByLkdk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 830383824b6d6702-AMS
expires: Wed, 13 Nov 2024 10:37:59 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
30 KB 257ms
129ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: mnp.cl
URL: https://mnp.cl/en/a/the-best-food-thermoses-in-2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4022c67e89e2cf49ed2ca8e5e8d2b86455a85f870cbcf512fdca463958281eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29846
x-xss-protection: 0
server: cafe
etag: 352 / 19695 / 31079857 / config-hash: 14258460843960793757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 10:54:51 GMT

GET
H3 200 peopletermo-large.jpg
mnp.cl/app/view/img/post/ 67 KB
67 KB 473ms
473ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mnp.cl/app/view/img/post/peopletermo-large.jpg

Requested by

Host: mnp.cl
URL: https://mnp.cl/en/a/the-best-food-thermoses-in-2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa107578815d6375db1f574b8ec5bf487b560d565e5db9ecffef650a17e1999d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/en/a/the-best-food-thermoses-in-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:51 GMT
cf-cache-status: MISS
last-modified: Mon, 25 Apr 2022 02:54:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"10a14-5dd71b210968c-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IP%2B67uidC8gF6ZTTWq4fUPjtErYw3Z3K79ppR32kOU4rTDGS3S9vfC0Z8C5Yb3jo0ef0oa8W3O8O3rGZar6HyBH%2Bfi2hTD2OXMItqdQKFBGH8NjzMT8Zsind8GZXgaWSWuS8xnw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 830383823b4f6702-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 03 Jan 2024 10:54:51 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 193ms
68ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit&hl=en

Requested by

Host: mnp.cl
URL: https://mnp.cl/en/a/the-best-food-thermoses-in-2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

726d3efe31ffb53af716ff33c19264415a6f236f20585a5d19e8b3e90e234691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 04 Dec 2023 10:54:51 GMT

GET
H3 200 base.js Show response
mnp.cl/app/view/js/ 1 KB
1 KB 387ms
386ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mnp.cl/app/view/js/base.js?1.0.22

Requested by

Host: mnp.cl
URL: https://mnp.cl/en/a/the-best-food-thermoses-in-2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffdb9aec3ca8aaf7c786b9f20d1503cb0db7786cb7bdac0e4fc6dfb6918637ef

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/en/a/the-best-food-thermoses-in-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:51 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sat, 29 May 2021 06:08:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4b4-5c371d3079b7c-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIzm0IioSjRrM3U%2BCMmexObbSbX4RO%2Fg80Li3F3OQK7NrOyIyqWf3aLZsvIDdeNvo65uaWIi7abUwPVNjtQUW6WRcEebd1DVPIDzQA4xD95xzxhQ43Pv3YxivAXXygHvUv8S72c%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=216000, private
cf-ray: 830383824b6e6702-AMS
alt-svc: h3=":443"; ma=86400
expires: Mon, 11 Dec 2023 10:54:51 GMT

GET
H3 200 xajax_core.js Show response
mnp.cl/app/lib/xajax/xajax_js/ 40 KB
10 KB 364ms
364ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mnp.cl/app/lib/xajax/xajax_js/xajax_core.js

Requested by

Host: mnp.cl
URL: https://mnp.cl/en/a/the-best-food-thermoses-in-2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4f36df8747640e76c799291c6c3759890f7af120a320a123d5dc230f246682c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/en/a/the-best-food-thermoses-in-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:51 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Fri, 28 May 2021 05:52:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"9f3b-5c35d7c9f0a6b-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xrz3q6CObmW5Qp%2Fnt5T5Yk7eU6%2B4zZrUEOHyFFyappgLFHE3tEd54K5gQNrMlxLXhQsBRiwiQ3doQgVbfP%2FZnZh54U9HMNTAwXE7PFif3KaVZ3ArBoXfQqvKXbLJKttSQo7M2rE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=216000, private
cf-ray: 830383823b526702-AMS
alt-svc: h3=":443"; ma=86400
expires: Mon, 11 Dec 2023 10:54:51 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
957 B 136ms
60ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display:700,900&display=swap

Requested by

Host: mnp.cl
URL: https://mnp.cl/en/a/the-best-food-thermoses-in-2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad4152711584490aad14521b63f239b45ebef07da9ec4f37fd1ea64cf8a310d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 10:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 10:54:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 10:54:51 GMT

GET
H3 200 bootstrap.min.css
mnp.cl/app/view/css/ 150 KB
24 KB 42ms
41ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mnp.cl/app/view/css/bootstrap.min.css

Requested by

Host: mnp.cl
URL: https://mnp.cl/en/a/the-best-food-thermoses-in-2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/en/a/the-best-food-thermoses-in-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 588995
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 28 May 2021 05:51:40 GMT
server: cloudflare
etag: W/"2565e-5c35d784132b1-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziwgpiHhlZDkV3b3rPHt8eDhYRx4SWqdhN3F%2BQQdQKDroAQGha4tss6iuncCApvBGvrHctJG0xhGjT9w6yS7dkbEHKGjastii%2FKL1gKit16tPA6XhJRMQH4AyIZDRxiMxCghPFE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 830383824b6b6702-AMS
expires: Wed, 27 Dec 2023 15:18:16 GMT

GET
H3 200 blog.css
mnp.cl/app/view/css/ 1 KB
1 KB 69ms
68ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mnp.cl/app/view/css/blog.css

Requested by

Host: mnp.cl
URL: https://mnp.cl/en/a/the-best-food-thermoses-in-2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e096bdb7aaaf4bcb717bafe992f030998fb80de204ab9ea11aef329195cec01

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/en/a/the-best-food-thermoses-in-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 545056
cf-polished: origSize=1958
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 11 Jun 2021 20:20:09 GMT
server: cloudflare
etag: W/"7a6-5c4833bf7458e-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKLdq5rC7IWcAFqZH9rFKVr9CYxbzhysdRga9klnpjBEF2xB%2F4VW7vT6NdqKDRuQtuFYHU%2FL2r9w%2Fn0Md0EAoEj2QXElQ3FIHw6Npfy4MVXlrIO3qKCcHx%2BFYyKXPGBfYR7mASU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 830383824b6c6702-AMS
expires: Thu, 28 Dec 2023 03:30:35 GMT

GET
DATA 200
OK truncated
/ 402 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e041e10a9816eeae6fc2874cc524fa556cadc5feec30716034a8fadd21e328e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 830 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ba388b61ce81edc35dbb5f550a508fcbfc3af265eeed526f91f890a0104db3e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e467cb0e6cab8fb2ca3bb26d935f285941e0d48880fecf6d109a2611ff7dd6e1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ebikegreengrass-square.jpg
mnp.cl/app/view/img/post/ 71 KB
71 KB 45ms
45ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mnp.cl/app/view/img/post/ebikegreengrass-square.jpg

Requested by

Host: mnp.cl
URL: https://mnp.cl/en/a/the-best-food-thermoses-in-2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00fa4ecb557ff5e3ed46cb923406475eeb3305812cc5c65148e5c88ab16eca12

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/en/a/the-best-food-thermoses-in-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:51 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Aug 2023 03:29:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 437012
etag: W/"11a9a-6037a9abeb7cd-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R40FxVTbbzBc4BCwNFM2ImOJCnH4W0Kw9%2F4ShItTKKqsEVoMwmVBoFs%2FKsNP4m6cUPh8RkyGA2Uzc6G3pV0bMCJVrBit%2FEfNVto8XcXyTxu2T6AyjRCTyNLTCUFooEsIPR7dU6U%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 830383828bab6702-AMS
alt-svc: h3=":443"; ma=86400
expires: Fri, 29 Dec 2023 09:31:19 GMT

GET
H3 200 liontv55-square.jpg
mnp.cl/app/view/img/post/ 20 KB
21 KB 84ms
84ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mnp.cl/app/view/img/post/liontv55-square.jpg

Requested by

Host: mnp.cl
URL: https://mnp.cl/en/a/the-best-food-thermoses-in-2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac07876c6f4dca027a63203758d071ba719b076fd71739c41fe46b4315497854

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/en/a/the-best-food-thermoses-in-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:51 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Aug 2023 03:29:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2143463
etag: W/"5077-6037a9a3861ec-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3%2FLDZUW6ZG8I7L2YyxJxAE%2FvPYrToRYSV4Ha%2B%2F4zo5nUJLIekJsWUIg9l8f%2BErY3BqeHfXQF9b5P4GHgL%2B3Cnjsq1ClZblMa6u9o7%2BVghzXhdGyFvgEQr3GHsRpFVxa%2BJ9vfAA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 830383828bac6702-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Dec 2023 15:30:28 GMT

GET
H3 200 solidstatedrivegamer-square.jpg
mnp.cl/app/view/img/post/ 45 KB
46 KB 86ms
85ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mnp.cl/app/view/img/post/solidstatedrivegamer-square.jpg

Requested by

Host: mnp.cl
URL: https://mnp.cl/en/a/the-best-food-thermoses-in-2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c756841f714c41e1ccd4d848ab6527866c280179fadfaa5dbdcaab182e756c94

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/en/a/the-best-food-thermoses-in-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:51 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 03:58:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 436644
etag: W/"b43a-5e3433602d282-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FGOWBNOAZpyVwzqU8Usxc8bnfnFXZWJK66ihrhY0piGUZT9ONAIVcZuWlaxOPaFMhRe2PBqEi3b3jhKiPwvGZ2Wb3J4Up2NtqMXfV4fAKLjlRkse2efTl4XiaWImVgJoUIQ6Oc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 830383828bad6702-AMS
alt-svc: h3=":443"; ma=86400
expires: Fri, 29 Dec 2023 09:37:26 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 465 KB
187 KB 182ms
58ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mnp.cl/
Origin: https://mnp.cl
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:11:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190682
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 05:11:35 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/ 432 KB
135 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js?cb=31079857

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa40858bc00aa25239b434a313f9b30b4b604715b21395c0f278a3055cd31deb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54653
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138184
x-xss-protection: 0
server: cafe
etag: 495798054771589180
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 02 Dec 2024 19:43:58 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 182ms
58ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: mnp.cl
URL: https://mnp.cl/en/a/the-best-food-thermoses-in-2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 09:22:36 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5535
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 04 Dec 2023 11:22:36 GMT

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ 37 KB
38 KB 187ms
60ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v36/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b06a5d272de6f4e0ba3f8db8338da394f8716987f7a7e764a22b6e903c0f94cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mnp.cl
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:48:37 GMT
x-content-type-options: nosniff
age: 47174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37964
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:43:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Dec 2024 21:48:37 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 94 KB
25 KB 671ms
671ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2165398629001934&correlator=1491003760270810&eid=31079233%2C31079784%2C31079857%2C44782503%2C31079527%2C31079576&output=ldjh&gdfp_req=1&vrg=202311290101&ptt=17&impl=fifs&iu_parts=21628657446%2C3482498753%2C3482498751&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=970x90%2C320x50%7C750x300%7C728x90&fluid=0%2Cheight&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1701687291763&lmt=1701687291&adxs=315%2C260&adys=1110%2C133&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmnp.cl%2Fen%2Fa%2Fthe-best-food-thermoses-in-2022&ref=https%3A%2F%2Fmnp.cl%2Farticle%2Fv2%2FeWw1M3gtbjkuY2wtZG5mNW4zNGxrbmRmbGduazU%3D&vis=1&psz=1600x-1%7C1110x0&msz=1600x-1%7C1080x0&fws=512%2C0&ohw=0%2C0&ga_vid=450569311.1701687292&ga_sid=1701687292&ga_hid=2070779412&ga_fc=false&dlt=1701687291219&idt=527&adks=2098199443%2C3149277539&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js?cb=31079857

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

781ded0ac1b1f3effa3b6572c2950a344791c2274c37bdad802a1da19870e7f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25251
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mnp.cl
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C391 6 KB
3 KB 231ms
93ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js?cb=31079857

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mnp.cl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 10:54:51 GMT
expires: Tue, 03 Dec 2024 10:54:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
216 B 40ms
40ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2070779412&t=pageview&_s=1&dl=https%3A%2F%2Fmnp.cl%2Fen%2Fa%2Fthe-best-food-thermoses-in-2022&ul=en-us&de=UTF-8&dt=The%20best%20food%20thermoses%20in%202022%20-%20MNP&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAACAAI~&jid=1280710453&gjid=37142983&cid=450569311.1701687292&tid=UA-52614338-2&_gid=630684313.1701687292&_r=1&_slc=1&z=1702565161

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f7d6437d394ba20a0192402cd44f435a1b0660854733e3f4516c05f1220d3c8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mnp.cl/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 10:54:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mnp.cl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
340 B 101ms
33ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-52614338-2&cid=450569311.1701687292&jid=1280710453&gjid=37142983&_gid=630684313.1701687292&_u=IAhAAEAAAAAAACAAI~&z=1353381181

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mnp.cl/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 04 Dec 2023 10:54:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mnp.cl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
82 KB 116ms
46ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-71VYFC8469&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd1128a95227ea1de11291fbaf338ebe5478794cb08e44121c806fff521dccff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83465
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 10:54:51 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 82ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-71VYFC8469&gtm=45je3bt0v9135412118&_p=1701687291826&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=450569311.1701687292&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fmnp.cl%2Fen%2Fa%2Fthe-best-food-thermoses-in-2022&dt=The%20best%20food%20thermoses%20in%202022%20-%20MNP&sid=1701687292&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1271
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-71VYFC8469&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 10:54:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mnp.cl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 153ms
80ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311290101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js?cb=31079857

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3ab077fc6d8632c06a919af0ae4d61200fbb292faa930ced0fc6b0f65d045c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12184
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 117ms
44ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js?cb=31079857

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 10:54:52 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6D19 13 KB
5 KB 35ms
33ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mnp.cl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 10180
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 08:05:12 GMT
expires: Tue, 03 Dec 2024 08:05:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E0A2 829 B
945 B 71ms
70ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a8798dcfc98fc2c9c85338b97c0538b41d40d3c82d2aa586a4b49472f4ee099d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5o7Zkyh9vuSlGAyyxegs0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mnp.cl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-5o7Zkyh9vuSlGAyyxegs0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 10:54:52 GMT
expires: Mon, 04 Dec 2023 10:54:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E0A2 0
0 134ms
67ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311290101&jk=2165398629001934&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D19 39 KB
15 KB 99ms
33ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 12:58:53 GMT

GET
H2 200 container.html Show response
eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5FF4 6 KB
3 KB 60ms
59ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js?cb=31079857

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mnp.cl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 10:54:51 GMT
expires: Tue, 03 Dec 2024 10:54:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 3C52 196 KB
56 KB 138ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js?cb=31079857

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 29 Nov 2023 17:10:37 GMT
age: 409455
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 28 Nov 2024 17:10:37 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 3C52 15 KB
5 KB 198ms
97ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js?cb=31079857

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 30 Nov 2023 21:48:00 GMT
age: 306412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 29 Nov 2024 21:48:00 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 3C52 95 KB
29 KB 204ms
102ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js?cb=31079857

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 02 Dec 2023 01:47:30 GMT
age: 205642
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 01 Dec 2024 01:47:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 3C52 5 KB
2 KB 202ms
101ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js?cb=31079857

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 01 Dec 2023 22:04:26 GMT
age: 219026
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 30 Nov 2024 22:04:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 3C52 40 KB
13 KB 218ms
116ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js?cb=31079857

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 03 Dec 2023 21:52:54 GMT
age: 46918
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 02 Dec 2024 21:52:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3C52 4 KB
751 B 42ms
42ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js?cb=31079857

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 10:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 09:14:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 10:54:52 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3C52 2 KB
2 KB 35ms
35ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: mnp.cl
URL: https://mnp.cl/en/a/the-best-food-thermoses-in-2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:53:15 GMT
x-content-type-options: nosniff
server: cafe
age: 82897
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 04 Dec 2023 11:53:15 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3C52 295 B
319 B 34ms
33ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: mnp.cl
URL: https://mnp.cl/en/a/the-best-food-thermoses-in-2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 17:24:33 GMT
x-content-type-options: nosniff
server: cafe
age: 63019
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 04 Dec 2023 17:24:33 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/1303492387317671803/ Frame 3C52 17 KB
17 KB 38ms
37ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1303492387317671803/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Host: mnp.cl
URL: https://mnp.cl/en/a/the-best-food-thermoses-in-2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e80ccfb68bfaae21399f0609a586b38ec807668cdf9342fcaeefaafc01107515

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:46:49 GMT
x-content-type-options: nosniff
age: 252483
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17793
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 12:11:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Nov 2024 12:46:49 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/2449887720968438308/ Frame 3C52 7 KB
7 KB 35ms
35ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2449887720968438308/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: mnp.cl
URL: https://mnp.cl/en/a/the-best-food-thermoses-in-2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad9513bf62e8f6341a35466798c17f1f2d53432b639f527a68e1311074f0af86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 23:03:23 GMT
x-content-type-options: nosniff
age: 42689
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6733
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 11:23:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 02 Dec 2024 23:03:23 GMT

GET
DATA 200
OK truncated
/ Frame 3C52 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f828c1cc2deef4a9349269c5f2fd47efd1fc4b9adb02ed5207622333d44aa79c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3C52 16 KB
16 KB 163ms
163ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mnp.cl
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:48:36 GMT
x-content-type-options: nosniff
age: 47176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Dec 2024 21:48:36 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3C52 15 KB
15 KB 32ms
32ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mnp.cl
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 163063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 13:37:09 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8B50 624 B
556 B 248ms
119ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGPau3d4BMAE&v=APEucNXvFaLowxL92XMY8iyuRBwtWfrGB7iOHq2zC-9ZlKmjpWrbaGN687GoTvzSuY_COupuxI3Btt5s4_DM_BrAPQ9PdjowBUu4jvKJcXctEcVyRO1A3QHMzprW0E89ZJ0gtLem0EFc0oveXL_0A0PdhelW3eJesjwT3QcM46VBuHtwN2eDKX0

Requested by

Host: mnp.cl
URL: https://mnp.cl/article/v2/eWw1M3gtbjkuY2wtZG5mNW4zNGxrbmRmbGduazU=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 10:54:52 GMT
expires: Mon, 04 Dec 2023 10:54:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 98E6 89 KB
31 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: mnp.cl
URL: https://mnp.cl/article/v2/eWw1M3gtbjkuY2wtZG5mNW4zNGxrbmRmbGduazU=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 10:54:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 98E6 3 KB
1 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: mnp.cl
URL: https://mnp.cl/article/v2/eWw1M3gtbjkuY2wtZG5mNW4zNGxrbmRmbGduazU=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 10:24:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 98E6 20 KB
8 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: mnp.cl
URL: https://mnp.cl/article/v2/eWw1M3gtbjkuY2wtZG5mNW4zNGxrbmRmbGduazU=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 98E6 202 KB
64 KB 189ms
59ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: mnp.cl
URL: https://mnp.cl/article/v2/eWw1M3gtbjkuY2wtZG5mNW4zNGxrbmRmbGduazU=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 10:54:52 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98E6 42 B
63 B 66ms
66ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DW5Lqpd-O4cmRfiHGleUFW83FgwioNVcndduylumKAGcjbQ7DyBpze6LaCZ2sj5lFb44fN5RfiS6YoyIzXuE6l_ivTenDinBlfs4b5GTV3m4SyT1I

Requested by

Host: mnp.cl
URL: https://mnp.cl/article/v2/eWw1M3gtbjkuY2wtZG5mNW4zNGxrbmRmbGduazU=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 10:54:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98E6 0
20 B 68ms
67ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6876488080804589182&x=1&ct=77

Requested by

Host: mnp.cl
URL: https://mnp.cl/article/v2/eWw1M3gtbjkuY2wtZG5mNW4zNGxrbmRmbGduazU=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 10:54:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6D19 0
10 B 35ms
34ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3Xr5AA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98E6 0
20 B 66ms
66ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6250033528590&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 10:54:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98E6 0
20 B 66ms
66ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6250033528590&version=m202309260101&ct=77&x=1&cor=6876488080804590000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 10:54:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 98E6 34 KB
20 KB 111ms
98ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DfR27uS4GwAFTyvbpCuwl9uUhzj5zRQxK4tWM3yOhvrFoRyPzeDue9AUbE54FlTA5eRaQH8Zd_ut6Jk6dvZxFXwm5pKnzD1FX9oH1SXtGyxjKOt0h2SykFZrQDJ4U0i5234SnN9flghAIUjaNo9EI8xgLxD-sEAfbdhwpyI3fUr7BWNK4&cry=1&dbm_d=AKAmf-Aq_HGq2E4iZe00rhbwNzz4hJZvZKTT32Mx7KTF0DqYlh3zRN_gz8NsrTf9OROIYcyDyKSJrbqjAMsd0lvTeuS57J4_b6HgxZ4_eloWIo3gmlAJiWo39PMNG9Ll-FzTmfWHRdGO9hIkpfJupTRGNO_vXw_hdDrfSPhBIsYrhpFML1fkW9weyqAODuQWHix2QnE8n19YAHKBO8voVR9eqKlL5r-aIOiqdE8LlFz7Hl3MCM_f66y-86dJDhmBuk-BMVJ_JO8-tqejYDqPlb9FnjtmT2I_jw6eGFqN6IjWKVJvxNNfOotCl3t6fZyr0opqYlSeyxNGsTiCkwvmlJA0S4s9K0VYhCTq60TDI44rbg_Fv6yqMqAIXqgURG1gVlehVSyI00xCJUcjytBZf4csoysORisVj-reRo4prKbcBag8ViY-zC8iOj_6M28Kbd-36CimMNIKlJZEdcyMH5Y84q6XKffT3Gr0BOlWdjMCDmk0yqNaqutyffScYw1c85RILP_2ay3nhxbOawuZtYFBrZZdOMwnNnJUiS-B_9pf9wbntG3W2xW5hz1HYflwNSNw8agfhFuU7EM5c0VW1cFG1K6_aW44LQxHSCUM82I7IgbIujREQLU2cUeZQdhDhES_KhrzIgzNo_XRCfGFBohgxt3d1q1hdiTB39_njF-crPGzdiCECNpsXK7ZeyOR3umaTaLVyFZMLodLRfECpbTpC0HKx39SvcTmZYjPPuVjHuzfx_KOYlt2YbrI_tSZPiuP7B8u6LTSctA7Blv1sjddQBiFNXZDdzp_raseuBRw14k2w9BYh4DvwXUousA0XE2o3B6xIEVgC0mbIzmC04p8BBCGHuUgua36n09vDFDe0wgXlrP4RdYJvKUxLF2VbNlgxpElTWCRNRSUqFF1f_9w2Zz9xqwtKs1WymWoz6_jqhu-_jiG_RpInefaudRZALupIjxre-KlDN5QlqcBOuz1C775BJk-Gf41VTO_LX78b7mJ-hTs_7Dxcxg3Sk8wc8OKKt2WOTyTmpnXo-Gf-YhYMOmOyxfUfvMnv652Ho3WFauyZSUshoGS16PgJ1efNR8Zy8qGPT4IUr1leygtV4-D_WAlTtqtbF4dsObUpKMzvxyF2d4EB7foqmVfFW2G7MtimTtBwBdTvfkbG3dZ2EqMGDl0lchxuyCz4DvlK35jhSUKCh5piZHYqPiFmFrrb63BlxLmRucV9FcDsmmfZPYMqEWiiqYhgIjaLXGCGhi2jcB1oWDYti82XabVYP8F8X3-v2NoqnpfnJvXXXTrGjnPWpR3Weqxnz0WkxA6xwBYeiy0Ti7ijOZ09D0p1-xfzc7uJN2QHKXPMUq0gU_JjycKdHuCvfVjIpsRaRAU1O7EK7hCx4dsboL9xehvrSgKTWm46yDjFN2sG2XPeXGw_TmjuPgnxJx1c2b3eE2B5Lr0L-PhV9Yk_1vDSuFlYvnSOXGbEdHoIwDwO3o1O0-xNkqShx4YZx_mus56uTtAQGM4uRW5nw2dKdjzLA3FrOwQMCi3S2hc9BJipiRasT4jQjNejJXETXGj3umtDR6gfmZM7MkZzX8csB_nWEJs1Mr1XJZg8ws5XQyiYMjufP9reUgXh-IIcUBRY7Y88jYDpBLWzyuauSzMmIpoFHWl55DqfOKWD14U_R4hzChBKK7mwk9gqMwhm03rHjVtECbVbTjY2C4RNGd9IlTa4NhO15VTjzNL2v1uFxbZoPtUqK-Wnbip3NrU301Sn7GWEdIeNIsr6iPdSRTnZtUoayWmfEj5r8koAiWU8AtXZK48-H6QWmpS5zuQvhc_tJPAUQpMKXL8O-GdCouRU0Rq2wbGBrocwgbPWL5XFKtBXFWdvS-2pKHBIAWiLbU_m20iGxkJvlip5hmhK3FgVC-cU2uRmo4GC0Ys8QN8ysUvdLOqowwykM0gOVvZzwg94ZUJotOzb8OSTBRL_CDYDTCzoG8tiK1Ltz6a0hlO3z1Gqg2gyjw1JP_PbYF8dK1fDTqnD_oq7DPfWxZNGvA1_xHBB98VjLxgdJpjYt633ocol4UOK9Wx4pihgj98mIPdxowsn-IvnTDUfllphAE6d5XaS7ZqRf1ggKC0BhZptSQSJMYJWRpzAXdoGE_WfZVc0v2zbrpomRyK8kmR4N1Ul6s48kSED81zfoYRzcvsIM-IClGGUug1DtxvHdRxpGvkV63w6NCKtSMoi0T27cPFJJGSaO1KyXFIDP2F7m-1MqLpaR4DOg7yAaMwg4HVguXYdfm5HPI1c-DppDz-ARfsDgduuKsgFzywi55EPJCrmDzcDRI9AFvpNOX8FPXfqjLecLog8QXd4B-Nh6eFDewhg1sy9eILAFtx_vfOr-SPELB3pX1CLX9pd-S93kVWFbl_AIxyTKheaXxXmhcVLpm9X9ct8CGpK0YSDTjnff8N9UJHPDN3p0OGthCxJMeg3D8pDaOrPwuOGyKI8H74PIPaSBgmmnDcvHI1UDzxxrH6b_4GXe87TcoRa3CVJTD9D2TssYpc5Q4i3nrHioe9rQzawNIbTSnm8_XhbMNwDx5WxXIhHCGTwMGWztGQXpOV1DwR8SC0Y0SUCILkVv3-apxkoAvm7V_qUBWr_Z62C9Qdemu53pRWMnZG4oiaFqEPb4LOf8DQD_L7gy_x8TiTkH4U6GfF9N1eeX9je5Sjd_jL-f-fjNS51GyS7_SFFgRCDhLzO4qzjdJqjxBuf__h2StCZy473GpwvAda5mBj40JZog9Rr4cyTGfLdMi-qxgNm2oAkA_UgESjYdF3_3KA_ZtE_MiLdAvjnKQJKK7arCvmYyEMK5uCIE61or9uJ6M0Ry3KXYKmFBi70yh5fy69jSanIvSklacfLojDeprgsuW4xmTs9DPLcRx_rdR9ckLTrBgfcW92Syfjx2tIgy9wo5a7DGO3FN8mLLkZEDg2P68PPGUjqraqSXMmHhOJ3p-CYjTZb83umUXcvgsqFIE5ieGOT4QIl44NGyvEYG8MJ44sd3lNslUPdMicBm87vGw55JPNucF_Wso3jEzMeArkYr6oA2hN7C7SloF6asCpZuxjJpsTXlG3eA-sBD1bjRRYKXay752Jq2nRKecCdqsE5uYHn50Cdz2VyE8SJCZ6f0Ew7bAaTOjzo7W-GQIwzH3INNv9Ldch2UJBdoEwFP-R9Zw1re0q7APQo2j_Ln5H-Ol6G155kjotSfyhvHNZoOalU8By24aRCNgZ8oyMFTSqRMHb_9QB9r2CMglAvziQpo0Dr5Cu69R5r9G_XalR8zlJgMd97fFUAIY0eYX3ZkXFO8_HGyVyJWZCJacrAKWzE2IMKYn-hnCBovVnwouqplTHANJz7RdA5XxdO098--Epx2twSmH3kNRBLuDqh40XzuXbdHX2jPrAhX-SnsLtTCxAK35vNTlc6EJ7P9oDUTqPb1NhCUqwn_FOAyh5_xCmAKD02vuN9vawyRYn7S91Ec5fhzaO9ZdQJBzY-Y9oMdnK_QaU_sswoRkFoN-AlCWMP3P6ke6sfUx-ZAr9nH3nqnBe8K71kV46rbnhqbqT7YOnFwVJqfUCyRdZAbnMZ3iIGcJyFZmmcoREwkdS8DxO9MIOZ_R7pNAGyL_FQoKwPHWuVm6t6sQ_1icq-3nrg5lPqsHyXMMTozdcZYatYUM0hzEC5qGXspdEcm_ZDkoQw1BYzT-6sp_TwflqQfpfxVS2CBr8aKBOZ_nDOZ9li5Bol4JA2kGcAqd64BS78x--0gdBrwcOuZY_MKl8oFcpXfz9bvZPXcEtnroLPdzyrELXpHRhfJcxJuKVwthqLFMpwWpDbeSCGrtlMWXrxv6r4wQnrsoH7Dnm&cid=CAQSTwDICaaNQpPD0mlRmdgkQyK7VzSd5DGRraHCMZFlnGmSpiOwJWCM4kDmTblU4egV7DaSv_SON7cJj8OChybsY4CnvK_3JqY3l2L8Gnm2Kc4YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fmnp.cl%2F&ds=l&xdt=1&iif=1&cor=6876488080804590000&adk=497053795&idt=106&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc7c5ae2a6da64062d6a425b1c78d2444b1fbacf19906b62d7219ead3d031cf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 10:54:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19845
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3C52 0
0 77ms
77ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4FWG-69tZfCUMsGwgAel86yYDb6n7L503fL954ASmKW2lYsDEAEg6N-1M2CRhKCFjBigAeSIgN8CyAEJqQKPmzizXzeyPuACAKgDAcgDCqoEuAJP0Fpq16oKr93UxW5gG7gGN2CtcqDrezw1fcwG9rq9i1vcLK1l5waKg9tlSLx9IVa70PCtoQLjDHE1gZZt_k4ge_IrX1tKVWzYToh731P8ElnCXuFWIj6XfKAFT984WYb5H_loVPI-eY7-gg3SKAHDXgNXiQxu7_UG--vpjB6HJQfpk9khldT-6eMkKQU8J-93v3LDB9RQkEwfdOlqNbg42AReJzXVnfmq_ucaaLf_hcZvMo72kH5JdVvGqRHT7AccarVTLGfkWXsazXn7sKbOMqTbFKh5mxTMNbP2Q4iFSRxj2l4Gek8hP2iLZM0bQICHsnhJ0X3Nc74eftqQO0RtpCHlpm2S7H6OKXNUf2YPUPmDDdRf16OOeBziSweRpsK-aSIsFdGPCuAmssjEG70d9sMJAFAYMKzABIzXgrC8BOAEAYgFxN2ih0ySBQQIBBgBkgUECAUYBKAGLoAHhPf_oAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBRDHpIYC0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlidxa-Uz_WCA5oJkgFodHRwczovL3d3dy50aGV5ZG8uY29tL3Byb2R1Y3QtZXhwZXJpZW5jZS1tYW5hZ2VtZW50P3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY2FtcGFpZ249dmFsdWUrcHJvcCtldSsyMDIzUTMmdXRtX3Rlcm09cHJvZHVjdCthYnN0coAKAcgLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAuINEwjpg7CUz_WCAxVBGOAKHaU5C9O4E-QD2BMOiBQB0BUBgBcBshceChwIABIUcHViLTY1MjAyMTM3NjEzMjM4MDIYpPVp&sigh=thvsIaPkodU&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwDICaaNQpPD0mlRmdgkQyK7VzSd5DGRraHCMZFlnGmSpiOwJWCM4kDmTblU4egV7DaSv_SON7cJj8OChybsY4CnvK_3JqY3l2L8Gnm2Kc4YAQ&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 98E6 31 KB
12 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DfR27uS4GwAFTyvbpCuwl9uUhzj5zRQxK4tWM3yOhvrFoRyPzeDue9AUbE54FlTA5eRaQH8Zd_ut6Jk6dvZxFXwm5pKnzD1FX9oH1SXtGyxjKOt0h2SykFZrQDJ4U0i5234SnN9flghAIUjaNo9EI8xgLxD-sEAfbdhwpyI3fUr7BWNK4&cry=1&dbm_d=AKAmf-Aq_HGq2E4iZe00rhbwNzz4hJZvZKTT32Mx7KTF0DqYlh3zRN_gz8NsrTf9OROIYcyDyKSJrbqjAMsd0lvTeuS57J4_b6HgxZ4_eloWIo3gmlAJiWo39PMNG9Ll-FzTmfWHRdGO9hIkpfJupTRGNO_vXw_hdDrfSPhBIsYrhpFML1fkW9weyqAODuQWHix2QnE8n19YAHKBO8voVR9eqKlL5r-aIOiqdE8LlFz7Hl3MCM_f66y-86dJDhmBuk-BMVJ_JO8-tqejYDqPlb9FnjtmT2I_jw6eGFqN6IjWKVJvxNNfOotCl3t6fZyr0opqYlSeyxNGsTiCkwvmlJA0S4s9K0VYhCTq60TDI44rbg_Fv6yqMqAIXqgURG1gVlehVSyI00xCJUcjytBZf4csoysORisVj-reRo4prKbcBag8ViY-zC8iOj_6M28Kbd-36CimMNIKlJZEdcyMH5Y84q6XKffT3Gr0BOlWdjMCDmk0yqNaqutyffScYw1c85RILP_2ay3nhxbOawuZtYFBrZZdOMwnNnJUiS-B_9pf9wbntG3W2xW5hz1HYflwNSNw8agfhFuU7EM5c0VW1cFG1K6_aW44LQxHSCUM82I7IgbIujREQLU2cUeZQdhDhES_KhrzIgzNo_XRCfGFBohgxt3d1q1hdiTB39_njF-crPGzdiCECNpsXK7ZeyOR3umaTaLVyFZMLodLRfECpbTpC0HKx39SvcTmZYjPPuVjHuzfx_KOYlt2YbrI_tSZPiuP7B8u6LTSctA7Blv1sjddQBiFNXZDdzp_raseuBRw14k2w9BYh4DvwXUousA0XE2o3B6xIEVgC0mbIzmC04p8BBCGHuUgua36n09vDFDe0wgXlrP4RdYJvKUxLF2VbNlgxpElTWCRNRSUqFF1f_9w2Zz9xqwtKs1WymWoz6_jqhu-_jiG_RpInefaudRZALupIjxre-KlDN5QlqcBOuz1C775BJk-Gf41VTO_LX78b7mJ-hTs_7Dxcxg3Sk8wc8OKKt2WOTyTmpnXo-Gf-YhYMOmOyxfUfvMnv652Ho3WFauyZSUshoGS16PgJ1efNR8Zy8qGPT4IUr1leygtV4-D_WAlTtqtbF4dsObUpKMzvxyF2d4EB7foqmVfFW2G7MtimTtBwBdTvfkbG3dZ2EqMGDl0lchxuyCz4DvlK35jhSUKCh5piZHYqPiFmFrrb63BlxLmRucV9FcDsmmfZPYMqEWiiqYhgIjaLXGCGhi2jcB1oWDYti82XabVYP8F8X3-v2NoqnpfnJvXXXTrGjnPWpR3Weqxnz0WkxA6xwBYeiy0Ti7ijOZ09D0p1-xfzc7uJN2QHKXPMUq0gU_JjycKdHuCvfVjIpsRaRAU1O7EK7hCx4dsboL9xehvrSgKTWm46yDjFN2sG2XPeXGw_TmjuPgnxJx1c2b3eE2B5Lr0L-PhV9Yk_1vDSuFlYvnSOXGbEdHoIwDwO3o1O0-xNkqShx4YZx_mus56uTtAQGM4uRW5nw2dKdjzLA3FrOwQMCi3S2hc9BJipiRasT4jQjNejJXETXGj3umtDR6gfmZM7MkZzX8csB_nWEJs1Mr1XJZg8ws5XQyiYMjufP9reUgXh-IIcUBRY7Y88jYDpBLWzyuauSzMmIpoFHWl55DqfOKWD14U_R4hzChBKK7mwk9gqMwhm03rHjVtECbVbTjY2C4RNGd9IlTa4NhO15VTjzNL2v1uFxbZoPtUqK-Wnbip3NrU301Sn7GWEdIeNIsr6iPdSRTnZtUoayWmfEj5r8koAiWU8AtXZK48-H6QWmpS5zuQvhc_tJPAUQpMKXL8O-GdCouRU0Rq2wbGBrocwgbPWL5XFKtBXFWdvS-2pKHBIAWiLbU_m20iGxkJvlip5hmhK3FgVC-cU2uRmo4GC0Ys8QN8ysUvdLOqowwykM0gOVvZzwg94ZUJotOzb8OSTBRL_CDYDTCzoG8tiK1Ltz6a0hlO3z1Gqg2gyjw1JP_PbYF8dK1fDTqnD_oq7DPfWxZNGvA1_xHBB98VjLxgdJpjYt633ocol4UOK9Wx4pihgj98mIPdxowsn-IvnTDUfllphAE6d5XaS7ZqRf1ggKC0BhZptSQSJMYJWRpzAXdoGE_WfZVc0v2zbrpomRyK8kmR4N1Ul6s48kSED81zfoYRzcvsIM-IClGGUug1DtxvHdRxpGvkV63w6NCKtSMoi0T27cPFJJGSaO1KyXFIDP2F7m-1MqLpaR4DOg7yAaMwg4HVguXYdfm5HPI1c-DppDz-ARfsDgduuKsgFzywi55EPJCrmDzcDRI9AFvpNOX8FPXfqjLecLog8QXd4B-Nh6eFDewhg1sy9eILAFtx_vfOr-SPELB3pX1CLX9pd-S93kVWFbl_AIxyTKheaXxXmhcVLpm9X9ct8CGpK0YSDTjnff8N9UJHPDN3p0OGthCxJMeg3D8pDaOrPwuOGyKI8H74PIPaSBgmmnDcvHI1UDzxxrH6b_4GXe87TcoRa3CVJTD9D2TssYpc5Q4i3nrHioe9rQzawNIbTSnm8_XhbMNwDx5WxXIhHCGTwMGWztGQXpOV1DwR8SC0Y0SUCILkVv3-apxkoAvm7V_qUBWr_Z62C9Qdemu53pRWMnZG4oiaFqEPb4LOf8DQD_L7gy_x8TiTkH4U6GfF9N1eeX9je5Sjd_jL-f-fjNS51GyS7_SFFgRCDhLzO4qzjdJqjxBuf__h2StCZy473GpwvAda5mBj40JZog9Rr4cyTGfLdMi-qxgNm2oAkA_UgESjYdF3_3KA_ZtE_MiLdAvjnKQJKK7arCvmYyEMK5uCIE61or9uJ6M0Ry3KXYKmFBi70yh5fy69jSanIvSklacfLojDeprgsuW4xmTs9DPLcRx_rdR9ckLTrBgfcW92Syfjx2tIgy9wo5a7DGO3FN8mLLkZEDg2P68PPGUjqraqSXMmHhOJ3p-CYjTZb83umUXcvgsqFIE5ieGOT4QIl44NGyvEYG8MJ44sd3lNslUPdMicBm87vGw55JPNucF_Wso3jEzMeArkYr6oA2hN7C7SloF6asCpZuxjJpsTXlG3eA-sBD1bjRRYKXay752Jq2nRKecCdqsE5uYHn50Cdz2VyE8SJCZ6f0Ew7bAaTOjzo7W-GQIwzH3INNv9Ldch2UJBdoEwFP-R9Zw1re0q7APQo2j_Ln5H-Ol6G155kjotSfyhvHNZoOalU8By24aRCNgZ8oyMFTSqRMHb_9QB9r2CMglAvziQpo0Dr5Cu69R5r9G_XalR8zlJgMd97fFUAIY0eYX3ZkXFO8_HGyVyJWZCJacrAKWzE2IMKYn-hnCBovVnwouqplTHANJz7RdA5XxdO098--Epx2twSmH3kNRBLuDqh40XzuXbdHX2jPrAhX-SnsLtTCxAK35vNTlc6EJ7P9oDUTqPb1NhCUqwn_FOAyh5_xCmAKD02vuN9vawyRYn7S91Ec5fhzaO9ZdQJBzY-Y9oMdnK_QaU_sswoRkFoN-AlCWMP3P6ke6sfUx-ZAr9nH3nqnBe8K71kV46rbnhqbqT7YOnFwVJqfUCyRdZAbnMZ3iIGcJyFZmmcoREwkdS8DxO9MIOZ_R7pNAGyL_FQoKwPHWuVm6t6sQ_1icq-3nrg5lPqsHyXMMTozdcZYatYUM0hzEC5qGXspdEcm_ZDkoQw1BYzT-6sp_TwflqQfpfxVS2CBr8aKBOZ_nDOZ9li5Bol4JA2kGcAqd64BS78x--0gdBrwcOuZY_MKl8oFcpXfz9bvZPXcEtnroLPdzyrELXpHRhfJcxJuKVwthqLFMpwWpDbeSCGrtlMWXrxv6r4wQnrsoH7Dnm&cid=CAQSTwDICaaNQpPD0mlRmdgkQyK7VzSd5DGRraHCMZFlnGmSpiOwJWCM4kDmTblU4egV7DaSv_SON7cJj8OChybsY4CnvK_3JqY3l2L8Gnm2Kc4YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fmnp.cl%2F&ds=l&xdt=1&iif=1&cor=6876488080804590000&adk=497053795&idt=106&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:51:49 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 98E6 41 KB
14 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 233384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTY4NzI5MjY5MDg1MgogIHNlcnZlcl9pcDogMTc1NjE4NDU1CiAgcHJvY2Vzc19pZDogMTk0NjcxODY2OAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3...
ad.doubleclick.net/ddm/activity/ Frame 98E6 0
835 B 255ms
99ms Image
image/png 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTY4NzI5MjY5MDg1MgogIHNlcnZlcl9pcDogMTc1NjE4NDU1CiAgcHJvY2Vzc19pZDogMTk0NjcxODY2OAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly96YWxhbmRvLmRlIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDIKZXZlbnRfaW1wcmVzc2lvbl9pZDogMTIwMjI3MzE0MjAzMjQ5MTI1OTcKZGVidWdfa2V5OiA1MjkzMDg2MzU0NjIzMzMxNzQyCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMi0wNCIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMyNzY4MTcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzNTc2NzQ2MDgKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExMTE3OTk3NDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjAzMjEwODE5OTUKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0NjcwOTc0NjIKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vemFsYW5kby5kZSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3phbGFuZG8uZnIiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly96YWxhbmRvLnBsIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com
URL: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 10:54:52 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x7f71b16e9b204b940000000000000000","13":"0x73152a2dafb2fcdd0000000000000000","14":"0x675b4d849aa495670000000000000000","15":"0x11f6c26ab13c971e0000000000000000"},"debug_key":"5293086354623331742","debug_reporting":true,"destination":"https://zalando.de","expiry":"172800","filter_data":{"14":[],"21":[],"8":["3276817"]},"priority":"0","source_event_id":"12022731420324912597"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg Show response
ads.revjet.com/ Frame 98E6 43 KB
18 KB 246ms
91ms Script
application/javascript 213.239.199.234
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com
URL: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 213.239.199.234 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213-239-199-234.clients.your-server.de
Software: nginx /
Resource Hash: 1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Mon, 04 Dec 2023 10:54:52 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Mon, 04 Dec 2023 13:54:52 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 8B50
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZ4Bi-EeYmL7Ue4nYTRAYM&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZ4Bi-EeYmL7Ue4nYTRAYM&google_cver=1&C=1

43 B
340 B

68ms
68ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZ4Bi-EeYmL7Ue4nYTRAYM&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGPau3d4BMAE&v=APEucNXvFaLowxL92XMY8iyuRBwtWfrGB7iOHq2zC-9ZlKmjpWrbaGN687GoTvzSuY_COupuxI3Btt5s4_DM_BrAPQ9PdjowBUu4jvKJcXctEcVyRO1A3QHMzprW0E89ZJ0gtLem0EFc0oveXL_0A0PdhelW3eJesjwT3QcM46VBuHtwN2eDKX0
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 10:54:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdjXAkedpf8KIN4JIFBhBt6nEoG%2FbVGot6ZoDdFQ35gx9BlLP2n8%2FH8w966Xt5dAIVE5Zn0LTqnuz0ZSt1l0bMnSg0eztfAEHS7GoCHCPYTsXT94LIRR%2F9%2B3pXwGyWgYUAv%2BkJDd4rj3Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8303838d98ac66e4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 10:54:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uL%2BaBzPTVezjZXceCPQKXAwx3ZUD45NDnoGYV%2BPai7KkZi%2Bmdt4HT%2BkJWEogbLPsyDVy7swIpeVAVWzeqUuK7vK2%2F880GPJrLSg%2FoEA3LZKkdCfpt0f9ooPcyw3WItQVZwqiR92H%2FjiSvA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEIZ4Bi-EeYmL7Ue4nYTRAYM&google_cver=1&C=1
cache-control: no-cache
cf-ray: 8303838d382d66e4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 8B50
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW2v-KenN4J3UMoajI4LRwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECJnY7uKKdgF7I5xGNcSjzs&google_cver=1

43 B
327 B

57ms
57ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECJnY7uKKdgF7I5xGNcSjzs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGPau3d4BMAE&v=APEucNXvFaLowxL92XMY8iyuRBwtWfrGB7iOHq2zC-9ZlKmjpWrbaGN687GoTvzSuY_COupuxI3Btt5s4_DM_BrAPQ9PdjowBUu4jvKJcXctEcVyRO1A3QHMzprW0E89ZJ0gtLem0EFc0oveXL_0A0PdhelW3eJesjwT3QcM46VBuHtwN2eDKX0
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 10:54:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BMsVF9FLT4fqhVBE6uBrQJquelAfSCyEqHs9Zy8T0Zr5H5TdRTBQg8aDxGGAkCu5kh6ZYIlI7XGoCqOR8e9gtmTFrWTehr3tQV%2F8k%2FzRX41xLpNjehqWFrNvmZV8QUMgY4crh7pBjWD9g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8303838de90b66e4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 10:54:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECJnY7uKKdgF7I5xGNcSjzs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 8B50
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBCI5caS6AT38lI8gjc5TZ4&google_cver=1

43 B
843 B

51ms
51ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBCI5caS6AT38lI8gjc5TZ4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGPau3d4BMAE&v=APEucNXvFaLowxL92XMY8iyuRBwtWfrGB7iOHq2zC-9ZlKmjpWrbaGN687GoTvzSuY_COupuxI3Btt5s4_DM_BrAPQ9PdjowBUu4jvKJcXctEcVyRO1A3QHMzprW0E89ZJ0gtLem0EFc0oveXL_0A0PdhelW3eJesjwT3QcM46VBuHtwN2eDKX0

Protocol

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 10:54:53 GMT
an-x-request-uuid: 0e14da96-3a74-4748-b503-c18be775b4d8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.220; 31.204.152.220; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 10:54:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBCI5caS6AT38lI8gjc5TZ4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8B50
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg4MDA3NjczMzM1NTkwNjIxNg%3D%3D

170 B
243 B

45ms
45ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg4MDA3NjczMzM1NTkwNjIxNg%3D%3D

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 10:54:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 10:54:52 GMT
an-x-request-uuid: 22f35a5a-34b0-4c4d-bc65-16acdd72cadc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg4MDA3NjczMzM1NTkwNjIxNg%3D%3D
x-proxy-origin: 31.204.152.220; 31.204.152.220; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 98E6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62964c5583b70a82d804124be521fba7cef4438fd583e9ce42fa08a62a0eb2a8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9923 38 KB
13 KB 35ms
34ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 47176
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 21:48:36 GMT
expires: Mon, 02 Dec 2024 21:48:36 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 9923 39 KB
15 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 12:58:53 GMT

GET
H2 200 rectangle.js Show response
cdn.revjet.com/~cdn/JS/03/3.5.2/modules/ Frame 98E6 20 KB
7 KB 128ms
27ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.2/modules/rectangle.js
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA2) /
Resource Hash: dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 15:25:31 GMT
server: ECS (amb/6BA2)
age: 517
etag: "64e381eb-4ee4+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7263
expires: Mon, 04 Dec 2023 11:04:53 GMT

GET
H2 200 sync.html Show response
cdn.revjet.com/~cdn/JS/03/ Frame DB9F 2 KB
1 KB 66ms
25ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Feac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B83) /
Resource Hash: 71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7

Request headers

Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
age: 518
cache-control: max-age=600
content-encoding: gzip
content-length: 942
content-type: text/html
date: Mon, 04 Dec 2023 10:54:53 GMT
etag: "64e382fe-744+gzip"
expires: Mon, 04 Dec 2023 11:04:53 GMT
last-modified: Mon, 21 Aug 2023 15:30:06 GMT
server: ECS (amb/6B83)
vary: Accept-Encoding
x-cache: HIT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9923 0
20 B 70ms
69ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BeqTy_K9tZaSVKpfz3gPMo6KgBwAAAAA4AeAEAg&bg=!HB-lH1DNAAY3kmNgF5I7ADQBe5WfOPOFBzgUjfunB3Zi62MJycTtE2KK5IsGd2dch2ZEsyHxK-_a_SzpIRSukrtmcEeXAgAAADdSAAAAAWgBBwoAJ7PuCTeDo3DChdg74DVc_hIn58nQnpuETxra_k2bkbVWcUspa07nDpkDRjwVUjQ6xSWM9otFeH8y0KPK9k0SLhXAQ9jjLUYq8FLKRHbdzZ3B9b1rF3NUcVC3kjNKOUmUs9nxtpiAjiMjjR4_AybWtoMcScxNGrTlx4NCwY7uIHJ-YsNJDRqga68-JBT5ZXJZJTiRvvorIE0nJk20WBKJexXECfXxlT5PZ7w7yyGdMYkbCetTfYkPOgVGcpbpyqM57OsQKFtwKMFC187klO6HO0XFtFVKqFGiVEKfLoPP9vrhEKsRHCWsuESEklHROQ_yR0vgh6w5HRYjWO_MxKxuRS_486o6LJ2CJNhIXsL9T2-nvzse7pvhYULTsFPFLWffRlrGYeqXam_YxWd_C6B_1Uy87llLbM1Xg5-8mKNzBu-9NQVlDm5_ep1E7tcPv4uTpr-P7-WOK7mfU5CG7k5zchoCcKn8QCfUjwWwYm5wC6jMTlprae5XU1XeFPIqMv0-MiBaRCDQOej17PkDHvWudcP5-GvB8cWWn-DaO0NqQSRB-zVivfeFUg8A1LDJU51pjxp3LmDeu3gJdBf8cL6w-MRW0Z92johfGunMsXUxC7CIuGYd-f2_-R7PqbZXs5DRkF59321K5EIRBJqD6zzwcg4M-2YjfycU2mio-O9Pigi0mi5LErLgZtnnb7PS5ruBVp6OGcASSSTF5Bebc7YZe9wOncLpHCcx1BqkqSBPJtLDX46Q4QaOmtGtJQ91_4GJw-uqTyhDormfV-HXqJ_sbZxe7BWsxYO8wNVKf6Mnta0DQwQKqzHd55Ck1X7AW30AyP27j4mozYoj7SiwO3Ygaah4WEVDXRK7HeFfvJki3yva_CvehDALnakVKDWvqF_UmESlroronfNtO2n1H32OjeiOhUALJ3OEkMsw5t--MoWcuv-Ejkxoizu-Uv8G6qMFRK4q7LOWNcwBLf-2_s0M-cz4nqR9mS0hVxxY8dZNmG6eQahVOPySk-Ln6neTjni2ImH6XnMtLfMzDE__5hRglqXyLePkfcd2qRlv47f86AgWLW5OgZkyFYKtZ7EOZvaXvwY4-o4ay_y5ke5UGSLfKM3jfy0o5nL5B5IX0mTBpJuQ8L2eviLT5Kk4XtJchud47K5lKoXRXqjOPoUdWztW1GU

Requested by

Host: eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com
URL: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 10:54:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 69ms
68ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311290101&jk=2165398629001934&bg=!4OOl46zNAAY3kmNgF5I7ADQBe5WfOFl7tRvBE2WRQeeBbnE6DTxNtC0UEXMsYGvlFhSiPvPHUdEyADBfyAw35i4lTpmbAgAAADJSAAAAAmgBB5kCpGmjpXLII1e0mHCRm-rhdv2dz07PYeAm3K8SaaeSyBEi7EPC8Zk86EKKKRpUmUQcEhDJwxBJwsiBQp9RBtKnXaI9E1lTad03_tx7sY_V4gCbRyFEk35gyd8VWYYsOXg-KHzdLJPHvXFa9raj6Fm5uObudNbRiENZlfJJ0nZuxR-GNx5PCiG1zgK3931lfIl6TaIVLc-WKJOb5rUSsod7vZF4x2fEpo-q7t9Qz1I0z4MsYP2yhhDKOVMnoUJcnNwyTs_OMJnnHEs1pKFPH11n3Kl8pxNFX8P_fFxeIPqH4qqTFJNkSmHFPRPbxOlE2o7RVGGIA6izZv3GCnRCRZI9odyev3Z91f9ToUdLat5YLMKDxL2g03zgKplF2_BqZo4PgvG4PzrxDEyYlLkH9LD4nRTe4EWZs_UTjdlxjTXOQ-ze05lnT1fXV6hc9aAXMijVH4dY9Vb6FIf-YK6ogvbYPdPFNDcP0Pb6FlDjtLaDPPZps0uBDxqw4hnyRNQkjiELPJntc3qguhxXW8UG5etrUEnFA1dnXRvUUrvRQJclQk_Tvw-1_vtwFJwkzpCF9uZrRRmxgkPQ5r1wplqLM3YdVtgmEX3BWXTfjg0Jh3mhkoP8GyRtLIeANtJCzMcQzSRu4dbJsMLAfTHnGYXvXouoKEx2gS_mkUq_TKKVHeeDsSou-FecIaIMvVRLFarzI5NxYB8O_Galy6utremdsqx3qFN7vdy-nZ6jD5xBC_WWlml44XLFGV16hjw2pXO6MEIOmGnpy8bP2c60Pk1CbbdcvszkRBZS3cPK1z7V5Wgh6nHdgmncCq9A_PEu0cBoqhghNaVjf5sYEosFOS-oI3mm1bRFYBo-1o5yK5bUbUrnN-9ab0WHm2wGOVTopH4EgZEXliZvfVU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 tag236673 Show response
ads.revjet.com/ Frame 98E6 245 KB
39 KB 63ms
63ms Script
text/javascript 213.239.199.234
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag236673?_plc_id=111757808&_key=0dd&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrWTc-69tZe-UMsGwgAel86yYDY-OiL10xa6V988Rncz93wUQASDo37UzYJGEoIWMGKABuayQiynIAQmpAo-bOLNfN7I-qAMByAObBKoEiwJP0OtX0eFC8TuwDGZn5Qqe31J0rXQJuGpPWoMYMe9roW-n_cAn56NXZEE4XZITkxa_YicBg-8eR5dPc8xxKVZPefPv_B8pO1SgnzhYigQoz-hxMwv1oMg4KPIJ4uH8ufHiJD1rq4MzjhY4yWcoBA141Dl2WgTgZdI5cD987Axp7h-N7G66L5ptz-vBjCEX4xwtvUTqYvsl4xjeNfw2nELaJ4a3jRJSk1ceSS1gvz4TaoXY1nKfuwOXz4eX18eUnj8bm3uFRKb7vvfJFlVTaFtQCCA6hsB5PjmGnFhZCNpze7fVzLbSaUzCBlIPZA-1lO3apz406sOT1O7c3cRGXNh69cCvrZ4INWg4g7PABPb_17O0BOAEA4gFi7Xs2UuQBgGgBk2AB7nk4OoDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYncWvlM_1ggOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJOTOINEwjog7CUz_WCAxVBGOAKHaU5C9OwE7ms1xXYEw2IFATYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNQpPD0mlRmdgkQyK7VzSd5DGRraHCMZFlnGmSpiOwJWCM4kDmTblU4egV7DaSv_SON7cJj8OChybsY4CnvK_3JqY3l2L8Gnm2Kc4YAQ%26sig%3DAOD64_2YzIpX7a1-CfuYFB3bcoRCsh5CMg%26client%3Dca-pub-6520213761323802%26dbm_c%3DAKAmf-CFJZ0BTcx0IEWsWqAOFO4K4s0ecCrVsNu_PPX53IcIAsGeIEc0yxxyKxE3ZYOYQF28PuI3c1ifpcAj1rW0YS859JJfSd8_MQbpY4MX5wvBGEt7H2dAAqui1qGT-SpNKofjr4g3RBuThr_YTGuSkH_PlswJR2EPBhzGt8dWYoAMt8YmKUs%26cry%3D1%26dbm_d%3DAKAmf-BFjeY0GaFlanXBxYbnKzmif5x0Mrqlh8VFUNhFN2X0RrcLtX1a8gAVapRu50fdWqXHafO6Jo5ohhHLyM5yoWeMgIBJOC6QnlC5FmTzxtc1Kz6nNmFeQc49-61wPMzTGjmtUiNOnZ7PoacSgLO_F23VNQ87LqzkQfTS2_7gMDVXQ-ReoZg1EUT3pqgwWOgB-0Ndvdg-aeQIO-EseKwLeUrcR7OPgEnaGZmASzfxwh-7a-yeExvq-XtX7Bw2VQNnlOvtGPGh6rLEE_Sui5rgTN4A67HIPgpwfiuK8ohxr9c9RzGV5Y09VRIg_uBAio5iGfeWunQ5j95DJIge8K2uhKz1d-CQgG1z6AEWWD6My79iOsj1fADwwt-hY413PepoON5zj8b5OAUiaLhcciJ-WkEdSAK4JXpF0NL69_g00_435l5WpuWSWCZGrXSHOW_a6K1t_ugkKBASdsqp-kTJP9_i1dswjM0Fg1n30RvDLgNAr9WXNdG0MVkhouwxaQJLDNTv1oM1z3DOG9IP8rEO3iG-moaxzXMHb6ZhPgERTLyItz39oQLIhCgwt3rO5MRMjEF3SyDFIq39rMHR-htGBWzSCcXQ8Q%26adurl%3D&dv360_cmp_id=20321081995&dv360_li_id=1013520349&dv360_crv_id=467097462&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2Feac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&_js_site_ref=https%3A%2F%2Fmnp.cl%2F&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=60da8d8f3bb3a29fc68_1701687293166&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Feac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fmnp.cl&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.2&_js_tstamp=1701687293169
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 213.239.199.234 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213-239-199-234.clients.your-server.de
Software: nginx /
Resource Hash: 30497daea3060b729dd228eff2620db1dd6c0bebe323df0e9b6412c2137028d6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 10:54:53 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip56021
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 elements-2.10.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 5CEB 167 KB
49 KB 129ms
52ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA1) /
Resource Hash: c3958950542c3d4350757a80f8b16785b6b72aafcccaa6deca82bb70b8be692e

Request headers

Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
Origin: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:53 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 14:15:13 GMT
server: ECS (amb/6BA1)
age: 514
etag: "64ecabf1-29d9b+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 50474
expires: Mon, 04 Dec 2023 11:04:53 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame 5CEB 43 B
170 B 213ms
68ms Image
image/gif 95.217.105.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=132761d2a8efcb17c8460988f35ded70&__adt=8240603860963776981&__ade=1&vid=5104451963684615432
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.217.105.250 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.105.217.95.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Dec 2023 10:54:53 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 lifestyle_optimized.jpg
cdn.revjet.com/s3/csp/1671558630301/ Frame 5CEB 33 KB
33 KB 26ms
26ms Image
image/jpeg 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1671558630301/lifestyle_optimized.jpg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BAC) /
Resource Hash: 3e1406c94587637a7460b7a2089dc1db426ce759c728f4a5479215e1f9360a8b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:53 GMT
x-amz-version-id: GWmWzsiL4gZfS8p3bOBsR38yaINgc04d
age: 43117
x-amz-request-id: PEYSJ79J81416RAC
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 33574
x-amz-id-2: gXKxT2JfahCI8DHBvNhA9zeALeuUOzrw6W8PEJraNtrwjjAuLwaH+EtKUz3ek9DkD2xWycTL1i0=
last-modified: Tue, 20 Dec 2022 17:50:32 GMT
server: ECS (amb/6BAC)
etag: "432e30fdf56b7e1babca672b7e5398e9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Tue, 05 Dec 2023 10:54:53 GMT

GET
H2 200 gallery-2.1.9.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 5CEB 56 KB
15 KB 27ms
27ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9B) /
Resource Hash: 4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:53 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 16:32:04 GMT
server: ECS (amb/6B9B)
age: 517
etag: "6283ce04-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Mon, 04 Dec 2023 11:04:53 GMT

GET
H2 200 logo_word_black.svg
cdn.revjet.com/s3/csp/1662732637080/ Frame 5CEB 3 KB
2 KB 45ms
44ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637080/logo_word_black.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B89) /
Resource Hash: c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:53 GMT
content-encoding: gzip
x-amz-version-id: 6dP9WoKtkjdaRlsO3V7DUipbqdCKLzpR
age: 17351
x-amz-request-id: 01Z41GX92J6XTA8Q
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1556
x-amz-id-2: 6ENjsduJwBNZR5uFHHWg6HdJzNH7SJO4OhLIPkhTwb01S8YyECv1QfMNhUpGXInBMCfKolqbtgU=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (amb/6B89)
etag: "4e3f110ca066e6b8dc4a9827ae6e6f50+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 05 Dec 2023 10:54:53 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame 5CEB 632 B
663 B 43ms
42ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBA) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:53 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 43117
x-amz-request-id: PEYXYZP0S3B8TW7N
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: wFh8Fwh9/hrd5PDn4SHlHusLmQOnQ7nJp/fAo9akwNLczaSdR+ywthCMqgI0+xgUQx9iTXBE4+M=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (amb/6BBA)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 05 Dec 2023 10:54:53 GMT

GET
H2 200 Logo-Wordmark-White.svg
cdn.revjet.com/s3/csp/1680256735421/ Frame 5CEB 7 KB
4 KB 44ms
43ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1680256735421/Logo-Wordmark-White.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B72) /
Resource Hash: 63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:53 GMT
content-encoding: gzip
x-amz-version-id: AwNg3pZ_b3UTO1Gv2fLqLaH_CNFtNLJM
age: 44205
x-amz-request-id: XB4E62XG1F5R8MAW
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3628
x-amz-id-2: 6ofgzvVbuK8a9dyxQHESMJF0fUm4CEIx6IOvBqd0pYZ0PyWVKhll/E+cfU1Wyr+Tos8nhcfCz7I=
last-modified: Fri, 31 Mar 2023 09:58:57 GMT
server: ECS (amb/6B72)
etag: "6802dc95d8e5a742e4e3e3e09650a7c7+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 05 Dec 2023 10:54:53 GMT

GET
H2

200

B29233589.357507729;dc_pre=CLP8jJXP9YIDFfip_QcdD-IF4Q;dc_trk_aid=548526127;dc_trk_cid=185788962;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1701687293205
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame 5CEB
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29233589.357507729;dc_trk_aid=548526127;dc_trk_cid=185788962;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17016872...
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29233589.357507729;dc_pre=CLP8jJXP9YIDFfip_QcdD-IF4Q;dc_trk_aid=548526127;dc_trk_cid=185788962;dc_lat=;dc_rdid=;tag_for_chil...

42 B
118 B

78ms
78ms

Image
image/gif

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29233589.357507729;dc_pre=CLP8jJXP9YIDFfip_QcdD-IF4Q;dc_trk_aid=548526127;dc_trk_cid=185788962;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1701687293205

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 10:54:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 10:54:53 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29233589.357507729;dc_pre=CLP8jJXP9YIDFfip_QcdD-IF4Q;dc_trk_aid=548526127;dc_trk_cid=185788962;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1701687293205
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 162455845.woff
cdn.revjet.com/s3/fonts/162455845/ Frame 5CEB 470 KB
470 KB 85ms
26ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162455845/162455845.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB1) /
Resource Hash: 6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35

Request headers

Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
Origin: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:53 GMT
x-amz-version-id: kVq59ccinPiVDgarv_TkFQgofQrkf2s4
age: 68401
x-amz-request-id: TQTV2KAVRGDHGT7N
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 480984
x-amz-id-2: zqVOGgFunV3OSadUtf1CALc8vmpFP567VmX6ZeFWf3a8sEWMqXFua+Vh252tcL1xXILekPPviFE=
last-modified: Thu, 16 Nov 2023 19:47:31 GMT
server: ECS (amb/6BB1)
etag: "a7d9ee6baf67661e8e26d1e5c04f7fd5"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Tue, 05 Dec 2023 10:54:53 GMT

GET
H2 200 GeorgiaW01Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/ Frame 5CEB 33 KB
33 KB 83ms
79ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/GeorgiaW01Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB1) /
Resource Hash: ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5

Request headers

Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
Origin: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:53 GMT
last-modified: Fri, 04 Mar 2022 15:24:09 GMT
server: ECS (amb/6BB1)
age: 527
etag: "62222f19-842c"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 33836
expires: Mon, 04 Dec 2023 11:04:53 GMT

GET
H2 200 162453298.woff
cdn.revjet.com/s3/fonts/162453298/ Frame 5CEB 13 KB
13 KB 56ms
51ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162453298/162453298.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B88) /
Resource Hash: 489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036

Request headers

Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
Origin: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:53 GMT
x-amz-version-id: .Is8JR1jYDeMhMM7ZjPhsnsyUTdaBiJa
age: 61399
x-amz-request-id: YFK2Z9KYGE7A2GNJ
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 12940
x-amz-id-2: mEBte2ydIk1/+e2XzBVHmGxE3exXVPMGNHMUALQcM6auR5v5kBgcMDkvoKqBBhvpsodCtMbmSz4=
last-modified: Thu, 16 Nov 2023 19:31:22 GMT
server: ECS (amb/6B88)
etag: "31b663ffd91c821398bdd07236df4b22"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Tue, 05 Dec 2023 10:54:53 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame 5CEB 286 B
457 B 26ms
26ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9E) /
Resource Hash: d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:53 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 44204
x-amz-request-id: XWXW7EAJBD93S9C3
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: i2FN/ZMTrgJCtOrz/Nq5bo5bKRRD2+0pop84t9CEQa1j6yOntDx3/X3HiwS21ja9/XqvaT3n0Vg=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (amb/6B9E)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 05 Dec 2023 10:54:53 GMT

GET
H2 200 169711466_uc
cdn.revjet.com/s3/csp/1700555545088/ Frame 5CEB 299 KB
299 KB 26ms
26ms Image
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1700555545088/169711466_uc
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9D) /
Resource Hash: edb0e3ef2ebc5ed57bc09d5eed655713d06072d71cee227c4a86be29c7f361cf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:54:53 GMT
x-amz-version-id: 91bXYe3mqdh7T2wBtZRksOE5o2YgSsZt
age: 42783
x-amz-request-id: A20ZSQH5M0664K2K
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 306107
x-amz-id-2: 1JgHpqUqAbgySqWyTSowiJRhzjAFWZfp6LoT5hb+14sFCtmDog51g/LB8VbKUx/7gDv1pu9iG9Y=
last-modified: Tue, 21 Nov 2023 08:32:28 GMT
server: ECS (amb/6B9D)
etag: "86c6fdb2ac3dfa025e250a87aac60883"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Tue, 05 Dec 2023 10:54:53 GMT

GET
H2 200 1000
pix.revjet.com/interaction/ Frame 5CEB 43 B
169 B 68ms
68ms Image
image/gif 95.217.105.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=132761d2a8efcb17c8460988f35ded70&__adt=8240603860963776981&__ade=1&vid=5104451963684615432&__clstampdif=282&__stamp=1701687293567
Requested by: Host: eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com
URL: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.217.105.250 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.105.217.95.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Dec 2023 10:54:53 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3C52 42 B
64 B 70ms
69ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWrGFBL-sMT5RtYRCh1s15EyqoDeicFGJfpqUJ4rEdEwbECPHwb7kvbWUHBSPEgMJYPk5_cdh1ciyub8b8z4bhljWDtzNN-R7ctmGrwysMTYUgzEQT2FcGiopewEhqXGY5UMeM7YO9EeFM&sai=AMfl-YTGYfT7RfHa0gZLdLBzQEG54taD2A2BkThsghJMe0WmC3_K1_Lf6mGvX3xEGaoxQbz_24B-q4AC8-ryjs4_F0J7W4G_KFc12QzVCM2sE18ONSVKZ3A58PSpiS-n9A2oHJ7wlb96ihg-OlkEzPhFSTMgdKVW56AyTS1s&sig=Cg0ArKJSzOl5a9TIWg8wEAE&cid=CAQSTwDICaaNQpPD0mlRmdgkQyK7VzSd5DGRraHCMZFlnGmSpiOwJWCM4kDmTblU4egV7DaSv_SON7cJj8OChybsY4CnvK_3JqY3l2L8Gnm2Kc4YAQ&id=ampim&o=260,133&d=1110,300&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=255&tls=1255&g=100&h=100&tt=1255&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mnp.cl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 10:54:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 900
pix.revjet.com/interaction/ Frame 5CEB 43 B
169 B 68ms
68ms Image
image/gif 95.217.105.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/900?__ads=132761d2a8efcb17c8460988f35ded70&vid=5104451963684615432&__adt=8240603860963776981&__ade=1&latent=0&vis_type=8&__stamp=1701687294496
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.217.105.250 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.105.217.95.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Dec 2023 10:54:54 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98E6 0
20 B 66ms
66ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6250033528590&version=m202309260101&ct=77&x=1&cor=6876488080804590000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 10:54:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.n9.cl/	1969-12-31 23:59:59	Name: PHPSESSID Value: npf4jviq47mk7qnk6sd8qt3u5u
mnp.cl/	1969-12-31 23:59:59	Name: PHPSESSID Value: utreoi2enskto3qtnao92em7do
.mnp.cl/	1970-01-21 02:17:27	Name: _ga Value: GA1.2.450569311.1701687292
.mnp.cl/	1970-01-20 16:42:53	Name: _gid Value: GA1.2.630684313.1701687292
.mnp.cl/	1970-01-20 16:41:27	Name: _gat Value: 1
.mnp.cl/	1970-01-21 02:17:27	Name: _ga_71VYFC8469 Value: GS1.2.1701687292.1.0.1701687292.0.0.0
.mnp.cl/	1970-01-21 02:03:03	Name: __gads Value: ID=e46ef24ccaeb881b:T=1701687291:RT=1701687291:S=ALNI_MZKs48OHgy-OhL2ehVhJCmmIz5OMQ
.mnp.cl/	1970-01-21 02:03:03	Name: __gpi Value: UID=00000d032e5ddc38:T=1701687291:RT=1701687291:S=ALNI_MbGA1AqOfjoyP-hnbrrKzxyi4reJQ
.doubleclick.net/	1970-01-20 21:00:39	Name: APC Value: AfxxVi78Medm2OqS5syWqwgirtkNKaRsE4uc5R6Lla-dkhCXq9EkOQ
.doubleclick.net/	1970-01-21 02:03:03	Name: IDE Value: AHWqTUks3bAidBoLiHxGczoVKMC9PttAVzTpJfS03ZuHMqJrykDc7gVREccL6Y09_WQ
.adnxs.com/	1970-01-20 18:51:03	Name: uuid2 Value: 5880076733355906216
.adnxs.com/	1970-01-20 18:51:03	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ilhx7d@S!]tbPl1M>e)ZlrFUfJ+tGXxp)_dvQ]Dc+<4Pu=G2Zf^t7_AzotQ<<%KlO*]T3If)y3KL9D3I?+n7?U_S
.casalemedia.com/	1970-01-20 18:51:03	Name: CMPS Value: 5125
.doubleclick.net/	1970-01-20 17:24:39	Name: ar_debug Value: 1
.casalemedia.com/	1970-01-21 01:27:03	Name: CMID Value: ZW2v-KenN4J3UMoajI4LRwAA
.casalemedia.com/	1970-01-20 18:51:03	Name: CMPRO Value: 5247
.revjet.com/	1970-01-21 02:17:27	Name: trx Value: 5104451963684615432
.revjet.com/	1970-01-20 16:42:53	Name: ads Value: 132761d2a8efcb17c8460988f35ded70

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.revjet.com
cdn.ampproject.org
cdn.revjet.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
eac58c52c1f60ff9f427eebc61eea4ac.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
mnp.cl
pagead2.googlesyndication.com
pix.revjet.com
region1.google-analytics.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.n9.cl
104.18.36.155
142.250.181.230
172.217.23.98
192.229.233.6
2001:4860:4802:34::36
213.239.199.234
2606:4700::6811:180e
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9c
2a06:98c1:3120::3
2a06:98c1:3121::3
37.252.171.53
95.217.105.250
00fa4ecb557ff5e3ed46cb923406475eeb3305812cc5c65148e5c88ab16eca12
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
19caa45432f6c4625d71edea1b20ddb818b2b356d39acb678ddf3b86e34c638e
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea
1e096bdb7aaaf4bcb717bafe992f030998fb80de204ab9ea11aef329195cec01
3038199101bd396d0b09ed99866a3e5fa5dfdacdd2da910851b59365da89529e
30497daea3060b729dd228eff2620db1dd6c0bebe323df0e9b6412c2137028d6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3e1406c94587637a7460b7a2089dc1db426ce759c728f4a5479215e1f9360a8b
4022c67e89e2cf49ed2ca8e5e8d2b86455a85f870cbcf512fdca463958281eb3
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
45394e2c7fbd6186c5a20da309e4be5cf6332392bc355e4f07c6856fbf9945a3
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62964c5583b70a82d804124be521fba7cef4438fd583e9ce42fa08a62a0eb2a8
63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35
6e041e10a9816eeae6fc2874cc524fa556cadc5feec30716034a8fadd21e328e
71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7
726d3efe31ffb53af716ff33c19264415a6f236f20585a5d19e8b3e90e234691
781ded0ac1b1f3effa3b6572c2950a344791c2274c37bdad802a1da19870e7f9
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
876b4c12685e991d88378c1b6dd3638fd2da0c88f3c24da1ada950c1f26604e1
9ba388b61ce81edc35dbb5f550a508fcbfc3af265eeed526f91f890a0104db3e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a8798dcfc98fc2c9c85338b97c0538b41d40d3c82d2aa586a4b49472f4ee099d
aa107578815d6375db1f574b8ec5bf487b560d565e5db9ecffef650a17e1999d
ac07876c6f4dca027a63203758d071ba719b076fd71739c41fe46b4315497854
ad4152711584490aad14521b63f239b45ebef07da9ec4f37fd1ea64cf8a310d1
ad9513bf62e8f6341a35466798c17f1f2d53432b639f527a68e1311074f0af86
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b02186a3488290803ecb56d858f0c62bc170a9b79285f228a54fe496f3dcf50c
b06a5d272de6f4e0ba3f8db8338da394f8716987f7a7e764a22b6e903c0f94cf
b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3ab077fc6d8632c06a919af0ae4d61200fbb292faa930ced0fc6b0f65d045c4
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b6a839d6a4a9ec9a7f7d1e793200efe5b957d0620f134abfa52c0af1e0875345
c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966
c3958950542c3d4350757a80f8b16785b6b72aafcccaa6deca82bb70b8be692e
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c756841f714c41e1ccd4d848ab6527866c280179fadfaa5dbdcaab182e756c94
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532
d4f36df8747640e76c799291c6c3759890f7af120a320a123d5dc230f246682c
dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02
dd1128a95227ea1de11291fbaf338ebe5478794cb08e44121c806fff521dccff
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e467cb0e6cab8fb2ca3bb26d935f285941e0d48880fecf6d109a2611ff7dd6e1
e80ccfb68bfaae21399f0609a586b38ec807668cdf9342fcaeefaafc01107515
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5
edb0e3ef2ebc5ed57bc09d5eed655713d06072d71cee227c4a86be29c7f361cf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7d6437d394ba20a0192402cd44f435a1b0660854733e3f4516c05f1220d3c8b
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f828c1cc2deef4a9349269c5f2fd47efd1fc4b9adb02ed5207622333d44aa79c
fa40858bc00aa25239b434a313f9b30b4b604715b21395c0f278a3055cd31deb
fc7c5ae2a6da64062d6a425b1c78d2444b1fbacf19906b62d7219ead3d031cf4
ffdb9aec3ca8aaf7c786b9f20d1503cb0db7786cb7bdac0e4fc6dfb6918637ef

mnp.cl Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

92 Requests

93 %HTTPS

72 %IPv6

15 Domains

25 Subdomains

25 IPs

5 Countries

2410 kBTransfer

4639 kBSize

18 Cookies

5 Outgoing links

Page URL History

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mnp.cl Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

93 %
HTTPS

72 %
IPv6

15
Domains

25
Subdomains

25
IPs

5
Countries

2410 kB
Transfer

4639 kB
Size

18
Cookies

92 HTTP transactions
4 data transactions